CN115242422A - Data intercommunication processing method and device and information management system - Google Patents

Data intercommunication processing method and device and information management system Download PDF

Info

Publication number
CN115242422A
CN115242422A CN202210535944.3A CN202210535944A CN115242422A CN 115242422 A CN115242422 A CN 115242422A CN 202210535944 A CN202210535944 A CN 202210535944A CN 115242422 A CN115242422 A CN 115242422A
Authority
CN
China
Prior art keywords
network environment
target
data
file
target file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210535944.3A
Other languages
Chinese (zh)
Other versions
CN115242422B (en
Inventor
梁伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba China Co Ltd
Original Assignee
Alibaba China Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba China Co Ltd filed Critical Alibaba China Co Ltd
Priority to CN202210535944.3A priority Critical patent/CN115242422B/en
Publication of CN115242422A publication Critical patent/CN115242422A/en
Application granted granted Critical
Publication of CN115242422B publication Critical patent/CN115242422B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/03Protocol definition or specification 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The embodiment of the application discloses a data intercommunication processing method, a device and an information management system, wherein the information management system comprises: a first information management subsystem operating in a first network environment, and a second information management subsystem operating in a second network environment; the first network environment and the second network environment are isolated through hardware equipment; target file sharing systems are deployed in the first network environment and the second network environment; the first network environment and the second network environment are also provided with data intercommunication service terminals which are used for converting target data into target files after the target data which needs to be interacted across the network environments are generated, and uploading the target files to the target file system; and receiving the target file through the target file sharing system on a receiving side. By the embodiment of the application, the intercommunication of the internal and external network data can be realized more efficiently.

Description

Data intercommunication processing method and device and information management system
Technical Field
The present application relates to the field of information processing technologies in cross-network environments, and in particular, to a data interworking processing method and apparatus, and an information management system.
Background
With the popularization and application of information technology, the informatization work of some organizations has the characteristics of high development speed, wide coverage range, high updating and upgrading speed and high working efficiency, and the strengthening of informatization construction not only can improve the modernized office level and enhance resource sharing, but also can provide powerful technical support for the construction of an organization management system.
In the course of an informatization construction, an organization may need to cooperate with a third party's technology developer. However, since some sensitive information is often involved inside an organization system, an internal private network (referred to as an intranet) is usually deployed, and the intranet and an external network (also referred to as a public network) are separated by a device such as a physical isolation gatekeeper. For example, in an organizational system, computers that process internally sensitive information operate as independent private networks, are physically isolated from extranet networks that process other non-sensitive data, and so on. The private network operation mode ensures the information security and confidentiality to the maximum extent and brings a series of problems and inconvenience for information-based construction projects cooperating with third parties.
For example, an organization often has an online distribution demand for some products to be auctioned, and for this demand, an information management system is constructed together with a developer of a product information service system. The information management system may operate partially on the intranet and partially on the extranet, and there may be a need to communicate data between the two parts, for example, a product to be auctioned generated by the intranet part of the information management system, a product to be sent to the extranet part for shelving processing, and so on. However, the existence of a physically isolated gatekeeper device in the intranet makes internet technology unable to directly provide the above services to the organization.
In the prior art, in order to implement data intercommunication between the internal network and the external network, special approval is usually performed on relevant departments, and after approval is passed, physical gatekeeper equipment can be opened to implement data intercommunication between the internal network and the external network. However, such an approval process may be complicated and may be inefficient to implement.
Therefore, how to more efficiently implement inter-and extranet data intercommunication becomes a technical problem to be solved by those skilled in the art.
Disclosure of Invention
The application provides a data intercommunication processing method, a data intercommunication processing device and an information management system, which can realize data intercommunication between an internal network and an external network more efficiently.
The application provides the following scheme:
an information-based management system for managing a plurality of information sources,
the information management system includes: a first information management subsystem operating in a first network environment, and a second information management subsystem operating in a second network environment; the first network environment and the second network environment are isolated through hardware equipment;
target file sharing systems are deployed in the first network environment and the second network environment, and the target file systems are: the file sharing system which is isolated and can realize intercommunication between the first network environment and the second network environment is opened;
data intercommunication service terminals are also deployed in the first network environment and the second network environment;
the data intercommunication service end is used for converting target data into a target file after one of the first information management subsystem or the second information management subsystem generates the target data which needs to be interacted with a cross-network environment, and uploading the target file to the target file system; and on the receiving side, receiving the target file through the target file sharing system, analyzing the target file through the protocol, and reducing the target file into the target data so as to provide the target data for the other one of the first information management subsystem or the second information management subsystem to process.
A data intercommunication processing method comprises the following steps:
determining target data required to be interacted between a first network environment and a second network environment across the network environments; the first network environment and the second network environment are isolated through hardware equipment;
converting the target data into a target file according to a preset protocol;
uploading the target file to a target file sharing system, wherein the target file sharing system is as follows: the file sharing system which is isolated and can realize intercommunication between the first network environment and the second network environment is opened, so that the target file is received by monitoring the target file sharing system at a receiving side, and the target file is analyzed and restored into the target data through the protocol.
Wherein the converting the target data into the target file according to the preset protocol includes:
and generating the file name of the target file according to a file naming rule configured in the protocol.
The file name comprises a network environment identifier for executing uploading operation, so that when a receiving side monitors that a new file is generated in the file sharing system, whether the file is uploaded in the current network environment or the other network environment is judged according to the network environment identifier in the file name, and whether downloading processing is carried out is determined according to a judgment result.
And the file name comprises data number information so that a receiving side can utilize the data number information to carry out integrity check on the restored data after restoring the target file into the target data.
And the file name comprises a data type identifier so that a receiving side can provide the target file to a corresponding module for processing according to the data type identifier after restoring the target file into the target data.
Wherein the uploading the target file to a target file sharing system comprises:
uploading the target file to a target file sharing system through a target account so as to receive the target file in a manner of detecting the target file sharing system through the target account;
the target account is an account which is registered in the target file sharing system in advance.
Wherein the target data comprises: target data which is generated by one of a first information management subsystem running in the first network environment or a second information management subsystem running in the second network environment and needs to be interacted across the network environment.
Wherein the target data comprises: commodity information needing to be interacted between a first network environment and a second network environment across the network environment and/or various information generated on information publishing and trading links.
Wherein the target data comprises: message or instruction type data is needed for interaction across network environments between a first network environment and a second network environment.
A data interworking method includes:
detecting a target file sharing system, wherein the target file system breaks through isolation formed by hardware equipment between a first network environment and a second network environment so as to realize intercommunication between the first network environment and the second network environment;
if a newly added target file appears in the target file sharing system, downloading the target file from the target file sharing system, wherein the target file is generated by converting target data which needs to be interacted between a first network environment and a second network environment in a cross-network environment according to a preset protocol and is stored in the target file sharing system;
and analyzing the target file through the protocol and then restoring the target file into the target data so as to process the target data.
A data interworking processing apparatus, comprising:
the target data determining unit is used for determining target data needing to be interacted between a first network environment and a second network environment across the network environments; the first network environment and the second network environment are isolated through hardware equipment;
the file conversion unit is used for converting the target data into a target file according to a preset protocol;
a file uploading unit, configured to upload the target file to a target file sharing system, where the target file sharing system is: the file sharing system which is isolated and can realize intercommunication between the first network environment and the second network environment is opened, so that the target file is received by a receiving side in a mode of detecting the target file sharing system, and the target file is analyzed through the protocol and then is restored into the target data.
A data interworking apparatus, comprising:
the system comprises a detection unit, a processing unit and a processing unit, wherein the detection unit is used for detecting a target file sharing system, and the target file system opens up the isolation formed by hardware equipment between a first network environment and a second network environment so as to realize the intercommunication between the first network environment and the second network environment;
a file obtaining unit, configured to download and obtain the target file from the target file sharing system if a newly added target file occurs in the target file sharing system, where the target file is generated after converting target data that needs to be interacted between a first network environment and a second network environment in a cross-network environment according to a preset protocol, and is stored in the target file sharing system;
and the data conversion unit is used for analyzing the target file through the protocol and then reducing the target file into the target data so as to process the target data.
A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method of any of the preceding claims.
An electronic device, comprising:
one or more processors; and
a memory associated with the one or more processors for storing program instructions that, when read and executed by the one or more processors, perform the steps of the method of any of the preceding claims.
According to the specific embodiments provided by the application, the application discloses the following technical effects:
by the embodiment of the application, for the cross-network environment information management system, under the condition that the first network environment is isolated from the second network environment through hardware equipment, if the target file sharing system is deployed in the first network environment and the second network environment and the target file sharing system already breaks through the isolation between the networks, the intercommunication between the first network environment and the second network environment can be realized, and a data intercommunication service end can be provided in the first network environment and the second network environment. On the sending side, the data intercommunication service end can convert the target data into a target file according to a certain protocol, and then the target file is uploaded to a target file sharing system. And the data intercommunication server at the receiving side can receive the target file in a mode of monitoring the target file sharing system, and restore the target file into target data after analyzing the target file through the protocol. Therefore, the internal and external network intercommunication capability of the file sharing system can be endowed to the information management system of the cross-network environment, so that the data intercommunication of the information management system between the internal and external networks is realized under the condition of not requiring additional approval.
Of course, it is not necessary for any product to achieve all of the above-described advantages at the same time for practicing the present application.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a schematic diagram of an information management system provided by an embodiment of the present application;
FIG. 2 is a flow chart of a first method provided by an embodiment of the present application;
FIG. 3 is a flow chart of a second method provided by embodiments of the present application;
FIG. 4 is a schematic diagram of a first apparatus provided by an embodiment of the present application;
FIG. 5 is a schematic diagram of a second apparatus provided by an embodiment of the present application;
fig. 6 is a schematic diagram of an electronic device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described clearly and completely with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only some embodiments of the present application, and not all embodiments. All other embodiments that can be derived from the embodiments given herein by a person of ordinary skill in the art are intended to be within the scope of the present disclosure.
In the embodiment of the application, for the information management system operating in a cross-network environment, in order to avoid the intercommunication of internal and external network data by additionally carrying out an internal and external network communication examination and approval mode, a new solution is provided. Specifically, in the process of implementing the present application, the inventor of the present application finds that a file sharing system may be deployed inside some organizations to meet the requirement of remote office work such as personnel in the organizations, where the file sharing system may be a software product similar to a "cloud disk" or a "network disk", but different from a common "cloud disk" or a "network disk", the file sharing system may be accessed through an external network (i.e., the internet, a public network) or an internal network of the organizations (while the common "cloud disk" or "network disk" may only be accessed through the external network). This is because, when a specific file sharing system is deployed, isolation between the internal and external networks is already opened, and interworking between the internal and external networks can be achieved. Thus, if a user in an organization needs to be able to process some files after going home from work or going out to a foreign place, the specific files can be uploaded to the file sharing system in the intranet, and after going home or going out to a foreign place, the user can log in the file sharing system to view the specific files, and can download the files to the local for viewing, and the like.
That is, the above-mentioned file sharing system capable of implementing interworking between intranet and extranet may have been deployed in an intranet environment of an organization, but in the prior art, such a file sharing system is generally provided for users to use in a scene of working at a different place, etc. In the embodiment of the present application, inter-network and inter-network data intercommunication of an information management system across a network environment can be realized by means of the file sharing system. Specifically, the file sharing system can be deployed in an external network environment where the specific information management system is located, so that the internal and external network intercommunication capability of the file sharing system can be endowed to the information management system in the cross-network environment, and the data intercommunication between the internal and external networks can be realized without additionally examining and approving the information management system. Meanwhile, in the information management system in the cross-network environment, data to be transmitted from the internal network to the external network, including information of a commodity to be auctioned, is not sensitive or confidential information in general, and therefore, data that can be transmitted to the external network is determined after permission of an organization in general, and thus, there is no problem in data security.
The following describes in detail specific implementations provided in embodiments of the present application.
Example one
First, the first embodiment provides an information management system, referring to fig. 1, which may include: a first information management subsystem 101 operating in a first network environment, and a second information management subsystem 102 operating in a second network environment; the first network environment and the second network environment are isolated through hardware equipment;
a target file sharing system 103 is deployed between the first network environment and the second network environment, where the target file system is: the file sharing system which is isolated and can realize intercommunication between the first network environment and the second network environment is opened;
a data intercommunication service end 104 is also deployed in the first network environment and the second network environment;
the data interworking server 104 is configured to, after target data that needs to be interacted across a network environment is generated by one of the first information management subsystem or the second information management subsystem, convert the target data into a target file, and upload the target file to the target file system; and on the receiving side, receiving the target file through the target file sharing system, analyzing the target file through the protocol, and reducing the target file into the target data so as to provide the target data for the other one of the first information management subsystem or the second information management subsystem to process.
The first network environment and the second network environment may be an intranet and an extranet (i.e., the internet, the public network, etc.) inside the organization, and may be isolated from each other by devices such as a gatekeeper. Among them, the so-called gatekeeper is called a security isolation gatekeeper. The safety isolation network gate is a network safety device which is provided with a plurality of control functions and special hardware to cut off link layer connection between networks on a circuit and can exchange application data with proper safety between the networks. That is, after the gatekeeper device is deployed, physical data isolation can be formed between internal and external networks, and in addition, the use of a wireless network and the use of any network device for data transmission are not allowed in a specific organization.
For an information management system across network environments, the information management system needs to be divided into two parts, including a first information management subsystem operating in a first network environment and a second information management subsystem operating in a second network environment. In addition, in a specific operation process, data interaction is often required between the first information management subsystem and the second information management subsystem. Therefore, in the embodiment of the present application, the specific target data that needs to be interacted between the first network environment and the second network environment across the network environments may include: target data which is generated by one of a first information management subsystem running in the first network environment or a second information management subsystem running in the second network environment and needs to be interacted across the network environment.
For example, assuming that the first network environment is an intranet environment of an organization, and correspondingly, the second network environment is an extranet environment, the specific information management system may be a system related to an intelligent "auction", that is, the first information management subsystem may collect information of a product that needs to participate in the "auction" and then send the information to the second information management subsystem, and the second information management subsystem may issue the product in the associated product information service system. Then, in the link of specific information distribution, transaction, etc. of the goods information service system, some information may be generated, including information of the buyer user, order information, logistics information, etc., and may need to be transmitted back to the first information management subsystem through the second information management subsystem, so as to enable the organization side to confirm the buying qualification of the buyer user, confirm the order information, etc. In addition, some message, instruction and other types of data may need to be interacted between the first information management subsystem and the second information management subsystem. Such as a message confirming the buyer user's purchase eligibility, etc. In summary, in the process of informatization management, data intercommunication between the first informatization management subsystem and the second informatization management subsystem needs to be realized. However, since the first information management subsystem and the second information management subsystem operate in the first network environment and the second network environment respectively, and physical devices such as a gatekeeper exist between the first network environment and the second network environment for isolation, in the prior art, if data intercommunication between the first information management subsystem and the second information management subsystem is to be implemented, a layer-by-layer approval needs to be performed on related departments to obtain permission to access the gatekeeper device. However, the approval process is complicated, and may wait for a long time, or even fail to approve.
In order to avoid the approval process, in the embodiment of the present application, the intra-and-extranet data intercommunication capability of the file sharing system deployed in the internal network environment of the organization is given to the information management system in the cross-network environment, so that the intra-and extranet data intercommunication in the information management system is realized. The file sharing system is provided with a gateway and other devices in advance, so that the intercommunication between the internal network and the external network (namely, between the first network environment and the second network environment) can be realized, namely, the file can be uploaded from the internal network environment and accessed or downloaded in the external network environment, or the file can be uploaded from the external network environment and accessed or downloaded in the internal network environment, and the like. Therefore, in order to achieve the above object, in the embodiment of the present application, first, a file sharing system that is the same as that in an intranet environment may be deployed in an extranet environment where an information management system is located, that is, assuming that a certain software is installed in the intranet environment where a first information management subsystem is deployed to implement the above file sharing system, the software may also be installed in the extranet environment where a second information management subsystem is deployed to implement data intercommunication between the first information management subsystem and the second information management subsystem.
However, in the prior art, the user in the organization needs to manually upload the specific file to the file sharing system and manually download the file, but in the application scenario of the information management system in the cross-network environment, in order to take advantage of the informatization, the information management system can automatically trigger the specific file uploading and downloading processes. However, in an information management system, information processing is generally performed in a data dimension, and a file sharing system performs information processing in a file dimension. For example, a plurality of pieces of commodity information to be distributed to an external network may be generated in an information management system in an organization, and the data cannot be directly saved in a file sharing system (the file sharing system can only store information in units of files).
Therefore, in the embodiment of the present application, a data interworking server may be further provided in the first network environment and the second network environment, where the data interworking server is configured to convert data, which needs to interact across the network environment and is generated in the specific first information management subsystem or the specific second information management subsystem, into a file according to a certain protocol, and then upload the file to the specific file sharing system. In addition, for a receiving side (when one of the first information management subsystem or the second information management subsystem generates specific data and then becomes a sending side, the other side becomes a receiving side, and specifically, the identities of the sending side and the receiving side can be interchanged), whether the file in the file sharing system is updated or not can be judged by detecting the file sharing system in real time or at regular time, if the file is updated, whether the updated file is from the current network environment or the network environment of the other side can be judged, if the updated file is the network environment of the other side, the corresponding file can be downloaded, and then the corresponding file is converted into data according to a corresponding protocol, and then the specific information management system processes the data.
Specifically, for a specific data interworking server, several capabilities such as data analysis, data upload/download, monitoring, and the like can be mainly realized in a script manner. The target data to be uploaded can be converted into a file through the data analysis module, and the file downloaded from the file sharing system can be converted back to the original data. The data uploading/downloading module can be used for uploading or downloading a specific file to the file sharing system, and the monitoring module is mainly used for monitoring whether the file sharing system generates a new file.
In order to realize the conversion from data to file and from file to data, a specific conversion protocol may be pre-established, so that the specific data analysis module may convert the target data to be interacted into a file in the preset protocol, and then may restore the file downloaded from the file sharing system into specific data according to the protocol.
Specifically, in the process of converting data into a file, the generation of a file name and the generation of specific file contents may be involved. It should be noted that, regarding data such as specific target information and order information, specific data field names, data values, etc. may be converted into contents in a file; regarding the types of data such as messages and commands, when converting into files, the specific file content may be null, and the specific message and command may be embodied by the file name.
In addition, since the first network environment and the second network environment are both deployed with data interworking servers, and both the data interworking servers can upload files to the file sharing file system or download files from the file sharing file system, the file sharing file system may have both files uploaded by the first network environment side and files uploaded by the second network environment side. The files uploaded by the user do not need to be downloaded, and only the files uploaded by the other side need to be downloaded. Therefore, when the file name is generated specifically, the network environment identifier that generates specific data may also be added to the file name specifically, and may include, for example, "intranet", "extranet", and so on. Therefore, when monitoring a new file from the file sharing system, the specific data intercommunication service end can determine whether the file is the file uploaded in the network environment where the specific data intercommunication service end is located or not or the file uploaded in the network environment of the other party according to the network environment identifier.
In addition, a specific data type identifier can be included in the file name, so that a receiver can identify a corresponding data type according to the specific file name, and further different data modules can process the data type. For example, "target information", "order information", and the like may be included.
Moreover, specific data number information may be embodied in the file name, that is, in the process of converting the target data into the file, multiple pieces of data may be converted into the same file, and in the process of data intercommunication, data loss and the like may be caused. For example, the file name of a file may be: the intranet [ target information ] [150], that is, the file is known by its filename, the file is uploaded from the intranet, the specific data type is the target information, there are a total of 150 pieces of data, and so on.
After converting the target data into a file, the specific file may be uploaded to the file sharing system by the upload/download module. In a specific implementation, the specific file sharing system may be a private system based on an account, for example, a judge registers an account in the file sharing system and uploads a file to the file sharing system by using the account, so that when downloading the file on the external network, the judge needs to log in the file sharing system through the account in the external network to be able to view the specific file. Therefore, in the embodiment of the present application, in order to implement a specific file uploading/downloading operation, a user inside an organization and the like may apply for an account in the file sharing system in advance, and then provide the account to a developer of the information management system, so that the developer may write the account information into a specific data interworking server. Therefore, whether the file is uploaded or downloaded, the data intercommunication service end can be operated in a state of logging in the file sharing system through the account. For example, if it is necessary to send certain data from the intranet to the extranet, after the data is converted into a file, the file may be uploaded to the file sharing system in a state where the interworking server on the intranet logs in to the file sharing system through a previously applied account. Correspondingly, the interworking server at the external network side can also monitor the file change condition in the file sharing system in the state of logging in the file sharing system through the same account.
In the process of monitoring the file change condition of the file sharing system by the data intercommunication service end, if a new file is found under the current account, it is proved that data needs to be interacted between an internal network and an external network. However, as described above, the specific new file may be uploaded in the network environment where the current data interworking server is located, or may be uploaded in the network environment of the other party; that is, assuming that a file is uploaded on the intranet side, since the data interworking servers of the intranet and the extranet are monitoring, the data interworking servers of the intranet and the extranet can monitor the newly uploaded file, but only the data interworking server of the extranet needs to download the file. Therefore, when a new file is generated in the file sharing system, the generation source of the file can be determined, and then whether to download or not is determined. Specifically, as described above, if the file name carries the network environment identifier for generating the specific file, the above determination may be made according to the network environment identifier in the file name, and so on.
After the specific file is downloaded, the file can be analyzed by a data analysis module by using a specific protocol, so that the file is restored to specific data. After the specific data is restored, if the file name also includes the data number information, the integrity of the analyzed data can be verified according to the information. In addition, if the file name also includes data type information, the analyzed data can be provided to a corresponding module in the information management subsystem under the current network environment for processing.
In summary, according to the embodiment of the present application, for target data that needs to be interacted between a first network environment and a second network environment in a cross-network environment in an information management system in the cross-network environment, under the condition that the first network environment is isolated from the second network environment by a hardware device, if a target file sharing system is deployed in the first network environment and the second network environment, and the target file sharing system already breaks through isolation between networks, and can implement intercommunication between the first network environment and the second network environment, a data intercommunication service end can be provided in the first network environment and the second network environment. On the sending side, the data intercommunication service end can convert the target data into a target file according to a certain protocol, and then the target file is uploaded to a target file sharing system. And the data intercommunication server at the receiving side can receive the target file in a mode of monitoring the target file sharing system, and restore the target file into target data after analyzing the target file through the protocol. Therefore, the internal and external network intercommunication capability of the file sharing system can be endowed to the information management system in the cross-network environment, so that the data intercommunication of the information management system between the internal network and the external network is realized under the condition of not requiring additional approval.
The above scheme for realizing data intercommunication between the intranet and the extranet of the information management system without additional approval is provided in the embodiment of the present application. In practical application, the scheme may have a variety of specific application scenarios, for example, a specific intranet may be an internal network of an organization, and a specific information management system may be an information management system that is jointly established by a certain commodity information service provider and the organization, and is mainly used for implementing information management in an online sales process of "auction products". The information management system is divided into a part operating in an internal network of an organization and a part operating in an external network, and some data interaction is needed between the two parts. For example, the intranet section of the organization needs to transmit information of the newly generated "auction product" to the extranet section for distribution, the extranet section needs to transmit information of the consumer user who performs the purchase operation to the intranet section of the organization for confirmation of the purchase qualification and the like, and the like. In the process, the intranet part of the information management system can provide the information of the 'auction products' to a data intercommunication service end of the intranet part, and the service end converts the information to be transmitted into files and uploads the files to a file sharing system of an intranet of an organization. Correspondingly, the data intercommunication service end of the external network part can monitor the file from the file sharing system, restore the file and perform processing such as issuing in the commodity information service system. Similarly, when a consumer user browses the issued information through the commodity information service system and generates a purchase request, the information management system of the external network part can also convert the user information into a file through the data intercommunication service terminal of the external network part, upload the file to the file sharing system, receive the file by the data intercommunication service terminal of the internal network part, provide the file to related personnel or programs in the internal network of the organization to confirm the purchase qualification and the like of the consumer user, and the like.
Example two
The second embodiment corresponds to the first embodiment, and provides a data interworking processing method from the perspective of the data interworking server side on the sending side, referring to fig. 2, the method may include:
s201: determining target data required to perform cross-network environment interaction between a first network environment and a second network environment; the first network environment and the second network environment are isolated through hardware equipment;
s202: converting the target data into a target file according to a preset protocol;
s203: uploading the target file to a target file sharing system, wherein the target file sharing system is as follows: the file sharing system which is isolated and can realize intercommunication between the first network environment and the second network environment is opened, so that the target file is received by detecting the target file sharing system at a receiving side, and the target file is analyzed and restored into the target data through the protocol.
Specifically, in the process of converting the target data into the target file, the file name of the target file may be generated according to a file naming rule configured in the protocol.
Specifically, the file name may include a network environment identifier for performing an upload operation, so that when the receiving side monitors that a new file is generated in the file sharing system, the receiving side determines whether the file is an uploaded file in the current network environment or the other network environment according to the network environment identifier in the file name, and determines whether to perform download processing according to a determination result.
Or, the file name may further include data number information, so that after the receiving side restores the target file to the target data, integrity verification is performed on the restored data by using the data number information.
In addition, the file name may further include a data type identifier, so that a receiving side, after restoring the target file to the target data, provides the target file to a corresponding module according to the data type identifier for processing.
Specifically, when the target file is uploaded to a target file sharing system, the target file can be uploaded to the target file sharing system through a target account, and then the target file can be received in a mode that the target account detects the target file sharing system; the target account is an account which is registered in the target file sharing system in advance.
In practical applications, the target data may include: target data which is generated by one of a first information management subsystem running in the first network environment or a second information management subsystem running in the second network environment and needs to be interacted across the network environment. Of course, in practical applications, there may be other data that needs to be interacted between the first network environment and the second network environment.
Specifically, the target data may include: commodity information needing to be interacted between a first network environment and a second network environment across the network environment and/or various information generated on information publishing and trading links. Alternatively, the target data may further include: message or instruction type data needs to be exchanged between a first network environment and a second network environment across the network environments.
EXAMPLE III
The third embodiment is also corresponding to the first embodiment, and from the perspective of the data interworking server at the receiving side, a data interworking method is provided, and referring to fig. 3, the method may include:
s301: detecting a target file sharing system, wherein the target file system opens up isolation formed by hardware equipment between a first network environment and a second network environment so as to realize intercommunication between the first network environment and the second network environment;
s302: if a newly added target file appears in the target file sharing system, downloading the target file from the target file sharing system, wherein the target file is generated by converting target data which needs to be interacted between a first network environment and a second network environment in a cross-network environment according to a preset protocol and is stored in the target file sharing system;
s303: and analyzing the target file through the protocol and converting the analyzed target file into the target data so as to process the target data.
For the parts of the second and third embodiments that are not described in detail, reference may be made to the descriptions of the first embodiment and other parts of this specification, which are not described herein again.
It should be noted that, in the embodiments of the present application, the user data may be used, and in practical applications, the user-specific personal data may be used in the scheme described herein within the scope permitted by the applicable law, under the condition of meeting the requirements of the applicable law and regulations in the country (for example, the user explicitly agrees, the user is informed, etc.).
Corresponding to the second embodiment, an embodiment of the present application further provides a data interworking processing apparatus, and referring to fig. 4, the apparatus may include:
a target data determining unit 401, configured to determine target data that needs to be interacted between a first network environment and a second network environment across network environments; the first network environment and the second network environment are isolated through hardware equipment;
a file conversion unit 402, configured to convert the target data into a target file according to a preset protocol;
a file uploading unit 403, configured to upload the target file to a target file sharing system, where the target file sharing system is: the file sharing system which is isolated and can realize intercommunication between the first network environment and the second network environment is opened, so that the target file is received by detecting the target file sharing system at a receiving side, and the target file is analyzed by the protocol and then converted into the target data.
Specifically, the file conversion unit may be specifically configured to:
and generating the file name of the target file according to a file naming rule configured in the protocol.
The file name may include a network environment identifier for executing an upload operation, so that when a receiving side monitors that a new file is generated in the file sharing system, the receiving side determines whether the file is an uploaded file in a current network environment or an opposite network environment according to the network environment identifier in the file name, and determines whether to perform download processing according to a determination result.
Or, the file name may further include data number information, so that after the receiving side restores the target file to the target data, integrity check is performed on the restored data by using the data number information.
Or, the file name may further include a data type identifier, so that the receiving side, after restoring the target file to the target data, provides the target file to a corresponding module according to the data type identifier for processing.
Specifically, the file uploading unit may be specifically configured to:
uploading the target file to a target file sharing system through a target account so as to receive the target file in a manner of detecting the target file sharing system through the target account;
the target account is an account which is registered in the target file sharing system in advance.
Wherein the target data comprises: and target data which is generated by one of the first information management subsystem running in the first network environment or the second information management subsystem running in the second network environment and needs to be interacted with across the network environment.
Specifically, the target data may include: commodity information needing to be interacted between a first network environment and a second network environment across the network environments and/or various information generated on information publishing and trading links.
In addition, the target data may further include: message or instruction type data needs to be exchanged between a first network environment and a second network environment across the network environments.
Corresponding to the three phases of the embodiment, the embodiment of the present application further provides a data intercommunication device, referring to fig. 5, the device may include:
a detecting unit 501, configured to detect a target file sharing system, where the target file system opens up an isolation formed by hardware devices between a first network environment and a second network environment, so as to implement intercommunication between the first network environment and the second network environment;
a file obtaining unit 502, configured to, if a newly added target file occurs in the target file sharing system, obtain the target file by downloading from the target file sharing system, where the target file is generated after converting target data that needs to be interacted between a first network environment and a second network environment across network environments according to a preset protocol, and stores the target file in the target file sharing system;
a data conversion unit 503, configured to analyze the target file through the protocol and convert the analyzed target file into the target data, so as to process the target data.
In addition, the present application also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of the method described in any of the preceding method embodiments.
And an electronic device comprising:
one or more processors; and
a memory associated with the one or more processors for storing program instructions that, when read and executed by the one or more processors, perform the steps of the method of any of the preceding method embodiments.
Fig. 6 schematically shows an architecture of an electronic device, which may specifically include a processor 610, a video display adapter 611, a disk drive 612, an input/output interface 613, a network interface 614, and a memory 620. The processor 610, the video display adapter 611, the disk drive 612, the input/output interface 613, the network interface 614, and the memory 620 may be communicatively connected by a communication bus 630.
The processor 610 may be implemented by a general-purpose CPU (Central Processing Unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and is configured to execute related programs to implement the technical solution provided by the present Application.
The Memory 620 may be implemented in the form of a ROM (Read Only Memory), a RAM (Random Access Memory), a static storage device, a dynamic storage device, or the like. The memory 620 may store an operating system 621 for controlling the operation of the electronic device 600, a Basic Input Output System (BIOS) for controlling low-level operations of the electronic device 600. In addition, a web browser 623, a data storage management system 624, a data interworking processing system 625, and the like may also be stored. The data interworking processing system 625 may be an application program that specifically implements the operations of the foregoing steps in this embodiment of the present application. In summary, when the technical solution provided in the present application is implemented by software or firmware, the relevant program codes are stored in the memory 620 and called for execution by the processor 610.
The input/output interface 613 is used for connecting an input/output module to realize information input and output. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. The input devices may include a keyboard, a mouse, a touch screen, a microphone, various sensors, etc., and the output devices may include a display, a speaker, a vibrator, an indicator light, etc.
The network interface 614 is used to connect a communication module (not shown in the figure) to implement communication interaction between the present device and other devices. The communication module can realize communication in a wired mode (such as USB, network cable and the like) and also can realize communication in a wireless mode (such as mobile network, WIFI, bluetooth and the like).
Bus 630 includes a path that transfers information between the various components of the device, such as processor 610, video display adapter 611, disk drive 612, input/output interface 613, network interface 614, and memory 620.
It should be noted that although the above devices only show the processor 610, the video display adapter 611, the disk drive 612, the input/output interface 613, the network interface 614, the storage 620, the bus 630, etc., in the implementation process, the device may also include other components necessary for normal operation. In addition, it will be understood by those skilled in the art that the above-described apparatus may also include only the components necessary to implement the embodiments of the present application, and need not include all of the components shown in the figures.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus a necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
All the embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The data intercommunication processing method, device and information management system provided by the application are introduced in detail, and specific examples are applied in the text to explain the principle and implementation of the application, and the description of the above embodiments is only used to help understand the method and core ideas of the application; meanwhile, for a person skilled in the art, according to the idea of the present application, the specific embodiments and the application range may be changed. In view of the above, the description should not be taken as limiting the application.

Claims (12)

1. An information management system, characterized in that,
the information management system comprises: a first information management subsystem operating in a first network environment, and a second information management subsystem operating in a second network environment; the first network environment and the second network environment are isolated through hardware equipment;
target file sharing systems are deployed in the first network environment and the second network environment, and the target file systems are: the file sharing system which is isolated and can realize intercommunication between the first network environment and the second network environment is opened;
data intercommunication service terminals are also deployed in the first network environment and the second network environment;
the data intercommunication service end is used for converting target data into a target file after one of the first information management subsystem or the second information management subsystem generates the target data which needs to be interacted with a cross-network environment, and uploading the target file to the target file system; and on the receiving side, receiving the target file through the target file sharing system, analyzing the target file through the protocol, and reducing the target file into the target data so as to provide the target data for the other one of the first information management subsystem or the second information management subsystem to process.
2. A data intercommunication processing method is characterized by comprising the following steps:
determining target data required to perform cross-network environment interaction between a first network environment and a second network environment; the first network environment and the second network environment are isolated through hardware equipment;
converting the target data into a target file according to a preset protocol;
uploading the target file to a target file sharing system, wherein the target file sharing system is as follows: the file sharing system which is isolated and can realize intercommunication between the first network environment and the second network environment is opened, so that the target file is received by monitoring the target file sharing system at a receiving side, and the target file is analyzed and restored into the target data through the protocol.
3. The method of claim 2,
the converting the target data into the target file according to the preset protocol comprises:
and generating the file name of the target file according to a file naming rule configured in the protocol.
4. The method of claim 2,
the file name comprises a network environment identifier for executing uploading operation, so that when a receiving side monitors that a new file is generated in the file sharing system, whether the file is uploaded in the current network environment or the other network environment is judged according to the network environment identifier in the file name, and whether downloading processing is carried out is determined according to a judgment result.
5. The method of claim 2,
the file name comprises data number information, so that a receiving side can conveniently carry out integrity check on the restored data by using the data number information after restoring the target file into the target data.
6. The method of claim 2,
the file name comprises a data type identifier, so that a receiving side can restore the target file to the target data and then provide the target data to a corresponding module for processing according to the data type identifier.
7. The method according to any one of claims 2 to 6,
the target data includes: target data which is generated by one of a first information management subsystem running in the first network environment or a second information management subsystem running in the second network environment and needs to be interacted across the network environment.
8. The method of claim 7,
the target data includes: commodity information needing to be interacted between a first network environment and a second network environment across the network environments and/or various information generated on information publishing and trading links.
9. The method of claim 7,
the target data includes: message or instruction type data needs to be exchanged between a first network environment and a second network environment across the network environments.
10. A method for data interworking, comprising:
detecting a target file sharing system, wherein the target file system breaks through isolation formed by hardware equipment between a first network environment and a second network environment so as to realize intercommunication between the first network environment and the second network environment;
if a newly added target file appears in the target file sharing system, downloading the target file from the target file sharing system, wherein the target file is generated by converting target data which needs to be interacted between a first network environment and a second network environment in a cross-network environment according to a preset protocol and is stored in the target file sharing system;
and analyzing the target file through the protocol and then restoring the target file into the target data so as to process the target data.
11. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 10.
12. An electronic device, comprising:
one or more processors; and
a memory associated with the one or more processors for storing program instructions that, when read and executed by the one or more processors, perform the steps of the method of any of claims 1 to 10.
CN202210535944.3A 2022-05-17 2022-05-17 Data intercommunication processing method and device and informationized management system Active CN115242422B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210535944.3A CN115242422B (en) 2022-05-17 2022-05-17 Data intercommunication processing method and device and informationized management system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210535944.3A CN115242422B (en) 2022-05-17 2022-05-17 Data intercommunication processing method and device and informationized management system

Publications (2)

Publication Number Publication Date
CN115242422A true CN115242422A (en) 2022-10-25
CN115242422B CN115242422B (en) 2024-01-02

Family

ID=83667773

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210535944.3A Active CN115242422B (en) 2022-05-17 2022-05-17 Data intercommunication processing method and device and informationized management system

Country Status (1)

Country Link
CN (1) CN115242422B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117675418A (en) * 2024-02-02 2024-03-08 吉林省建兴智能科技有限公司 Data transmission system and method based on non-physical medium intrusion prevention

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090282161A1 (en) * 2008-05-12 2009-11-12 Nbc Universal, Inc. Data transfer control system and method
US20150237113A1 (en) * 2012-11-06 2015-08-20 Tencent Technology (Shenzhen) Company Limited Method and system for file transmission
CN108881158A (en) * 2018-05-04 2018-11-23 北京明朝万达科技股份有限公司 Data interaction system and method
CN109729053A (en) * 2017-10-31 2019-05-07 北京国双科技有限公司 The exchange method and device of data between intranet and extranet
CN112583918A (en) * 2020-12-11 2021-03-30 广州润普网络科技有限公司 Intranet and extranet document interaction system, method and storage medium
US20210224091A1 (en) * 2020-01-17 2021-07-22 Microsoft Technology Licensing, Llc Sharable link for remote computing resource access
CN113382012A (en) * 2021-06-18 2021-09-10 广州中爆数字信息科技股份有限公司 Internal and external network data exchange method, device, equipment and storage medium
CN113704781A (en) * 2021-07-23 2021-11-26 平安银行股份有限公司 File secure transmission method and device, electronic equipment and computer storage medium
CN114124929A (en) * 2021-09-29 2022-03-01 奇安信科技集团股份有限公司 Cross-network data processing method and device

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090282161A1 (en) * 2008-05-12 2009-11-12 Nbc Universal, Inc. Data transfer control system and method
US20150237113A1 (en) * 2012-11-06 2015-08-20 Tencent Technology (Shenzhen) Company Limited Method and system for file transmission
CN109729053A (en) * 2017-10-31 2019-05-07 北京国双科技有限公司 The exchange method and device of data between intranet and extranet
CN108881158A (en) * 2018-05-04 2018-11-23 北京明朝万达科技股份有限公司 Data interaction system and method
US20210224091A1 (en) * 2020-01-17 2021-07-22 Microsoft Technology Licensing, Llc Sharable link for remote computing resource access
CN112583918A (en) * 2020-12-11 2021-03-30 广州润普网络科技有限公司 Intranet and extranet document interaction system, method and storage medium
CN113382012A (en) * 2021-06-18 2021-09-10 广州中爆数字信息科技股份有限公司 Internal and external network data exchange method, device, equipment and storage medium
CN113704781A (en) * 2021-07-23 2021-11-26 平安银行股份有限公司 File secure transmission method and device, electronic equipment and computer storage medium
CN114124929A (en) * 2021-09-29 2022-03-01 奇安信科技集团股份有限公司 Cross-network data processing method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117675418A (en) * 2024-02-02 2024-03-08 吉林省建兴智能科技有限公司 Data transmission system and method based on non-physical medium intrusion prevention
CN117675418B (en) * 2024-02-02 2024-05-10 吉林省建兴智能科技有限公司 Data transmission system and method based on non-physical medium intrusion prevention

Also Published As

Publication number Publication date
CN115242422B (en) 2024-01-02

Similar Documents

Publication Publication Date Title
CN112115190B (en) Method, device and system for converting interface message
KR20040007324A (en) Deployment of configuration information
CN111177617A (en) Web direct operation and maintenance method and device based on operation and maintenance management system and electronic equipment
CN111177112A (en) Database blocking method and device based on operation and maintenance management system and electronic equipment
KR102407334B1 (en) Gateway apparatus and operating method thereof
CN112835782B (en) Interface access test method and system
US20170102989A1 (en) Method and system for dynamically unblocking customers in critical workflows by pushing community contributed solutions just-in-time when an error is encountered
CN110324209A (en) Micro services system monitoring method, apparatus, electronic equipment and computer-readable medium
CN113449022A (en) Method and device for processing service request
CN115242422A (en) Data intercommunication processing method and device and information management system
CN110913362A (en) Method and device for realizing wireless signal test through client and test equipment
CN114840379A (en) Log generation method, device, server and storage medium
WO2022052563A1 (en) Service construction method, related device and computer readable storage medium
CN114416169A (en) Data processing method, medium, device and computing equipment based on micro front end
CN112131095B (en) Pressure testing method and device
CN111835804A (en) Method, device and system for data transmission between internal network and external network
CN114546370A (en) Data docking method and related device
CN111226242B (en) Cloud computing network inspection technology
CN113778780A (en) Application stability determination method and device, electronic equipment and storage medium
CN113077325A (en) Multi-party conversation processing method and device, storage medium and electronic equipment
CN113778503A (en) Software maintenance method and device
CN112363716A (en) Method, system and device for dynamically assembling evaluation model
KR20200032380A (en) Apparatus and method for connecting chatbot
CN114095464B (en) Instant message realization method and system
CN115277506B (en) Load balancing equipment testing method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant