CN111740842B - Communication information processing method based on cloud side cooperation and cloud communication server - Google Patents
Communication information processing method based on cloud side cooperation and cloud communication server Download PDFInfo
- Publication number
- CN111740842B CN111740842B CN202010521891.0A CN202010521891A CN111740842B CN 111740842 B CN111740842 B CN 111740842B CN 202010521891 A CN202010521891 A CN 202010521891A CN 111740842 B CN111740842 B CN 111740842B
- Authority
- CN
- China
- Prior art keywords
- node
- target
- file
- information
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/23—Clustering techniques
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Data Mining & Analysis (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Evolutionary Computation (AREA)
- Physics & Mathematics (AREA)
- Evolutionary Biology (AREA)
- General Physics & Mathematics (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Bioinformatics & Computational Biology (AREA)
- Artificial Intelligence (AREA)
- Life Sciences & Earth Sciences (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a communication information processing method based on cloud side cooperation and a cloud side communication server. According to the method, firstly, after data extraction operation is finished, certificate encoding operation is carried out in response to a dynamic node signature to obtain a target certificate, and secondly, when the target certificate meets a preset condition, an operation file record is extracted and a target file is identified. And then, importing mapping structure information and mapping label information which are obtained according to the mapping of the target file into a preset thread, and driving the preset thread to run through node configuration data to obtain an issuing script file. The issuing script file can be issued to the target edge node, so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate. Therefore, the safety channel can effectively protect the issued application and configuration, and the application and configuration are prevented from being stolen.
Description
Technical Field
The application relates to the technical field of edge computing, in particular to a communication information processing method based on cloud edge-side collaboration and a cloud communication server.
Background
The cloud edge system is a multi-level edge computing processing framework formed by an upper-layer cloud end, a middle-layer edge side and a bottom-layer device, and is suitable for multiple application scenes. The upper cloud end is responsible for verifying and issuing application and configuration, the middle layer edge side is used for running edge application and managing equipment accessed to the middle layer edge side, and the lower layer equipment end runs various kinds of edge equipment. When the cloud edge system runs, the middle layer edge side is used as a hub connecting the upper layer cloud end and the bottom layer equipment end, and the safety of information transmission of the cloud edge system is always concerned widely. When the upper layer cloud issues applications and configurations to the middle layer edge side, the applications and configurations are often stolen easily.
Disclosure of Invention
The application provides a communication information processing method based on cloud side cooperation and a cloud side communication server, which are used for solving the technical problems.
In one aspect of the present application, a communication information processing method based on cloud-edge collaboration is disclosed, which is applied to a cloud communication server communicating with a plurality of edge nodes in a cloud-edge system, and the method includes:
performing data extraction operation on the node service information of each edge node to obtain node configuration data of each edge node;
if the target edge node is detected to contain the dynamic node signature, after the data extraction operation of the node service information of the target edge node is completed, responding to the dynamic node signature to perform certificate coding operation; wherein the dynamic node signature is used for characterizing that the target edge node is in a valid communication state;
when a target certificate obtained after the certificate encoding operation is completed meets a preset condition, extracting an operation file record corresponding to the certificate encoding operation and identifying a target file used for generating the target certificate in the operation file record; the target file is generated according to a time sequence and in a file stream mode;
mapping file structure information and file label information corresponding to the target file to an information base corresponding to a node container corresponding to the target edge node to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information; the information base corresponding to the node container is deployed in the cloud communication server;
importing the mapping structure information and the mapping label information into a preset thread and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the node configuration data;
issuing the issuing script file to the target edge node so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate; and issuing script files corresponding to different edge nodes have different file types.
In another aspect of the present application, a cloud communication server is disclosed, the cloud communication server being in communication with a plurality of edge nodes, the cloud communication server being operable to:
performing data extraction operation on the node service information of each edge node to obtain node configuration data of each edge node;
if the target edge node is detected to contain the dynamic node signature, after the data extraction operation of the node service information of the target edge node is completed, responding to the dynamic node signature to perform certificate coding operation; wherein the dynamic node signature is used for characterizing that the target edge node is in a valid communication state;
when a target certificate obtained after the certificate encoding operation is completed meets a preset condition, extracting an operation file record corresponding to the certificate encoding operation and identifying a target file used for generating the target certificate in the operation file record; the target file is generated according to a time sequence and in a file stream mode;
mapping file structure information and file label information corresponding to the target file to an information base corresponding to a node container corresponding to the target edge node to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information; the information base corresponding to the node container is deployed in the cloud communication server;
importing the mapping structure information and the mapping label information into a preset thread and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the node configuration data;
issuing the issuing script file to the target edge node so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate; and issuing script files corresponding to different edge nodes have different file types.
By applying the contents disclosed in the two aspects of the embodiment of the present application, the following technical effects can be achieved:
firstly, after the data extraction operation of the node service information of the target edge node is completed, a certificate coding operation is carried out in response to the dynamic node signature of the target edge node to obtain a target certificate, and secondly, when the target certificate meets a preset condition, an operation file record corresponding to the certificate coding operation is extracted and a target file in the operation file record is identified. And then, importing mapping structure information and mapping label information which are obtained according to the mapping of the target file into a preset thread, and driving the preset thread to run through node configuration data to obtain an issuing script file.
In this way, the issuing script file can be issued to the target edge node, so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate. Therefore, the operation load required by the cloud communication server for configuring the plurality of secure channels can be released, and the usability of the secure channels can be ensured. Therefore, the safety channel can effectively protect the issued application and configuration, and the application and configuration are prevented from being stolen.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a flowchart illustrating a communication information processing method based on cloud edge coordination according to an exemplary embodiment.
Fig. 2 is a block diagram of an embodiment of a communication information processing apparatus based on cloud edge coordination according to an exemplary embodiment.
Fig. 3 is a hardware structure diagram of a cloud communication server where the communication information processing apparatus based on cloud edge cooperation is located according to the present application.
Fig. 4 is a schematic diagram of a framework of a communication information processing system based on cloud edge cooperation disclosed in the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
It is to be understood that the present application is not limited to the precise construction herein after described and illustrated in the accompanying drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
The inventor carries out intensive research to solve the technical problem that the application and the configuration are easy to steal when the upper cloud end issues the application and the configuration to the middle layer edge side, and finds that the upper cloud end and the middle layer edge side are of a one-to-many communication structure, and the upper cloud end generally adopts the same channel encryption algorithm to establish a security channel with a plurality of edge nodes on the middle layer edge side in order to reduce the operation load, so that the usability of the security channel is poor, and the issued application and configuration are difficult to effectively protect.
In order to solve the above technical problems, embodiments of the present invention provide a communication information processing method based on cloud edge cooperation and a cloud communication server, where the cloud communication server can provide an issuing script file of a security certificate to each edge node on a middle layer edge side, so that each edge node can configure an independent secure channel with the cloud communication server according to the issuing script file, and thus, not only can an operation load required by the cloud communication server to configure a plurality of secure channels be released, but also the usability of the secure channels can be ensured. Therefore, the safety channel can effectively protect the issued application and configuration, and the application and configuration are prevented from being stolen.
To achieve the above object, an embodiment of the present invention first provides a communication information processing method based on cloud edge cooperation, where the method may be applied to a cloud communication server in a cloud edge system, where the cloud communication server communicates with a plurality of edge nodes, and further, the method may specifically include the contents described in step S110 to step S150 shown in fig. 1.
Step S110, performing data extraction operation on the node service information of each edge node to obtain node configuration data of each edge node.
Step S120, if the target edge node is detected to contain the dynamic node signature, after the data extraction operation of the node service information of the target edge node is completed, the certificate encoding operation is carried out in response to the dynamic node signature; wherein the dynamic node signature is used to characterize that the target edge node is in a valid communication state.
Step S130, when the target certificate obtained after the certificate encoding operation is completed meets a preset condition, extracting an operation file record corresponding to the certificate encoding operation and identifying a target file used for generating the target certificate in the operation file record; the target file is generated according to a time sequence and in a file stream mode.
Step S140, mapping the file structure information and the file label information corresponding to the target file to an information base corresponding to a node container corresponding to the target edge node to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information; and the information base corresponding to the node container is deployed in the cloud communication server.
Step S150, importing the mapping structure information and the mapping label information into a preset thread and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the node configuration data;
step S160, issuing the issuing script file to the target edge node so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate; and issuing script files corresponding to different edge nodes have different file types.
By executing the above steps S110 to S160, firstly, after the data extraction operation on the node service information of the target edge node is completed, a certificate encoding operation is performed in response to the dynamic node signature of the target edge node to obtain a target certificate, and secondly, when the target certificate satisfies a preset condition, an operation file record corresponding to the certificate encoding operation is extracted and a target file in the operation file record is identified. And then, importing mapping structure information and mapping label information which are obtained according to the mapping of the target file into a preset thread, and driving the preset thread to run through node configuration data to obtain an issuing script file.
In this way, the issuing script file can be issued to the target edge node, so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate. Therefore, the operation load required by the cloud communication server for configuring the plurality of secure channels can be released, and the usability of the secure channels can be ensured. Therefore, the safety channel can effectively protect the issued application and configuration, and the application and configuration are prevented from being stolen.
In one possible embodiment, in order to ensure that the target certificate matches with the interface type of the target edge node, and avoid the problem of incompatibility of the target edge node when configuring the secure channel, in step S130, it may be determined whether the target certificate satisfies the preset condition through the following steps S210 to S240.
Step S210, acquiring a compatibility track generated according to an interface compatibility list determined by the interface trigger record of the target edge node; the compatibility track is used for representing compatibility records of the target edge node when interacting with different servers, the compatibility track comprises a plurality of track nodes, the track nodes correspond to a compatibility identifier, and the compatibility identifier is a first identifier used for representing that the target edge node is a compatible node and a second identifier used for representing that the target node is an incompatible node.
Step S220, listing node positions of the track nodes with the first identification in the compatibility track, and fitting based on the node positions to obtain a performance curve of the target edge node; the node positions are used for representing the centrality of the track nodes, and the performance curves are used for describing the information receiving and sending success rate of the target edge nodes.
Step S230, listing verification nodes corresponding to each verification information in the target certificate, and fitting to obtain a verification curve of the target certificate based on the verification nodes; the verification node is used for representing different security verification modes of the target certificate, and verification logics of the different security verification modes are different.
Step S240, calculating a curve similarity value of the performance curve and the verification curve; when the curve similarity value is larger than a set threshold value, judging that the target certificate meets the preset condition; when the curve similarity value is smaller than or equal to a set threshold value, judging that the target certificate does not meet the preset condition; wherein the performance curve and the verification curve are mapped into the same coordinate plane before calculating the curve similarity of the performance curve and the verification curve.
In the embodiment of the present invention, the preset condition may be used to characterize whether the target certificate is compatible with the target edge node.
Based on the above steps S210 to S240, the following technical effects can be achieved: the target certificate is ensured to be matched with the interface type of the target edge node, the problem of incompatibility of the target edge node in the process of configuring a secure channel is avoided, and therefore the target edge node is ensured to reliably configure the secure channel corresponding to the cloud communication server.
The inventor finds that, in specific implementation, when data extraction is performed on node service information, some redundant data are often extracted, which may cause too low availability of extracted node configuration data, which may cause a long time for driving the preset thread to generate an issue script file, thereby affecting efficiency of configuring a secure channel. In order to improve the above problem, the data extraction operation performed on the node service information of each edge node in step S110 to obtain the node configuration data of each edge node may specifically include the contents described in steps S111 to S113 below.
Step S111, determining a service thread log of each edge node, and determining an information dividing point of the node service information corresponding to each edge node according to the log identification in the service thread log.
Step S112, segmenting the node service information according to the information segmentation points to obtain a plurality of service information segments, and determining an integrated value of the number of calls of each service information segment in a set time period.
Step S113, determining the service information segment with the calling number accumulated value smaller than a set value as a redundant information segment, extracting information codes of each target service information segment except the redundant information segment in the plurality of service information segments to obtain data codes corresponding to each target service information segment, sequencing each group of data codes according to the weight coefficient of the target service information segment to obtain a data coding sequence, and extracting characteristic data of the data coding sequence to obtain the node configuration data; the weight coefficient is used for representing the service relevance of the target service information segment in each edge node.
The following technical effects can be achieved by applying the steps S111 to S113: screening the redundant information segments in the plurality of service information segments by calling the accumulated value of times, so that the extraction of redundant data can be avoided, and the availability of the node configuration data obtained by extraction is ensured. Therefore, time consumed for driving the preset thread to generate the issuing script file can be effectively reduced, and the configuration efficiency of the secure channel is improved.
In practical applications, the inventor also finds that the obtained target certificate has a problem of confusion of a check protocol when the certificate encoding operation is performed. Further, the inventor analyzes the above problems and finds that the cascading relationship between the cloud communication server and the plurality of edge nodes is often ignored when performing the certificate encoding operation. To improve the above problem, in step S120, a certificate encoding operation is performed in response to the dynamic node signature, which may specifically include the contents described in the following steps S121 to S124.
Step S121, determining a communication connection list between the cloud communication server and each edge node.
Step S122, determining a first hierarchical relationship between the cloud communication server and each edge node and a second hierarchical relationship between at least two edge nodes from the communication connection list.
Step S123, determining a cascade relationship between the cloud communication server and each edge node according to the first hierarchical relationship and the second hierarchical relationship.
Step S124, traversing each edge node based on the cascade relationship, in the traversing process, encoding according to the registration information of the current edge node obtained based on the traversal of the dynamic node signature to obtain an initial certificate, and iterating the initial certificate when traversing to the registration information of the next edge node based on the dynamic node signature until the traversal of all edge nodes is completed to obtain the target certificate.
The following technical effects can be achieved through the steps S121 to S124: the cascade relation between the cloud communication server and the edge nodes is determined, so that registration information is obtained based on traversal of the cascade relation and then is encoded to obtain an initial certificate, iteration is carried out on the initial certificate to ensure that a verification protocol of a target certificate is generated based on the cascade relation, and therefore the problem that the obtained target certificate is disordered in the verification protocol can be solved.
In order to ensure the integrity of the extracted target file, in step 130, the operation file record corresponding to the certificate encoding operation is extracted, and the target file used for generating the target certificate in the operation file record is identified, which may specifically include the contents described in the following step S131 to step S135.
Step S131, acquiring n operation instruction streams corresponding to the certificate encoding operation; the operation instruction stream comprises a plurality of instruction source code sequences, each instruction source code sequence has sequence labels with different identification degrees, all the sequence labels corresponding to each operation instruction stream have a hierarchical relationship from large to small, and n is a positive integer.
Step S132, according to the calculated percentage of the instruction source code sequence which is greater than the preset identification degree in each instruction stream of the certificate encoding operation in the instruction stream, counting m effective operation instructions and k ineffective operation instructions corresponding to the certificate encoding operation; the valid operation instruction refers to an instruction for generating verification information of the target certificate, and the invalid operation instruction refers to an instruction for logically connecting the valid operation instructions.
Step S133, generating a first operation record based on the valid operation instruction and a second operation record based on the invalid operation instruction, emulating the second operation record to the first operation record according to a directory structure of the first operation record, and hiding an instruction source code sequence corresponding to the invalid operation instruction in the second operation record in a recording unit corresponding to the first operation record; the recording unit is used for recording the instruction source code sequence.
Step S134, extracting a first sequence feature of the instruction source code sequence in each recording unit in the first operation record according to a time sequence order, generating a plurality of continuous file streams according to the extracted first sequence feature, and determining the file streams as transition files.
Step S135, calculating a file continuous coefficient for representing the integrity of the transition file according to the cosine distance of every two adjacent first sequence features; judging whether the file continuous coefficients reach set coefficients for representing that the transition files cannot have information loss or not; and when the file continuity coefficient does not reach the set coefficient, extracting a second sequence feature of an instruction source code sequence corresponding to the hidden invalid operation instruction in at least one recording unit in the first operation record, and correcting the transition file based on the second sequence feature to obtain the target file.
It is understood that the following advantages can be achieved when the contents described in the above steps S131 to S135 are performed: by counting the valid operation instructions and the invalid operation instructions corresponding to the certificate encoding operation, the instruction source code sequence corresponding to the invalid operation instructions can be hidden in the recording unit corresponding to the first operation record generated based on the valid operation instructions, and then when the transition file generated based on the first sequence characteristics does not meet the file integrity requirement, the second sequence characteristics of the instruction source code sequence corresponding to the invalid operation instructions hidden by the recording unit are adopted to correct the transition file to obtain the target file, so that the integrity of the target file can be ensured.
On the basis of the above steps S131 to S135, the following steps may be further included: and when the file continuity coefficient reaches the set coefficient, determining the transition file as the target file.
In an alternative embodiment, in order to improve the accuracy of information mapping on the target file, in step S140, the file structure information and the file label information corresponding to the target file are mapped to the information base corresponding to the node container corresponding to the target edge node, so as to obtain the mapping structure information corresponding to the file structure information and the mapping label information corresponding to the file label information, which may specifically include the contents described in steps S141 to S144 below.
Step S141, extracting file structure information of the target file and constructing information clusters of the file structure information, determining field labels corresponding to target fields with matching rates between the target files and preset fields larger than a set rate, and constructing label clusters of the field labels according to Hamming distances between the field labels; and constructing the information cluster and the label cluster in a multi-dimensional characteristic identification mode.
And S142, determining the clustering unit with the maximum clustering characteristic value in the information clusters as a reference clustering unit, selecting one clustering unit from the label clusters, and extracting the characteristic dimension of the clustering unit.
Step S143, migrating the characteristic dimension into the reference clustering unit to obtain a transformation dimension of the characteristic dimension in the reference clustering unit, and determining association logic between the information cluster and the label cluster based on a dimension difference between the transformation dimension and the characteristic dimension.
Step S144, sequentially mapping the information clusters and the label clusters to the information base corresponding to the node container corresponding to the target edge node according to the association logic, so as to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information.
In specific implementation, the following beneficial technical effects can be achieved through the steps S141 to S144: by sequentially mapping the information clusters and the label clusters to the information base corresponding to the node container corresponding to the target edge node according to the association logic, information loss caused by directly mapping the file structure information and the file label information can be avoided, and the accuracy and the integrity of the mapping structure information and the mapping label information can be ensured.
In another alternative embodiment, in order to ensure the usability of the issuing script file, so as to implement the usability of the secure channel configured by the target edge node in different service scenarios, the importing the mapping structure information and the mapping tag information into a preset thread and driving the preset thread through the node configuration data to generate the issuing script file through the mapping structure information and the mapping tag information, which is described in step S150, may specifically include the contents described in the following step S151 to step S153.
Step S151, obtaining thread state parameters of the preset threads, and calculating a first usability of first thread information in a first thread package and a second usability of second thread information in a second thread package under the condition that the first thread package and the second thread package exist in the preset threads according to the thread state parameters; the first thread packet is an associated thread packet, the second thread packet is a non-associated thread packet, the usability characterizes adjustment time consumption of thread information in different service scenes, and the usability is inversely proportional to the adjustment time consumption.
Step S152, importing the mapping structure information into the second thread package, importing the mapping tag information into the first thread package, and recording a third usability of the second thread information of the second thread package into which the mapping structure information is imported and a fourth usability of the first thread information of the first thread package into which the mapping tag information is imported.
Step S153 of calculating a first difference between the first and fourth degrees of ease and a second difference between the second and third degrees of ease; when the first difference value and the second difference value are both smaller than a target difference value, the preset thread is driven by the node configuration data to generate an issuing script file through the mapping structure information and the mapping label information; otherwise, weighting the node configuration data according to the first difference or the second difference to obtain a modified configuration parameter, and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the modified configuration parameter; and the corrected configuration parameters are used for improving the usability of the first thread information and the second thread information when the preset thread is driven.
In specific implementation, the following beneficial technical effects can be achieved through the steps S151 to S153: by analyzing the usability corresponding to the thread information in the thread packet of the preset thread, the node configuration parameters can be corrected based on the usability, so that the usability of the issuing script file generated by the preset thread is driven by correcting the configuration data, and the usability of the security channel configured by the target edge node under different service scenes can be realized.
On the basis, please refer to fig. 2 in combination, a functional block diagram of the communication information processing apparatus 200 based on cloud edge coordination is provided, which is specifically described as follows.
A1. A communication information processing apparatus 200 based on cloud edge cooperation, applied to a cloud communication server communicating with a plurality of edge nodes in a cloud edge system, the communication information processing apparatus 200 comprising:
a data extraction module 210, configured to perform data extraction operation on the node service information of each edge node to obtain node configuration data of each edge node;
the certificate encoding module 220 is configured to, if it is detected that the target edge node includes the dynamic node signature, perform a certificate encoding operation in response to the dynamic node signature after completing the data extraction operation on the node service information of the target edge node; wherein the dynamic node signature is used for characterizing that the target edge node is in a valid communication state;
the file extraction module 230 is configured to, when a target certificate obtained after the certificate encoding operation is completed meets a preset condition, extract an operation file record corresponding to the certificate encoding operation and identify a target file used for generating the target certificate in the operation file record; the target file is generated according to a time sequence and in a file stream mode;
an information mapping module 240, configured to map file structure information and file tag information corresponding to the target file to an information base corresponding to a node container corresponding to the target edge node, so as to obtain mapping structure information corresponding to the file structure information and mapping tag information corresponding to the file tag information; the information base corresponding to the node container is deployed in the cloud communication server;
a thread driving module 250, configured to introduce the mapping structure information and the mapping tag information into a preset thread and drive the preset thread through the node configuration data to generate an issuing script file through the mapping structure information and the mapping tag information;
the file issuing module 260 is configured to issue the issuing script file to the target edge node, so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate; and issuing script files corresponding to different edge nodes have different file types.
A2. The communication information processing apparatus 200 according to a1, wherein the data extraction module 210 is further configured to:
determining a service thread log of each edge node, and determining an information dividing point of node service information corresponding to each edge node according to a log identifier in the service thread log;
segmenting the node service information according to the information segmentation points to obtain a plurality of service information segments, and determining the cumulative value of the calling times of each service information segment in a set time period;
determining the service information segment with the calling number accumulated value smaller than a set value as a redundant information segment, extracting information codes of each target service information segment except the redundant information segment in the plurality of service information segments to obtain data codes corresponding to each target service information segment, sequencing each group of data codes according to the weight coefficient of the target service information segment to obtain a data coding sequence, and extracting characteristic data of the data coding sequence to obtain the node configuration data; the weight coefficient is used for representing the service relevance of the target service information segment in each edge node.
A3. The communication information processing apparatus 200 according to a1, wherein the certificate encoding module 220 determines whether the target certificate satisfies the preset condition by:
acquiring a compatibility track generated according to an interface compatibility list determined by an interface trigger record of a target edge node; the compatibility track is used for representing compatibility records of the target edge node when interacting with different servers, the compatibility track comprises a plurality of track nodes, the track nodes correspond to a compatibility identifier, and the compatibility identifier is a first identifier used for representing that the target edge node is a compatible node and a second identifier used for representing that the target node is an incompatible node;
listing node positions of the track nodes with the first identification in the compatibility track, and fitting based on the node positions to obtain a performance curve of the target edge node; the node position is used for representing the centrality of the track node, and the performance curve is used for describing the information receiving and sending success rate of the target edge node;
listing verification nodes corresponding to each piece of verification information in the target certificate, and fitting to obtain a verification curve of the target certificate based on the verification nodes; the verification node is used for representing different security verification modes of the target certificate, and verification logics of the different security verification modes are different;
calculating a curve similarity value of the performance curve and the verification curve; when the curve similarity value is larger than a set threshold value, judging that the target certificate meets the preset condition; when the curve similarity value is smaller than or equal to a set threshold value, judging that the target certificate does not meet the preset condition; wherein the performance curve and the verification curve are mapped into the same coordinate plane before calculating the curve similarity of the performance curve and the verification curve.
A4. The communication information processing apparatus 200 according to a1, wherein the certificate encoding module 220 is specifically configured to:
determining a communication connection list between the cloud communication server and each edge node;
determining a first hierarchical relationship between the cloud communication server and each edge node and a second hierarchical relationship between at least two edge nodes from the communication connection list;
determining a cascade relation between the cloud communication server and each edge node according to the first hierarchical relation and the second hierarchical relation;
and traversing each edge node based on the cascade relation, encoding according to the registration information of the current edge node obtained based on the traversal of the dynamic node signature in the traversal process to obtain an initial certificate, and iterating the initial certificate when traversing to the registration information of the next edge node based on the dynamic node signature until the traversal of all edge nodes is completed to obtain the target certificate.
A5. The communication information processing apparatus 200 of any of a1-a4, the file extraction module 230, further configured to:
acquiring n operation instruction streams corresponding to the certificate encoding operation; the operation instruction stream comprises a plurality of instruction source code sequences, each instruction source code sequence has sequence labels with different identification degrees, all the sequence labels corresponding to each operation instruction stream have a hierarchical relationship from large to small, and n is a positive integer;
counting m effective operation instructions and k invalid operation instructions corresponding to the certificate encoding operation according to the calculated proportion of the instruction source code sequence with the identification degree higher than the preset identification degree in each instruction stream of the certificate encoding operation in the instruction stream; the system comprises a target certificate, a valid operation instruction and an invalid operation instruction, wherein m and k are positive integers, the sum of m and k is n, the valid operation instruction is an instruction for generating verification information of the target certificate, and the invalid operation instruction is an instruction for logically connecting the valid operation instruction;
generating a first operation record based on the effective operation instruction and generating a second operation record based on the ineffective operation instruction, emulating the second operation record to the first operation record according to a directory structure of the first operation record, and hiding an instruction source code sequence corresponding to the ineffective operation instruction in the second operation record in a recording unit corresponding to the first operation record; the recording unit is used for recording an instruction source code sequence;
extracting a first sequence feature of an instruction source code sequence in each recording unit in the first operation record according to a time sequence, generating a plurality of continuous file streams according to the extracted first sequence feature, and determining the file streams as transition files;
calculating a file continuous coefficient for representing the integrity of the transition file according to the cosine distance of every two adjacent first sequence features; judging whether the file continuous coefficients reach set coefficients for representing that the transition files cannot have information loss or not; and when the file continuity coefficient does not reach the set coefficient, extracting a second sequence feature of an instruction source code sequence corresponding to the hidden invalid operation instruction in at least one recording unit in the first operation record, and correcting the transition file based on the second sequence feature to obtain the target file.
A6. The communication information processing apparatus 200 according to a5, wherein the file extraction module 230 is further configured to:
when the file continuous coefficient reaches the set coefficient;
and determining the transition file as the target file.
A7. In the communication information processing apparatus 200 according to a1, the thread driving module 250 is specifically configured to:
extracting file structure information of the target file, constructing information clusters of the file structure information, determining field labels corresponding to target fields with matching rates between the target files and preset fields larger than a set ratio, and constructing label clusters of the field labels according to Hamming distances among the field labels; the information cluster and the label cluster are constructed in a multi-dimensional characteristic identification mode;
determining the clustering unit with the maximum clustering characteristic value in the information clusters as a reference clustering unit, selecting one clustering unit from the label clusters and extracting the characteristic dimension of the clustering unit;
migrating the characteristic dimension into the reference clustering unit to obtain a transformation dimension of the characteristic dimension in the reference clustering unit, and determining association logic between the information cluster and the label cluster based on a dimension difference between the transformation dimension and the characteristic dimension;
and sequentially mapping the information clusters and the label clusters to an information base corresponding to a node container corresponding to the target edge node according to the association logic to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information.
A8. The communication information processing apparatus 200 according to a1, wherein the thread driver module 250 is further configured to:
acquiring thread state parameters of the preset threads, and calculating a first usability of first thread information in a first thread packet and a second usability of second thread information in a second thread packet under the condition that the first thread packet and the second thread packet exist in the preset threads according to the thread state parameters; the first thread packet is an associated thread packet, the second thread packet is a non-associated thread packet, the usability characterizes adjustment time consumption of thread information in different service scenes, and the usability is inversely proportional to the adjustment time consumption;
importing the mapping structure information into the second thread package, importing the mapping tag information into the first thread package, and recording a third usability of the second thread information of the second thread package imported with the mapping structure information and a fourth usability of the first thread information of the first thread package imported with the mapping tag information;
calculating a first difference between the first and fourth ease degrees and a second difference between the second and third ease degrees; when the first difference value and the second difference value are both smaller than a target difference value, the preset thread is driven by the node configuration data to generate an issuing script file through the mapping structure information and the mapping label information; otherwise, weighting the node configuration data according to the first difference or the second difference to obtain a modified configuration parameter, and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the modified configuration parameter; and the corrected configuration parameters are used for improving the usability of the first thread information and the second thread information when the preset thread is driven.
On the basis, please refer to fig. 3 in combination, which provides a cloud communication server 300, including: a processor 310, and a memory 320 and a network interface 330 connected to the processor 310; the network interface 330 is connected with the nonvolatile memory 340 in the cloud communication server 300; the processor 310 retrieves a computer program from the non-volatile memory 340 via the network interface 330 and executes the computer program via the memory 320 to perform the above-described method.
On the basis, a readable storage medium applied to a computer is provided, and a computer program is burned in the readable storage medium, and when the computer program runs in the memory 320 of the cloud communication server 300, the method is implemented.
Based on the description of the foregoing embodiments, please refer to fig. 4 in combination, and further provide a communication information processing system based on cloud edge cooperation, where the system includes a cloud communication server 300, a plurality of edge nodes 400, and at least one edge device 500 in communication with each edge node 400. The description of the system is specifically as follows.
B1. A communication information processing system based on cloud edge cooperation comprises a cloud communication server 300, a plurality of edge nodes 400 and at least one edge device 500 which is communicated with each edge node 400;
the cloud communication server 300 is configured to:
performing data extraction operation on the node service information of each edge node 400 to obtain node configuration data of each edge node 400;
if the target edge node is detected to contain the dynamic node signature, after the data extraction operation of the node service information of the target edge node is completed, responding to the dynamic node signature to perform certificate coding operation; wherein the dynamic node signature is used for characterizing that the target edge node is in a valid communication state;
when a target certificate obtained after the certificate encoding operation is completed meets a preset condition, extracting an operation file record corresponding to the certificate encoding operation and identifying a target file used for generating the target certificate in the operation file record; the target file is generated according to a time sequence and in a file stream mode;
mapping file structure information and file label information corresponding to the target file to an information base corresponding to a node container corresponding to the target edge node to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information; the information base corresponding to the node container is deployed in the cloud communication server;
importing the mapping structure information and the mapping label information into a preset thread and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the node configuration data;
issuing the issuing script file to the target edge node;
the target edge node 400 is configured to:
generating a security certificate according to the issuing script file and configuring a security channel corresponding to the cloud communication server 300 based on the security certificate; and issuing script files corresponding to different edge nodes have different file types.
B2. The communication information processing system of B1, the cloud communication server 300, further configured to:
determining a service thread log of each edge node, and determining an information dividing point of node service information corresponding to each edge node according to a log identifier in the service thread log;
segmenting the node service information according to the information segmentation points to obtain a plurality of service information segments, and determining the cumulative value of the calling times of each service information segment in a set time period;
determining the service information segment with the calling number accumulated value smaller than a set value as a redundant information segment, extracting information codes of each target service information segment except the redundant information segment in the plurality of service information segments to obtain data codes corresponding to each target service information segment, sequencing each group of data codes according to the weight coefficient of the target service information segment to obtain a data coding sequence, and extracting characteristic data of the data coding sequence to obtain the node configuration data; the weight coefficient is used for representing the service relevance of the target service information segment in each edge node.
B3. In the communication information processing system of B1, the cloud communication server 300 determines whether the target certificate satisfies the preset condition by:
acquiring a compatibility track generated according to an interface compatibility list determined by an interface trigger record of a target edge node; the compatibility track is used for representing compatibility records of the target edge node when interacting with different servers, the compatibility track comprises a plurality of track nodes, the track nodes correspond to a compatibility identifier, and the compatibility identifier is a first identifier used for representing that the target edge node is a compatible node and a second identifier used for representing that the target node is an incompatible node;
listing node positions of the track nodes with the first identification in the compatibility track, and fitting based on the node positions to obtain a performance curve of the target edge node; the node position is used for representing the centrality of the track node, and the performance curve is used for describing the information receiving and sending success rate of the target edge node;
listing verification nodes corresponding to each piece of verification information in the target certificate, and fitting to obtain a verification curve of the target certificate based on the verification nodes; the verification node is used for representing different security verification modes of the target certificate, and verification logics of the different security verification modes are different;
calculating a curve similarity value of the performance curve and the verification curve; when the curve similarity value is larger than a set threshold value, judging that the target certificate meets the preset condition; when the curve similarity value is smaller than or equal to a set threshold value, judging that the target certificate does not meet the preset condition; wherein the performance curve and the verification curve are mapped into the same coordinate plane before calculating the curve similarity of the performance curve and the verification curve.
B4. The communication information processing system of B1, the cloud communication server 300 is specifically configured to:
determining a communication connection list between the cloud communication server and each edge node;
determining a first hierarchical relationship between the cloud communication server and each edge node and a second hierarchical relationship between at least two edge nodes from the communication connection list;
determining a cascade relation between the cloud communication server and each edge node according to the first hierarchical relation and the second hierarchical relation;
and traversing each edge node based on the cascade relation, encoding according to the registration information of the current edge node obtained based on the traversal of the dynamic node signature in the traversal process to obtain an initial certificate, and iterating the initial certificate when traversing to the registration information of the next edge node based on the dynamic node signature until the traversal of all edge nodes is completed to obtain the target certificate.
B5. The communication information processing system of any of claims B1-B4, the cloud communication server 300, further configured to:
acquiring n operation instruction streams corresponding to the certificate encoding operation; the operation instruction stream comprises a plurality of instruction source code sequences, each instruction source code sequence has sequence labels with different identification degrees, all the sequence labels corresponding to each operation instruction stream have a hierarchical relationship from large to small, and n is a positive integer;
counting m effective operation instructions and k invalid operation instructions corresponding to the certificate encoding operation according to the calculated proportion of the instruction source code sequence with the identification degree higher than the preset identification degree in each instruction stream of the certificate encoding operation in the instruction stream; the system comprises a target certificate, a valid operation instruction and an invalid operation instruction, wherein m and k are positive integers, the sum of m and k is n, the valid operation instruction is an instruction for generating verification information of the target certificate, and the invalid operation instruction is an instruction for logically connecting the valid operation instruction;
generating a first operation record based on the effective operation instruction and generating a second operation record based on the ineffective operation instruction, emulating the second operation record to the first operation record according to a directory structure of the first operation record, and hiding an instruction source code sequence corresponding to the ineffective operation instruction in the second operation record in a recording unit corresponding to the first operation record; the recording unit is used for recording an instruction source code sequence;
extracting a first sequence feature of an instruction source code sequence in each recording unit in the first operation record according to a time sequence, generating a plurality of continuous file streams according to the extracted first sequence feature, and determining the file streams as transition files;
calculating a file continuous coefficient for representing the integrity of the transition file according to the cosine distance of every two adjacent first sequence features; judging whether the file continuous coefficients reach set coefficients for representing that the transition files cannot have information loss or not; and when the file continuity coefficient does not reach the set coefficient, extracting a second sequence feature of an instruction source code sequence corresponding to the hidden invalid operation instruction in at least one recording unit in the first operation record, and correcting the transition file based on the second sequence feature to obtain the target file.
B6. The communication information processing system of B5, the cloud communication server 300, further configured to:
when the file continuous coefficient reaches the set coefficient;
and determining the transition file as the target file.
B7. The communication information processing system of B1, the cloud communication server 300 is specifically configured to:
extracting file structure information of the target file, constructing information clusters of the file structure information, determining field labels corresponding to target fields with matching rates between the target files and preset fields larger than a set ratio, and constructing label clusters of the field labels according to Hamming distances among the field labels; the information cluster and the label cluster are constructed in a multi-dimensional characteristic identification mode;
determining the clustering unit with the maximum clustering characteristic value in the information clusters as a reference clustering unit, selecting one clustering unit from the label clusters and extracting the characteristic dimension of the clustering unit;
migrating the characteristic dimension into the reference clustering unit to obtain a transformation dimension of the characteristic dimension in the reference clustering unit, and determining association logic between the information cluster and the label cluster based on a dimension difference between the transformation dimension and the characteristic dimension;
and sequentially mapping the information clusters and the label clusters to an information base corresponding to a node container corresponding to the target edge node according to the association logic to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information.
B8. The communication information processing system of B1, the cloud communication server 300, further configured to:
acquiring thread state parameters of the preset threads, and calculating a first usability of first thread information in a first thread packet and a second usability of second thread information in a second thread packet under the condition that the first thread packet and the second thread packet exist in the preset threads according to the thread state parameters; the first thread packet is an associated thread packet, the second thread packet is a non-associated thread packet, the usability characterizes adjustment time consumption of thread information in different service scenes, and the usability is inversely proportional to the adjustment time consumption;
importing the mapping structure information into the second thread package, importing the mapping tag information into the first thread package, and recording a third usability of the second thread information of the second thread package imported with the mapping structure information and a fourth usability of the first thread information of the first thread package imported with the mapping tag information;
calculating a first difference between the first and fourth ease degrees and a second difference between the second and third ease degrees; when the first difference value and the second difference value are both smaller than a target difference value, the preset thread is driven by the node configuration data to generate an issuing script file through the mapping structure information and the mapping label information; otherwise, weighting the node configuration data according to the first difference or the second difference to obtain a modified configuration parameter, and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the modified configuration parameter; and the corrected configuration parameters are used for improving the usability of the first thread information and the second thread information when the preset thread is driven.
For a detailed description of the above-described apparatus and system, reference is made to the description of the method steps shown in fig. 1, which are not described further here.
Claims (8)
1. A communication information processing method based on cloud edge cooperation is characterized by being applied to a cloud end communication server which is communicated with a plurality of edge nodes in a cloud edge system, and the method comprises the following steps:
performing data extraction operation on the node service information of each edge node to obtain node configuration data of each edge node;
if the target edge node is detected to contain the dynamic node signature, after the data extraction operation of the node service information of the target edge node is completed, responding to the dynamic node signature to perform certificate coding operation; wherein the dynamic node signature is used for characterizing that the target edge node is in a valid communication state;
when a target certificate obtained after the certificate encoding operation is completed meets a preset condition, extracting an operation file record corresponding to the certificate encoding operation and identifying a target file used for generating the target certificate in the operation file record; the target file is generated according to a time sequence and in a file stream mode;
mapping file structure information and file label information corresponding to the target file to an information base corresponding to a node container corresponding to the target edge node to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information; the information base corresponding to the node container is deployed in the cloud communication server;
importing the mapping structure information and the mapping label information into a preset thread and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the node configuration data;
issuing the issuing script file to the target edge node so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate; the issuing script files corresponding to different edge nodes have different file types;
the method specifically comprises the following steps of judging whether a target certificate meets a preset condition:
acquiring a compatibility track generated according to an interface compatibility list determined by an interface trigger record of a target edge node; the compatibility track is used for representing compatibility records of the target edge node when interacting with different servers, the compatibility track comprises a plurality of track nodes, the track nodes correspond to a compatibility identifier, and the compatibility identifier is a first identifier used for representing that the target edge node is a compatible node and a second identifier used for representing that the target node is an incompatible node;
listing node positions of the track nodes with the first identification in the compatibility track, and fitting based on the node positions to obtain a performance curve of the target edge node; the node position is used for representing the centrality of the track node, and the performance curve is used for describing the information receiving and sending success rate of the target edge node;
listing verification nodes corresponding to each piece of verification information in the target certificate, and fitting to obtain a verification curve of the target certificate based on the verification nodes; the verification node is used for representing different security verification modes of the target certificate, and verification logics of the different security verification modes are different;
calculating a curve similarity value of the performance curve and the verification curve; when the curve similarity value is larger than a set threshold value, judging that the target certificate meets the preset condition; when the curve similarity value is smaller than or equal to a set threshold value, judging that the target certificate does not meet the preset condition; wherein the performance curve and the verification curve are mapped into the same coordinate plane before calculating the curve similarity of the performance curve and the verification curve.
2. The method of claim 1, wherein performing a data extraction operation on the node traffic information of each edge node to obtain node configuration data of each edge node comprises:
determining a service thread log of each edge node, and determining an information dividing point of node service information corresponding to each edge node according to a log identifier in the service thread log;
segmenting the node service information according to the information segmentation points to obtain a plurality of service information segments, and determining the cumulative value of the calling times of each service information segment in a set time period;
determining the service information segment with the calling number accumulated value smaller than a set value as a redundant information segment, extracting information codes of each target service information segment except the redundant information segment in the plurality of service information segments to obtain data codes corresponding to each target service information segment, sequencing each group of data codes according to the weight coefficient of the target service information segment to obtain a data coding sequence, and extracting characteristic data of the data coding sequence to obtain the node configuration data; the weight coefficient is used for representing the service relevance of the target service information segment in each edge node.
3. The method of claim 1, wherein performing a certificate encoding operation in response to the dynamic node signature comprises:
determining a communication connection list between the cloud communication server and each edge node;
determining a first hierarchical relationship between the cloud communication server and each edge node and a second hierarchical relationship between at least two edge nodes from the communication connection list;
determining a cascade relation between the cloud communication server and each edge node according to the first hierarchical relation and the second hierarchical relation;
and traversing each edge node based on the cascade relation, encoding according to the registration information of the current edge node obtained based on the traversal of the dynamic node signature in the traversal process to obtain an initial certificate, and iterating the initial certificate when traversing to the registration information of the next edge node based on the dynamic node signature until the traversal of all edge nodes is completed to obtain the target certificate.
4. The method of any one of claims 1-3, wherein extracting an operation file record corresponding to the certificate encoding operation and identifying a target file in the operation file record for generating the target certificate comprises:
acquiring n operation instruction streams corresponding to the certificate encoding operation; the operation instruction stream comprises a plurality of instruction source code sequences, each instruction source code sequence has sequence labels with different identification degrees, all the sequence labels corresponding to each operation instruction stream have a hierarchical relationship from large to small, and n is a positive integer;
counting m effective operation instructions and k invalid operation instructions corresponding to the certificate encoding operation according to the calculated proportion of the instruction source code sequence with the identification degree higher than the preset identification degree in each instruction stream of the certificate encoding operation in the instruction stream; the system comprises a target certificate, a valid operation instruction and an invalid operation instruction, wherein m and k are positive integers, the sum of m and k is n, the valid operation instruction is an instruction for generating verification information of the target certificate, and the invalid operation instruction is an instruction for logically connecting the valid operation instruction;
generating a first operation record based on the effective operation instruction and generating a second operation record based on the ineffective operation instruction, emulating the second operation record to the first operation record according to a directory structure of the first operation record, and hiding an instruction source code sequence corresponding to the ineffective operation instruction in the second operation record in a recording unit corresponding to the first operation record; the recording unit is used for recording an instruction source code sequence;
extracting a first sequence feature of an instruction source code sequence in each recording unit in the first operation record according to a time sequence, generating a plurality of continuous file streams according to the extracted first sequence feature, and determining the file streams as transition files;
calculating a file continuous coefficient for representing the integrity of the transition file according to the cosine distance of every two adjacent first sequence features; judging whether the file continuous coefficients reach set coefficients for representing that the transition files cannot have information loss or not; and when the file continuity coefficient does not reach the set coefficient, extracting a second sequence feature of an instruction source code sequence corresponding to the hidden invalid operation instruction in at least one recording unit in the first operation record, and correcting the transition file based on the second sequence feature to obtain the target file.
5. The method of claim 4, wherein the method further comprises:
when the file continuous coefficient reaches the set coefficient;
and determining the transition file as the target file.
6. A cloud communication server in communication with a plurality of edge nodes, the cloud communication server operable to:
performing data extraction operation on the node service information of each edge node to obtain node configuration data of each edge node;
if the target edge node is detected to contain the dynamic node signature, after the data extraction operation of the node service information of the target edge node is completed, responding to the dynamic node signature to perform certificate coding operation; wherein the dynamic node signature is used for characterizing that the target edge node is in a valid communication state;
when a target certificate obtained after the certificate encoding operation is completed meets a preset condition, extracting an operation file record corresponding to the certificate encoding operation and identifying a target file used for generating the target certificate in the operation file record; the target file is generated according to a time sequence and in a file stream mode;
mapping file structure information and file label information corresponding to the target file to an information base corresponding to a node container corresponding to the target edge node to obtain mapping structure information corresponding to the file structure information and mapping label information corresponding to the file label information; the information base corresponding to the node container is deployed in the cloud communication server;
importing the mapping structure information and the mapping label information into a preset thread and driving the preset thread to generate an issuing script file through the mapping structure information and the mapping label information through the node configuration data;
issuing the issuing script file to the target edge node so that the target edge node generates a security certificate according to the issuing script file and configures a security channel corresponding to the cloud communication server based on the security certificate; the issuing script files corresponding to different edge nodes have different file types;
the cloud communication server judges whether the target certificate meets the preset condition or not by the following steps:
acquiring a compatibility track generated according to an interface compatibility list determined by an interface trigger record of a target edge node; the compatibility track is used for representing compatibility records of the target edge node when interacting with different servers, the compatibility track comprises a plurality of track nodes, the track nodes correspond to a compatibility identifier, and the compatibility identifier is a first identifier used for representing that the target edge node is a compatible node and a second identifier used for representing that the target node is an incompatible node;
listing node positions of the track nodes with the first identification in the compatibility track, and fitting based on the node positions to obtain a performance curve of the target edge node; the node position is used for representing the centrality of the track node, and the performance curve is used for describing the information receiving and sending success rate of the target edge node;
listing verification nodes corresponding to each piece of verification information in the target certificate, and fitting to obtain a verification curve of the target certificate based on the verification nodes; the verification node is used for representing different security verification modes of the target certificate, and verification logics of the different security verification modes are different;
calculating a curve similarity value of the performance curve and the verification curve; when the curve similarity value is larger than a set threshold value, judging that the target certificate meets the preset condition; when the curve similarity value is smaller than or equal to a set threshold value, judging that the target certificate does not meet the preset condition; wherein the performance curve and the verification curve are mapped into the same coordinate plane before calculating the curve similarity of the performance curve and the verification curve.
7. The cloud communication server of claim 6, wherein said cloud communication server performing certificate encoding operations in response to said dynamic node signature specifically comprises:
determining a communication connection list between the cloud communication server and each edge node;
determining a first hierarchical relationship between the cloud communication server and each edge node and a second hierarchical relationship between at least two edge nodes from the communication connection list;
determining a cascade relation between the cloud communication server and each edge node according to the first hierarchical relation and the second hierarchical relation;
and traversing each edge node based on the cascade relation, encoding according to the registration information of the current edge node obtained based on the traversal of the dynamic node signature in the traversal process to obtain an initial certificate, and iterating the initial certificate when traversing to the registration information of the next edge node based on the dynamic node signature until the traversal of all edge nodes is completed to obtain the target certificate.
8. The cloud communication server of any of claims 6-7, wherein the extracting, by the cloud communication server, an operation file record corresponding to the certificate encoding operation and identifying a target file in the operation file record for generating the target certificate specifically comprises:
acquiring n operation instruction streams corresponding to the certificate encoding operation; the operation instruction stream comprises a plurality of instruction source code sequences, each instruction source code sequence has sequence labels with different identification degrees, all the sequence labels corresponding to each operation instruction stream have a hierarchical relationship from large to small, and n is a positive integer;
counting m effective operation instructions and k invalid operation instructions corresponding to the certificate encoding operation according to the calculated proportion of the instruction source code sequence with the identification degree higher than the preset identification degree in each instruction stream of the certificate encoding operation in the instruction stream; the system comprises a target certificate, a valid operation instruction and an invalid operation instruction, wherein m and k are positive integers, the sum of m and k is n, the valid operation instruction is an instruction for generating verification information of the target certificate, and the invalid operation instruction is an instruction for logically connecting the valid operation instruction;
generating a first operation record based on the effective operation instruction and generating a second operation record based on the ineffective operation instruction, emulating the second operation record to the first operation record according to a directory structure of the first operation record, and hiding an instruction source code sequence corresponding to the ineffective operation instruction in the second operation record in a recording unit corresponding to the first operation record; the recording unit is used for recording an instruction source code sequence;
extracting a first sequence feature of an instruction source code sequence in each recording unit in the first operation record according to a time sequence, generating a plurality of continuous file streams according to the extracted first sequence feature, and determining the file streams as transition files;
calculating a file continuous coefficient for representing the integrity of the transition file according to the cosine distance of every two adjacent first sequence features; judging whether the file continuous coefficients reach set coefficients for representing that the transition files cannot have information loss or not; and when the file continuity coefficient does not reach the set coefficient, extracting a second sequence feature of an instruction source code sequence corresponding to the hidden invalid operation instruction in at least one recording unit in the first operation record, and correcting the transition file based on the second sequence feature to obtain the target file.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011316199.0A CN112291070A (en) | 2020-06-10 | 2020-06-10 | Communication information processing method and system based on cloud edge terminal cooperation |
CN202010521891.0A CN111740842B (en) | 2020-06-10 | 2020-06-10 | Communication information processing method based on cloud side cooperation and cloud communication server |
CN202011316194.8A CN112291069A (en) | 2020-06-10 | 2020-06-10 | Communication information processing method applied to cloud side terminal cooperation and cloud side communication server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010521891.0A CN111740842B (en) | 2020-06-10 | 2020-06-10 | Communication information processing method based on cloud side cooperation and cloud communication server |
Related Child Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011316199.0A Division CN112291070A (en) | 2020-06-10 | 2020-06-10 | Communication information processing method and system based on cloud edge terminal cooperation |
CN202011316194.8A Division CN112291069A (en) | 2020-06-10 | 2020-06-10 | Communication information processing method applied to cloud side terminal cooperation and cloud side communication server |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111740842A CN111740842A (en) | 2020-10-02 |
CN111740842B true CN111740842B (en) | 2021-02-05 |
Family
ID=72648608
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011316194.8A Withdrawn CN112291069A (en) | 2020-06-10 | 2020-06-10 | Communication information processing method applied to cloud side terminal cooperation and cloud side communication server |
CN202011316199.0A Withdrawn CN112291070A (en) | 2020-06-10 | 2020-06-10 | Communication information processing method and system based on cloud edge terminal cooperation |
CN202010521891.0A Active CN111740842B (en) | 2020-06-10 | 2020-06-10 | Communication information processing method based on cloud side cooperation and cloud communication server |
Family Applications Before (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011316194.8A Withdrawn CN112291069A (en) | 2020-06-10 | 2020-06-10 | Communication information processing method applied to cloud side terminal cooperation and cloud side communication server |
CN202011316199.0A Withdrawn CN112291070A (en) | 2020-06-10 | 2020-06-10 | Communication information processing method and system based on cloud edge terminal cooperation |
Country Status (1)
Country | Link |
---|---|
CN (3) | CN112291069A (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113778628B (en) * | 2021-09-14 | 2023-09-05 | 新华智云科技有限公司 | Edge node control method and system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107079070A (en) * | 2014-09-05 | 2017-08-18 | 高通股份有限公司 | Accessed using multiple certificates and traffic differentiation |
CN107425988A (en) * | 2009-01-28 | 2017-12-01 | 海德沃特研究有限责任公司 | Roaming service network and stacking network |
WO2020057163A1 (en) * | 2018-09-21 | 2020-03-26 | 华为技术有限公司 | Mec platform deployment method and device |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN207603683U (en) * | 2017-12-13 | 2018-07-10 | 南方电网科学研究院有限责任公司 | Mobile intelligent Terminal data transmission system based on edge server |
US11184236B2 (en) * | 2019-04-30 | 2021-11-23 | Intel Corporation | Methods and apparatus to control processing of telemetry data at an edge platform |
US20200136921A1 (en) * | 2019-09-28 | 2020-04-30 | Intel Corporation | Methods, system, articles of manufacture, and apparatus to manage telemetry data in an edge environment |
CN111131433A (en) * | 2019-12-20 | 2020-05-08 | 厦门瑞为信息技术有限公司 | Visitor management system and method based on cloud edge cooperation |
CN111212084B (en) * | 2020-01-15 | 2021-04-23 | 广西师范大学 | Attribute encryption access control method facing edge calculation |
-
2020
- 2020-06-10 CN CN202011316194.8A patent/CN112291069A/en not_active Withdrawn
- 2020-06-10 CN CN202011316199.0A patent/CN112291070A/en not_active Withdrawn
- 2020-06-10 CN CN202010521891.0A patent/CN111740842B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107425988A (en) * | 2009-01-28 | 2017-12-01 | 海德沃特研究有限责任公司 | Roaming service network and stacking network |
CN107079070A (en) * | 2014-09-05 | 2017-08-18 | 高通股份有限公司 | Accessed using multiple certificates and traffic differentiation |
WO2020057163A1 (en) * | 2018-09-21 | 2020-03-26 | 华为技术有限公司 | Mec platform deployment method and device |
Also Published As
Publication number | Publication date |
---|---|
CN112291069A (en) | 2021-01-29 |
CN112291070A (en) | 2021-01-29 |
CN111740842A (en) | 2020-10-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111783875B (en) | Abnormal user detection method, device, equipment and medium based on cluster analysis | |
WO2020155752A1 (en) | Outlier detection model verification method and apparatus, and computer device and storage medium | |
CN111669442A (en) | Data transmission method based on block chain and electronic equipment | |
US20230289828A1 (en) | Data processing method, computer device, and readable storage medium | |
KR101937220B1 (en) | Method for generating and verifying a digital signature or message authentication code based on a block chain that does not require key management | |
CN108959370B (en) | Community discovery method and device based on entity similarity in knowledge graph | |
CN113515367A (en) | Data integration method based on big data and edge calculation and storage medium | |
CN111953757B (en) | Information processing method based on cloud computing and intelligent device interaction and cloud server | |
CN112131004A (en) | Data processing method based on communication of Internet of things and cloud computing server | |
CN1459724A (en) | Method and apparatus for producing sequence number | |
CN112162999A (en) | Big data processing method based on interactive cloud computing and artificial intelligence server | |
CN103678028A (en) | RAM internal storage detection method and device | |
CN111740842B (en) | Communication information processing method based on cloud side cooperation and cloud communication server | |
CN111371858A (en) | Group control equipment identification method, device, medium and electronic equipment | |
CN113282630A (en) | Data query method and device based on interface switching | |
CN114997880A (en) | Big data analysis method and system for business risks | |
CN115509848A (en) | Log analysis method and device, electronic equipment and storage medium | |
CN111740494B (en) | Data management method based on edge computing and cloud computing and edge computing platform | |
CN111949720B (en) | Data analysis method based on big data and artificial intelligence and cloud data server | |
CN112580105B (en) | Data permission protection method and system based on interactive class and non-interactive class | |
CN112866300A (en) | Block chain big data safety protection method and system based on artificial intelligence | |
CN112434651A (en) | Information analysis method and device based on image recognition and computer equipment | |
CN115085947B (en) | Data security inspection method and system in digital twin | |
CN113973003B (en) | Verification method for cloud cluster scheduling storage information based on block chain | |
CN113704624B (en) | Policy recommendation method, device, equipment and medium based on user distribution |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20210119 Address after: 518110 440-441, 42 Huaning Road, Xinshi community, Dalang street, Longhua District, Shenzhen City, Guangdong Province Applicant after: Shenzhen Yuyi Technology Co.,Ltd. Address before: No.18 Jiangfeng Road, Binhai Industrial Park, Qidong City, Nantong City, Jiangsu Province Applicant before: Li Caiyun |
|
GR01 | Patent grant | ||
GR01 | Patent grant |