CN114650150A - Oil field network communication system and method - Google Patents
Oil field network communication system and method Download PDFInfo
- Publication number
- CN114650150A CN114650150A CN202011411761.8A CN202011411761A CN114650150A CN 114650150 A CN114650150 A CN 114650150A CN 202011411761 A CN202011411761 A CN 202011411761A CN 114650150 A CN114650150 A CN 114650150A
- Authority
- CN
- China
- Prior art keywords
- request
- data
- oil field
- intranet
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 63
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000012545 processing Methods 0.000 claims abstract description 109
- 238000012544 monitoring process Methods 0.000 claims abstract description 51
- 238000001914 filtration Methods 0.000 claims abstract description 36
- 238000001514 detection method Methods 0.000 claims abstract description 29
- 230000002159 abnormal effect Effects 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 16
- 230000009545 invasion Effects 0.000 abstract 1
- 241000700605 Viruses Species 0.000 description 8
- 238000010586 diagram Methods 0.000 description 5
- 230000007123 defense Effects 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000003129 oil well Substances 0.000 description 1
- 231100000279 safety data Toxicity 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Computer And Data Communications (AREA)
Abstract
The application discloses an oil field network communication system and method, and belongs to the technical field of safety protection of oil field communication networks. The system comprises a proxy server, a main server, an alarm server and a plurality of remote terminal units, wherein the proxy server comprises a request processing unit, a data receiving unit and a data sending unit; the data receiving unit is used for receiving oil field monitoring data and oil field working data from a plurality of remote terminal units; the data sending unit is used for sending oil field monitoring data to the alarm server and sending oil field working data to the main server; the request processing unit is used for receiving the user request, detecting the user request based on the request filtering rule and sending a processing request to the main server based on the user request passing the detection; the main server is used for storing the oil field working data and responding to the request content corresponding to the processing request. The method and the device can isolate the invasion source without influencing the collection and storage of the oil field data.
Description
Technical Field
The embodiment of the application relates to the technical field of safety protection of an oil field communication network, in particular to an oil field network communication system and method.
Background
With the continuous deepening of the integration of the two technologies, the safety of the oil field communication network is more and more concerned in the oil field exploitation process.
In the related art, by deploying firewalls at the boundary of an oilfield communication network and an external network, security risks from the external network, such as viruses, malicious code, hacking, and the like, are addressed.
However, the related art does not consider the potential safety hazard from the inside of the oilfield communication network, and the safety is not high enough.
Disclosure of Invention
The embodiment of the application provides an oil field network communication system and method, which can solve the potential safety hazard from the inside and the outside of an oil field communication network, and can isolate an intrusion source under the condition of not influencing the acquisition and the storage of oil field data, thereby improving the safety of the oil field communication network. The technical scheme is as follows:
according to one aspect of the embodiment of the application, the system comprises a proxy server, a main server, an alarm server and a plurality of remote terminal units, wherein the proxy server comprises a request processing unit, a data receiving unit and a data sending unit;
the remote terminal units are used for acquiring oil field monitoring data and oil field working data and sending the oil field monitoring data and the oil field working data to the proxy server;
the data receiving unit of the proxy server is used for receiving the oil field monitoring data and the oil field working data from the plurality of remote terminal units;
the data sending unit of the proxy server is used for sending the oil field monitoring data to the alarm server and sending the oil field working data to the main server;
the request processing unit of the proxy server is used for receiving a user request, detecting the user request based on a request filtering rule and sending a processing request to the main server based on the user request passing the detection;
and the main server is used for storing the oilfield working data and responding to the request content corresponding to the processing request.
Optionally, the alarm server is configured to detect oilfield monitoring data from the data sending unit of the proxy server, and send an alarm instruction or a pre-alarm instruction to the plurality of remote terminal units if the oilfield monitoring data is detected to be abnormal.
Optionally, the request processing unit includes an extranet request processing unit and an intranet request processing unit:
the external network request processing unit is used for receiving an external network request, detecting the external network request based on an external network request filtering rule, and sending the processing request to the main server based on the external network request passing the detection;
the intranet request processing unit is used for receiving an intranet request, detecting the intranet request based on an intranet request filtering rule, and sending the processing request to the main server based on the intranet request passing the detection.
Optionally, the extranet request processing unit is further configured to analyze and process the extranet request that is not detected, and if the extranet request that is not detected is at risk, enter a blacklist for a client account corresponding to the extranet request that is not detected.
Optionally, the intranet request processing unit is further configured to analyze and process an intranet request that is not detected, and send warning information to a manager of a client corresponding to the intranet request that is not detected if there is a risk in the intranet request that is not detected.
According to one aspect of the embodiment of the application, an oilfield network communication method is provided, and is applied to an oilfield network communication system, wherein the oilfield network communication system comprises a proxy server, a main server, an alarm server and a plurality of remote terminal units, and the proxy server comprises a request processing unit, a data receiving unit and a data sending unit;
the method comprises the following steps:
the remote terminal units collect oil field monitoring data and oil field working data and send the oil field monitoring data and the oil field working data to the proxy server;
the data receiving unit of the proxy server receives the oil field monitoring data and the oil field working data from the plurality of remote terminal units;
the data sending unit of the proxy server sends the oil field monitoring data to the alarm server and sends the oil field working data to the main server;
a request processing unit of the proxy server receives a user request, detects the user request based on a request filtering rule, and sends a processing request to the main server based on the user request passing the detection;
and the main server stores the oilfield working data and responds to the request content corresponding to the processing request.
Optionally, after the data sending unit of the proxy server sends the oilfield monitoring data to the alarm server, the method further includes:
the alarm server detects the oil field monitoring data from the data sending unit of the proxy server, and sends alarm instructions or pre-alarm instructions to the remote terminal units if the oil field monitoring data are detected to be abnormal.
Optionally, the request processing unit includes an external network request processing unit and an internal network request processing unit;
the method comprises the following steps that a request processing unit of the proxy server receives a user request, detects the user request based on a request filtering rule, and sends a processing request to the main server based on the user request passing the detection, and comprises the following steps:
a request processing unit of the proxy server receives an extranet request, detects the extranet request based on extranet request filtering rules, and sends the processing request to the main server based on the extranet request passing the detection;
and/or the presence of a gas in the gas,
and a request processing unit of the proxy server receives an intranet request, detects the intranet request based on an intranet request filtering rule, and sends the processing request to the main server based on the intranet request passing the detection.
Optionally, the extranet request processing unit analyzes and processes the extranet request which is not detected to pass, and if the extranet request which is not detected to pass has a risk, the client account corresponding to the extranet request which is not detected to pass is entered into a blacklist.
Optionally, the intranet request processing unit analyzes and processes an intranet request that is not detected, and sends warning information to a manager of a client corresponding to the intranet request that is not detected if the intranet request that is not detected is at risk.
The technical scheme provided by the embodiment of the application can bring the following beneficial effects:
the user request is detected through the proxy server, and then the user request passing the detection is sent to the main server instead of the main server for direct detection, so that the intrusion source is isolated, and the safety of the oilfield communication network is improved.
In addition, the oil field data are collected and distributed through the proxy server, the pressure of the main server on processing the service is reduced, and the performance of an oil field communication network is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings required to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the description below are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is an architecture diagram of an oilfield network communication system provided by an embodiment of the present application;
fig. 2 is a flowchart of an oilfield network communication method according to an embodiment of the application.
Detailed Description
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
Referring to fig. 1, an architecture diagram of an oilfield network communication system provided by an embodiment of the present application is shown. The system may include: the system comprises a proxy server 101, a main server 102, an alarm server 103 and a plurality of remote terminal units, wherein the proxy server 101 comprises a request processing unit, a data receiving unit and a data transmitting unit.
The plurality of remote terminal units are configured to collect the oil field monitoring data and the oil field working data, and send the oil field monitoring data and the oil field working data to the proxy server 101. The remote terminal unit is a computer measurement and control unit with a modular structure and has the functions of data acquisition, control and communication. The remote terminal unit collects oil field monitoring data and oil field working data through the terminal working condition measuring device and sends the collected oil field data and the collected oil field working data to the proxy server 101 in real time.
Alternatively, the number of remote terminal units depends on the number of actual wells, and one remote terminal unit may support a plurality of well condition determining devices. One well condition determining apparatus may support a plurality of remote terminal units. The remote terminal unit and the proxy server 101 can perform conversion transmission and conversion reception of data through the modem. The communication between the remote terminal unit and the Radio base station follows a protocol supported by the Radio base station, such as GSM (Global System for Mobile Communications), GPRS (General Packet Radio Service), CDMA2000(Code Division Multiple Access 2000), LTE (Long Term Evolution), and the like. Alternatively, the remote terminal unit may also send the oilfield monitoring data and the oilfield operation data to the proxy server 101 directly through a network cable, which is not limited herein in this embodiment of the application.
Oilfield monitoring data refers to relevant data, such as instrumentation, environment, personnel, etc., that may be used to maintain and monitor the operation of oilfield development work. The oil field working data refers to relevant data such as oil field exploitation amount, exploitation progress, personnel working time, personnel record data and the like, and can be used for summarizing and planning oil field exploitation. The field monitoring data may also include indicator diagrams. The indicator diagram is used for reflecting the quality of the exploitation condition of the oil field, and the updating frequency of the indicator diagram is at least 4 times per day. The frequency of sending the oil field monitoring data and the oil field working data by each remote terminal unit is different, and can be set according to the actual oil well condition, and the embodiment of the application is not limited herein.
The proxy server 101 is used for processing part of the traffic of the main server 102 by the proxy main server 102. For example, the proxy server 101 may be used for the proxy main server 102 to process data acquisition and distribution services, and the specific manner may include: the data receiving unit of the proxy server 101 is configured to receive the oil field monitoring data and the oil field working data from a plurality of remote terminal units. And the data sending unit of the proxy server 101 is used for sending the oil field monitoring data to the alarm server 103 and sending the oil field working data to the main server 102. According to the embodiment of the application, the pressure of the main server 102 is reduced by processing the acquisition and distribution of data by the proxy server 101, and the efficiency and performance of the main server 102 are improved.
Optionally, the proxy server 101 may be configured to process the request processing service by the proxy main server 102, and the specific manner may include: the request processing unit of the proxy server 101 is configured to receive the user request, detect the user request based on the request filtering rule, and send a processing request to the main server 102 based on the user request passing the detection.
In the embodiment of the application, the user request refers to a request of a user for an oilfield communication network, and the request may include an access request, an oilfield data query request, a data upload request, and the like. The oilfield data query request can comprise a query request for data of groups, categories, time and the like of oilfield data. The data upload request may include an upload request for oilfield work data, user logs, etc. User log data may include text, document, audio, video, etc. data.
Alternatively, the user request may include an extranet request, an intranet request, and the like. An extranet request refers to a request from outside the oilfield communication network. For example, an oilfield data query request is initiated to proxy server 101 over a non-oilfield communications network. An internal request refers to a request initiated internally from the oilfield communication network. For example, an oilfield data query request is initiated to the proxy server 101 via an oilfield communications network.
Request filtering rules refer to rules for filtering user requests. The request filtering rule may include a white list for the access user, where the white list includes a user account and an access password corresponding to the access user. The request filtering rule may include an address white list for the access user, and the address white list is used for recording an IP (Internet Protocol) address having an access right to the oilfield communication network. The request filtering rule can also comprise identification information of abnormal data in the existing virus library. The user request filtered by the request filtering rule may be regarded as a secure user request, i.e. a passing user request is detected.
Alternatively, the detected user request may be packaged by the processing request and used to request processing of the detected user request from the host server 102.
In one example, proxy server 101 includes an extranet request processing unit and an intranet request processing unit. The extranet request processing unit is a unit for processing an extranet request, and is configured to receive the extranet request, detect the extranet request based on an extranet request filtering rule, and send a processing request to the main server 102 based on the extranet request that has passed the detection. The intranet request processing unit is a unit for processing an intranet request, and is configured to receive the intranet request, detect the intranet request based on an intranet request filtering rule, and send a processing request to the main server 102 based on the intranet request that has passed the detection.
The extranet request filtering rules are used for detecting user requests from outside the oilfield communication network. The extranet request filtering rules can comprise white lists, black lists and identification information of abnormal data in an existing virus library and the like aiming at the access users. If the user name and the password contained in the extranet request are consistent with those recorded in the white list and the content information corresponding to the extranet request is not matched with the identification information of the abnormal data in the existing virus library, the extranet request is judged to pass the detection, and the extranet request can be packaged into the processing request and sent to the main server 102 for processing.
The external network request processing unit is also used for analyzing and processing the external network request which is detected to fail, and if the external network request which is detected to fail has risks, the client account corresponding to the external network request which is detected to fail is recorded into a blacklist. For example, if the username and password included in the extranet request do not match those recorded in the white list, then there is a potential risk of the extranet request being considered as a failure to detect. And detecting and analyzing the content information corresponding to the external network request, if the content information corresponding to the external network request contains data matched with or similar to the identification information of abnormal data in the existing virus library, judging that the external network request has risk content, rejecting the external network request, not executing an issuing process, and recording a client account corresponding to the external network request into a blacklist for subsequent filtering and defense.
Optionally, the intranet request filtering rules are used to detect a user request from the oilfield communications network. The intranet request filtering rule can comprise an address white list and an address black list corresponding to the staff, identification information of abnormal data in an existing virus library and the like. And the IP address corresponding to the client with the authority of entering the oilfield communication network is stored in the address white list. If the IP address corresponding to the client initiating the intranet request matches the address white list, and the content information corresponding to the intranet request does not match the identification information of the abnormal data in the existing virus library, it is determined that the extranet request passes the detection, and the extranet request can be packaged into the processing request and sent to the main server 102 for processing.
The intranet request processing unit is further used for analyzing and processing the intranet request which is detected to be failed, and if the intranet request which is detected to be failed is in risk, warning information is sent to a manager of the client corresponding to the intranet request which is detected to be failed. For example, if the IP address corresponding to the intranet request client does not match the address white list, the extranet request is considered to have a potential risk, that is, failing to be detected. And detecting and analyzing the content information corresponding to the intranet request, if the content information corresponding to the intranet request contains data matched with or similar to the identification information of abnormal data in the existing virus library, judging that the intranet request has risk content, rejecting the intranet request, not executing a issuing process, and sending warning information to a manager corresponding to the intranet request client so that the manager can find out reasons and take precautionary measures.
In one example, the request processing module of the proxy server 101 may also be used for situational awareness. Based on the big safety data, the operations of discovering, identifying, understanding, analyzing, responding, disposing and the like are actively carried out on the safety threats of the oilfield communication network from the global view. For example, the request processing module of the proxy server 101 performs situation awareness on the set upper flow limit of the normal oilfield communication network state, detects the oilfield communication network state if the upper flow limit of the oilfield communication network state is sensed to have an abnormal trend, establishes a risk report or an early warning mechanism, and perfects a defense system of the oilfield communication network. Wherein the upper flow limit can be twice the number of user names with the authority of entering the oilfield communication network through the external network, which are stored in the white list. Optionally, the request processing module of the proxy server 101 may also be used for, for example, worm situation awareness, trojan horse situation awareness, and the like, which is not limited herein in this embodiment of the application. Therefore, the oil field communication network can make defense adjustment in advance, and the safety of the oil field communication network is further improved.
Optionally, the main server 102 refers to a main service processing server, and may be configured to store oilfield working data and respond to request content corresponding to a processing request. For example, the main server 102 may be used to store oilfield work data distributed by the proxy server 101. The main server 102 receives the processing request from the proxy server 101, performs corresponding processing according to the processing request, and transmits a processing result to the proxy server 101. For example, the main server 102 receives the oilfield working data query request from the proxy server 101, retrieves oilfield working data corresponding to the oilfield working data query request from the data repository according to the oilfield working data query request, and sends the oilfield working data to the proxy server 101. The main server 102 may be one server, a server cluster composed of multiple servers, or a cloud computing service center.
Alternatively, the alarm server 103 is a server for sending a management warning, and may be configured to detect oilfield monitoring data from the data sending unit of the proxy server 101, and send an alarm command or a pre-alarm command to a plurality of remote terminal units if the oilfield monitoring data is detected to be abnormal. The alarm instruction is used for controlling the remote terminal unit to stop working or sending an alarm signal to remind workers of safety problems. The pre-alarm instruction is used for controlling the remote terminal unit to prepare to stop working or sending out alarm information to remind a worker to maintain and process in time.
Optionally, the alarm server 103 stores therein normal intervals and less normal interval ranges of the oilfield monitoring data. The abnormal interval range is used for screening the abnormality of the oil field monitoring data. The alarm server 103 may directly send an alarm instruction and an early warning instruction to the remote terminal unit according to the class of the interval to which the received oil field monitoring data belongs. For example, if the oil field monitoring data exceeds the normal interval of the oil field monitoring data and is within the range of the abnormal interval, an alarm instruction or a pre-alarm instruction is sent to a plurality of remote terminal units.
To sum up, the technical scheme provided by the embodiment of the application detects the user request through the proxy server, and then sends the user request passing the detection to the main server instead of the direct detection of the main server, so that the intrusion source is isolated, and the safety of the oilfield communication network is improved.
In addition, the proxy server filters user requests, collects oil field data, distributes oil field data and the like, so that the pressure of the main server on processing services is reduced, and the performance of an oil field communication network is improved.
In addition, the external network request is filtered according to the external network request filtering rule, the internal network request is filtered according to the internal network request filtering rule, workers can access the oilfield communication network from the non-oilfield communication network, the oilfield state can be known in real time, and convenience of the oilfield communication network is improved on the premise that safety of the oilfield communication network is guaranteed. And the user requests from the interior of the oilfield communication network are filtered, so that the potential safety hazard from the interior of the oilfield communication network is solved, and the safety and the comprehensiveness of the oilfield communication network are further improved.
Referring to fig. 2, a flowchart of an oilfield network communication method provided by an embodiment of the present application is shown. The method can be applied to the oilfield network communication system introduced in the above embodiment. The method comprises the following steps (201-205):
In step 202, a data receiving unit of the proxy server receives oilfield monitoring data and oilfield operational data from a plurality of remote terminal units.
Optionally, after the data sending unit of the proxy server sends the oil field monitoring data to the alarm server, the alarm server detects the oil field monitoring data from the data sending unit of the proxy server, and if the oil field monitoring data is detected to be abnormal, sends an alarm instruction or a pre-alarm instruction to the plurality of remote terminal units.
In step 204, the request processing unit of the proxy server receives the user request, detects the user request based on the request filtering rule, and sends a processing request to the main server based on the user request passing the detection.
Optionally, the request processing unit includes an extranet request processing unit and an intranet request processing unit. Before sending a processing request to the main server, a request processing unit of the proxy server receives the extranet request, detects the extranet request based on the extranet request filtering rule, and sends the processing request to the main server based on the extranet request passing the detection.
The request processing unit of the proxy server receives the intranet request, detects the intranet request based on the intranet request filtering rule, and sends a processing request to the main server based on the intranet request passing the detection.
Optionally, the extranet request processing unit analyzes and processes the extranet request which is detected to fail, and if the extranet request which is detected to fail is at risk, the client account corresponding to the extranet request which is detected to fail is entered into a blacklist.
Optionally, the intranet request processing unit analyzes and processes the intranet request that is detected to be failed, and sends warning information to a manager of the client corresponding to the intranet request that is detected to be failed if the intranet request that is detected to be failed is risky.
And step 205, the main server stores the oilfield working data and responds to the request content corresponding to the processing request.
To sum up, the technical scheme provided by the embodiment of the application detects the user request through the proxy server, and then sends the user request passing the detection to the main server instead of the direct detection of the main server, so that the intrusion source is isolated, and the safety of the oilfield communication network is improved.
In addition, the oil field data are collected and distributed through the proxy server, the pressure of the main server for processing the service is reduced, and the performance of the oil field communication network is improved.
In addition, the external network request is filtered according to the external network request filtering rule, the internal network request is filtered according to the internal network request filtering rule, workers can access the oilfield communication network from the non-oilfield communication network, the oilfield state can be known in real time, and convenience of the oilfield communication network is improved on the premise that safety of the oilfield communication network is guaranteed. And the user requests from the interior of the oilfield communication network are filtered, so that the potential safety hazard from the interior of the oilfield communication network is solved, and the safety and the comprehensiveness of the oilfield communication network are further improved.
It should be understood that reference to "a plurality" herein means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. In addition, the step numbers described herein only exemplarily show one possible execution sequence among the steps, and in some other embodiments, the steps may also be executed out of the numbering sequence, for example, two steps with different numbers are executed simultaneously, or two steps with different numbers are executed in a reverse order to the order shown in the figure, which is not limited by the embodiment of the present application.
The above description is only exemplary of the present application and should not be taken as limiting the present application, and any modifications, equivalents, improvements and the like that are made within the spirit and principle of the present application should be included in the protection scope of the present application.
Claims (10)
1. The oilfield network communication system is characterized by comprising a proxy server, a main server, an alarm server and a plurality of remote terminal units, wherein the proxy server comprises a request processing unit, a data receiving unit and a data sending unit;
the remote terminal units are used for collecting oil field monitoring data and oil field working data and sending the oil field monitoring data and the oil field working data to the proxy server;
the data receiving unit of the proxy server is used for receiving the oil field monitoring data and the oil field working data from the plurality of remote terminal units;
the data sending unit of the proxy server is used for sending the oil field monitoring data to the alarm server and sending the oil field working data to the main server;
the request processing unit of the proxy server is used for receiving a user request, detecting the user request based on a request filtering rule and sending a processing request to the main server based on the user request passing the detection;
and the main server is used for storing the oilfield working data and responding to the request content corresponding to the processing request.
2. The system of claim 1,
the alarm server is used for detecting the oil field monitoring data from the data sending unit of the proxy server, and sending alarm instructions or pre-alarm instructions to the remote terminal units if the oil field monitoring data are detected to be abnormal.
3. The system according to claim 1, wherein the request processing unit comprises an extranet request processing unit and an intranet request processing unit;
the external network request processing unit is used for receiving an external network request, detecting the external network request based on an external network request filtering rule, and sending the processing request to the main server based on the external network request passing the detection;
the intranet request processing unit is used for receiving an intranet request, detecting the intranet request based on an intranet request filtering rule, and sending the processing request to the main server based on the intranet request passing the detection.
4. The system of claim 3,
the external network request processing unit is further configured to analyze and process the external network request which is not detected to pass, and if the external network request which is not detected to pass has a risk, enter a client account corresponding to the external network request which is not detected to pass into a blacklist.
5. The system of claim 3,
the intranet request processing unit is further configured to analyze and process an intranet request which is detected to be failed, and send warning information to a manager of a client corresponding to the intranet request which is detected to be failed if the intranet request which is detected to be failed is in risk.
6. The oilfield network communication method is characterized by being applied to an oilfield network communication system, wherein the oilfield network communication system comprises a proxy server, a main server, an alarm server and a plurality of remote terminal units, and the proxy server comprises a request processing unit, a data receiving unit and a data sending unit;
the method comprises the following steps:
the remote terminal units collect oil field monitoring data and oil field working data and send the oil field monitoring data and the oil field working data to the proxy server;
the data receiving unit of the proxy server receives the oil field monitoring data and the oil field working data from the plurality of remote terminal units;
the data sending unit of the proxy server sends the oil field monitoring data to the alarm server and sends the oil field working data to the main server;
a request processing unit of the proxy server receives a user request, detects the user request based on a request filtering rule, and sends a processing request to the main server based on the user request passing the detection;
and the main server stores the oilfield working data and responds to the request content corresponding to the processing request.
7. The method of claim 6, wherein after the data sending unit of the proxy server sends the oilfield monitoring data to the alarm server, the method further comprises:
the alarm server detects the oil field monitoring data from the data sending unit of the proxy server, and sends alarm instructions or pre-alarm instructions to the remote terminal units if the oil field monitoring data are detected to be abnormal.
8. The method according to claim 6, wherein the request processing unit comprises an extranet request processing unit and an intranet request processing unit;
the method comprises the following steps that a request processing unit of the proxy server receives a user request, detects the user request based on a request filtering rule, and sends a processing request to the main server based on the user request passing the detection, and comprises the following steps:
a request processing unit of the proxy server receives an extranet request, detects the extranet request based on extranet request filtering rules, and sends the processing request to the main server based on the extranet request passing the detection;
and/or the presence of a gas in the gas,
and a request processing unit of the proxy server receives an intranet request, detects the intranet request based on an intranet request filtering rule, and sends the processing request to the main server based on the intranet request passing the detection.
9. The method of claim 8, further comprising:
the external network request processing unit analyzes and processes the external network request which is not detected to pass, and if the external network request which is not detected to pass has risks, the client account corresponding to the external network request which is not detected to pass is recorded into a blacklist.
10. The method of claim 8, further comprising:
the intranet request processing unit analyzes and processes the intranet request which is not detected to pass, and if the intranet request which is not detected to pass has risk, warning information is sent to a manager of a client side corresponding to the intranet request which is not detected to pass.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011411761.8A CN114650150B (en) | 2020-12-02 | 2020-12-02 | Oilfield network communication system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011411761.8A CN114650150B (en) | 2020-12-02 | 2020-12-02 | Oilfield network communication system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114650150A true CN114650150A (en) | 2022-06-21 |
| CN114650150B CN114650150B (en) | 2024-05-28 |
Family
ID=81990597
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011411761.8A Active CN114650150B (en) | 2020-12-02 | 2020-12-02 | Oilfield network communication system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114650150B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6519568B1 (en) * | 1999-06-15 | 2003-02-11 | Schlumberger Technology Corporation | System and method for electronic data delivery |
| CN101917489A (en) * | 2010-08-26 | 2010-12-15 | 中国石油集团川庆钻探工程有限公司 | Well site information remote transmission and network publishing method |
| CN106056458A (en) * | 2016-05-27 | 2016-10-26 | 中国石油天然气股份有限公司 | Digital oil field comprehensive application system |
| CN107040459A (en) * | 2017-03-27 | 2017-08-11 | 高岩 | A kind of intelligent industrial secure cloud gateway device system and method |
| CN210110004U (en) * | 2018-10-26 | 2020-02-21 | 深圳市欧德克科技有限公司 | Oil field behavior monitoring system based on artificial intelligence |
| CN111435923A (en) * | 2019-01-13 | 2020-07-21 | 强力物联网投资组合2016有限公司 | Method, system, kit and device for monitoring and managing an industrial environment |
-
2020
- 2020-12-02 CN CN202011411761.8A patent/CN114650150B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6519568B1 (en) * | 1999-06-15 | 2003-02-11 | Schlumberger Technology Corporation | System and method for electronic data delivery |
| CN101917489A (en) * | 2010-08-26 | 2010-12-15 | 中国石油集团川庆钻探工程有限公司 | Well site information remote transmission and network publishing method |
| CN106056458A (en) * | 2016-05-27 | 2016-10-26 | 中国石油天然气股份有限公司 | Digital oil field comprehensive application system |
| CN107040459A (en) * | 2017-03-27 | 2017-08-11 | 高岩 | A kind of intelligent industrial secure cloud gateway device system and method |
| CN210110004U (en) * | 2018-10-26 | 2020-02-21 | 深圳市欧德克科技有限公司 | Oil field behavior monitoring system based on artificial intelligence |
| CN111435923A (en) * | 2019-01-13 | 2020-07-21 | 强力物联网投资组合2016有限公司 | Method, system, kit and device for monitoring and managing an industrial environment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114650150B (en) | 2024-05-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110149350B (en) | Network attack event analysis method and device associated with alarm log | |
| US6353385B1 (en) | Method and system for interfacing an intrusion detection system to a central alarm system | |
| SE524963C2 (en) | Node and mobile device for a mobile telecommunications network providing intrusion detection | |
| CN110266670A (en) | A kind of processing method and processing device of terminal network external connection behavior | |
| KR20020062070A (en) | Intrusion Detection System using the Multi-Intrusion Detection Model and Method thereof | |
| CN114125083B (en) | Industrial network distributed data acquisition method and device, electronic equipment and medium | |
| CN114006723B (en) | Network security prediction method, device and system based on threat information | |
| CN112416872A (en) | Cloud platform log management system based on big data | |
| CN112799358A (en) | Industrial control safety defense system | |
| CN113660115B (en) | Alarm-based network security data processing method, device and system | |
| CN112839031A (en) | Industrial control network security protection system and method | |
| CN114189361B (en) | Situation awareness method, device and system for defending threat | |
| CN115941317A (en) | Network security comprehensive analysis and situation awareness platform | |
| CN116939589A (en) | Student internet monitoring system based on campus wireless network | |
| CN106878338B (en) | Telecontrol equipment gateway firewall integrated machine system | |
| Debar et al. | Security information management as an outsourced service | |
| CN114650150A (en) | Oil field network communication system and method | |
| CN114006719B (en) | AI verification method, device and system based on situation awareness | |
| CN113923036B (en) | Block chain information management method and device of continuous immune safety system | |
| CN113660223B (en) | Network security data processing method, device and system based on alarm information | |
| CN115567258A (en) | Network security situation awareness method, system, electronic device and storage medium | |
| CN114301796A (en) | Verification method, device and system for predicting situation awareness | |
| CA3122328A1 (en) | A system for, and a method of creating cybersecurity situational awareness, threat detection and risk detection within the internet-of-things space | |
| CN111740976A (en) | Network security discrimination and study system and method | |
| KR20200054495A (en) | Method for security operation service and apparatus therefor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |