CN112311835A - Security check analysis data transmission method and system, security check analyzer and client device - Google Patents
Security check analysis data transmission method and system, security check analyzer and client device Download PDFInfo
- Publication number
- CN112311835A CN112311835A CN201910711712.7A CN201910711712A CN112311835A CN 112311835 A CN112311835 A CN 112311835A CN 201910711712 A CN201910711712 A CN 201910711712A CN 112311835 A CN112311835 A CN 112311835A
- Authority
- CN
- China
- Prior art keywords
- security check
- data
- target control
- browser
- analyzer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01V—GEOPHYSICS; GRAVITATIONAL MEASUREMENTS; DETECTING MASSES OR OBJECTS; TAGS
- G01V9/00—Prospecting or detecting by methods not provided for in groups G01V1/00 - G01V8/00
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The embodiment of the invention provides a security check analysis data transmission method, a security check analysis data transmission system, a security check analyzer and client equipment, wherein the method comprises the following steps: receiving a first webpage access request sent by a target control according to port information of the target control installed on a browser, wherein the port information of the target control is information of the target control acquired in advance through network monitoring; and sending a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises first-class data in security check analysis data, the security check analysis data are data obtained by analyzing the security check data by a security check analyzer, the security check analysis data comprise the first-class data and second-class data, and the security of the first-class data is higher than that of the second-class data. The security check analysis data transmission method, the security check analysis data transmission system, the security check analyzer and the client device provided by the embodiment of the invention can improve the flexibility of security check analysis data transmission.
Description
Technical Field
The embodiment of the invention relates to the technical field of security check monitoring, in particular to a security check analysis data transmission method and system, a security check analyzer and client equipment.
Background
The security check analyzer is equipment for analyzing security check information, and can analyze the security check information collected by the security check analyzer to obtain security check analysis data and display the security check analysis data for an operator to check so that the operator can control the security check information in real time.
After the security inspection analysis data is obtained by the security inspection analyzer, the security inspection analysis data needs to be output. The security inspection analyzer can carry out local output, for example, can be connected security inspection analyzer and display screen through wired or wireless, and security inspection analysis data transmission shows to the display screen, and operating personnel can acquire corresponding information directly through the display screen. But it is difficult to satisfy the multi-end linkage scenario only by the local output function. In the application of the internet of things, when remote master control personnel need to call, browse and set a remote security check analyzer, the problem of difficult operation of a local output function is only used for being exposed obviously. Therefore, in addition to the local output function, the security inspection analyzer needs to provide a web access service through a local area network or a wide area network, and a remote client (e.g., a calculator, a tablet computer, a mobile phone, etc.) is used for web access, and the remote client performs remote access and interaction with the security inspection analyzer through a web.
The existing transmission mode of security check analysis data can realize multi-end linkage, but when the webpage display of a browser is carried out, an HTTP or HTTPS protocol needs to be followed, and the flexibility of data transmission is not high enough.
Disclosure of Invention
The embodiment of the invention provides a security check analysis data transmission method and system, a security check analyzer and client equipment, and aims to solve the problem that the security check analysis data transmission is not high in flexibility in the prior art.
In a first aspect, an embodiment of the present invention provides a security inspection analysis data transmission method, which is applied to a security inspection analyzer, and the method includes:
receiving a first webpage access request sent by a target control according to port information of the target control installed on a browser of client equipment, wherein the port information of the target control is information of the target control acquired in advance through network monitoring;
and sending a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises first-class data in security check analysis data, the security check analysis data are data obtained by analyzing the security check data by a security check analyzer, the security check analysis data comprise the first-class data and second-class data, and the security of the first-class data is higher than that of the second-class data.
In a possible implementation manner, before the receiving, according to port information of a target control installed on a browser of a client device, a first web page access request sent by the target control, the method further includes:
receiving control state information sent by the browser, wherein the control state information is used for indicating the state of a target control installed on the browser;
and if the state of the target control installed on the browser is an abnormal state, sending a control resource address to the browser so that the browser can acquire a new target control according to the control resource address.
In a possible implementation manner, before receiving the control state information sent by the browser, the method further includes:
receiving a second webpage access request sent by the browser according to port information of the browser, wherein the port information of the browser is information of the browser obtained in advance through network monitoring;
and sending the second webpage access response to the browser according to the port information of the browser, wherein the second webpage access response comprises second-class data in the security check analysis data.
In a possible implementation manner, the sending a first webpage access response to the target control according to the port information of the target control includes:
encrypting the first type of data to obtain encrypted first type of data;
and sending a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises the encrypted first-class data.
In a second aspect, an embodiment of the present invention provides a security check analysis data transmission method, which is applied to a client device, and the method includes:
sending a first webpage access request to a security check analyzer so that the security check analyzer receives the first webpage access request according to port information of a target control installed on a browser of the client device, wherein the port information of the target control is information which is sent to the security check analyzer by the browser through a network in advance;
receiving a first webpage access response sent by the security check analyzer, wherein the first webpage access response is sent to the target control by the security check analyzer according to port information of the target control, the first webpage access response comprises first-class data in security check analysis data, the security check analysis data is data obtained by analyzing the security check data by the security check analyzer, the security check analysis data comprises the first-class data and second-class data, and the security of the first-class data is higher than that of the second-class data;
displaying the first type of data on the target control.
In one possible implementation, before the sending the first web page access request to the security check analyzer, the method further includes:
sending control state information to the security check analyzer, wherein the control state information is used for indicating the state of a target control installed on the browser;
and if the state of the target control installed on the browser is abnormal, receiving a control resource address sent by the security check analyzer, and acquiring a new target control according to the control resource address.
In one possible implementation, before sending the control status information to the security check analyzer, the method further includes:
sending a second webpage request to the security check analyzer so that the security check analyzer receives the second webpage request according to port information of the browser, wherein the port information of the browser is information which is sent to the security check analyzer by the browser through a network in advance;
receiving a second webpage access response sent by the security check analyzer, wherein the second webpage access response is sent to the browser by the security check analyzer according to port information of the browser, and the second webpage access response comprises second-class data in the security check analysis data;
and displaying the second type data on the browser.
In a possible implementation manner, the first webpage access response includes encrypted first-class data, and the encrypted first-class data is obtained by encrypting the first-class data by the security check analyzer.
In a third aspect, an embodiment of the present invention provides a security check analyzer, where the security check analyzer includes a processor and a communication module, where:
the processor is used for processing a first webpage access request sent by a target control received by the communication module according to port information of the target control installed on a browser of client equipment, and generating a first webpage access response, wherein the first webpage access response comprises first-class data in security check analysis data, the security check analysis data are data obtained by analyzing the security check data by the processor, the security check analysis data comprise the first-class data and second-class data, the security of the first-class data is higher than that of the second-class data, and the port information of the target control is information of the target control obtained in advance through network monitoring;
and the communication module is used for sending the first webpage access response to the target control according to the port information of the target control.
In a possible implementation manner, before receiving, according to port information of a target control installed on a browser of a client device, a first web access request sent by the target control, the communication module is further configured to:
receiving control state information sent by the browser, wherein the control state information is used for indicating the state of a target control installed on the browser;
and if the state of the target control installed on the browser is an abnormal state, sending a control resource address to the browser so that the browser can acquire a new target control according to the control resource address.
In a possible implementation manner, before receiving the control state information sent by the browser, the processor is further configured to:
processing a second webpage access request sent by the browser and received by the communication module according to the port information of the browser, and generating a second webpage access response, wherein the port information of the browser is the information of the browser acquired in advance through network monitoring;
the communication module is further configured to send the second web access response to the browser according to the port information of the browser, where the second web access response includes the second type of data in the security check analysis data.
In one possible implementation, the communication module is further configured to:
encrypting the first type of data to obtain encrypted first type of data;
and sending a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises the encrypted first-class data.
In a fourth aspect, an embodiment of the present invention provides a client device, including a communication module and a display, where:
the communication module is used for sending a first webpage access request to a security check analyzer so that the security check analyzer can receive the first webpage access request according to port information of a target control installed on a browser of client equipment, wherein the port information of the target control is information of the target control acquired in advance by the security check analyzer through network monitoring;
the communication module is further configured to receive a first webpage access response sent by the security check analyzer, where the first webpage access response is sent to the target control by the security check analyzer according to the port information of the target control, the first webpage access response includes first-class data in security check analysis data, where the security check analysis data is data obtained by analyzing the security check data by the security check analyzer, the security check analysis data includes the first-class data and second-class data, and security of the first-class data is higher than security of the second-class data;
the display is used for displaying the first type of data on the target control.
In a possible implementation manner, before the sending of the first web page access request to the security check analyzer, the communication module is further configured to:
sending control state information to the security check analyzer, wherein the control state information is used for indicating the state of a target control installed on the browser;
and if the state of the target control installed on the browser is abnormal, receiving a control resource address sent by the security check analyzer, and acquiring a new target control according to the control resource address.
In a possible implementation manner, before sending the control status information to the security check analyzer, the communication module is further configured to:
sending a second webpage request to the security check analyzer so that the security check analyzer receives the second webpage request according to port information of the browser, wherein the port information of the browser is information which is sent to the security check analyzer by the browser through a network in advance;
receiving a second webpage access response sent by the security check analyzer, wherein the second webpage access response is sent to the browser by the security check analyzer according to port information of the browser, and the second webpage access response comprises second-class data in the security check analysis data;
the display is further configured to display the second type of data on the browser.
In a possible implementation manner, the first webpage access response includes encrypted first-class data, and the encrypted first-class data is obtained by encrypting the first-class data by the security check analyzer.
In a fifth aspect, an embodiment of the present invention provides a security inspection analysis data transmission system, including the security inspection analyzer according to any one of the third aspects and the client device according to any one of the fourth aspects.
In a sixth aspect, an embodiment of the present invention provides a readable storage medium, where an execution instruction is stored, and when a processor executes the execution instruction, the security inspection analysis data transmission method according to any one of the first aspect is implemented, or the security inspection analysis data transmission method according to any one of the second aspect is implemented.
According to the transmission method and system of the security check analysis data, the security check analyzer and the client device, firstly, the security check analyzer receives a first webpage request sent by a target control through port information of the target control installed on a browser of the client device, then, the security check analyzer sends a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises first type data in the security check analysis data, and finally, the first type data is displayed on the target control. According to the transmission method and system of the security check analysis data, the security check analyzer and the client device, the security check analysis data are divided into the first type of data and the second type of data, then the first type of data are sent to the target control to be displayed, and the first type of data are transmitted in a control form, so that the first type of data can not be limited to general webpage specifications and protocols, the flexibility of data transmission can be improved, and the transmission of the security check analysis data is more diversified and free.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a schematic view of an application scenario of security inspection analysis data transmission according to an embodiment of the present invention;
fig. 2 is a signaling interaction diagram of a security inspection analysis data transmission method according to an embodiment of the present invention;
fig. 3 is a signaling interaction diagram of a security inspection analysis data transmission method according to another embodiment of the present invention;
fig. 4 is a schematic diagram illustrating transmission of second type data according to an embodiment of the present invention;
fig. 5 is a schematic connection diagram of a security check analyzer and a browser according to an embodiment of the present invention;
fig. 6 is a schematic data trend diagram of a security check analyzer according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a security inspection analyzer according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a client device according to an embodiment of the present invention;
fig. 9 is a schematic structural diagram of a security inspection analysis data transmission system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic view of an application scenario of security inspection analysis data transmission provided in an embodiment of the present invention, and as shown in fig. 1, the application scenario includes a security inspection device 11, a security inspection analyzer 12, and a client 13, where the security inspection device 11 and the security inspection analyzer 12 may be connected through a wired or wireless network. The security inspection equipment 11 is security inspection equipment, and may include a security door, a metal detector, a security X-ray machine, a hazardous liquid detector, a hose endoscope, and the like, and the security inspection equipment 11 is installed in each place where security inspection is required, such as an airport, a convention and exhibition center, a train station, a performance place, and the like. When a person or an object passes through the security inspection device 11, the security inspection device may obtain security inspection data according to an inspection result, for example, when the person or the object is inspected by a security inspection X-ray machine in the security inspection device 11, the object passing through the security inspection device 11 may be photographed with a corresponding X-ray image, which is the corresponding security inspection data. After obtaining the security check data, the security check devices 11 send the security check data to the security check analyzer 12, where the same security check analyzer 12 may correspond to one or more security check devices 11.
After obtaining the security inspection data, the security inspection analyzer 12 analyzes the security inspection data to obtain security inspection analysis data, where the security inspection analysis data includes, but is not limited to, dangerous article information, statistical information, status information, and the like, for example, when the security inspection data is an X-ray image, the security inspection analyzer 12 analyzes the X-ray image to analyze whether there is a dangerous article therein, so as to obtain corresponding security inspection analysis data. The security check analyzer 12 is a Web server, and can allow another client 13 to access the security check analyzer 12 through a browser, so as to obtain and display the security check analysis data. In addition, the security check analyzer 12 also has a local output function, which is convenient for the operator to process and respond in time. For example, the security analyzer 12 may be connected to a display screen via a data line, and the corresponding security analysis data may be displayed on the display screen.
The technical solution of the present invention and how to solve the above technical problems will be described in detail with specific examples. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present invention will be described below with reference to the accompanying drawings.
Fig. 2 is a signaling interaction diagram of a security inspection analysis data transmission method according to an embodiment of the present invention, as shown in fig. 2, including:
and S21, the target control sends a first webpage access request to the security check analyzer.
The target control in the embodiment of the invention refers to a control installed on a browser of the client device, and the control refers to encapsulation of data and methods. The security check analysis data are divided into first-class data and second-class data according to security, wherein the security of the first-class data is higher than that of the second-class data. The first type of data is high-safety data, such as identification results of dangerous goods, total number of over-packaged data and the like, exposure may cause safety hazards, and the second type of data is low-safety data, such as system time, system configuration and the like, and data exposure does not cause problems. After the connection between the target control and the security check analyzer is established through the port information of the target control, the target control can send a first webpage access request to the security check analyzer to request the first type of data.
And S22, the security check analyzer receives the first webpage access request sent by the target control.
After the target control sends the first webpage access request, the security check analyzer receives the first webpage access request according to the port information of the target control, wherein the port information of the target control is information of the target control, which is obtained in advance by the security check analyzer through network monitoring.
And S23, the security check analyzer sends a first webpage access response to the target control.
And after receiving the first webpage access request, the security check analyzer needs to respond to the first webpage access request. And the security check analyzer sends a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response carries the first type of data.
And S24, the target control receives the first webpage access response sent by the security check analyzer.
After the security check analyzer sends the first webpage access response to the target control, the target control receives the first webpage access response, and therefore the first type of data is obtained.
S25, displaying the first type of data on the target control.
The existing scheme is that a client accesses a specified domain name address or IP address through a browser to realize interaction with a security check analyzer, the security check analyzer serves as a Web server to provide HTTP or HTTPS service, and security check analysis data need to follow a universal webpage specification in a transmission process. In the embodiment of the invention, the first type of data with high security in the security check analysis data is sent to the target control, and the first type of data is displayed through the target control, so that the transmission of the first type of data is not limited by the general webpage specification, and the flexibility of the transmission of the security check analysis data is improved.
The method for transmitting the security check analysis data includes the steps that firstly, a security check analyzer receives a first webpage request sent by a target control through port information of the target control installed on a browser, then the security check analyzer sends a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises first type data in the security check analysis data, and finally the first type data is displayed on the target control. According to the transmission method of the security check analysis data, provided by the embodiment of the invention, the security check analysis data are divided into the first type of data and the second type of data, then the first type of data are sent to the target control to be displayed, and the first type of data are transmitted in a control form, so that the first type of data can not be limited to general webpage specifications and protocols, the flexibility of data transmission can be improved, and the transmission of the security check analysis data is more diversified and free.
The embodiment of the present invention will be described in detail with reference to fig. 3.
Fig. 3 is a signaling interaction diagram of a security inspection analysis data transmission method according to another embodiment of the present invention, as shown in fig. 3, including:
s301, the browser sends a second webpage request to the security check analyzer.
S302, the security check analyzer receives a second webpage request sent by the browser.
Before the browser sends the second web page request to the security check analyzer, the security check analyzer needs to acquire information of a connection port between the browser and the security check analyzer in a network monitoring mode, namely port information of the browser. The browser can access the security check analyzer only by establishing the connection between the browser and the security check analyzer through the connection port between the browser and the security check analyzer.
After the port information of the browser is obtained, webpage access service can be performed. The browser may send a second web page request to the security check analyzer, specifically, access the security check analyzer through a Uniform Resource Locator (URL) address of the security check analyzer, and the security check analyzer receives the second web page request sent by the browser, where the second web page access request is that the browser applies for obtaining the second type of data from the security check analyzer.
And S303, the security check analyzer sends a second webpage access response to the browser.
And S304, the browser receives the second webpage access response sent by the security check analyzer.
In the embodiment of the invention, the security inspection analysis data comprises two types, namely first type data and second type data. The first type of data belongs to high-safety data, the sensitivity is high, and potential safety hazards can be caused if the first type of data is leaked; the second type of data belongs to low-safety data, has low sensitivity, and cannot cause potential safety hazards if leaked. In the embodiment of the invention, the first type data and the second type data are transmitted separately. And only applying for acquiring the second type of data in a second webpage access request sent to the security check analyzer by the browser.
And S305, displaying the second type data on the browser.
And after receiving the second webpage access response sent by the security check analyzer, the browser displays the second type data in the second webpage access response on the browser. The second type of data may be transmitted by using a web page general protocol, such as an HTTP protocol or an HTTPs protocol. Since the security inspection analysis data is obtained according to the security inspection data, when the security inspection analyzer receives the security inspection data newly sent by the security inspection equipment, new security inspection analysis data can be obtained according to the new security inspection data. If the second type of data in the new security check analysis data is updated, the browser is required to send a second webpage access request to the security check analyzer again to request the updated second type of data. Fig. 4 is a schematic diagram illustrating transmission of second type data according to an embodiment of the present invention, as shown in fig. 4, a security check analyzer monitors a request of a browser, and then the security check analyzer responds to the request of the browser. The browser requests the second type of data from the security check analyzer, when the second type of data is updated, the security check analyzer responds and sends the second type of data to the browser to be displayed, namely, data transmission between the security check analyzer and the browser is in a response mode.
And S306, the browser sends control state information to the security check analyzer.
And S307, the security check analyzer receives the control state information sent by the browser.
The target control needs to be pre-installed in the browser. When the browser accesses the URL address of the security check analyzer and loads a webpage, the browser automatically wakes up the target control and establishes a connection path between the control and the security check analyzer. Fig. 5 is a schematic diagram of a connection between a security check analyzer and a browser according to an embodiment of the present invention, and as shown in fig. 5, a connection is first established between the browser and the security check analyzer, and a web page universal protocol is used for the connection between the browser and the security check analyzer. And then the browser wakes up the target control, and establishes connection between the target control and the security check analyzer according to the port information of the target control. The security check analyzer needs to acquire information of a connection port between the target control and the security check analyzer in a network monitoring mode, that is, port information of the target control. The connection between the target control and the security check analyzer is established through a connection port between the target control and the security check analyzer, and the target control can access the security check analyzer.
And S308, if the state of the target control is abnormal, the security check analyzer sends the resource address of the control to the browser.
And if the state of the target control is abnormal, reinstalling the target control in the browser. At this time, the security check analyzer sends a control resource address to the browser, and the control resource address is preset.
And S309, the browser receives the control resource address and acquires a new target control according to the control resource address.
And after receiving the control resource address, the browser accesses according to the space resource address, downloads the control resource and installs the control resource on the browser, and then a new target control can be obtained. At this time, the state of the target control is the normal state.
S310, the target control sends a first webpage access request to the security check analyzer.
S311, the security check analyzer receives a first webpage access request sent by the target control.
In the embodiment of the present invention, the port of the target Control may be a TCP port or a UDP port, and taking the UDP port as an example, the target Control monitors the UDP port, and when there is data in the security inspection analyzer that needs to be sent to the target Control, the target Control sends a data packet to the UDP port of the target Control. And monitoring the message inside the target control, analyzing the message data and updating the display effect of the target control.
S312, the security check analyzer sends a first webpage access response to the target control.
S313, the target control receives the first webpage access response sent by the security check analyzer.
The first webpage access request is that the target control requests the security check analyzer for the first type of data. For data security, the security-oriented classification categories of data are different. In the embodiment of the invention, the security of the first type of data is higher than that of the second type of data, so that the transmission of the first type of data needs to be more private and secure to prevent leakage. In the embodiment of the invention, the first type of data after encryption is obtained by encrypting the first type of data, and then a first webpage access response is sent to the target control according to the UDP port information, wherein the first webpage access response comprises the first type of data after encryption. Furthermore, a connection path between the target control and the security check analyzer can be encrypted, that is, a transmission protocol between the target control and the security check analyzer is encrypted, so that the security is further ensured.
It will be appreciated that in addition to encrypting the first type of data, the second type of data may also be encrypted, all of which are most desirable, but at the expense of processing time for encryption and decryption, which is not worth compensating for the time traded for the lower security second type of data. Therefore, the first type of data with high security is usually encrypted, and whether the second type of data is encrypted or not can be determined according to actual needs.
And S314, displaying the first type of data on the target control.
When the first type of data of the security check analysis data is updated, the embodiment of the invention provides two modes for displaying on the target control. The first method is that the target control sends a first webpage access request to the security check analyzer again to request new first-type data. The security check analyzer sends a first webpage access response to the target control according to the first webpage access request, wherein the first webpage access response comprises new first-class data, data transmission between the target control and the security check analyzer is in a response mode, and the security check analyzer sends the first-class data to the target control only when the target control actively sends the request to the security check analyzer. The second type is that the target control monitors the UDP port, when the first type of data in the security check analysis data is updated, the security check analyzer sends a data message to the UDP port of the target control, the target control monitors the message and analyzes the message data to obtain new first type of data, so that the display effect of the target control is updated, namely, each time the first type of data is updated, the security check analyzer can actively send new first type of data to the target control, the data transmission between the target control and the security check analyzer is real-time and non-responsive, and the real-time performance of the data of the security check analyzer can be ensured.
Fig. 6 is a schematic data trend diagram of the security inspection analyzer according to the embodiment of the present invention, and as shown in fig. 6, the data trend includes two data trends, a first data trend is a data trend between the security inspection analyzer and the browser, and is a solid arrow part in fig. 6, and a second data trend is a data trend between the security inspection analyzer and the target control, and is a dashed arrow part in fig. 6.
In the first data trend, the security check analyzer acquires information of a connection port between the security check analyzer and the browser, and then the browser performs webpage access service according to the information of the port. The webpage access service is that the browser sends a second webpage access request to the security check analyzer to request second-class data. And then, detecting the state of the control, and if the detection result of the state of the control is in an abnormal state, indicating that the target control is not installed on the browser, wherein the target control needs to be installed again. In addition, the security check analyzer sends a second webpage access response to the browser, sends the second type of data to the browser, and the browser displays the second type of data.
And after the control state detection result is in a normal state, the security check analyzer acquires information of a connection port between the target control and the security check analyzer, and then the target control performs webpage access service according to the information of the port. At the moment, the webpage access service is that the target control sends a first webpage access request to the security check analyzer to request the first type of data. And after receiving the first webpage access request, the security check analyzer encapsulates the first type of data and sends a first webpage access response to the target control, wherein the first webpage access response comprises the encapsulated first type of data. At the moment, the first type of data is sent to the target control under the case, and the first type of data is displayed after the target control analyzes the first type of data.
The security check analysis data transmission method provided by the embodiment of the invention comprises the steps that firstly, a security check analyzer receives a first webpage request sent by a target control through port information of the target control installed on a browser, then, the security check analyzer sends a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises first-type data in security check analysis data, and finally, the first-type data is displayed on the target control. According to the security inspection analysis data transmission method provided by the embodiment of the invention, the security inspection analysis data is divided into the first type of data and the second type of data, then the first type of data is sent to the target control to be displayed, and the first type of data is transmitted in a control form, so that the first type of data can not be limited to general webpage specifications and protocols, the flexibility of data transmission can be improved, and the transmission of the security inspection analysis data is more diverse and free. Meanwhile, the target control of the embodiment of the invention independently transmits the first type of data through the UDP, encrypts the first type of data, and separates the transmission of the first type of data from the HTTP protocol, so that the transmission safety of the first type of data can be improved, and meanwhile, an upper-layer safety protocol can be used on a UDP port, so that the safety of the first type of data is further improved.
Fig. 7 is a schematic structural diagram of a security check analyzer according to an embodiment of the present invention, and as shown in fig. 7, the security check analyzer includes a processor 71 and a communication module 72, where:
the processor 71 is configured to process a first webpage access request sent by a target control received by the communication module according to port information of the target control installed on a browser of a client device, and generate a first webpage access response, where the first webpage access response includes first-class data in security inspection analysis data, the security inspection analysis data is data obtained by analyzing the security inspection data by the processor 71, the security inspection analysis data includes the first-class data and second-class data, security of the first-class data is higher than security of the second-class data, and the port information of the target control is information of the target control obtained in advance through network monitoring;
the communication module 72 is configured to send the first web page access response to the target control according to the port information of the target control.
In a possible implementation manner, before receiving, according to port information of a target control installed on a browser of a client device, a first web page access request sent by the target control, the communication module 72 is further configured to:
receiving control state information sent by the browser, wherein the control state information is used for indicating the state of a target control installed on the browser;
and if the state of the target control installed on the browser is an abnormal state, sending a control resource address to the browser so that the browser can acquire a new target control according to the control resource address.
In a possible implementation manner, before receiving the control state information sent by the browser, the processor 71 is further configured to:
processing a second webpage access request sent by the browser and received by the communication module 72 according to the port information of the browser, and generating a second webpage access response, wherein the port information of the browser is information of the browser obtained in advance through network monitoring;
the communication module 72 is further configured to send the second web page access response to the browser according to the port information of the browser, where the second web page access response includes the second type of data in the security check analysis data.
In a possible implementation manner, the communication module 72 is further configured to:
encrypting the first type of data to obtain encrypted first type of data;
and sending a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises the encrypted first-class data.
Fig. 8 is a schematic structural diagram of a client device according to an embodiment of the present invention, as shown in fig. 8, the client device includes a communication module 81 and a display 82, where:
the communication module 81 is configured to send a first web access request to a security check analyzer, so that the security check analyzer receives the first web access request according to port information of a target control installed on a browser of a client device, where the port information of the target control is information of a target control obtained in advance by the security check analyzer through network monitoring;
the communication module 81 is further configured to receive a first webpage access response sent by the security check analyzer, where the first webpage access response is sent to the target control by the security check analyzer according to the port information of the target control, the first webpage access response includes first type data in security check analysis data, where the security check analysis data is data obtained by analyzing the security check data by the security check analyzer, the security check analysis data includes the first type data and second type data, and security of the first type data is higher than security of the second type data;
the display 82 is used to display the first type of data on the target control.
In a possible implementation manner, before the sending of the first web page access request to the security check analyzer, the communication module 81 is further configured to:
sending control state information to the security check analyzer, wherein the control state information is used for indicating the state of a target control installed on the browser;
and if the state of the target control installed on the browser is abnormal, receiving a control resource address sent by the security check analyzer, and acquiring a new target control according to the control resource address.
In a possible implementation manner, before sending the control status information to the security check analyzer, the communication module 81 is further configured to:
sending a second webpage request to the security check analyzer so that the security check analyzer receives the second webpage request according to port information of the browser, wherein the port information of the browser is information which is sent to the security check analyzer by the browser through a network in advance;
receiving a second webpage access response sent by the security check analyzer, wherein the second webpage access response is sent to the browser by the security check analyzer according to port information of the browser, and the second webpage access response comprises second-class data in the security check analysis data;
the display 82 is also used for displaying the second type of data on the browser.
In a possible implementation manner, the first webpage access response includes encrypted first-class data, and the encrypted first-class data is obtained by encrypting the first-class data by the security check analyzer.
The apparatus provided in the embodiment of the present invention may be used to implement the technical solutions of the above method embodiments, and the implementation principles and technical effects are similar, which are not described herein again.
Fig. 9 is a schematic structural diagram of a security inspection analysis data transmission system according to an embodiment of the present invention, and as shown in fig. 9, the security inspection analysis data transmission system includes a security inspection analyzer 91 and a client device 92, where:
the client device 92 is configured to send a first web page access request to the security check analyzer 91 through a target control installed on a browser of the client device 92;
the security check analyzer 91 is configured to receive a first webpage access request sent by the target control according to port information of the target control, and send a first webpage access response to the target control according to the port information of the target control, where the first webpage access response includes first type data in security check analysis data, where the port information of the target control is information of the target control obtained in advance by the security check analyzer through network monitoring, the security check analysis data is data obtained by analyzing security check data by the security check analyzer, the security check analysis data includes the first type data and second type data, and security of the first type data is higher than security of the second type data;
the client device 92 receives a first webpage access response sent by the security check analyzer through a target control installed on the browser, and displays the first type of data on the target control according to the first webpage access response.
The application also provides a readable storage medium, wherein the readable storage medium stores an execution instruction, and when the execution instruction is executed by a processor, the security inspection analysis data transmission method is realized.
The readable storage medium may be implemented by any type of volatile or non-volatile memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk. Readable storage media can be any available media that can be accessed by a general purpose or special purpose computer.
An exemplary readable storage medium is coupled to the processor such the processor can read information from, and write information to, the readable storage medium. Of course, the readable storage medium may also be an integral part of the processor. The processor and the readable storage medium may reside in an Application Specific Integrated Circuits (ASIC). Of course, the processor and the readable storage medium may also reside as discrete components in the apparatus.
The division of the units is only a logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The foregoing program may be stored in a readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (12)
1. A security inspection analysis data transmission method is applied to a security inspection analyzer, and comprises the following steps:
receiving a first webpage access request sent by a target control according to port information of the target control installed on a browser of client equipment, wherein the port information of the target control is information of the target control acquired in advance through network monitoring;
and sending a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises first-class data in security check analysis data, the security check analysis data are data obtained by analyzing the security check data by a security check analyzer, the security check analysis data comprise the first-class data and second-class data, and the security of the first-class data is higher than that of the second-class data.
2. The method of claim 1, wherein before the receiving the first web page access request sent by the target control according to the port information of the target control installed on the browser of the client device, the method further comprises:
receiving control state information sent by the browser, wherein the control state information is used for indicating the state of a target control installed on the browser;
and if the state of the target control installed on the browser is an abnormal state, sending a control resource address to the browser so that the browser can acquire a new target control according to the control resource address.
3. The method according to claim 2, wherein before receiving the control state information sent by the browser, the method further comprises:
receiving a second webpage access request sent by the browser according to port information of the browser, wherein the port information of the browser is information of the browser obtained in advance through network monitoring;
and sending the second webpage access response to the browser according to the port information of the browser, wherein the second webpage access response comprises second-class data in the security check analysis data.
4. The method according to any one of claims 1-3, wherein the sending a first webpage access response to the target control according to the port information of the target control comprises:
encrypting the first type of data to obtain encrypted first type of data;
and sending a first webpage access response to the target control according to the port information of the target control, wherein the first webpage access response comprises the encrypted first-class data.
5. A security inspection analysis data transmission method is applied to client equipment, and comprises the following steps:
sending a first webpage access request to a security check analyzer so that the security check analyzer receives the first webpage access request according to port information of a target control installed on a browser of the client device, wherein the port information of the target control is information which is sent to the security check analyzer by the browser through a network in advance;
receiving a first webpage access response sent by the security check analyzer, wherein the first webpage access response is sent to the target control by the security check analyzer according to port information of the target control, the first webpage access response comprises first-class data in security check analysis data, the security check analysis data is data obtained by analyzing the security check data by the security check analyzer, the security check analysis data comprises the first-class data and second-class data, and the security of the first-class data is higher than that of the second-class data;
displaying the first type of data on the target control.
6. The method of claim 5, wherein prior to said sending a first web page access request to said security check analyzer, said method further comprises:
sending control state information to the security check analyzer, wherein the control state information is used for indicating the state of a target control installed on the browser;
and if the state of the target control installed on the browser is abnormal, receiving a control resource address sent by the security check analyzer, and acquiring a new target control according to the control resource address.
7. The method of claim 6, wherein prior to said sending control status information to said security check analyzer, said method further comprises:
sending a second webpage request to the security check analyzer so that the security check analyzer receives the second webpage request according to port information of the browser, wherein the port information of the browser is information which is sent to the security check analyzer by the browser through a network in advance;
receiving a second webpage access response sent by the security check analyzer, wherein the second webpage access response is sent to the browser by the security check analyzer according to port information of the browser, and the second webpage access response comprises second-class data in the security check analysis data;
and displaying the second type data on the browser.
8. The method according to any one of claims 5 to 7, wherein the first webpage access response includes encrypted first type data, and the encrypted first type data is obtained by encrypting the first type data by the security check analyzer.
9. A security check analyzer, comprising a processor and a communication module, wherein:
the processor is used for processing a first webpage access request sent by a target control received by the communication module according to port information of the target control installed on a browser of client equipment, and generating a first webpage access response, wherein the first webpage access response comprises first-class data in security check analysis data, the security check analysis data are data obtained by analyzing the security check data by the processor, the security check analysis data comprise the first-class data and second-class data, the security of the first-class data is higher than that of the second-class data, and the port information of the target control is information of the target control obtained in advance through network monitoring;
and the communication module is used for sending the first webpage access response to the target control according to the port information of the target control.
10. A client device comprising a communication module and a display, wherein:
the communication module is used for sending a first webpage access request to a security check analyzer so that the security check analyzer can receive the first webpage access request according to port information of a target control installed on a browser of client equipment, wherein the port information of the target control is information of the target control acquired in advance by the security check analyzer through network monitoring;
the communication module is further configured to receive a first webpage access response sent by the security check analyzer, where the first webpage access response is sent to the target control by the security check analyzer according to the port information of the target control, the first webpage access response includes first-class data in security check analysis data, where the security check analysis data is data obtained by analyzing the security check data by the security check analyzer, the security check analysis data includes the first-class data and second-class data, and security of the first-class data is higher than security of the second-class data;
the display is used for displaying the first type of data on the target control.
11. A security check analysis data transmission system comprising a security check analyzer according to claim 9 and a client device according to claim 10.
12. A readable storage medium, wherein an execution instruction is stored in the readable storage medium, and when a processor executes the execution instruction, the security inspection analysis data transmission method according to any one of claims 1 to 4 is implemented, or the security inspection analysis data transmission method according to any one of claims 5 to 8 is implemented.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910711712.7A CN112311835A (en) | 2019-08-02 | 2019-08-02 | Security check analysis data transmission method and system, security check analyzer and client device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910711712.7A CN112311835A (en) | 2019-08-02 | 2019-08-02 | Security check analysis data transmission method and system, security check analyzer and client device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112311835A true CN112311835A (en) | 2021-02-02 |
Family
ID=74485210
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910711712.7A Pending CN112311835A (en) | 2019-08-02 | 2019-08-02 | Security check analysis data transmission method and system, security check analyzer and client device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112311835A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103716371A (en) * | 2013-10-31 | 2014-04-09 | 国家电网公司 | Web real-time data active pushing method |
| CN104253788A (en) * | 2013-06-26 | 2014-12-31 | 腾讯科技(深圳)有限公司 | Data processing method and system, client, and page engine |
| CN105471869A (en) * | 2015-11-23 | 2016-04-06 | 珠海全志科技股份有限公司 | Internet television content request connection reuse method and system thereof |
| WO2017107795A1 (en) * | 2015-12-22 | 2017-06-29 | 阿里巴巴集团控股有限公司 | Method and device for accelerating access to website |
| CN109964493A (en) * | 2017-10-23 | 2019-07-02 | 深圳市云中飞网络科技有限公司 | It is connected to the network detection method, device, terminal and computer storage medium |
-
2019
- 2019-08-02 CN CN201910711712.7A patent/CN112311835A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104253788A (en) * | 2013-06-26 | 2014-12-31 | 腾讯科技(深圳)有限公司 | Data processing method and system, client, and page engine |
| CN103716371A (en) * | 2013-10-31 | 2014-04-09 | 国家电网公司 | Web real-time data active pushing method |
| CN105471869A (en) * | 2015-11-23 | 2016-04-06 | 珠海全志科技股份有限公司 | Internet television content request connection reuse method and system thereof |
| WO2017107795A1 (en) * | 2015-12-22 | 2017-06-29 | 阿里巴巴集团控股有限公司 | Method and device for accelerating access to website |
| CN109964493A (en) * | 2017-10-23 | 2019-07-02 | 深圳市云中飞网络科技有限公司 | It is connected to the network detection method, device, terminal and computer storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111796858A (en) | Method, system and related equipment for access detection of application programs in Kubernetes cluster | |
| WO2013158336A1 (en) | Systems, methods, apparatuses and computer program products for providing mobile device protection | |
| US9886256B2 (en) | Application download and link correlation | |
| CN112615858B (en) | Internet of things equipment monitoring method, device and system | |
| CN107360187A (en) | A kind of processing method of network abduction, apparatus and system | |
| EP3669515A1 (en) | Securely transferring selective datasets between terminals | |
| CN112650180B (en) | Safety warning method, device, terminal equipment and storage medium | |
| CN110198230B (en) | Application monitoring method and device, storage medium and electronic device | |
| CN113162937A (en) | Application safety automatic detection method, system, electronic equipment and storage medium | |
| CN112311835A (en) | Security check analysis data transmission method and system, security check analyzer and client device | |
| CN108880920B (en) | Cloud service management method and device and electronic equipment | |
| CN115334150B (en) | Data forwarding method, device, system, electronic equipment and medium | |
| CN114186104A (en) | Method, system and server for recording, storing and querying protocol data | |
| CN114915565A (en) | Method and system for debugging network | |
| CN111131369B (en) | APP use condition transmission method and device, electronic equipment and storage medium | |
| CN114840379A (en) | Log generation method, device, server and storage medium | |
| CN114637938A (en) | Page rendering method, device, equipment and medium | |
| US20170220796A1 (en) | Isolation of Untrusted Code in Operating System Without Isolation Capability | |
| CN114816784A (en) | Data acquisition method, data acquisition device, electronic equipment, storage medium and program product | |
| CN109756393B (en) | Information processing method, system, medium, and computing device | |
| CN112929357A (en) | Virtual machine data analysis method, device, equipment and storage medium | |
| CN111314131A (en) | Task issuing method and device, storage medium and electronic device | |
| CN116668161A (en) | Method, device, equipment and medium for monitoring tenant behaviors in cloud platform | |
| US20120242836A1 (en) | Reseller video surveillance system technical and sales support platform | |
| US20200344065A1 (en) | Server apparatus, client terminal, information processing system and information processing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210202 |
|
| RJ01 | Rejection of invention patent application after publication |