CN115361166A - Access request processing method based on distributed cloud service and related equipment - Google Patents
Access request processing method based on distributed cloud service and related equipment Download PDFInfo
- Publication number
- CN115361166A CN115361166A CN202210820958.XA CN202210820958A CN115361166A CN 115361166 A CN115361166 A CN 115361166A CN 202210820958 A CN202210820958 A CN 202210820958A CN 115361166 A CN115361166 A CN 115361166A
- Authority
- CN
- China
- Prior art keywords
- cloud service
- access
- address
- access request
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
Abstract
The invention relates to the technical field of computers, and discloses an access request processing method, device, equipment and storage medium based on distributed cloud service. The access request processing method based on the distributed cloud service comprises the following steps: the method comprises the steps that an edge cloud service node receives an access request of a server initiated by a client, and extracts a first access address of the server carried in the access request; the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server; and forwarding the access request by the edge cloud service node based on the second access address so as to enable the service end to process the access request. The invention provides a method for introducing a distributed cloud service node between a front end and a server, which hides a real server from the front end so as to prevent the hidden server from being exposed on the network and enhance the absolute safety of a computer and user data.
Description
Technical Field
The invention relates to the technical field of computers, in particular to an access request processing method based on distributed cloud service and related equipment.
Background
With the advent of the internet era, the explosion of the internet market has promoted social progress and has exposed many crises, each computer has a unique IP address, the computer loads a target IP address and a unique sequence number on each data packet transmitted to realize communication, and at this stage, a hacker can easily intercept the information of the data packet by means of detection or interception, resulting in leakage of the data information and the IP address, so that the hacker can easily attack a server or a terminal.
In the prior art, the current service is in a B/S or C/S mode, no matter which mode, the address of the server needs to be exposed to the client, and in the process of direct connection between the client and the server, a hacker can easily intercept data information, the most common attack mode at present is a distributed denial of service attack, however, the method for preventing the attack is very expensive, because the capability of network attack is rapidly promoted all the time, the efficiency of the existing defense means is low, and the absolute security of the computer and the user data cannot be ensured.
Disclosure of Invention
The invention mainly aims to provide an access request processing method, device, equipment and storage medium based on distributed cloud service, and aims to solve the problem that a server is exposed on a network by introducing a distributed cloud service node between a front end and the server.
The invention provides an access request processing method based on distributed cloud service in a first aspect, which comprises the following steps:
the method comprises the steps that an edge cloud service node receives an access request of a server initiated by a client, and extracts a first access address of the server carried in the access request;
the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server;
the edge cloud service node forwards the access request based on the second access address, so that the service end can process the access request.
Optionally, in a first implementation manner of the first aspect of the present invention, the receiving, by the edge cloud service node, an access request of a server initiated by a client, and extracting a first access address of the server carried in the access request includes:
the edge cloud service node receives a server access request initiated by a client and filters out encrypted access information of the server access request;
the edge cloud service node acquires an encryption function corresponding to the encryption access information from a preset database;
the edge cloud service node decodes the encrypted access information by using the encryption function to obtain a first access address of the server carried in the access request.
Optionally, in a second implementation manner of the first aspect of the present invention, before the edge cloud service node receives an access request of a server initiated by a client, and extracts a first access address of the server carried in the access request, the method further includes:
the edge cloud service node respectively acquires the identification description information of the server and the second access address;
the edge cloud service node generates a first access address based on the identification description information of the server;
the edge cloud service node saves and binds the first access address and the second access address;
the edge cloud service node obtains a mapping relation according to the binding of the first access address and the second access address;
and the edge cloud service node generates an access address mapping relation table based on the mapping relation.
Optionally, in a third implementation manner of the first aspect of the present invention, the forwarding, by the edge cloud service node, the access request based on the second access address, so that the processing, by the service end, of the access request includes:
the edge cloud service node determines the optimal service of the server corresponding to the second access address of the selected service;
the edge cloud service node adjusts a preset service threshold in real time based on the optimal service of the server;
and the edge cloud service node generates target operation on the access request based on the service threshold value and sends the target operation to the server.
Optionally, in a fourth implementation manner of the first aspect of the present invention, the encryption function is as follows:
k [ i, j ] is the length value of a public substring of the first i address levels in the encrypted access information and the first j address levels of the address codes of the preset sample address data; x [ i ] is the coded value of the ith address level in the encrypted access information; yj is the encoded value of the jth address level of the address encoding of the preset sample address data.
The second aspect of the present invention provides an access request processing apparatus based on a distributed cloud service, including:
the extraction module is used for receiving an access request of a server initiated by a client by an edge cloud service node and extracting a first access address of the server carried in the access request;
the searching module is used for searching a locally stored access address mapping relation table by the edge cloud service node based on the first access address to obtain a second access address of the server;
a processing module, configured to forward, by the edge cloud service node, the access request based on the second access address, so that the service end processes the access request.
Optionally, in a first implementation manner of the second aspect of the present invention, the extracting module includes:
the filtering unit is used for receiving an access request of a server initiated by a client by the edge cloud service node and filtering encrypted access information of the access request of the server;
the acquisition unit is used for acquiring an encryption function corresponding to the encrypted access information from a preset database by the edge cloud service node;
and the computing unit is used for decoding the encrypted access information by the edge cloud service node by using the encryption function to obtain a first access address of the server carried in the access request.
Optionally, in a second implementation manner of the second aspect of the present invention, the access request processing apparatus based on a distributed cloud service further includes:
the first obtaining module is used for the edge cloud service node to respectively obtain the identification description information of the server and the second access address;
the first generation module is used for generating a first access address by the edge cloud service node based on the identification description information of the server;
the binding module is used for storing and binding the first access address and the second access address by the edge cloud service node;
the second obtaining module is used for obtaining a mapping relation by the edge cloud service node according to the binding of the first access address and the second access address;
and the second generation module is used for generating an access address mapping relation table by the edge cloud service node based on the mapping relation.
A third aspect of the present invention provides an electronic device comprising: a memory and at least one processor, the memory having instructions stored therein; the at least one processor invokes the instructions in the memory to cause the electronic device to perform the above-described access request processing method based on distributed cloud services.
A fourth aspect of the present invention provides a computer-readable storage medium having stored therein instructions, which, when run on a computer, cause the computer to execute the above-described access request processing method based on a distributed cloud service.
In the technical scheme provided by the invention, the edge cloud service node can receive an access request of a server initiated by a client and extract a first access address of the server carried in the access request, the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server, and the edge cloud service node forwards the access request based on the second access address so as to be used for the server to process the access request.
Drawings
Fig. 1 is a schematic diagram of a first embodiment of an access request processing method based on a distributed cloud service in an embodiment of the present invention;
fig. 2 is a schematic diagram of a second embodiment of an access request processing method based on a distributed cloud service in the embodiment of the present invention;
fig. 3 is a schematic diagram of a third embodiment of an access request processing method based on a distributed cloud service in an embodiment of the present invention;
fig. 4 is a schematic diagram of a fourth embodiment of an access request processing method based on a distributed cloud service in the embodiment of the present invention;
fig. 5 is a schematic diagram of a first embodiment of an access request processing apparatus based on a distributed cloud service in an embodiment of the present invention;
fig. 6 is a schematic diagram of a second embodiment of an access request processing apparatus based on a distributed cloud service in an embodiment of the present invention;
fig. 7 is a schematic diagram of an embodiment of an electronic device in an embodiment of the present invention.
Detailed Description
The embodiment of the invention provides an access request processing method, device, equipment and storage medium based on distributed cloud service.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be implemented in other sequences than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," or "having," and any variations thereof, are intended to cover non-exclusive inclusions, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
For ease of understanding, a specific flow of an embodiment of the present invention is described below. Referring to fig. 1, a first embodiment of an access request processing method based on a distributed cloud service according to an embodiment of the present invention includes:
s101, an edge cloud service node receives an access request of a server initiated by a client, and extracts a first access address of the server carried in the access request;
in this embodiment, the edge cloud service node is an edge computing service close to a user, and by means of the decentralized small cloud computing platform capability close to a client side, technical characteristics of wide coverage, low time delay and large bandwidth are achieved, safe, stable and reliable edge node computing and global content distribution acceleration services are provided for the user, and the problems of computing power, networks, deployment, time delay and the like of the user in application scenes such as audio and video, games, terminal virtualization and the like are solved to a certain extent.
In this embodiment, in general, a client directly finds a server through a domain name, establishes connection between the client and the server, and then exchanges window information, in this process, addresses of servers need to be exposed to the client, and the server may be attacked as long as being exposed on a network.
In this embodiment, by modifying domain name resolution, the client carries a description identifying the server, that is, a modified first access address, that is, a virtual address, which is not a final second access address, that is, a real address, and in order to obtain the final real address, the first access address is obtained first.
S102, the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server;
in this embodiment, the distributed cloud control center may obtain an access address mapping relationship table by recording a mapping relationship between a first access address and a second access address of the server, and store the access address mapping relationship table in the local through summarization, where the first access address and the second access address are in a binding relationship, that is, we may obtain a corresponding second access address according to the obtained first access address through the access address mapping relationship table stored in the local, and conversely, may obtain a corresponding first access address according to the second access address.
S103, the edge cloud service node forwards the access request based on the second access address, so that the service end can process the access request.
In this embodiment, the edge cloud service node forwards the access request of the corresponding client according to the obtained second access address, the server determines the authenticity address of the access request in real time after receiving the access request from the client, and performs subsequent operation processing according to the determination result.
In this embodiment, the distributed cloud has a large number of service nodes, and is located at the edge of the network very close to the final user, and based on this layout, an attacker can only see a large number of edge cloud service nodes and cannot see a real server address, so that the distributed cloud service nodes can perform corresponding defense operations according to the true and false addresses and an attack path to limit the attack influence of the attack on the server.
Referring to fig. 2, a second embodiment of the access request processing method based on the distributed cloud service according to the embodiment of the present invention includes:
s201, an edge cloud service node receives a server access request initiated by a client and filters encrypted access information of the server access request;
in this embodiment, the access request of the server initiated by the client cannot directly extract the required first access address, and the access request of the server needs to be filtered to obtain the key information, that is, the encrypted access information in the access request, so as to improve the accuracy of information identification.
S202, the edge cloud service node acquires an encryption function corresponding to the encrypted access information from a preset database;
in this embodiment, a database about relevant storage address information is preset, and in general, information similar to a database connection class is stored in a configuration file, for example, java is preferred to a properties file, encrypted access information is input, and a corresponding encryption function can be found, that is, a function value of secret data can be obtained by a user who possesses a decryption key in function encryption.
In this embodiment, the encryption methods mainly include symmetric encryption, one-way encryption, key exchange, and the like.
S203, the edge cloud service node decodes the encrypted access information by using the encryption function to obtain a first access address of the server carried in the access request;
in this embodiment, based on the obtained encryption function, data may be converted into domain name resolution information and an address code of sample address data in a preset database by decoding, and the address code of the sample address data is matched with the address code in the preset database, so as to obtain the first access address of the server carried in the access request.
S204, the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server;
and S205, the edge cloud service node forwards the access request based on the second access address, so that the service end can process the access request.
In this embodiment, the related technical solutions of adding an encryption function and decoding the encryption function can simplify the complexity of the address information format in the prior art, and for the data normalization of the preset database, effectively match the address data information in the access request with the address code of the sample address data in the preset database, and transmit the domain name or address of the real service end in an encryption manner.
Referring to fig. 3, a third embodiment of an access request processing method based on a distributed cloud service according to an embodiment of the present invention includes:
s301, the edge cloud service node respectively acquires identification description information and a second access address of the server;
in this embodiment, by modifying domain name resolution, domain name information changes, a client is originally directly connected to a server, a service point of a distributed cloud is connected at present, and based on the modified domain name resolution, the client carries a description identifying the server, that is, a pseudo address of the server, so that at this time, an edge cloud service node needs to obtain identification description information of the server and a second access address which is not subjected to the modified domain name resolution, that is, a domain name or an address of a real server.
S302, the edge cloud service node generates a first access address based on the identification description information of the server;
s303, the edge cloud service node saves and binds the first access address and the second access address;
in this embodiment, the edge cloud service node stores the acquired first access address and the acquired second access address in real time, acquires binding operation information of the first access address and the second access address, and converts the binding operation information of the first access address and the second access address into an address binding operation by using the binding operation information of the first access address and the second access address as a binding operation data packet so as to acquire a binding relationship between the first access address and the second access address.
S304, the edge cloud service node obtains a mapping relation according to the binding of the first access address and the second access address;
in this embodiment, according to the obtained binding relationship between the first access address and the second access address, we can analyze and process the binding relationship, and perform mapping management on the first access address and the second access address according to the result of the binding relationship, thereby obtaining the mapping relationship between the first access address and the second access address.
S305, the edge cloud service node generates an access address mapping relation table based on the mapping relation;
in this embodiment, the obtained mapping relationship is recorded and summarized to obtain an access address mapping relationship table of the first access address and the second access address, that is, a mapping relationship table between the authenticity addresses, which is used for determining the second access address where the first access address is located, so that the automatic matching efficiency of the corresponding address relationship between the client and the server is improved, and the time cost of operation is obviously reduced.
S306, the edge cloud service node receives an access request of a server initiated by a client, and extracts a first access address of the server carried in the access request;
s307, the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server;
and S308, the edge cloud service node forwards the access request based on the second access address so that the service end can process the access request.
In this embodiment, the type of the access request of the server can be automatically identified according to the second access address corresponding to the first access address in the generated mapping relationship table, and the type of the access request of the server can be determined through the first access address, so that the method is simple to implement, low in implementation cost and high in reliability.
Referring to fig. 4, a fourth embodiment of the access request processing method based on distributed cloud services in the embodiments of the present invention includes:
s401, an edge cloud service node receives an access request of a server initiated by a client, and extracts a first access address of the server carried in the access request;
s402, the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server;
s403, the edge cloud service node determines the optimal service of the server corresponding to the second access address of the selected service;
in this embodiment, an access request related to the second access address may be sent to the server according to the determined second access address until the optimized service of the server corresponding to the second access address is received, and domain name resolutions included in different access requests are different, so that the edge cloud service node proxies the request of the client according to the mapping relationship in different manners.
S404, the edge cloud service node adjusts a preset service threshold value in real time based on the optimal service of the server;
s405, the edge cloud service node generates target operation for the access request based on the service threshold value and sends the target operation to the server.
In this embodiment, an attacker can only see a huge number of edge cloud service nodes and cannot see a real server address, so that the preset service threshold can be adjusted according to the preset service threshold of the edge cloud service node and the attack capability of the attacker, and the service capability of the edge cloud service node corresponding to the adjusted preset service threshold exceeds the performance cost required by the attack request.
In this embodiment, the distributed cloud service nodes perform corresponding setting according to the obtained service threshold, so that the attack influence of the attack on the service end can be limited, and the relative security of the service end is ensured.
Further, in an optional embodiment, the encryption function is as follows:
k [ i, j ] is the length value of a public substring of the first i address levels in the encrypted access information and the first j address levels of the address code of the preset sample address data; x [ i ] is the coded value of the ith address level in the encrypted access information; yj is the encoded value of the jth address level of the address encoding of the preset sample address data.
In this embodiment, the address code of the preset sample address data in the encrypted access information may be divided into a preset address mode and a preset address code, where the preset address mode is a standard address mode extracted from a maximum standardized corresponding address code obtained after the preset sample address data in the encrypted access information is matched with the address code of each sample address data in the database, and the standard address mode is used as the preset address mode, for example, the preset address mode may refer to a division manner of address hierarchies such as streets, districts, buildings, units, floors, house numbers, and the like in a statistical region in the preset sample address data; the preset address coding is based on the character string sequence which needs to be subjected to address coding, different character string sequences are sequentially subjected to address coding by supplementing different bytes, and the carried information needs to be found to specify the specified position of corresponding information, so that the uniqueness of an address is ensured, the flexibility, the extensibility and the richness of the information carried by the address coding are improved, and the preset address coding is also based on channel coding in mobile communication.
In this embodiment, if the preset address mode is: and the matched preset address codes are as follows: 6/5/3/701, the standard address mode applicable to acquiring the preset sample address data is as follows: and matching a preset address mode to the sample data to obtain: 6 (lot) -5 (unit) -3 (layer) -701 (No.) #, so that the preset sample data would translate it into 6 lots of 5 units and 3 layers 701 no.
In the above description of the access request processing method based on the distributed cloud service in the embodiment of the present invention, an access request processing apparatus based on the distributed cloud service in the embodiment of the present invention is described below, referring to fig. 5, a first embodiment of the access request processing apparatus based on the distributed cloud service in the embodiment of the present invention includes:
the extraction module 501 is configured to receive, by an edge cloud service node, an access request of a server initiated by a client, and extract a first access address of the server carried in the access request;
the searching module 502 is configured to search, by the edge cloud service node, a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server;
and a processing module 503, configured to forward, by the edge cloud service node, the access request based on the second access address, so that the service end processes the access request.
Optionally, the extracting module 501 includes:
the filtering unit 5011 is configured to receive, by the edge cloud service node, a server access request initiated by a client, and filter encrypted access information of the server access request;
the obtaining unit 5012 is configured to obtain, by the edge cloud service node, an encryption function corresponding to the encrypted access information from a preset database;
the computing unit 5013 is configured to decode, by the edge cloud service node, the encrypted access information by using an encryption function to obtain a first access address of the service end carried in the access request.
Referring to fig. 6, a second embodiment of an access request processing apparatus based on a distributed cloud service according to the embodiment of the present invention includes:
a first obtaining module 601, configured to respectively obtain, by an edge cloud service node, identifier description information of the server and the second access address;
a first generating module 602, configured to generate, by the edge cloud service node, a first access address based on the identifier description information of the server;
a binding module 603, configured to store and bind the first access address and the second access address by the edge cloud service node;
a second obtaining module 604, configured to obtain, by the edge cloud service node, a mapping relationship according to the binding between the first access address and the second access address;
and a second generating module 605, configured to generate, by the edge cloud service node, an access address mapping relationship table based on the mapping relationship.
The embodiment of the invention discloses an access request processing method, device, equipment and storage medium based on distributed cloud service. The access request processing method based on the distributed cloud service comprises the following steps: the method comprises the steps that an edge cloud service node receives an access request of a server initiated by a client, and extracts a first access address of the server carried in the access request; the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server; and forwarding the access request by the edge cloud service node based on the second access address so as to enable the service end to process the access request. The invention provides a method for introducing a distributed cloud service node between a front end and a server, which hides a real server from the front end so as to prevent the hidden server from being exposed on the network and enhance the absolute safety of a computer and user data.
Fig. 5 and fig. 6 above describe the access request processing apparatus based on the distributed cloud service in the embodiment of the present invention in detail from the perspective of the modular functional entity, and electronic devices in the embodiment of the present invention are described in detail below from the perspective of hardware processing.
Fig. 7 is a schematic structural diagram of an electronic device 700 according to an embodiment of the present invention, where the electronic device 700 may have a relatively large difference due to different configurations or performances, and may include one or more processors (CPUs) 710 (e.g., one or more processors) and a memory 720, and one or more storage media 730 (e.g., one or more mass storage devices) for storing applications 733 or data 732. Memory 720 and storage medium 730 may be, among other things, transient storage or persistent storage. The program stored in the storage medium 730 may include one or more modules (not shown), each of which may include a sequence of instructions operating on the electronic device 700. Still further, the processor 510 may be configured to communicate with the storage medium 730 to execute a series of instruction operations in the storage medium 530 on the electronic device 700.
The electronic device 700 may also include one or more power supplies 740, one or more wired or wireless network interfaces 750, one or more input-output interfaces 760, and/or one or more operating systems 731, such as Windows Server, mac OS X, unix, linux, freeBSD, and so forth. Those skilled in the art will appreciate that the electronic device configuration shown in fig. 7 is not intended to be limiting of electronic devices and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
The present invention also provides an electronic device, which includes a memory and a processor, where the memory stores computer readable instructions, and when the computer readable instructions are executed by the processor, the processor executes the steps of the access request processing method based on the distributed cloud service in the foregoing embodiments.
The present invention also provides a computer-readable storage medium, which may be a non-volatile computer-readable storage medium, and may also be a volatile computer-readable storage medium, having stored therein instructions, which, when executed on a computer, cause the computer to perform the steps of the access request processing method based on the distributed cloud service.
It can be clearly understood by those skilled in the art that, for convenience and simplicity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. An access request processing method based on distributed cloud services is characterized by comprising the following steps:
the method comprises the steps that an edge cloud service node receives an access request of a server initiated by a client, and extracts a first access address of the server carried in the access request;
the edge cloud service node searches a locally stored access address mapping relation table based on the first access address to obtain a second access address of the server;
the edge cloud service node forwards the access request based on the second access address, so that the service end can process the access request.
2. The method for processing the access request based on the distributed cloud service of claim 1, wherein the receiving, by the edge cloud service node, the access request of the server initiated by a client, and extracting the first access address of the server carried in the access request includes:
the edge cloud service node receives a server access request initiated by a client and filters out encrypted access information of the server access request;
the edge cloud service node acquires an encryption function corresponding to the encryption access information from a preset database;
and the edge cloud service node decodes the encrypted access information by using the encryption function to obtain a first access address of the server carried in the access request.
3. The method for processing the access request based on the distributed cloud service according to claim 1, wherein before the edge cloud service node receives an access request of a server initiated by a client and extracts a first access address of the server carried in the access request, the method further includes:
the edge cloud service node respectively acquires the identification description information of the server and the second access address;
the edge cloud service node generates a first access address based on the identification description information of the server;
the edge cloud service node saves and binds the first access address and the second access address;
the edge cloud service node obtains a mapping relation according to the binding of the first access address and the second access address;
and the edge cloud service node generates an access address mapping relation table based on the mapping relation.
4. The distributed cloud service-based access request processing method according to claim 1, wherein the forwarding, by the edge cloud service node, the access request based on the second access address for the service end to process the access request comprises:
the edge cloud service node determines the optimal service of the server corresponding to the second access address of the selected service;
the edge cloud service node adjusts a preset service threshold in real time based on the optimal service of the server;
and the edge cloud service node generates target operation on the access request based on the service threshold value and sends the target operation to the server.
5. The distributed cloud service-based access request processing method according to claim 2, wherein the encryption function is as follows:
k [ i, j ] is the length value of a public substring of the first i address levels in the encrypted access information and the first j address levels of the address codes of the preset sample address data; x [ i ] is the coded value of the ith address level in the encrypted access information; y [ j ] is an encoded value of a jth address level of an address encoding of preset sample address data.
6. An access request processing device based on a distributed cloud service, the access request processing device based on the distributed cloud service comprising:
the extraction module is used for receiving an access request of a server initiated by a client by an edge cloud service node and extracting a first access address of the server carried in the access request;
the searching module is used for searching a locally stored access address mapping relation table by the edge cloud service node based on the first access address to obtain a second access address of the server;
and the processing module is used for forwarding the access request by the edge cloud service node based on the second access address so as to enable the service end to process the access request.
7. The distributed cloud service-based access request processing apparatus according to claim 6, wherein the extraction module includes:
the filtering unit is used for receiving an access request of a server initiated by a client by the edge cloud service node and filtering encrypted access information of the access request of the server;
the acquisition unit is used for acquiring an encryption function corresponding to the encrypted access information from a preset database by the edge cloud service node;
and the computing unit is used for decoding the encrypted access information by the edge cloud service node by using the encryption function to obtain a first access address of the server carried in the access request.
8. The distributed cloud service-based access request processing apparatus according to claim 6, wherein the distributed cloud service-based access request processing apparatus further comprises:
the first obtaining module is used for the edge cloud service node to respectively obtain the identification description information of the server and the second access address;
the first generation module is used for generating a first access address by the edge cloud service node based on the identification description information of the server side;
the binding module is used for storing and binding the first access address and the second access address by the edge cloud service node;
the second obtaining module is used for obtaining a mapping relation by the edge cloud service node according to the binding of the first access address and the second access address;
and the second generation module is used for generating an access address mapping relation table by the edge cloud service node based on the mapping relation.
9. An electronic device, characterized in that the electronic device comprises: a memory and at least one processor, the memory having instructions stored therein:
the at least one processor invokes the instructions in the memory to cause the electronic device to perform the distributed cloud service-based access request processing method of any of claims 1-5.
10. A computer-readable storage medium having instructions stored thereon, wherein the instructions, when executed by a processor, implement the method for processing an access request based on a distributed cloud service according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210820958.XA CN115361166A (en) | 2022-07-13 | 2022-07-13 | Access request processing method based on distributed cloud service and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210820958.XA CN115361166A (en) | 2022-07-13 | 2022-07-13 | Access request processing method based on distributed cloud service and related equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115361166A true CN115361166A (en) | 2022-11-18 |
Family
ID=84032610
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210820958.XA Pending CN115361166A (en) | 2022-07-13 | 2022-07-13 | Access request processing method based on distributed cloud service and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115361166A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116471109A (en) * | 2022-12-01 | 2023-07-21 | 黄建邦 | Data transmission method, system, first end and control equipment |
-
2022
- 2022-07-13 CN CN202210820958.XA patent/CN115361166A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116471109A (en) * | 2022-12-01 | 2023-07-21 | 黄建邦 | Data transmission method, system, first end and control equipment |
| CN116760566A (en) * | 2022-12-01 | 2023-09-15 | 黄建邦 | Data transmission method, system, first end, intermediate network device and control device |
| CN116471109B (en) * | 2022-12-01 | 2024-03-05 | 黄建邦 | Data transmission method, system, first end and control equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112019574B (en) | Abnormal network data detection method and device, computer equipment and storage medium | |
| Beverly et al. | Forensic carving of network packets and associated data structures | |
| US9864593B2 (en) | Conversion tracking and context preserving systems and methods | |
| CN109194680B (en) | Network attack identification method, device and equipment | |
| CN111737696A (en) | Method, system and equipment for detecting malicious file and readable storage medium | |
| CN104052734A (en) | Attack Detection And Prevention Using Global Device Fingerprinting | |
| CN110213212A (en) | A kind of classification method and device of equipment | |
| CN111200605B (en) | Malicious identification defense method and system based on Handle system | |
| CN111786966A (en) | Method and device for browsing webpage | |
| KR20000054538A (en) | System and method for intrusion detection in network and it's readable record medium by computer | |
| CN111565203B (en) | Method, device and system for protecting service request and computer equipment | |
| US10237151B2 (en) | Attributing network address translation device processed traffic to individual hosts | |
| KR100383224B1 (en) | Linux-Based Integrated Security System for Network and Method thereof, and Semiconductor Device Having These Solutions | |
| CN112532605B (en) | Network attack tracing method and system, storage medium and electronic device | |
| CN112600852B (en) | Vulnerability attack processing method, device, equipment and storage medium | |
| CN107046516B (en) | Wind control method and device for identifying mobile terminal identity | |
| CN115361166A (en) | Access request processing method based on distributed cloud service and related equipment | |
| CN111314379B (en) | Attacked domain name identification method and device, computer equipment and storage medium | |
| US8910281B1 (en) | Identifying malware sources using phishing kit templates | |
| JP6592196B2 (en) | Malignant event detection apparatus, malignant event detection method, and malignant event detection program | |
| CN113342892A (en) | Cloud security data processing method based on block chain node cluster and block chain system | |
| CN114285649B (en) | Equipment protection method, system, protection equipment and computer readable storage medium | |
| CN111800391B (en) | Port scanning attack detection method and device, electronic equipment and storage medium | |
| CN116074280A (en) | Application intrusion prevention system identification method, device, equipment and storage medium | |
| CN112214769A (en) | Active measurement system of Windows system based on SGX architecture |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |