CN113905080A - Management method, device, system and storage medium - Google Patents

Management method, device, system and storage medium Download PDF

Info

Publication number
CN113905080A
CN113905080A CN202111133297.5A CN202111133297A CN113905080A CN 113905080 A CN113905080 A CN 113905080A CN 202111133297 A CN202111133297 A CN 202111133297A CN 113905080 A CN113905080 A CN 113905080A
Authority
CN
China
Prior art keywords
information
external
equipment
remote access
session
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111133297.5A
Other languages
Chinese (zh)
Inventor
杨峰
罗勇
晏龙龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sangfor Technologies Co Ltd
Original Assignee
Sangfor Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sangfor Technologies Co Ltd filed Critical Sangfor Technologies Co Ltd
Priority to CN202111133297.5A priority Critical patent/CN113905080A/en
Publication of CN113905080A publication Critical patent/CN113905080A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/142Managing session states for stateless protocols; Signalling session states; State transitions; Keeping-state mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • H04L69/162Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms

Abstract

The embodiment of the application discloses a management method, equipment, a system and a storage medium, wherein the method is applied to first equipment, and first session connection is established between the first equipment and second equipment; the method comprises the following steps: under the condition that the application program running in the first equipment is detected to execute remote access operation on external equipment loaded by second equipment, acquiring a first identifier; wherein the first identity comprises a session identity of the first session connection; managing the remote access operation of the application program to the external device based on the first identification.

Description

Management method, device, system and storage medium
Technical Field
The present application relates to the field of information technology, and relates to, but is not limited to, a management method, device, system, and storage medium.
Background
In practical application, with the strong remote application function and the diversification of the remote data access requirements, the data processing function of the remote application can be realized by frequently relying on the data processing capability of the external device connected with the user terminal. In the related art, the external device connected with the user terminal can be mapped to the server side where the remote application is located, so that a foundation is laid for the remote application to access the external device connected with the user terminal.
However, the external device successfully mapped at the server is randomly accessed by other user terminals connected to the server, thereby increasing the probability of the external device being operated by wrong access and reducing the remote access efficiency of the external device.
Disclosure of Invention
In view of this, embodiments of the present application provide a management method, device, system, and storage medium.
In the management method provided in the embodiment of the present application, the first device where the application program is located can manage, according to the first identifier of the first session connection between the first device and the second device, a remote access operation of the application program to the external device loaded by the second device. By the management method provided by the embodiment of the application, the server can manage the access operation of the remote application to the external equipment loaded by the user terminal based on the session identifier under the condition that the first equipment is the remote server, the application program is the remote application, and the second equipment is the user terminal, so that the probability of the wrong access of other user terminals connected to the server to the remote external equipment is reduced, and the access efficiency to the external equipment is improved.
The technical scheme provided by the embodiment of the application is as follows:
a management method is applied to a first device, and a first session connection is established between the first device and a second device; the method comprises the following steps:
under the condition that the application program running in the first equipment is detected to execute remote access operation on the external equipment loaded by the second equipment, acquiring a first identifier; wherein the first identity comprises a session identity of the first session connection;
managing the remote access operation of the application program to the external device based on the first identification.
In some embodiments, said managing said remote access operation of said application to said external device based on said first identity comprises:
obtaining the associated information; the association information comprises association relation information between the virtual equipment information and the second identifier; the virtual device information includes information of a virtual device associated with a device loaded by a third device; the third device comprises at least one device which establishes a second session connection with the first device; the second identification comprises a session identification of a second session connection;
managing the remote access operation based on the association information and the first identifier.
As can be seen from the above, the management method provided in this embodiment of the present application can associate the virtual device information associated with the external device with the session identifier, so that when the first device management application performs a remote access operation on the external device, session isolation of the virtual device, that is, session isolation of the remote external device, can be achieved.
In some embodiments, said managing said remote access operation based on said association information and said first identity comprises:
determining target virtual equipment information from the associated information based on a matching result of the second identifier and the first identifier in the associated information;
managing the remote access operation based on the target virtual device information.
As can be seen from the above, in the management method provided in this embodiment of the present application, the external device is closely associated with the session identifier, and when the remote access operation of the application program to the external device is managed based on the session identifier, the access of the application program corresponding to the other session identifier to the external device corresponding to the current session identifier can be isolated, so that the data security of the application program and the external device can be improved; on the other hand, the stability of the session identifier is fully utilized, and the session identifier is used as a determination basis of the target virtual device information, so that the robustness of determination of the target virtual device information can be improved, and the remote access operation of the application program to the external device is more stable and reliable.
In some embodiments, the obtaining the association information includes:
sending a starting message of the application program to the second device;
receiving a device connection request sent by the second device, and creating the virtual device; wherein the device connection request is generated based on the initiation message;
acquiring virtual equipment information of the virtual equipment;
and obtaining the association information by associating the first identifier with the virtual equipment information.
In some embodiments, the device connection request includes at least device parameter information of the external device; the creating the virtual device includes:
creating the virtual device associated with the external device based on the device parameter information in the device connection request to redirect the external device to the first device.
In the management method provided in the embodiment of the present application, the first device creates a corresponding virtual device according to the parameter information of the external device accessed by the second device, so that a Universal Serial Bus (USB) external device mapping Protocol is widened, flexible mapping and redirection of the external device on one side of the first device are achieved, a problem that a Remote Desktop Protocol (RDP) Protocol supports few types of external devices in related technologies is further overcome, a range of an application program remotely accessing the external device is widened, and flexibility of the application program remotely accessing the external device is greatly improved.
In some embodiments, the device connection request includes at least data processing requirement information; after receiving the device connection request, the method further includes:
creating a data transmission channel based on the data processing requirement information in the equipment connection request; the data transmission channel is used for data transmission between the external equipment and the first equipment;
determining first address information of the data transmission channel;
and sending the first address information.
As can be seen from the above, in the management method provided in the embodiment of the present application, efficient data processing operation of data between the external device and the first device can be achieved through the data transmission channel.
The embodiment of the application also provides a second management method:
a management method, the method being applied to a second device; a first session connection is established between the second device and the first device, the method comprising:
accessing an application in the first device through the first session connection.
In some embodiments, the method further comprises:
under the condition of receiving a starting message of the application program, at least acquiring equipment parameter information of the external equipment;
determining a device connection request based at least on the device parameter information;
and sending the equipment connection request.
In some embodiments, the method further comprises:
determining at least data processing requirement information in the case of receiving a start message of the application program;
determining the device connection request based on the data processing requirement information;
and sending the equipment connection request.
In some embodiments, after the sending the device connection request, the method further includes:
receiving first address information; wherein the first address information includes address information of a data transmission channel between the first device and the external device;
determining second address information based on device interface information of the external device; wherein the second address information comprises Socket address information associated with the external device;
and under the condition that a message that the application program executes the remote access operation on the external equipment is received, circularly executing the data processing operation between the external equipment and the application program through the data transmission channel based on the first address information and the second address information.
In some embodiments, the obtaining at least device parameter information of the external device includes:
acquiring remote access configuration information; wherein the remote access configuration information includes configuration information whether the external device is allowed to be remotely accessed;
if the remote access configuration information meets specified conditions, at least acquiring the equipment parameter information; wherein the specified condition includes allowing the external device to be remotely accessed.
As can be seen from the above, in the management method applied to the second device provided in the embodiment of the present application, the external device is connected to the second device only when the remote access configuration information of the external device satisfies the specified condition, so that the data processing procedure of the external device connected to the second device can be simplified; on the other hand, through the management of the remote access configuration information, whether the external equipment is remotely mapped or not can be effectively controlled, and therefore the safety of the external equipment is improved.
The embodiment of the application also provides a device:
an apparatus, which is a first apparatus, comprising a first processing module; a first session connection is established between the first device and the second device; wherein:
the first processing module is configured to acquire a first identifier when it is detected that an application program running in the first device performs a remote access operation on a device loaded by the second device; managing the remote access operation of the application program to the external device based on the first identification; wherein the first identity comprises a session identity of the first session connection.
The embodiment of the application also provides another device:
an apparatus, which is a second apparatus, comprising a second processing module; a first session connection is established between the second device and the first device; wherein:
the second processing module is used for accessing an application program in the first equipment through the first session connection; wherein the first identity comprises a session identity of the first session connection.
The embodiment of the application also provides another device:
a device, the device being a first device, comprising a first processor and a first memory; a first session connection is established between the first device and the second device; the first memory stores a computer program operable on a first processor, the first processor implementing the management method applied to the first device as described in any one of the preceding claims when executing the computer program.
The embodiment of the application also provides another device:
a device, which is a second device, comprising a second processor and a second memory; a first session connection is established between the second device and the first device; the second memory stores a computer program operable on a second processor which, when executed, implements a management method as described in any preceding item applied to a second device.
An embodiment of the present application further provides a management system, where the management system includes the first device and the second device, where:
the second device accessing an application running in the first device through the first session connection;
the method comprises the steps that when the first device detects that the application program executes remote access operation on external equipment loaded by the second device, a first identifier is obtained, and the remote access operation is managed based on the first identifier; wherein the first identity comprises an identity of the first session connection.
An embodiment of the present application further provides a computer-readable storage medium, in which a computer program is stored, and when the computer program is executed by a first processor of a first device or a second processor of a second device, the management method applied to the first device or the management method applied to the second device as described above can be implemented.
Therefore, in the management method provided in this embodiment of the present application, when the second device is any device that establishes a session connection with the first device, the first device can manage, according to the session identifier associated with any device, an access operation of an application to an external device that is accessed by any device, so as to implement flexible management of the application accessing the external device loaded by any device, thereby reducing a probability of a false access operation of another device to the external device loaded by any device through the first device, and improving remote access efficiency to the external device.
Drawings
Fig. 1 is a schematic flowchart of a management method applied to a first device according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a management method applied to a second device according to an embodiment of the present application;
fig. 3 is a schematic flowchart illustrating a first device management node performing a remote printing operation on a remote printer according to an embodiment of the present application;
fig. 4 is a schematic diagram of a first structure of a first apparatus provided in an embodiment of the present application;
fig. 5 is a schematic diagram of a first structure of a second apparatus provided in an embodiment of the present application;
fig. 6 is a schematic diagram of a second structure of the first device according to the embodiment of the present application;
fig. 7 is a second structural schematic diagram of a second apparatus provided in the embodiment of the present application;
fig. 8 is a schematic diagram of a first structure of a management system according to an embodiment of the present application;
fig. 9 is a schematic diagram of a second structure of a management system according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a third management system according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The present application relates to the field of information technology, and relates to, but is not limited to, a management method, device, system, and storage medium.
On the basis of RDP, remote applications in the server can be published to the user terminal. For the user, the operation performance of the remote application at the service end is no different from that of the local application at the user terminal. The process of publishing a remote application to a user terminal and running the remote application on a server side is referred to as remote application virtualization.
In practical applications, with the strong functions of remote applications and the diversification of the requirements of remote data access, more and more functions of remote applications need to be realized by means of the data processing capability of the external device connected with the user terminal. In the related art, after the user terminal is connected to the server, the external device loaded by the user terminal can be mapped to the server, but for the server, the external device successfully mapped is visible and randomly accessible for all the user terminals connected to the server. Therefore, any user terminal can randomly access the external equipment which is successfully mapped, so that the probability of remote error access operation of the external equipment is greatly increased, and the remote access operation efficiency of the external equipment is reduced.
Based on the above problems, embodiments of the present application provide a management method, device, system, and storage medium.
In the management method provided by the embodiment of the application, the remote access operation of the application program running in the first device to any external device can be effectively managed by the first device, so that the probability that other devices remotely access the external device can be reduced, and the remote access efficiency of the external device can be improved.
The embodiment of the present application first provides a management method applied to a first device, where a first session connection is established between the first device and a second device.
In one embodiment, the first device may be a physical machine device, such as a computer device, for example, a computer device with high data processing capacity, such as a server device.
In one embodiment, the first device may be a virtual machine device.
In one embodiment, the first device may be a device loaded with a specified operating system, which may be Windows, for example.
In one embodiment, the second device may be a physical machine device, such as a computer device, an intelligent mobile terminal device, and the like; the second device may also be a virtual machine device.
In one embodiment, the second device may be a Linux loaded device.
In one embodiment, the first session connection may be established based on a network communication protocol. Illustratively, the network communication Protocol may be a Transmission Control Protocol (TCP).
In one embodiment, the number of second devices may be plural, and the number of first session connections may also be plural.
It should be noted that the management method applied to the first Device according to the embodiment of the present Application may be implemented by a Processor in the first Device, where the Processor may be at least one of an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), a Digital Signal Processing Device (DSPD), a Programmable Logic Device (PLD), a Field Programmable Gate Array (FPGA), a Central Processing Unit (CPU), a controller, a microcontroller, and a microprocessor.
Fig. 1 is a flowchart illustrating a management method applied to a first device according to an embodiment of the present application. As shown in fig. 1, the management method may include steps 101 to 102:
step 101, acquiring a first identifier when detecting that an application program running in a first device executes a remote access operation on an external device loaded by a second device.
Wherein the first identity comprises a session identity of the first session connection.
In one embodiment, the external device loaded by the second device may be a physical machine device of the same type as the second device, for example, the external device may be a computer device.
In one embodiment, the external device loaded by the second device may be a device capable of implementing at least one data processing function. Illustratively, the data processing function may include a data output function, and accordingly, the external device loaded by the second device may include a printer device, a multimedia player device, an audio output device, and the like; the data processing function may include a data collecting function, and correspondingly, the external device loaded by the second device may include a data collecting device, such as an audio collecting device, a video collecting device, an image collecting device, a temperature and humidity collecting device, a fingerprint collecting device, a scanning device, and the like; the data processing function may include an authentication verification function, and accordingly, the external device loaded by the second device may include a digital certificate such as Ukey or the like; the data processing function may further include a data storage function, and accordingly, the external device loaded by the second device may include a removable hard disk, a usb disk, and the like.
In one embodiment, the external device loaded by the second device can perform information interaction and data transmission with the second device based on a standard communication bus. Illustratively, the standard communication bus may be a USB, in which case the external device may be a USB device.
In one embodiment, the number of the external devices loaded by the second device may be multiple, and the data processing functions of the respective external devices may be different.
In one embodiment, the external device loaded by the second device may be loaded to the second device in a wired manner through a physical interface and may also be connected to the second device through a standard wireless communication protocol.
In one embodiment, the remote access operation may include an access operation corresponding to a data processing function, such as at least one of data collection, data transmission, data storage, and data verification. The embodiments of the present application do not limit this.
In one embodiment, the first session connection may be established based on an access operation initiated by the second device to the application, that is, the first session connection is established between the first device and the application. For example, in the process of establishing the first session connection, the first device may verify the account information sent by the second device, and if the account information passes the verification, the application starts, and the first session connection is established, where a session identifier of the session connection for starting the application is the first identifier. In case the account information verification fails, the first session connection setup fails.
In one embodiment, the session connection for initiating the application may be different from the first session connection, in which case the application may be initiated by a device other than the second device that has established a session connection with the first device.
In this embodiment of the application, since the second device is in communication connection with the first device through the first session connection, the external device loaded by the second device may also perform data transmission with the first device through the first session connection, and therefore, the external device loaded by the second device is associated with the first session connection, that is, the external device loaded by the second device is associated with the first identifier.
In one embodiment, the remote access operation includes a read/write operation between external devices loaded by the application program to the remote device, and the like. Wherein the remote device may comprise at least one second device.
And 102, managing the remote access operation of the application program to the external equipment based on the first identification.
In one embodiment, based on the first identifier, the remote access operation of the management application to the external device loaded by the second device may be implemented by any one of the following manners:
judging the stable duration of the first session connection corresponding to the first identifier, and if the stable duration of the first session connection is greater than or equal to a specified threshold, allowing the application program to execute remote access operation of the application program to the external device; if the stabilization duration of the first session connection is less than a specified threshold, it is determined that the application cannot perform the remote access operation.
Judging the device identifier of the second device associated with the first identifier, and if the device identifier of the second device is the designated identifier, allowing the application program to execute the remote access operation on the external device; and if the device identification of the second device is not the designated identification, the application program is not allowed to execute the remote access operation.
As can be seen from the above, in the management method applied to the first device, when the first device detects that the application program running in the first device performs the remote access operation on the external device loaded by the second device having the first session connection established with the first device, the first device can manage the remote access operation of the application program on the external device loaded by the second device according to the first identifier of the first session connection.
Therefore, in the management method applied to the first device provided in the embodiment of the present application, under the condition that the second device is any device, the first device can manage the access operation of the application program to the external device accessed by any device according to the session identifier associated with the external device loaded by any device, thereby implementing flexible management on the external device loaded by the application program to access any device, further reducing the probability of the false access operation of the external device loaded by any device by other devices through the first device, and improving the remote access efficiency of the external device loaded by any device.
In the management method applied to the first device provided in the embodiment of the present application, step 102 may be implemented by:
obtaining the associated information; and managing the remote access operation based on the association information and the first identifier.
The association information comprises association relation information between the virtual equipment information and the second identifier; the virtual device information includes information of a virtual device associated with the device loaded by the third device; the third device comprises at least one device which establishes a second session connection with the first device; the second identity comprises a session identity of the second session connection.
In one embodiment, the virtual device may represent a device created on the virtual communication bus of the first device that corresponds to a device loaded by the third device.
In one embodiment, when the number of the third devices is one, the third devices are the second devices, in which case, the second session connection is the first session connection; when the number of third devices is at least two, the second device is one of the third devices, in which case the first session connection is one of the second session connections.
In one embodiment, the virtual device information may include information such as a creation time of the virtual device, a Vendor ID (VID) of an external device corresponding to the virtual device, and a Product ID (PID).
In this embodiment of the application, managing remote access operation based on the association information and the first identifier may be implemented by: and managing the remote access authority of the application program to the external device loaded by the second device based on the association information and the first identification, namely determining whether to allow the application program to perform remote access operation to the external device loaded by the second device.
As can be seen from the above, the management method applied to the first device according to the embodiment of the present application can associate the virtual device information of the virtual device associated with the device loaded by the at least one remote device that establishes session connection with the first device with the session identifier of the session connection corresponding to the at least one device, thereby providing data security for the first device to manage the remote access operation of the external device based on the first identifier; and the virtual device information associated with the external device is associated with the session identifier, so that when the first device manages the remote access operation of the external device based on the session identifier, the session isolation of the virtual device, that is, the session isolation of the remote external device, can be realized, and therefore, when the first device manages the remote access operation of the external device based on the session identifier, the influence of the remote access operation of the application program connected with different sessions on the external device can be weakened.
In the management method applied to the first device provided in the embodiment of the present application, the remote access operation is managed based on the association information and the first identifier, and may be implemented through steps a1 to a 2:
step a1, determining the target virtual device information from the associated information based on the matching result of the second identifier and the first identifier in the associated information.
In an embodiment, each session identifier in the second identifier included in the association information may be matched with the first identifier, and if the matching result indicates that the first identifier is matched with the nth session identifier in the second identifier, the virtual device information corresponding to the nth session identifier is obtained and determined as the target virtual device information, where the target virtual device information may be valid information; if the matching result indicates that any session identifier in the first identifier and any session identifier in the second identifier are not matched, the target virtual device information can be determined to be invalid information. And n is an integer which is greater than or equal to 1 and less than or equal to the total number of the session identifiers in the second identifier.
Step a2, managing remote access operations based on the target virtual device information.
In one embodiment, if the target virtual device information is valid information, the remote access operation of the application program to the external device may be enabled based on the device parameter information of the external device included in the target virtual device information.
In one embodiment, if the target virtual device information is invalid information, remote access operation of the application program to the external device may be prohibited based on the invalid information.
As can be seen from the above, the management method applied to the first device according to the embodiment of the present application can manage the remote access operation of the application program to the external device based on the matching result of the second identifier and the first identifier in the association information. Therefore, on one hand, the external equipment is closely associated with the session identifier, and when the application program is managed to remotely access the external equipment based on the session identifier, the application program corresponding to other session identifiers can be isolated from accessing the external equipment corresponding to the current session identifier, so that the data security of the application program and the external equipment can be improved; on the other hand, the stability of the session identifier is fully utilized, and the session identifier is used as a determination basis of the target virtual device information, so that the robustness of determination of the target virtual device information can be improved, and the remote access operation of the application program to the external device is more stable and reliable.
In the management method applied to the first device provided in this embodiment of the present application, the second device may serve as any device that establishes a session connection with the first device, and the first session connection may be any session connection.
In the management method applied to the first device provided in the embodiment of the present application, obtaining the association information may be implemented through step B1 to step B4:
and step B1, sending the starting message of the application program.
For example, the first device may send a start message of the application to the second device; for example, the second device may generate a device connection request based on the initiation message after receiving the initiation message.
In one embodiment, the starting of the application may be triggered by the second device sending an application access request to the first device, for example, the first device may verify account information carried in the access request, and after the verification passes, the first device triggers the starting of the application and sends a starting message of the application to the second device; if the account information is not verified, the first device may return a result that the account information is not verified to the second device.
In one embodiment, the device connection request may be sent by the second device to the first device, which may be used to request the first device to map the external device loaded by the second device to the first device.
In one embodiment, the device connection request may be for requesting that the external device of the specified type loaded by the second device be mapped to the first device; it may also be used to request that a specified number of external devices loaded by the second device be mapped to the first device.
And step B2, receiving the device connection request and creating the virtual device.
Wherein the device connection request is generated based on the initiation message.
Illustratively, the device connection request may be generated by the second device based on the initiation message.
In one embodiment, the virtual device may be created based on any one of:
and creating the virtual equipment based on the additional parameters carried in the equipment connection request. The additional parameter may include at least one of ID, PID, and VID of the external device.
And creating the virtual equipment based on the model information of the external equipment carried in the equipment connection request and the initiation time of the equipment connection request.
And creating the virtual equipment based on the number information and the model information of the external equipment carried in the equipment connection request.
And step B3, acquiring the virtual device information of the virtual device.
And step B4, obtaining the association information by associating the first identifier with the virtual device information.
In one embodiment, the second device may be loaded with at least two external devices, in which case the first identifier may be associated with the at least two external devices.
In one embodiment, the association information may further include association relationship information between the virtual device information of the current session connection and the other session identifier.
As can be seen from the above, according to the management method applied to the first device provided in the embodiment of the present application, when the second device is any remote device, the virtual device is created only when the device connection request sent by any remote device loaded with the external device is received, so that the pertinence of virtual device creation is improved; and after the virtual device is created, the virtual device information is associated with the session identifier corresponding to any one of the remote devices, so that a guarantee is provided for the subsequent management of the external device loaded by any one of the remote devices based on the session identifier.
In the management method provided in the embodiment of the present application, the device connection request at least includes device parameter information of the external device. Creating a virtual device can be realized by the following steps:
based on the device parameter information in the device connection request, a virtual device associated with the external device is created to redirect the external device to the first device.
For example, the second device may obtain device parameter information of the external device, and determine the device connection request based on the device parameter information.
In one embodiment, the device parameter information may include at least one of device interface information, device type information, device model information, and device communication protocol information of the external device loaded by the second device.
In one embodiment, the second device may select at least one parameter information from the device parameter information to be encapsulated in the device connection request according to the redirection requirement of the external device.
In one embodiment, the first device can create a virtual device matching the external device described by the device parameter information according to the device parameter information in the device connection request, so as to implement redirection of the external device on the first device side.
In the related art, the operation of accessing the external device accessed by the local device by the remote application is generally realized through the RDP protocol, however, the types of the external device which can be supported by the RDP protocol are very few, and are limited to the usb disk, the printer, and the like, so that the remote application cannot flexibly access the external device accessed by the local device.
In the management method provided in the embodiment of the present application, the first device creates the corresponding virtual device according to the parameter information of the external device accessed by the second device, so as to widen the mapping protocol of the USB external device, and implement flexible mapping and redirection of the external device on one side of the first device, thereby overcoming the problem in the related art that the RDP protocol supports few types of external devices, widening the range of the application program remotely accessing the external device, and greatly improving the flexibility of the application program remotely accessing the external device.
The management method provided by the embodiment of the application can solve the problem that part of external equipment cannot be used by an application program, and can widen the range of the external equipment operated by remote access of a user in an application scene of remote access of the user, so that seamless remote office can be realized, and the daily office needs of the user can be met.
In an embodiment of the present application, the device connection request at least includes data processing requirement information.
For example, the second device may obtain the data processing requirement, and may further determine the device connection request based on at least the data processing requirement information.
In one embodiment, the data processing requirement information may include data type information that can be processed by the external device, and the data type information may include, for example, multimedia data type information, text data type information, and the like.
In one embodiment, the data processing requirement information may include data connection configuration information. Illustratively, the data connection configuration information may include the amount of resources required to transmit data, the data transmission speed, and the like.
In one embodiment, the data processing requirement information may include data connection aging information. Illustratively, the data connection aging information may include information such as an expected duration of time for which the data transmission channel is expected to be established.
At this time, after receiving the device connection request, the management method applied to the first device according to the embodiment of the present application may further perform step C1 to step C3:
and step C1, creating a data transmission channel based on the data processing requirement information in the device connection request.
The data transmission channel is used for data transmission between the external device and the first device.
In one embodiment, the data transmission channel may include a data transmission resource separated from a physical resource corresponding to the first session connection, and may be also referred to as a virtual channel, for example, which may be specifically used for processing high-speed data transmission between the external device and the first device, so that data transmission efficiency and stability between the external device and the first device can be improved.
And step C2, determining first address information of the data transmission channel.
For example, the second device may associate the first address information and the second address information to cyclically execute a data processing operation between the external device and the application program through the data transmission channel based on the first address information and the second address information when receiving a remote access operation of the application program to the external device; the second address information includes Socket address information associated with the external device.
In one embodiment, the second address information may further include physical address information of the external device acquired by the second device.
In one embodiment, the second address information may be Socket address information corresponding to a physical address of the external device, for example, the second address information may be Socket address information, such as a Socket handle, virtualized by the second device and capable of communicating with the second device. For example, the Socket address information may be created by the second device according to the device interface information of the external device.
In one embodiment, after the second device receives the remote access operation, the first target data can be read from the external device circularly based on the second address information and written into the first address information, so that the first target data can be circularly read from the external device to the first device through the data transmission channel; illustratively, the second target data can be read from the data transmission channel based on the first address information and written into the external device based on the second address information circularly, so that the second target data in the first device can be transmitted to the external device via the data transmission channel.
In one embodiment, the operations of reading data and transmitting data may be implemented by a thread. Illustratively, the first target data may be read from the external device by the first thread and transmitted to the first device via the data transmission channel; the second target data may be read from the data transfer channel by the second thread and written to the external device.
In an embodiment, Socket handles, that is, second address information, may be bound to a first thread and a second thread, so that the first thread and the second thread may perform a circular data read-write operation based on the first address information and the second address information, which not only can improve data read-write efficiency between an external device and the second device, but also can implement Input/Output (I/O) multiplexing in a case where a plurality of applications concurrently access a plurality of external devices, thereby improving data processing efficiency between the external device and the applications.
And step C3, sending the first address information.
Illustratively, the first device may send the first address information to the second device over the first session connection.
As can be seen from the above, in the management method provided in the embodiment of the present application, after the data transmission channel is established, an efficient data processing operation of data between the external device and the first device can be achieved.
Based on the foregoing embodiment, an embodiment of the present application further provides a management method applied to a second device, where a first session connection is established between the second device and a first device.
It should be noted that the detection method provided in the embodiment of the present application may be implemented by a processor in the second device, where the processor may be at least one of an ASIC, a DSP, a DSPD, a PLD, an FPGA, a CPU, a controller, a microcontroller, and a microprocessor.
Fig. 2 is a flowchart illustrating a management method applied to a second device according to an embodiment of the present application. As shown in fig. 2, the method may include step 201:
step 201, accessing an application in a first device through a first session connection.
Illustratively, the first device can acquire the first identifier when detecting that the application program performs a remote access operation on the external device loaded by the second device, and can manage the remote access operation of the application program on the external device based on the first identifier; the first identity comprises a session identity of the first session connection.
As can be seen from the above, in the management method provided in this embodiment of the application, when the second device is any device, the first device detects a remote access operation to the application program, and can manage the remote access operation of the application program to the external device loaded on any device according to the session identifier of the session connection between the first device and any device, so that a probability of the false access and the false operation of the application program to the external device loaded on any device is reduced, and the access efficiency to the external device loaded on any device is improved.
Based on the foregoing embodiment, the management method applied to the second device provided in the embodiment of the present application may further include steps D1 to D3:
and step D1, when receiving the start message of the application program, acquiring at least device parameter information of the external device.
And D2, determining the equipment connection request at least based on the equipment parameter information.
Illustratively, the device parameter information is used for the first device to create a virtual device associated with the external device, so as to redirect the external device to the first device.
And D3, sending the equipment connection request.
Illustratively, the second device is capable of sending a device connection request to the first device over the first session connection.
As can be seen from the above, in the management method applied to the second device provided in the embodiment of the present application, the first device can send the device parameter information to the first device through the device connection request, so that the first device creates the virtual device associated with the external device, thereby implementing redirection of the external device in the second device, further widening the type range of the external device operated by remote access of the application program, and enabling remote access of the application program to the external device to be more flexible.
Based on the foregoing embodiment, the management method applied to the second device provided in the embodiment of the present application may further include step E1 to step E3:
step E1, in case of receiving the start message of the application, determines at least the data processing requirement information.
Exemplarily, the data processing requirement information is used for the first device to create a data transmission channel, and the data transmission channel is used for data transmission between the external device and the first device; the first device may also determine first address information of the data transmission channel and send the first address information to the second device.
And E2, determining the equipment connection request based on the data processing requirement information.
And E3, sending the equipment connection request. As can be seen from the above, in the management method applied to the second device provided in the embodiment of the present application, after determining the data processing requirement information, the second device can determine the device connection request based on the data processing requirement information, and after receiving the device connection request, the first device can create the data transmission channel according to the data processing requirement information in the device connection request, so as to meet the data transmission requirement between the external device and the first device, thereby implementing efficient data transmission between the external device and the second device.
Based on the foregoing embodiment, the management method applied to the second device provided in this embodiment of the application may further perform step F1 to step F3 after receiving the first address information:
and step F1, receiving the first address information.
For example, the second device may receive, based on the first session connection, first address information sent by the first device; the first address information is address information for creating a data transmission channel for the first device.
Step F2, determining second address information based on the device interface information of the external device.
Wherein the second address information includes Socket address information associated with the external device.
In one embodiment, the device interface information may include an interface type of a bus on which the external device is mounted, an identification of the bus on which the external device is mounted, and the like.
Step F3, when receiving the message that the application program performs the remote access operation on the external device, cyclically performs the data processing operation between the external device and the application program through the data transmission channel based on the first address information and the second address information.
As can be seen from the above, in the management method applied to the second device provided in the embodiment of the present application, the first address information and the second address information are associated with the designated data processing procedure, so that a multiplexing mechanism of the Socket can be fully utilized, and not only can efficient data processing of data between the external device and the second device be achieved, but also the efficiency of the multi-path data processing operation can be improved when a plurality of applications access a plurality of external devices accessed by the first device.
It should be noted that, in the embodiment of the present application, the device connection request information may include both the data processing requirement information and the device parameter information, and the device connection request may also include other information, which is not limited in the embodiment of the present application.
Based on the foregoing embodiments, the management method applied to the second device provided in this embodiment of the present application, at least acquiring device parameter information of the external device, may be implemented through steps G1 to G2:
and G1, obtaining the remote access configuration information.
Wherein the remote access configuration information includes configuration information whether the external device is allowed to be remotely accessed.
In one embodiment, the remote access configuration information may include configuration information whether the external device is allowed to perform remote mapping, i.e., configuration information whether other devices except the second device are allowed to perform a remote access operation on the external device.
In one embodiment, the remote access configuration information may further include condition information that the external device is remotely mapped, and the condition information may include, for example, a type of an application program that accesses the external device, a duration of time the external device is remotely accessed, and the like.
In one embodiment, the remote access configuration information may be obtained from the first device, and for example, a data management center module may be provided in the first device, where the data management center module is used by an administrator to manage access operations of an application program in the first device to the external device, and may also be used by the administrator to manage remote access permissions of various external devices. For example, the administrator may bind the remote access right with the user of the second device, and when the second device initiates an application start request, the first device matches the user information of the second device with the remote access right in the remote access configuration information, and determines whether to allow the current user to remotely access the external device according to a result of the matching.
In one embodiment, the remote access configuration information may be obtained from an external device, and for example, the remote access configuration information may be stored in the external device, and the remote access configuration information may be read and written.
In one embodiment, the remote access configuration information may be obtained from a different approach than the first device, the second device, and the external device.
In an embodiment, after obtaining the device parameter information of the external device, the second device may match the device parameter information with the remote access configuration information, determine which external device or types are allowed to be remotely accessed according to a matching result, and also determine that some external device or types cannot be remotely accessed, so that pre-management of remote access to some external devices, such as pre-management of remote access to a usb disk, may be implemented on the second device side.
And G2, if the remote access configuration information meets the specified conditions, at least acquiring the equipment parameter information.
Wherein the specified condition includes allowing the external device to be remotely accessed.
In the embodiment of the present application, if the remote access configuration information does not satisfy the specified condition, the device parameter information of the external device is not acquired, and the subsequent steps in the embodiment of the present application do not need to be executed.
In the management method applied to the second device provided by the embodiment of the application, the external device is connected to the second device only when the remote access configuration information of the external device meets the specified condition, so that the data processing process of the external device connected to the second device can be simplified; on the other hand, through the management of the remote access configuration information, whether the external equipment is remotely mapped or not can be effectively controlled, and therefore the safety of the external equipment is improved.
Fig. 3 is a flowchart illustrating a first device management node performing a remote printing operation on a remote printer according to an embodiment of the present application. As shown in fig. 3, the process may include the following steps:
step 301, open the statepad.
Illustratively, the statepad may be opened based on an application access request of the second device.
Step 302, enumerating the remote external device.
Illustratively, enumerating the remote external device may be implemented by obtaining association information, and the first device may obtain all external devices redirected to the first device from the association information.
Step 303, statepad performs remote printing operation.
For example, the first device may determine, according to an operation performed by the statepad, a device that needs to be filtered from the remote external devices, for example, if the statepad needs to perform a remote printing operation, it may determine that it needs to access the remote printer device, and thus, at least one remote printer device may be filtered from the enumerated remote external devices.
Step 304, obtain a session identifier associated with the printer device.
For example, since the association information includes the session identifier corresponding to each remote external device, the first device can obtain the virtual device information of the printer device type and the session identifier associated therewith based on the association information corresponding to the at least one remote printer device obtained by filtering.
Step 305, judging whether the session identification associated with the printer device is the current session identification.
For example, the current session identifier may be a session identifier of a session connection between the device initiating the statepad and the first device. If the associated session identifier associated with the printer device is the current session identifier, then go to step 306; if the session identifier associated with the printer device is not the current session identifier, step 307 is executed.
Step 306, allow the statepad to identify the associated printer device using the current session.
Step 307, prohibiting the statepad from using the printer device associated with the current session identifier.
As can be seen from the above, in the embodiment of the present application, the first device may manage, through a matching relationship between the session identifier of the session connection corresponding to any application and the session identifier of the session connection associated with the remote USB device, an access operation of the application to the remote USB device, so that a probability of a false access operation to the remote USB device is reduced, and efficiency of the access operation to the remote USB device is improved.
Based on the foregoing embodiment, an embodiment of the present application further provides an apparatus, where the apparatus may be a first apparatus 4, and a first session connection is established between the first apparatus 4 and a second apparatus. Fig. 4 is a schematic structural diagram of a first apparatus 4 according to an embodiment of the present application. As shown in fig. 4, the first device 4 includes a first processing module 401. Wherein:
a first processing module 401, configured to obtain a first identifier when detecting that an application running in a first device performs a remote access operation on a device loaded by a second device; managing remote access operation of the application program to the external device based on the first identifier; wherein the first identity comprises a session identity of the first session connection.
In one embodiment, the first processing module 401 is configured to obtain association information, and manage a remote access operation based on the association information and the first identifier; the association information comprises association relation information between the virtual equipment information and the second identifier; the virtual device information includes information of a virtual device associated with the device loaded by the third device; the third device comprises at least one device which establishes a second session connection with the first device; the second identity comprises a session identity of the second session connection.
In one embodiment, the first processing module 401 is configured to determine target virtual device information from the associated information based on a matching result of the second identifier and the first identifier in the associated information; and managing remote access operation of the application program to the external device based on the target virtual device information.
In one embodiment, the first device 4 further comprises a first transceiver module, wherein:
the first transceiver module is used for transmitting a starting message of the application program;
the first transceiver module is also used for receiving the equipment connection request and creating virtual equipment;
a first processing module 401, configured to obtain virtual device information of a virtual device; and associating the first identifier with the virtual equipment information to obtain associated information.
In one embodiment, the device connection request includes at least device parameter information of the external device;
the first processing module 401 is configured to create a virtual device associated with the external device based on the device parameter information in the device connection request, so as to redirect the external device to the first device.
In one embodiment, the device connection request includes at least data processing requirement information;
a first processing module 401, configured to create a data transmission channel based on the data processing requirement information in the device connection request; the data transmission channel is used for data transmission between the external equipment and the first equipment; determining first address information of a data transmission channel;
the first transceiver module is used for sending the first address information to the second device.
The first processing module 401 and the first transceiver module may be implemented by a processor in the first device 4, and the processor may be at least one of an ASIC, a DSP, a DSPD, a PLD, an FPGA, a CPU, a controller, a microcontroller, and a microprocessor.
Based on the foregoing embodiment, the present application further provides an apparatus, which may be the second apparatus 5, where a first session connection is established between the second apparatus 5 and the first apparatus 4. Fig. 5 is a schematic diagram of a first structure of a second device 5 according to an embodiment of the present application, and as shown in fig. 5, the second device 5 may include a second processing module 501, where:
a second processing module 501 for accessing an application in the first device through the first session connection.
In one embodiment, the second device 5 may further comprise a second transceiver module; the second processing module 5 is configured to, in a case of receiving a start message of an application, obtain at least device parameter information of an external device; determining a device connection request based at least on the device parameter information;
and the second transceiver module is used for sending the equipment connection request.
In one embodiment, the second processing module 501 is configured to determine at least data processing requirement information in a case of receiving a start message of an application; determining a device connection request based on the data processing requirement information;
and the second transceiver module is used for sending the equipment connection request.
In one embodiment, the second transceiver module is configured to receive the first address information;
a second processing module 501, configured to determine second address information based on device interface information of an external device; under the condition that a message that an application program executes remote access operation on an external device is received, circularly executing data processing operation between the external device and the application program through a data transmission channel on the basis of first address information and second address information; wherein the second address information includes Socket address information associated with the external device.
In one embodiment, the second processing module 501 is configured to obtain remote access configuration information; if the remote access configuration information meets the specified conditions, at least acquiring equipment parameter information; wherein the remote access configuration information includes configuration information whether the external device is allowed to be remotely accessed; the specified conditions include allowing the external device to be remotely accessed.
The second processing module 501 and the second transceiver module may be implemented by a processor in the second device 5, and the processor may be at least one of an ASIC, a DSP, a DSPD, a PLD, an FPGA, a CPU, a controller, a microcontroller, and a microprocessor.
Based on the foregoing embodiment, an embodiment of the present application further provides a device, where the device may be another first device 4, and a first session connection is established between the first device 4 and the second device 5. Fig. 6 is a schematic structural diagram of a second apparatus 4 according to an embodiment of the present application. As shown in fig. 6, the first device 4 includes a first processor 601 and a first memory 602; wherein: the first memory 602 stores computer programs operable on the first processor 601, and the first processor 601 executes the computer programs to implement the management method applied to the first device 4 as described in any of the previous embodiments.
Based on the foregoing embodiment, the present application further provides another second device 5, where a first session connection is established between the second device 5 and the first device 4. Fig. 7 is a schematic diagram of a second structure of the second apparatus 5 according to the embodiment of the present application. As shown in fig. 7, the second device 5 includes a second processor 701 and a second memory 702; wherein: the second memory 702 stores a computer program operable on the second processor 701, and the second processor 701 implements the management method applied to the second device 5 as described in any of the previous embodiments when executing the program.
The first processor 601 and the second processor 701 may be at least one of an ASIC, a DSP, a DSPD, a PLD, an FPGA, a CPU, a controller, a microcontroller, and a microprocessor. It is understood that the electronic device for implementing the above-mentioned processor function may be other electronic devices, and the embodiments of the present application are not particularly limited.
The first memory 602 and the second memory 702 may be volatile memories (RAMs); or a non-volatile memory (non-volatile memory) such as a ROM, a flash memory, an HDD, or an SSD; or a combination of the above types of memories and provides instructions and data to the processor.
Based on the foregoing embodiments, an embodiment of the present application further provides a management system 8, and fig. 8 is a schematic view of a first structure of the management system 8 provided in the embodiment of the present application. As shown in fig. 8, the management system 8 comprises a first device 4 as described previously and a second device 5 as described previously; wherein:
the second device 5 accesses the application in the first device 4 through the first session connection;
the first device 4 acquires the first identifier and manages the remote access operation based on the first identifier when detecting that the application program executes the remote access operation on the external device loaded by the second device 5; wherein the first identity comprises an identity of the first session connection.
For example, when the first device 4 detects the application program is started, it may send a start message of the application program to the second device 5; when receiving the start message of the application program, the second device 5 may obtain at least device parameter information of the external device, and determine a device connection request based on at least the device parameter information; when receiving the start message of the application program, the second device 5 may also at least obtain data processing requirement information, and determine a device connection request based on the data processing requirement information; the second device 5 may also send a device connection request to the first device 4.
Illustratively, when receiving the device connection request, the first device 4 creates a virtual device associated with the external device, obtains virtual device information of the virtual device, and obtains associated information by associating the first identifier with the virtual device information; the first device 4 may also determine target virtual device information from the association information based on a matching result of the association information and the first identifier, and manage the remote access operation based on the target virtual device information.
For example, when the first device 4 receives the device connection request, a virtual device associated with the external device may be created based on the device parameter information in the device connection request to redirect the external device to the first device.
For example, when receiving the device connection request, the first device 4 may further create a data transmission channel based on the data processing requirement information in the device connection request, determine first address information of the data transmission channel, and send the first address information to the second device 5; the data transmission channel is used for data transmission between the external device and the first device.
For example, the second device 5 may determine the second address information based on the device interface information of the external device when receiving the first address information; under the condition that the application program is received to execute remote access operation on the external equipment, circularly executing data processing operation between the external equipment and the application program through a data transmission channel on the basis of the first address information and the second address information; wherein the second address information includes Socket address information associated with the external device.
Illustratively, the second device 5 may further obtain remote access configuration information, and if the remote access configuration information meets a specified condition, at least obtain device parameter information; wherein the remote access configuration information includes configuration information whether the external device is allowed to be remotely accessed; the specified conditions include allowing the external device to be remotely accessed.
As can be seen from the above, in the management system 8 provided in this embodiment of the application, the first device 4 may associate the external device loaded by the second device 4 with the first identifier connected to the first session, and when it is detected that the application program running in the first device 4 accesses the external device loaded in the second device 5, the first device 4 may manage the remote access operation of the application program on the external device based on the first identifier, and through the association between the external device and the session connection, session control over the remote access operation of the external device is implemented, so that efficiency of accessing the external device is improved, and security of user data is also improved.
The management process of the management system 8 according to the foregoing embodiment will be described below based on a USB/Internet Protocol (IP) framework. In the USB/IP framework, a client and a server transmit a USB Request Block (URB) packet based on a TCP/IP protocol, and after receiving the URB packet, the client and the server may distribute the URB packet to a bottom driver for further processing.
In the management method provided in the embodiment of the present application, based on the USB/IP framework, the first device 4 may be a server device, which may be loaded with a Linux operating system, and the second device 5 may be a client device, which may be loaded with a Windows operating system.
Under the condition that the application program is a remote application program, the management method of the embodiment of the application provides a remote mapping scheme of the external device based on the remote application program, and the scheme does not perform data transmission based on a port in TCP/IP protocol transmission, but performs forwarding of URB packets through a customized URB proxy service and a virtual channel, namely a data transmission channel.
Fig. 9 is a schematic structural diagram of a second structure of the management system 8 according to the embodiment of the present application. As shown in fig. 9, the structure includes a first device 4, a second device 5, and a USB device 901.
In fig. 9, the architecture of the management method provided in the embodiment of the present application will be described with an external device being a USB device 901 and an application being a remote application as an example.
The second device 5 includes a device hot plug monitoring module 902, a driver module 903, a usibpd module 904, and a libussbip module 905.
The device hot plug monitoring module 902 is configured to monitor a hot plug operation of the USB device 901 in real time, notify an application layer of the second device 5 of a message of the hot plug operation of the USB device 901 when the hot plug operation of the USB device 901 is detected, and then determine whether to map the external device to the first device 4 by the application layer according to the remote access configuration information. Illustratively, when the second device 5 is loaded with a Unified Operating System (UOS) System, the device hot plug monitoring module 902 may be a netlink, where the netlink may implement real-time management on access and removal of the USB device 901, and may further obtain device parameter information of the USB device 901 through a communication bus of the second device 5.
The driver module 903 may include a usb-core and a usb-host, and is mainly configured to capture a URB packet, manage delivery of the URB packet and processing of the URB packet received from the peer device, and implement external device compatibility repair, such as compatibility repair of a mobile hard disk and a printer.
The usipdd module 904 is configured to respond to the processing of messages sent by the application layer, such as export, attach, dettach, and the like, of the external device, and establish a connection with the usibp-core by using a mechanism that implements multiplexing of multiple I/O through a local socket. It should be noted that the usibpd module 904 is a resident process, and is loaded immediately after the second device 5 is started, and it may load the usibp-core first, and when the application program in the first device 4 is started, may register a callback function for forwarding the driver URB packet.
The libussbip module 905 is configured to unbind the binding relationship between the USB device 901 and other drivers, export the USB device 901, and attach the USB device 901 to a USB-host, and after the operation is completed, may send a device connection request to the first device 4. The libussbip module 905 also provides an interface to obtain and modify properties of the USB device 901.
The libussbip module 905 further includes a sub-module, USB-proxy 90501, where the sub-module is used to implement an agent mechanism for processing a URB packet, and can implement forwarding of the URB packet of multiple USB devices 901 through a multi-path I/O multiplexing mechanism, so as to get rid of dependence on a port.
In fig. 9, after the second device 5 is started, the usb ip module 904 is started and performs operations such as unbinding the binding of the peripheral device and the driver, binding the usb ip-host driver, and the like.
When the second device 5 detects that the USB device 901 is loaded through the device hot plug monitoring module 902, if the remote access configuration information indicates that the USB device 901 can be mapped to the first device 4, the libubip module 905 unbinds the binding relationship between the USB device 901 and other drivers, derives the USB device 901, and attaches the device to a USB-host to create a socket.
After monitoring that the socket is successfully created, the usb module 904 writes the socket handle into sysfs, so as to implement communication between usb-proxy 9051 and the driver module 903. After acquiring the handle of the socket, the usb-host in the driver module 903 converts the handle into a socket object of the usb-core, and creates a data transceiving thread, i.e., a specified data processing process.
When the remote application program is started and a first session connection between the first device 4 and the second device 5 is established, at this time, the second device 5 can receive a start message of the remote application program, the second device 5 can acquire at least one of device parameter information and data processing requirement information of the USB device 901, generate a device connection request based on the information, and then send the device connection request to the first device 4, the first device 4 creates a virtual channel 906, i.e., a data transmission channel, according to relevant information in the device connection request, and sends first address information to the second device 5; the first device 4 is also capable of creating a virtual device corresponding to the USB device 901 to enable redirection of the USB device 901; the first device 4 is further capable of obtaining virtual device information of the virtual device and associating the virtual device with the first identifier of the first session connection based on the virtual device information, and determining association information.
After receiving the first address information, the second device 5 may associate the socket handle, that is, the second address information and the first address information, with the data transceiving thread.
When the remote application executed by the first device 4 performs a remote operation on the USB device 901, the first device 4 can acquire a session identifier for starting a session connection of the remote application, and manage a remote access operation of the remote application on the USB device 901 based on a matching relationship between the session identifier and the session flag in the association information. In a case where the remote application is capable of performing a remote access operation to the USB device 901, the data transceiving thread is triggered, thereby realizing a data processing operation between the USB device 901 and the first device 4.
Fig. 10 is a schematic structural diagram of a second management system according to an embodiment of the present application. In fig. 10, the management method provided in the embodiment of the present application is still explained on the premise of USB/IP architecture.
As shown in fig. 10, the first device 4 may be a client device in a USB/IP architecture; the second device 4 may be a server device in a USB/IP architecture.
In fig. 10, the first device 4 may include a first application layer 1001 and a first driver layer 1002; wherein, the first application layer 1001 includes the sfusbreddictor module 100101; the first driver layer 1002 includes sfvirtualbus module 100201 and virtual USB device 100202; the sfvirtualbus module 100201 is configured to create a virtual USB device 100202 on the virtual bus, and is responsible for acquiring and forwarding the URB packet.
In fig. 10, the second device 5 may include a second application layer 1003 and a second driver layer 1004; the second application layer 1003 may include a linux client module 100310, and the second driver layer 1004 may include a USB/IP server module 100401, which includes a driver module under a USB/IP framework, such as the driver module 903 in the foregoing embodiment.
In fig. 10, the sfusbreddictor module 100101 is used for communicating with the linux client module 100301, the communication message may include USB device 901 hot plug, URB packet forwarding, etc., and session isolation is also a function implemented by this module. When receiving the device connection request sent by the linux client module 100301, the sfusbredcirector module 100101 may forward the device connection request to the sfvirtualbus module 100201 through the ioctl interface, where the sfvirtualbus module 100201 creates a virtual USB device 100202 on the virtual bus based on the device parameter information in the device connection request, and returns the created result to the sfusbredcirector module 100101.
As can be seen from the above, the management method provided in this embodiment of the present application implements extension of the URB communication protocol, and can also implement access of the application program to the external device through the identifier of the session connection, implement management of the access operation of the external device by the second device, implement isolation between session connections, and implement security isolation of the access operation of the external device.
Based on the foregoing embodiments, the present application further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by the first processor 601 of the first device 4 or the second processor 701 of the second device 5, the management method according to any of the foregoing embodiments can be implemented.
The foregoing description of the various embodiments is intended to highlight various differences between the embodiments, and the same or similar parts may be referred to each other, and for brevity, will not be described again herein.
The methods disclosed in the method embodiments provided by the present application can be combined arbitrarily without conflict to obtain new method embodiments.
Features disclosed in various product embodiments provided by the application can be combined arbitrarily to obtain new product embodiments without conflict.
The features disclosed in the various method or apparatus embodiments provided herein may be combined in any combination to arrive at new method or apparatus embodiments without conflict.
The computer-readable storage medium may be a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), an Erasable Programmable Read Only Memory (EPROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a magnetic Random Access Memory (FRAM), a Flash Memory (Flash Memory), a magnetic surface Memory, an optical Disc, or a Compact Disc Read-Only Memory (CD-ROM); and may be various electronic devices such as mobile phones, computers, tablet devices, personal digital assistants, etc., including one or any combination of the above-mentioned memories.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus necessary general hardware nodes, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method described in the embodiments of the present application.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present application, and not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application, or which are directly or indirectly applied to other related technical fields, are included in the scope of the present application.

Claims (17)

1. A management method is applied to a first device, and a first session connection is established between the first device and a second device; the method comprises the following steps:
under the condition that the application program running in the first equipment is detected to execute remote access operation on the external equipment loaded by the second equipment, acquiring a first identifier; wherein the first identity comprises a session identity of the first session connection;
managing the remote access operation of the application program to the external device based on the first identification.
2. The method of claim 1, wherein managing the remote access operation of the application to the external device based on the first identifier comprises:
obtaining the associated information; the association information comprises association relation information between the virtual equipment information and the second identifier; the virtual device information includes information of a virtual device associated with a device loaded by a third device; the third device comprises at least one device which establishes a second session connection with the first device; the second identifier comprises a session identifier of a second session connection;
managing the remote access operation based on the association information and the first identifier.
3. The method of claim 2, wherein managing the remote access operation based on the association information and the first identifier comprises:
determining target virtual equipment information from the associated information based on a matching result of the second identifier and the first identifier in the associated information;
managing the remote access operation based on the target virtual device information.
4. The method of claim 2, wherein obtaining the association information comprises:
sending a starting message of the application program;
receiving a device connection request, and creating the virtual device; wherein the device connection request is generated based on the initiation message;
acquiring virtual equipment information of the virtual equipment;
and obtaining the association information by associating the first identifier with the virtual equipment information.
5. The method of claim 4, wherein the device connection request includes at least device parameter information of the external device; the creating the virtual device includes:
creating the virtual device associated with the external device based on the device parameter information in the device connection request to redirect the external device to the first device.
6. The method of claim 4, wherein the device connection request includes at least data processing requirement information; after receiving the device connection request, the method further includes:
creating a data transmission channel based on the data processing requirement information in the equipment connection request; the data transmission channel is used for data transmission between the external equipment and the first equipment;
determining first address information of the data transmission channel;
and sending the first address information.
7. A method of management, wherein the method is applied to a second device; a first session connection is established between the second device and the first device, the method comprising:
accessing an application in the first device through the first session connection.
8. The method of claim 7, further comprising:
under the condition of receiving a starting message of the application program, at least acquiring equipment parameter information of the external equipment;
determining a device connection request based at least on the device parameter information;
and sending the equipment connection request.
9. The method of claim 7, further comprising:
determining at least data processing requirement information in the case of receiving a start message of the application program;
determining the device connection request based on the data processing requirement information;
and sending the equipment connection request.
10. The method according to any one of claims 8 or 9, wherein after sending the device connection request, further comprising:
receiving first address information; wherein the first address information includes address information of a data transmission channel between the first device and the external device;
determining second address information based on device interface information of the external device; wherein the second address information comprises Socket address information associated with the external device;
and under the condition that a message that the application program executes the remote access operation on the external equipment is received, circularly executing the data processing operation between the external equipment and the application program through the data transmission channel based on the first address information and the second address information.
11. The method of claim 8, wherein the obtaining at least device parameter information of the external device comprises:
acquiring remote access configuration information; wherein the remote access configuration information includes configuration information whether the external device is allowed to be remotely accessed;
if the remote access configuration information meets specified conditions, at least acquiring the equipment parameter information; wherein the specified condition includes allowing the external device to be remotely accessed.
12. An apparatus, wherein the apparatus is a first apparatus, comprising a first processing module; a first session connection is established between the first device and the second device; wherein:
the first processing module is configured to acquire a first identifier when it is detected that an application program running in the first device performs a remote access operation on a device loaded by the second device; managing the remote access operation of the application program to the external device based on the first identification; wherein the first identity comprises a session identity of the first session connection.
13. An apparatus, wherein the apparatus is a second apparatus, comprising a second processing module; a first session connection is established between the second device and the first device; wherein:
the second processing module is used for accessing an application program in the first equipment through the first session connection; wherein the first identity comprises a session identity of the first session connection.
14. An apparatus, wherein the apparatus is a first apparatus, comprising a first processor and a first memory; a first session connection is established between the first device and the second device; the first memory stores a computer program operable on a first processor, the first processor implementing the management method of any one of claims 1 to 6 when executing the computer program.
15. A device, wherein the device is a second device comprising a second processor and a second memory; a first session connection is established between the second device and the first device; the second memory stores a computer program operable on a second processor, the second processor implementing the management method of any of claims 7 to 11 when executing the computer program.
16. A management system, characterized in that the management system comprises a first device according to claim 12 or 14 and a second device according to claim 13 or 15, wherein:
the second device accessing an application in the first device through the first session connection;
the method comprises the steps that when the first device detects that the application program executes remote access operation on external equipment loaded by the second device, a first identifier is obtained, and the remote access operation is managed based on the first identifier; wherein the first identity comprises a session identity of the first session connection.
17. A computer-readable storage medium, in which a computer program is stored, which, when executed by a first processor of a first device or a second processor of a second device, is capable of implementing the management method according to any one of claims 1 to 6 or 7 to 11.
CN202111133297.5A 2021-09-27 2021-09-27 Management method, device, system and storage medium Pending CN113905080A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111133297.5A CN113905080A (en) 2021-09-27 2021-09-27 Management method, device, system and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111133297.5A CN113905080A (en) 2021-09-27 2021-09-27 Management method, device, system and storage medium

Publications (1)

Publication Number Publication Date
CN113905080A true CN113905080A (en) 2022-01-07

Family

ID=79029465

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111133297.5A Pending CN113905080A (en) 2021-09-27 2021-09-27 Management method, device, system and storage medium

Country Status (1)

Country Link
CN (1) CN113905080A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115568036A (en) * 2022-10-14 2023-01-03 荣耀终端有限公司 Application connection method and electronic equipment

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1825272A (en) * 2005-02-22 2006-08-30 中国科学院计算技术研究所 Remote printing method for multi-node intelligent network application service system
US20070183325A1 (en) * 2006-02-08 2007-08-09 Kabushiki Kaisha Toshiba Data transfer device
JP2010041605A (en) * 2008-08-07 2010-02-18 Fujitsu Ltd Device for controlling external connection of indoor apparatus
CN103327005A (en) * 2013-05-15 2013-09-25 深信服网络科技(深圳)有限公司 Device access method and device based on virtual desktop
US20160173614A1 (en) * 2014-12-15 2016-06-16 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Administering a remote session between a target computing device and a remote computing device
WO2017121998A1 (en) * 2016-01-11 2017-07-20 Osirium Limited Controlling access to remote devices
CN107465669A (en) * 2017-07-21 2017-12-12 北京奇安信科技有限公司 The equipment safety partition method and device of a kind of multi-user
CN108347462A (en) * 2017-01-23 2018-07-31 阿里巴巴集团控股有限公司 A kind of method and apparatus of communicating operational data
CN110798402A (en) * 2019-10-30 2020-02-14 腾讯科技(深圳)有限公司 Service message processing method, device, equipment and storage medium
CN111641690A (en) * 2020-05-20 2020-09-08 北京字节跳动网络技术有限公司 Session message processing method and device and electronic equipment
CN112256448A (en) * 2020-09-30 2021-01-22 北京达佳互联信息技术有限公司 Remote control method, device, electronic equipment, system and storage medium

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1825272A (en) * 2005-02-22 2006-08-30 中国科学院计算技术研究所 Remote printing method for multi-node intelligent network application service system
US20070183325A1 (en) * 2006-02-08 2007-08-09 Kabushiki Kaisha Toshiba Data transfer device
JP2010041605A (en) * 2008-08-07 2010-02-18 Fujitsu Ltd Device for controlling external connection of indoor apparatus
CN103327005A (en) * 2013-05-15 2013-09-25 深信服网络科技(深圳)有限公司 Device access method and device based on virtual desktop
US20160173614A1 (en) * 2014-12-15 2016-06-16 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Administering a remote session between a target computing device and a remote computing device
WO2017121998A1 (en) * 2016-01-11 2017-07-20 Osirium Limited Controlling access to remote devices
CN108347462A (en) * 2017-01-23 2018-07-31 阿里巴巴集团控股有限公司 A kind of method and apparatus of communicating operational data
CN107465669A (en) * 2017-07-21 2017-12-12 北京奇安信科技有限公司 The equipment safety partition method and device of a kind of multi-user
CN110798402A (en) * 2019-10-30 2020-02-14 腾讯科技(深圳)有限公司 Service message processing method, device, equipment and storage medium
CN111641690A (en) * 2020-05-20 2020-09-08 北京字节跳动网络技术有限公司 Session message processing method and device and electronic equipment
CN112256448A (en) * 2020-09-30 2021-01-22 北京达佳互联信息技术有限公司 Remote control method, device, electronic equipment, system and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115568036A (en) * 2022-10-14 2023-01-03 荣耀终端有限公司 Application connection method and electronic equipment
CN115568036B (en) * 2022-10-14 2023-10-20 荣耀终端有限公司 Application connection method, electronic equipment, chip and storage medium

Similar Documents

Publication Publication Date Title
US11196742B2 (en) Method, system, and device for communicating data between devices to control one of the devices
US11487690B2 (en) Universal host and non-volatile memory express storage domain discovery for non-volatile memory express over fabrics
CN112511611B (en) Communication method, device and system of node cluster and electronic equipment
US11489872B2 (en) Identity-based segmentation of applications and containers in a dynamic environment
JP7085565B2 (en) Intelligent thread management across isolated network stacks
CN109688186B (en) Data interaction method, device, equipment and readable storage medium
US20080022120A1 (en) System, Method and Computer Program Product for Secure Access Control to a Storage Device
JP5466723B2 (en) Host providing system and communication control method
CN102713925B (en) Confidential information is revealed the leakage of anti-locking system, confidential information leak-preventing method and confidential information and is prevented program
WO2018120913A1 (en) Certificate acquisition method, authentication method and network device
WO2014201650A1 (en) Storage detection device and system and storage detection method
EP2723112B1 (en) Rights control method and apparatus for digital living network alliance
WO2018054047A1 (en) Data processing method and related storage apparatus
WO2013097345A1 (en) Access control method and apparatus for digital living network alliance device
US10327138B2 (en) Systems and methods for providing services
CN113905080A (en) Management method, device, system and storage medium
WO2018001023A1 (en) Virtual desktop login method and device for cloud terminal
WO2016086544A1 (en) Network interface configuration method and apparatus for network device and storage medium
CN111600755B (en) Internet access behavior management system and method
CN105812364A (en) Data transmission method and device
US20230231915A1 (en) Bare-metal connection storage method and system, and apparatus
WO2007111470A2 (en) Method and system for managing transmission of internet contents
WO2020038388A1 (en) Resource configuration method and apparatus, and storage medium
US9071596B2 (en) Securely establishing a communication channel between a switch and a network-based application using a unique identifier for the network-based application
CN113973093B (en) Data transmission method and device, electronic equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination