CN115225378A - Cross-regional service processing method, device, equipment and medium - Google Patents
Cross-regional service processing method, device, equipment and medium Download PDFInfo
- Publication number
- CN115225378A CN115225378A CN202210848579.1A CN202210848579A CN115225378A CN 115225378 A CN115225378 A CN 115225378A CN 202210848579 A CN202210848579 A CN 202210848579A CN 115225378 A CN115225378 A CN 115225378A
- Authority
- CN
- China
- Prior art keywords
- service
- certificate
- service request
- area
- processing result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title abstract description 16
- 238000012545 processing Methods 0.000 claims abstract description 130
- 230000004044 response Effects 0.000 claims abstract description 14
- 238000000034 method Methods 0.000 claims description 48
- 230000005540 biological transmission Effects 0.000 claims description 8
- 238000004806 packaging method and process Methods 0.000 claims description 8
- 238000005538 encapsulation Methods 0.000 claims description 2
- 238000006243 chemical reaction Methods 0.000 abstract description 4
- 230000008569 process Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a cross-regional service processing method, a device, equipment and a medium, wherein a cross-regional service request or a processing result can be packaged by using a first certificate and a second certificate, so that the data security of the service request and the processing result is ensured. Moreover, by repackaging the service request by using the first certificate or repackaging the processing result by using the second certificate, the conversion of the cross-regional service request or the processing result can be realized relatively simply, the data security can be ensured, the response speed of providing the service can be improved, and the service requirement can be met.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a medium for processing a cross-regional service.
Background
With the rapid development of computer technology, cross-regional service is provided for users to become a common way of providing services, such as cross-regional financial services. A service provider, such as a bank, can package financial services for interface to service requestors across regions. The service requester can call the interface to realize the financial service.
However, the cross-regional service has a problem of slow response speed, and it is difficult to meet the service requirement.
Disclosure of Invention
In view of this, the present application provides a method, an apparatus, a device, and a medium for processing a cross-regional service, which can improve a response speed of the cross-regional service on the premise of ensuring data security, and meet a requirement of the cross-regional service.
In order to solve the above problems, the technical solution provided by the present application is as follows:
in a first aspect, the present application provides a method for cross-regional service processing, where the method includes:
the method comprises the steps of obtaining a first service request sent by a service requester belonging to a first area, wherein the first service request is used for being processed by a service provider in a second area;
decapsulating the first service request by using a first certificate to obtain a second service request, where the first certificate is a security certificate for transmitting data in the first area;
packaging the second service request by using a second certificate to obtain a third service request, wherein the second certificate is a security certificate of data transmission in the second area;
and sending the third service request to the service provider belonging to the second area so that the service provider of the second area can perform service processing based on the third service request.
In a possible implementation manner, the first certificate is a first secure socket protocol certificate, and the second certificate is a second secure socket protocol certificate.
In one possible implementation, the first service request is generated by the service requestor invoking a service interface, the service interface being encapsulated based on the first certificate.
In a second aspect, the present application provides a cross-regional service processing method, where the method includes:
acquiring a first processing result provided by a service provider in a second area in response to a third service request, wherein the third service request is generated according to a first service request sent by a service requester in a first area;
decapsulating the first processing result by using a second certificate to obtain a second processing result, where the second certificate is a security certificate for transmitting data in the second area;
packaging the second processing result by using a first certificate to obtain a third processing result, wherein the first certificate is a security certificate of data transmission in the first area;
and sending the third processing result to the service requester.
In a possible implementation manner, the first certificate is a first secure socket protocol certificate, and the second certificate is a second secure socket protocol certificate.
In a third aspect, the present application provides a cross-regional service processing apparatus, including:
a first acquisition unit configured to acquire a first service request sent by a service requester belonging to a first area, the first service request being for processing by a service provider in a second area;
a first decapsulating unit, configured to decapsulate the first service request by using a first certificate to obtain a second service request, where the first certificate is a security certificate for transmitting data in the first area;
a first encapsulation unit, configured to encapsulate the second service request with a second certificate to obtain a third service request, where the second certificate is a security certificate of data transmitted in the second area;
and a first sending unit, configured to send the third service request to a service provider belonging to the second area, so that the service provider in the second area performs service processing based on the third service request.
In a possible implementation manner, the first certificate is a first secure socket protocol certificate, and the second certificate is a second secure socket protocol certificate.
In one possible implementation, the first service request is generated by the service requestor invoking a service interface, the service interface being encapsulated based on the first certificate.
In a fourth aspect, the present application provides a cross-regional service processing apparatus, including:
a second obtaining unit configured to obtain a first processing result provided by a service provider of a second area in response to a third service request generated according to a first service request sent by a service requester of the first area;
a second decapsulation unit, configured to decapsulate the first processing result by using a second certificate to obtain a second processing result, where the second certificate is a security certificate for transmitting data in the second area;
a second encapsulating unit, configured to encapsulate the second processing result with a first certificate to obtain a third processing result, where the first certificate is a security certificate of data transmitted in the first area;
a second sending unit, configured to send the third processing result to the service requester.
In a possible implementation manner, the first certificate is a first secure socket protocol certificate, and the second certificate is a second secure socket protocol certificate.
In a fifth aspect, a cross-regional service processing device includes: a processor, a memory, a system bus;
the processor and the memory are connected through the system bus;
the memory is for storing one or more programs, the one or more programs comprising instructions, which when executed by the processor, cause the processor to perform the method of the first aspect described above, or to perform the method of the second aspect described above.
In a sixth aspect, a computer-readable storage medium has instructions stored therein, which when run on a terminal device, cause the terminal device to perform the method of the first aspect or the method of the second aspect.
Therefore, the application has the following beneficial effects:
in the process of initiating a service request by a service requester, a first certificate corresponding to a first area where the service requester is located is used to decapsulate a first service request sent by the service requester, after a second service request is obtained, the second certificate corresponding to a second area where a service provider is located is used to encapsulate the second service request, a third service request is obtained, and finally the third service request is sent to the service provider, so that the service provider can perform service processing on the third service request. In the process of sending the processing result by the service provider, the first processing result sent by the service requester is unpacked by using the second certificate corresponding to the second area where the service provider is located to obtain the second processing result, the second processing result is packaged by using the first certificate corresponding to the first area where the service requester is located to obtain the third processing result, and finally the third processing result is sent to the service requester to realize the service provision for the service requester. Therefore, the cross-regional service request or the processing result can be encapsulated by using the first certificate and the second certificate, and the data security of the service request and the processing result is ensured. Moreover, by repackaging the service request by using the first certificate or repackaging the processing result by using the second certificate, the conversion of the cross-regional service request or the processing result can be realized more conveniently, the response speed of providing the service can be improved while the data security is ensured, and the service requirement can be met.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
Fig. 1 is a schematic diagram of a framework of an exemplary application scenario provided in an embodiment of the present application;
fig. 2 is a schematic flowchart of a cross-regional service processing method according to an embodiment of the present application;
fig. 3 is a schematic flowchart of another cross-regional service processing method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a cross-region service processing apparatus according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of another cross-regional service processing apparatus according to an embodiment of the present disclosure.
Detailed Description
In order to facilitate understanding and explaining the technical solutions provided by the embodiments of the present application, the following description will first describe the background art of the present application.
For the cross-regional service, the problem of data insecurity, such as data leakage or data tampering, may occur during cross-regional transmission of data. In order to ensure data security, the cross-regional service generally uses an MQ (Message Queue) interactive mode to transmit service data, and the service data is firstly stored in a DMZ (segregated Zone), and then the service data is read from the DMZ for service processing. The DMZ is forwarded after landing, so that the response speed of the provided service is low, the requirement of synchronous communication is difficult to realize, and the service requirement cannot be met.
Based on this, in a process of initiating a service request by a service requester, a first certificate corresponding to a first area where the service requester is located is used to decapsulate a first service request sent by the service requester, after a second service request is obtained, the second service request is encapsulated by a second certificate corresponding to a second area where a service provider is located, a third service request is obtained, and finally, the third service request is sent to the service provider, so that the service provider performs service processing on the third service request. In the process of sending the processing result by the service provider, the first processing result sent by the service requester is unpacked by using the second certificate corresponding to the second area where the service provider is located to obtain the second processing result, the second processing result is packaged by using the first certificate corresponding to the first area where the service requester is located to obtain the third processing result, and finally the third processing result is sent to the service requester to realize the service provision for the service requester. Therefore, the service request or the processing result across the regions can be packaged by using the first certificate and the second certificate, and the data security of the service request and the processing result is ensured. Moreover, by repackaging the service request by using the first certificate or repackaging the processing result by using the second certificate, the conversion of the cross-regional service request or the processing result can be realized relatively simply, the data security can be ensured, the response speed of providing the service can be improved, and the service requirement can be met.
To facilitate understanding of the cross-regional service processing method provided in the embodiment of the present application, the following description is made with reference to a scenario example shown in fig. 1. Referring to fig. 1, the drawing is a schematic diagram of a framework of an exemplary application scenario provided in an embodiment of the present application.
In actual application, service data needs to be transmitted across areas between the service requester 101 belonging to the first area and the service provider 102 belonging to the second area. The service requester 101 sends a first service request to the service provider 102. In order to ensure the security of the service data, the first service request is packaged by using the first certificate. Wherein the first certificate corresponds to the first region. The first certificate is a security certificate for transferring data within the first area. The DMZ is used for forwarding service data across regions. After receiving the first service request sent by the service requester 101, the DMZ proxy server 103 decapsulates the first service request by using the first certificate to obtain a second service request. The DMZ proxy server 103 encapsulates the second service request by using the second certificate to obtain a third service request. Wherein the second certificate is a security certificate for transmitting data in the second area. The DMZ proxy server 103 sends a third service request to the service provider 102. The service provider 102 can complete the service processing based on the third service request, and obtain a processing result. The service provider 102 encapsulates the obtained processing result with the second certificate to obtain the first processing result. The service provider 102 transmits the first processing result to the DMZ proxy server 103. The DMZ proxy server 103 decapsulates the first processing result by using the second certificate to obtain a second processing result. The DMZ proxy server 103 encapsulates the second processing result by using the first certificate, and obtains a third processing result. The DMZ proxy server 103 transmits the third processing result to the service requester 101. The service requester 101 obtains the third processing result to complete the service.
Those skilled in the art will appreciate that the block diagram shown in fig. 1 is only one example in which embodiments of the present application may be implemented. The scope of applicability of the embodiments of the present application is not limited in any way by this framework.
In order to facilitate understanding of the technical solutions provided in the embodiments of the present application, a cross-regional service processing method provided in the embodiments of the present application is described below with reference to the accompanying drawings.
Referring to fig. 2, the figure is a schematic flowchart of a cross-regional service processing method according to an embodiment of the present application. As shown in fig. 2, a method for processing a cross-regional service provided in an embodiment of the present application includes S201 to S204.
First, it should be noted that the cross-regional service processing method provided in the embodiment of the present application can be applied to a device or an apparatus having a function of forwarding cross-regional service data. Such as the DMZ proxy server in the scenario shown in fig. 1.
S201: a first service request sent by a service requester belonging to a first area is obtained.
The first region and the second region are different regions. The embodiment of the present application does not limit the division manner of the regions. In one possible implementation, the regions may be divided based on geographic regions, such as dividing the regions according to the extent of land. In another possible implementation, the regions may be divided based on administrative regions, such as according to provinces. In yet another possible implementation, the zones may be partitioned based on the service scope of the service provider partitions.
The service requestor is the party that initiates the service request. The service requester belongs to a first area. The service requester may for example be a user belonging to the first area. The embodiment of the present application does not limit the kind of the user, and the user may be, for example, an individual or an organization.
The first service request requires a service handling by a service provider belonging to the second area. In one possible implementation, the first service request is generated by a service interface provided by a service provider. In another possible implementation, the first service request includes information about the service provider. Based on the relevant information including the service provider, it can be determined that the first service request needs to be transmitted to the service provider.
The embodiment of the present application does not limit the generation manner of the first service request. In one possible implementation, a service requestor generates a first service request. As an example, a user belonging to the first area may generate the first service request through the server. The service requester sends the first service request to the service provider after generating the first service request. An apparatus or device having a function of forwarding cross-regional service data can acquire a first service request transmitted from a service requester to a service provider.
In another possible implementation manner, the service requester obtains the first service request generated by the other service requesters. The service requester forwards the first service request to the service provider. An apparatus or device having a function of forwarding cross-regional service data can acquire a first service request transmitted from a service requester to a service provider.
S202: and unsealing the first service request by adopting the first certificate to obtain a second service request.
The first service request is transmitted within the first region. To secure the data of the first service request, the first service request is encapsulated with a first certificate. As an example, the first service request is generated by a service requestor invoking a service interface provided by a service provider. The service interface is encapsulated based on the first certificate. The first certificate is a security certificate for transferring data within the first area. As an example, the first certificate is a first secure socket protocol certificate.
After the first service request is obtained, the first certificate is utilized to decapsulate the first service request to obtain an unpackaged service request, that is, a second service request.
S203: and packaging the second service request by using a second certificate to obtain a third service request.
And after the second service request is obtained, packaging the second service request by using the second certificate. The second certificate is a security certificate for transferring data within the second area. As an example, the second certificate is a second secure socket protocol certificate. And the second certificate is utilized to encapsulate the second service request, so that the transmission security of the obtained third service request in the second area can be improved.
S204: and sending the third service request to the service provider belonging to the second area so that the service provider of the second area can perform service processing based on the third service request.
And after the third service request is obtained, sending the third service request to the service provider. And after the service provider obtains the third service request, the service provider can complete the service processing corresponding to the third service request.
Based on the related contents of the above S201-S204, by repackaging the service request using the first certificate, the conversion of the cross-regional service request can be easily realized on the premise of ensuring data security, and it is not necessary to store and forward the service request in the DMZ, so that the response speed of providing the service can be increased, and the service requirement can be satisfied.
The cross-regional service processing method described in the above embodiment is applied to a scenario of a process in which a service requester transmits a service request to a service provider. After the service provider processes the service request and obtains a processing result, in some possible implementations, the service provider further needs to send the processing result to the service requester.
The embodiment of the application provides a cross-regional service processing method applied to the process of transmitting a service request to a service requester by a service provider. Referring to fig. 3, this figure is a schematic flowchart of another cross-regional service processing method provided in this embodiment of the present application. As shown in fig. 3, a method for processing a cross-regional service provided by the embodiment of the present application includes S301 to S304.
First, it should be noted that the cross-regional service processing method provided in the embodiment of the present application can be applied to a device or an apparatus having a function of forwarding cross-regional service data. Such as the DMZ proxy server in the scenario shown in fig. 1.
S301: and acquiring a first processing result provided by the service provider of the second area in response to the third service request.
And after the service provider belonging to the second area acquires the third service request generated by the service requester in the first area, performing service processing based on the third service request to obtain a first processing result.
The first processing result is transmitted within the second area. In order to secure the data of the first processing result, the first processing result is encapsulated with the second certificate. As an example, the first processing result is encapsulated by the service provider with the second certificate. The second certificate is a security certificate for transferring data within the second area. As an example, the second certificate is a second secure socket protocol certificate.
The third service request is generated according to the first service request sent by the service requester in the first area. In one possible implementation, the first service request may be generated by a service requestor. As an example, the first service request may be generated by a service requestor invoking a service interface provided by a service provider. In another possible implementation, the first service request may be forwarded by a service requestor. The service provider transmits the first processing result generated in response to the third service request to the service requester. The device or apparatus having the function of forwarding the cross-regional service data can acquire the first processing result transmitted to the service requester by the service provider.
S302: and unsealing the first processing result by using a second certificate to obtain a second processing result.
After the first processing result is obtained, the first processing result is unpackaged by using the second certificate to obtain an unpackaged processing result, namely a second processing result.
S303: and packaging the second processing result by using the first certificate to obtain a third processing result.
And after the second processing result is obtained, packaging the second processing result by using the first certificate. The first certificate is a security certificate for transferring data within the first area. As an example, the first certificate is a first secure socket protocol certificate. The second processing result is packaged by the first certificate, so that the transmission safety of the obtained third processing result in the first area can be improved.
S304: and sending the third processing result to the service requester.
And after the encapsulated third processing result is obtained, sending the third processing result to the service requester. In one possible implementation, the first service request is generated by a service requestor. And the service requester can determine a service result based on the obtained third processing result to complete the service. In another possible implementation, the first service request may be forwarded by a service requestor. And the service requester forwards the acquired third processing result to the requester sending the first service request.
Based on the method for processing the cross-regional service provided by the foregoing method embodiment, an embodiment of the present application further provides a cross-regional service processing apparatus, which will be described below with reference to the accompanying drawings.
Referring to fig. 4, this figure is a schematic structural diagram of a cross-region service processing apparatus according to an embodiment of the present application. As shown in fig. 4, the cross-regional service processing apparatus includes:
a first obtaining unit 401, configured to obtain a first service request sent by a service requester belonging to a first area, where the first service request is used to be processed by a service provider in a second area;
a first decapsulating unit 402, configured to decapsulate the first service request by using a first certificate to obtain a second service request, where the first certificate is a security certificate for transmitting data in the first area;
a first encapsulating unit 403, configured to encapsulate the second service request with a second certificate, to obtain a third service request, where the second certificate is a security certificate of data transmitted in the second area;
a first sending unit 404, configured to send the third service request to a service provider belonging to the second area, so that the service provider in the second area performs service processing based on the third service request.
In a possible implementation manner, the first certificate is a first secure socket protocol certificate, and the second certificate is a second secure socket protocol certificate.
In one possible implementation, the first service request is generated by the service requestor invoking a service interface, and the service interface is encapsulated based on the first certificate.
Based on the method for processing the cross-regional service provided by the foregoing method embodiment, an embodiment of the present application further provides a cross-regional service processing apparatus, which will be described below with reference to the accompanying drawings.
Referring to fig. 5, this figure is a schematic structural diagram of another cross-region service processing apparatus provided in this embodiment of the present application. As shown in fig. 5, the cross-regional service processing apparatus includes:
a second obtaining unit 501, configured to obtain a first processing result provided by a service provider in a second area in response to a third service request, where the third service request is generated according to a first service request sent by a service requester in a first area;
a second decapsulating unit 502, configured to decapsulate the first processing result by using a second certificate to obtain a second processing result, where the second certificate is a security certificate for transmitting data in the second area;
a second encapsulating unit 503, configured to encapsulate the second processing result with a first certificate, so as to obtain a third processing result, where the first certificate is a security certificate of data transmitted in the first area;
a second sending unit 504, configured to send the third processing result to the service requester.
In a possible implementation manner, the first certificate is a first secure socket protocol certificate, and the second certificate is a second secure socket protocol certificate.
Based on the method for processing the cross-regional service provided by the embodiment of the method, the application provides a cross-regional service processing device, which comprises the following steps: a processor, a memory, a system bus;
the processor and the memory are connected through the system bus;
the memory is configured to store one or more programs, the one or more programs comprising instructions, which when executed by the processor, cause the processor to perform the cross-region service processing method of any of the above embodiments.
Based on the method for processing a cross-regional service provided in the foregoing method embodiment, the present application provides a computer-readable storage medium, where an instruction is stored, and when the instruction runs on a terminal device, the terminal device is enabled to execute the cross-regional service processing method in any foregoing embodiment.
It should be noted that, in the present specification, the embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the system or the device disclosed by the embodiment, the description is simple because the system or the device corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
It should be understood that in the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" for describing an association relationship of associated objects, indicating that there may be three relationships, e.g., "a and/or B" may indicate: only A, only B and both A and B are present, wherein A and B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of single item(s) or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for handling cross-regional service, the method comprising:
the method comprises the steps of obtaining a first service request sent by a service requester belonging to a first area, wherein the first service request is used for being processed by a service provider in a second area;
decapsulating the first service request by using a first certificate to obtain a second service request, where the first certificate is a security certificate for transmitting data in the first area;
packaging the second service request by using a second certificate to obtain a third service request, wherein the second certificate is a security certificate of data transmission in the second area;
and sending the third service request to the service provider belonging to the second area so that the service provider of the second area can perform service processing based on the third service request.
2. The method of claim 1, wherein the first certificate is a first secure socket protocol certificate and the second certificate is a second secure socket protocol certificate.
3. The method of claim 1, wherein the first service request is generated by the service requestor invoking a service interface, and wherein the service interface is encapsulated based on the first certificate.
4. A method for cross-regional service processing, the method comprising:
acquiring a first processing result provided by a service provider in a second area in response to a third service request, wherein the third service request is generated according to a first service request sent by a service requester in a first area;
unsealing the first processing result by using a second certificate to obtain a second processing result, wherein the second certificate is a security certificate of data transmission in the second area;
packaging the second processing result by using a first certificate to obtain a third processing result, wherein the first certificate is a security certificate of data transmission in the first area;
and sending the third processing result to the service requester.
5. The method of claim 4, wherein the first certificate is a first secure socket protocol certificate and the second certificate is a second secure socket protocol certificate.
6. A cross-regional service processing apparatus, the apparatus comprising:
a first acquisition unit configured to acquire a first service request sent by a service requester belonging to a first area, the first service request being for processing by a service provider in a second area;
a first decapsulating unit, configured to decapsulate the first service request by using a first certificate to obtain a second service request, where the first certificate is a security certificate for transmitting data in the first area;
a first encapsulation unit, configured to encapsulate the second service request with a second certificate to obtain a third service request, where the second certificate is a security certificate of data transmitted in the second area;
and the first sending unit is used for sending the third service request to the service provider belonging to the second area so that the service provider in the second area can perform service processing based on the third service request.
7. The apparatus of claim 6, wherein the first certificate is a first secure socket protocol certificate and the second certificate is a second secure socket protocol certificate.
8. A cross-regional service processing apparatus, the apparatus comprising:
a second obtaining unit configured to obtain a first processing result provided by a service provider of a second area in response to a third service request generated according to a first service request sent by a service requester of the first area;
a second decapsulation unit, configured to decapsulate the first processing result by using a second certificate to obtain a second processing result, where the second certificate is a security certificate for transmitting data in the second area;
a second encapsulating unit, configured to encapsulate the second processing result with a first certificate to obtain a third processing result, where the first certificate is a security certificate of data transmitted in the first area;
a second sending unit, configured to send the third processing result to the service requester.
9. A cross-regional service processing device, comprising: a processor, a memory, a system bus;
the processor and the memory are connected through the system bus;
the memory is for storing one or more programs, the one or more programs comprising instructions, which when executed by the processor, cause the processor to perform the method of any of claims 1-3 or to perform the method of claim 4 or 5.
10. A computer-readable storage medium having stored therein instructions that, when run on a terminal device, cause the terminal device to perform the method of any one of claims 1-3, or to perform the method of claim 4 or 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210848579.1A CN115225378A (en) | 2022-07-19 | 2022-07-19 | Cross-regional service processing method, device, equipment and medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210848579.1A CN115225378A (en) | 2022-07-19 | 2022-07-19 | Cross-regional service processing method, device, equipment and medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115225378A true CN115225378A (en) | 2022-10-21 |
Family
ID=83611863
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210848579.1A Pending CN115225378A (en) | 2022-07-19 | 2022-07-19 | Cross-regional service processing method, device, equipment and medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115225378A (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105359486A (en) * | 2013-05-03 | 2016-02-24 | 思杰系统有限公司 | Secured access to resources using a proxy |
CN113364795A (en) * | 2021-06-18 | 2021-09-07 | 北京天空卫士网络安全技术有限公司 | Data transmission method and proxy server |
-
2022
- 2022-07-19 CN CN202210848579.1A patent/CN115225378A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105359486A (en) * | 2013-05-03 | 2016-02-24 | 思杰系统有限公司 | Secured access to resources using a proxy |
CN113364795A (en) * | 2021-06-18 | 2021-09-07 | 北京天空卫士网络安全技术有限公司 | Data transmission method and proxy server |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11272036B2 (en) | API hybrid multi-tenant routing method and system, and API gateway | |
US10965772B2 (en) | Interface invocation method and apparatus for hybrid cloud | |
CN110022289B (en) | Data transmission method, device and system | |
CN102685203B (en) | The method and apparatus of transmitting data resources | |
CN110009494B (en) | Method and device for monitoring transaction content in block chain | |
US20170054640A1 (en) | Device and method for establishing connection in load-balancing system | |
RU2013114721A (en) | DYNAMIC ACCOUNT CREATION IN A PROTECTED NETWORK WITH A WIRELESS ACCESS POINT | |
CN108965311A (en) | Encryption of communicated data method and apparatus | |
CN109766195A (en) | The method and Related product of loss of data in supervisory messages queue | |
CN112055078B (en) | Data transmission method, device, computer equipment and storage medium | |
CN107979520B (en) | Message processing method and message processing device | |
CN107222545B (en) | Data transmission method and device | |
CN115913790B (en) | Data transmission method based on privacy computing network, electronic equipment and storage medium | |
CN109343975B (en) | Method and apparatus for inter-page asynchronous communication | |
US10313230B1 (en) | System and method for unmarshalled routing | |
CN106357654B (en) | Remote procedure calling method, device and communication system | |
CN107979627A (en) | A kind of processing method and processing device of network request | |
CN112015383A (en) | Login method and device | |
US9608965B2 (en) | Secure network request anonymization | |
CN106028320A (en) | Data security transmission method, terminal and server | |
US9762535B2 (en) | Information processing apparatus, system, method and medium | |
CN113055348B (en) | Cross-platform data request method and device and electronic equipment | |
CN115225378A (en) | Cross-regional service processing method, device, equipment and medium | |
CN110022332B (en) | Hypertext transfer security protocol proxy method, device, equipment and medium | |
US20100138650A1 (en) | Secure communication system, gateway apparatus and its operating method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |