CN115442025A - License generation, verification and binding method in load balancing equipment - Google Patents

License generation, verification and binding method in load balancing equipment Download PDF

Info

Publication number
CN115442025A
CN115442025A CN202211024961.7A CN202211024961A CN115442025A CN 115442025 A CN115442025 A CN 115442025A CN 202211024961 A CN202211024961 A CN 202211024961A CN 115442025 A CN115442025 A CN 115442025A
Authority
CN
China
Prior art keywords
license
equipment
load balancing
binding
manufacturer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211024961.7A
Other languages
Chinese (zh)
Inventor
王晓凡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Hongji Information Technology Co Ltd
Original Assignee
Shanghai Hongji Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Hongji Information Technology Co Ltd filed Critical Shanghai Hongji Information Technology Co Ltd
Priority to CN202211024961.7A priority Critical patent/CN115442025A/en
Publication of CN115442025A publication Critical patent/CN115442025A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority

Abstract

The invention discloses a license generation, verification and binding method in load balancing equipment, wherein the load balancing equipment generates an equipment ID, and the equipment ID is displayed through a management page of the load balancing equipment; when a user prepares to use the load balancing equipment, the equipment ID is provided for a manufacturer, the manufacturer generates license plaintext after attaching information, and the license plaintext is encrypted and stored as a file and can be sent to the user for use; the user conducts import operation on a management page of the load balancing equipment, and the load balancing equipment automatically conducts license check and binding; in the invention, the manufacturer generates the license corresponding to each device according to the device ID, and identifies the corresponding load balancing device through comparing the plaintext and the ciphertext of the license, thereby realizing one-to-one control of the manufacturer on the device, and controlling the bandwidth, the service life, the service function and the like of the device.

Description

License generation, verification and binding method in load balancing equipment
Technical Field
The invention relates to the technical field of communication, in particular to a method for generating, checking and binding license in load balancing equipment.
Background
Load balancing is a key component of the highly available network infrastructure, and is typically used to distribute workload across multiple servers to improve the performance and reliability of a website, application, database, or other service.
A web architecture without load balancing is similar to fig. 1, where a user is directly connected to a web server and if the server is down, the user naturally has no way to access it. In addition, if many users attempt to access the server at the same time, beyond the limit they can handle, slow loading or no connection at all may occur.
And this failure can be mitigated by introducing a load balancer and additional web servers. Typically, all backend servers will guarantee the same content to be provided so that the user receives consistent content regardless of which server responds. The additional multiple web servers also share the load, relieving the pressure of a single web server and thereby processing more user requests.
The load balancing device may be software or a dedicated hardware device.
License is "permit". The load balancing hardware equipment is sold to a user and cannot be directly used, and license needs to be imported. License is provided by a device manufacturer, generally in a file form, and is imported through a management page of the load balancing device. License will typically contain information on the expiration time of the device usage, allowed bandwidth, allowed function blocks, etc.
The license policy commonly used by the current load balancing equipment is as follows:
1. the selling equipment can be directly used without license;
2. controlling license through a network;
3. the universal license is that one license can be used by a plurality of devices;
the license strategy of the current load balancing equipment has the following defects:
1. the equipment cannot be bound, and one license can be used for a plurality of hardware equipment after being copied, so that loss is caused to manufacturers;
2. no information such as bandwidth and service life, and no control of an unlimited use manufacturer after the import.
Therefore, a method for generating, checking and binding license in the load balancing device becomes a problem to be solved urgently.
Disclosure of Invention
The invention aims to provide a method for generating, checking and binding license in load balancing equipment, thereby realizing one-to-one control of a manufacturer on the equipment, and controlling the bandwidth, the service life, the service function and the like of the equipment.
In order to achieve the purpose, the technical scheme provided by the invention is as follows: a method for license generation, verification and binding in load balancing equipment comprises the following steps,
step 1, load balancing equipment generates equipment ID
The method for generating the device ID comprises the following steps:
taking the BIOS serial number of the hardware equipment and the mac addresses of all network cards, and calculating the MD5 value:
device ID = MD5 (BIOS serial number + mac address of network card 1 + mac address of network card 2 + ·. + mac address of network card n), where n is the number of network cards;
the equipment ID is displayed through a management page of the load balancing equipment;
step 2, the manufacturer generates license
When a user prepares to use the load balancing equipment, the equipment ID is provided for a manufacturer, the manufacturer obtains the equipment ID, adds the validity period, the bandwidth and the function information, and generates a license plaintext;
after generating a license plaintext, encrypting the license plaintext by using a private key of a manufacturer, coding the license by using base64 to obtain a license ciphertext, and storing the license ciphertext as a file; after the license file is obtained, the license file can be sent to a user for use;
step 3, importing and verifying license by a user
After obtaining the license file, the user conducts import operation on a management page of the load balancing equipment; after the import operation, the load balancing equipment automatically checks and binds the license;
after the load balancing equipment obtains a license plaintext, comparing the equipment ID in the license plaintext with the equipment ID of the equipment, if the license plaintext is consistent with the equipment ID of the equipment, the license is valid and successfully verified, binding the license to the equipment, recording the bandwidth, expiration time and started function module of the license, and starting the load balancing equipment; if the equipment IDs are not consistent, prompt information of verification failure is given; at this point, the license generation, verification and binding process is finished.
Compared with the prior art, the invention has the advantages that: in the invention, the manufacturer generates the license corresponding to each device according to the device ID, and identifies the corresponding load balancing device through comparing the plaintext and the ciphertext of the license, thereby realizing one-to-one control of the manufacturer on the device, and controlling the bandwidth, the service life, the service function and the like of the device.
Drawings
FIG. 1 is a diagram of a web architecture without load balancing.
FIG. 2 is a public key to private key relationship diagram.
Fig. 3 is a flow chart of converting license plaintext into a license file.
Fig. 4 is a flowchart of converting a license file into license plaintext.
Fig. 5 is a flow chart of license check and binding.
Detailed Description
The method for license generation, checksum binding in the load balancing device of the present invention is further described in detail with reference to the accompanying drawings.
With reference to fig. 1 to 5, the implementation process of the license generation, verification and binding method in the load balancing device of the present invention is as follows:
a method for license generation, verification and binding in load balancing equipment comprises the following steps,
step 1, load balancing equipment generates equipment ID
The method for generating the device ID comprises the following steps:
taking the BIOS serial number of the hardware equipment and the mac addresses of all network cards, and calculating the MD5 value:
device ID = MD5 (BIOS serial number + mac address of network card 1 + mac address of network card 2 + ·. + mac address of network card n), where n is the number of network cards;
the equipment IDs of the load balance correspond to the hardware one by one, and each equipment has the unique equipment ID; the BIOS serial number is solidified in hardware when a mainboard manufacturer leaves a factory, is globally unique and cannot be modified; the mac address of the network card is solidified in hardware when the network card manufacturer leaves a factory, is globally unique and cannot be modified; thus ensuring the device ID to load balancing device correspondence uniqueness.
The device ID is displayed through a management page of the load balancing device, and is convenient for a user to obtain.
Step 2, the manufacturer generates license
(1) Public and private key pairs
When all the load balancing devices leave a factory, the same public key is built in for decrypting license data.
The load balancing manufacturer stores a private key for encrypting license data, and the private key is strictly kept secret and is not disclosed to the outside.
The private key of the manufacturer and the public key in the load balancing equipment are in a pair relationship, and license data is encrypted by the private key and decrypted by the public key.
(2) Generating license file
When a user prepares to use the load balancing equipment, the equipment ID is provided for a manufacturer, the manufacturer obtains the equipment ID, adds information such as an expiration date, bandwidth and functions, and generates a license plaintext:
=====ADC LICENSE======
the device ID: xxxxxxxxxxx
The effective period is as follows: xxxxxxx
And (3) bandwidth limitation: xxxxxxxxx
A functional module: xxxxxxxxxxxx
========================
After generating a license plaintext, encrypting the license plaintext by using a private key of a manufacturer, coding the license by using base64 to obtain a license ciphertext, and storing the license ciphertext as a file; and after the license file is obtained, the license file can be sent to the user for use.
Step 3, importing and verifying license by a user
After obtaining the license file, the user conducts import operation on a management page of the load balancing equipment; after the import operation, the load balancing equipment automatically checks and binds the license;
after the load balancing equipment obtains the license plaintext, comparing the equipment ID in the license plaintext with the equipment ID of the equipment, if the equipment ID is consistent with the equipment ID, the license is valid, the verification is successful, binding the license to the equipment, recording the bandwidth, the expiration time and the started functional module of the license, and starting the load balancing equipment; if the equipment IDs are not consistent, prompt information of verification failure is given; and ending the license generation, verification and binding process.
The present invention and its embodiments have been described above, and the description is not intended to be limiting, and the drawings are only one embodiment of the present invention, and the actual structure is not limited thereto. In summary, those skilled in the art should be able to conceive of the present invention without creative design of the similar structural modes and embodiments without departing from the spirit of the present invention, and all such modifications should fall within the protection scope of the present invention.

Claims (7)

1. A method for license generation, verification and binding in load balancing equipment is characterized in that: comprises the following steps of (a) preparing a solution,
step 1, load balancing equipment generates equipment ID
The method for generating the device ID comprises the following steps:
taking the BIOS serial number of the hardware equipment and the mac addresses of all network cards, and calculating the MD5 value:
device ID = MD5 (BIOS serial number + mac address of network card 1 + mac address of network card 2 + ·. + mac address of network card n), where n is the number of network cards;
the equipment ID is displayed through a management page of the load balancing equipment;
step 2, the manufacturer generates license
When a user prepares to use the load balancing equipment, the equipment ID is provided for a manufacturer, the manufacturer obtains the equipment ID, adds the validity period, the bandwidth and the function information, and generates a license plaintext;
after generating a license plaintext, encrypting the license plaintext by using a private key of a manufacturer, coding the license by using base64 to obtain a license ciphertext, and storing the license ciphertext as a file; after the license file is obtained, the license file can be sent to a user for use;
step 3, importing and verifying license by user
After obtaining the license file, the user conducts import operation on a management page of the load balancing equipment; after the import operation, the load balancing equipment automatically checks and binds the license;
after the load balancing equipment obtains a license plaintext, comparing the equipment ID in the license plaintext with the equipment ID of the equipment, if the license plaintext is consistent with the equipment ID of the equipment, the license is valid and successfully verified, binding the license to the equipment, recording the bandwidth, expiration time and started function module of the license, and starting the load balancing equipment; if the equipment IDs are not consistent, prompt information of verification failure is given; and ending the license generation, verification and binding process.
2. The method for license generation, checksum binding in load balancing equipment as claimed in claim 1, wherein: the load-balanced device IDs correspond to the hardware thereof one-to-one, and each device has a unique device ID.
3. The method for license generation, checksum binding in load balancing equipment according to claim 2, wherein the license generation, checksum binding comprises: the BIOS serial number is a number solidified in hardware when a mainboard manufacturer leaves a factory and cannot be modified.
4. The method for license generation, checksum binding in load balancing equipment according to claim 3, wherein: the mac address of the network card is an address which is solidified in hardware when the network card manufacturer leaves a factory and cannot be modified.
5. The method for license generation, checksum binding in load balancing equipment as claimed in claim 4, wherein: the public key in the step 2 is a public key which is built in when the load balancing device leaves a factory, and the public keys which are built in all the load balancing devices are the same and are used for decrypting license data.
6. The method for license generation, checksum binding in load balancing equipment as claimed in claim 5, wherein: the private key is stored by a load balancing manufacturer and used for encrypting license data, and the private key is strictly kept secret and is not disclosed to the outside.
7. The method for license generation, checksum binding in load balancing equipment as claimed in claim 6, wherein: the private key of the manufacturer and the public key in the load balancing equipment are in a pair relationship, and license data is encrypted by the private key and decrypted by the public key.
CN202211024961.7A 2022-08-25 2022-08-25 License generation, verification and binding method in load balancing equipment Pending CN115442025A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211024961.7A CN115442025A (en) 2022-08-25 2022-08-25 License generation, verification and binding method in load balancing equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211024961.7A CN115442025A (en) 2022-08-25 2022-08-25 License generation, verification and binding method in load balancing equipment

Publications (1)

Publication Number Publication Date
CN115442025A true CN115442025A (en) 2022-12-06

Family

ID=84244705

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211024961.7A Pending CN115442025A (en) 2022-08-25 2022-08-25 License generation, verification and binding method in load balancing equipment

Country Status (1)

Country Link
CN (1) CN115442025A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116401294A (en) * 2023-02-09 2023-07-07 上海弘积信息科技有限公司 Big data warehousing method based on elastic search

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116401294A (en) * 2023-02-09 2023-07-07 上海弘积信息科技有限公司 Big data warehousing method based on elastic search

Similar Documents

Publication Publication Date Title
JP5522307B2 (en) System and method for remote maintenance of client systems in electronic networks using software testing with virtual machines
US9086994B2 (en) Verification of dispersed storage network access control information
US10992481B2 (en) Two-dimensional code generation method, apparatus, data processing method, apparatus, and server
CN110798466B (en) Verification method and system for software license in virtual machine scene
US8086856B2 (en) Disabling on/off capacity on demand
CN112953930A (en) Cloud storage data processing method and device and computer system
CN111641615A (en) Distributed identity authentication method and system based on certificate
CN113676452B (en) Replay attack resisting method and system based on one-time key
CN115442025A (en) License generation, verification and binding method in load balancing equipment
CN112463454B (en) Data recovery method, server, terminal device and storage medium
CN113221154A (en) Service password obtaining method and device, electronic equipment and storage medium
JP6081857B2 (en) Authentication system and authentication method
CN111290884A (en) Data backup method and device for cash register equipment
CN110971609A (en) Anti-cloning method of DRM client certificate, storage medium and electronic equipment
CN112738005A (en) Access processing method, device, system, first authentication server and storage medium
CN112637160A (en) Login verification method, device, equipment and storage medium
TWM618726U (en) System for verifying identity on different devices based on certificates and verification data
CN112994882A (en) Authentication method, device, medium and equipment based on block chain
CN116455579A (en) Digital certificate management method and system
CN115114592A (en) Hardware number and timestamp based equipment authorization method and system
CN115694895A (en) Interface access method and device
CN117519597A (en) Virtual disk management and control method, device, electronic equipment and readable storage medium
CN116232666A (en) Identity authentication method and system based on total province mutual trust
CN112631735A (en) Virtual machine authorization management method and device, electronic equipment and storage medium
CN117978396A (en) User identity authentication method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination