CN115442025A - License generation, verification and binding method in load balancing equipment - Google Patents
License generation, verification and binding method in load balancing equipment Download PDFInfo
- Publication number
- CN115442025A CN115442025A CN202211024961.7A CN202211024961A CN115442025A CN 115442025 A CN115442025 A CN 115442025A CN 202211024961 A CN202211024961 A CN 202211024961A CN 115442025 A CN115442025 A CN 115442025A
- Authority
- CN
- China
- Prior art keywords
- license
- equipment
- load balancing
- binding
- manufacturer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
Abstract
The invention discloses a license generation, verification and binding method in load balancing equipment, wherein the load balancing equipment generates an equipment ID, and the equipment ID is displayed through a management page of the load balancing equipment; when a user prepares to use the load balancing equipment, the equipment ID is provided for a manufacturer, the manufacturer generates license plaintext after attaching information, and the license plaintext is encrypted and stored as a file and can be sent to the user for use; the user conducts import operation on a management page of the load balancing equipment, and the load balancing equipment automatically conducts license check and binding; in the invention, the manufacturer generates the license corresponding to each device according to the device ID, and identifies the corresponding load balancing device through comparing the plaintext and the ciphertext of the license, thereby realizing one-to-one control of the manufacturer on the device, and controlling the bandwidth, the service life, the service function and the like of the device.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a method for generating, checking and binding license in load balancing equipment.
Background
Load balancing is a key component of the highly available network infrastructure, and is typically used to distribute workload across multiple servers to improve the performance and reliability of a website, application, database, or other service.
A web architecture without load balancing is similar to fig. 1, where a user is directly connected to a web server and if the server is down, the user naturally has no way to access it. In addition, if many users attempt to access the server at the same time, beyond the limit they can handle, slow loading or no connection at all may occur.
And this failure can be mitigated by introducing a load balancer and additional web servers. Typically, all backend servers will guarantee the same content to be provided so that the user receives consistent content regardless of which server responds. The additional multiple web servers also share the load, relieving the pressure of a single web server and thereby processing more user requests.
The load balancing device may be software or a dedicated hardware device.
License is "permit". The load balancing hardware equipment is sold to a user and cannot be directly used, and license needs to be imported. License is provided by a device manufacturer, generally in a file form, and is imported through a management page of the load balancing device. License will typically contain information on the expiration time of the device usage, allowed bandwidth, allowed function blocks, etc.
The license policy commonly used by the current load balancing equipment is as follows:
1. the selling equipment can be directly used without license;
2. controlling license through a network;
3. the universal license is that one license can be used by a plurality of devices;
the license strategy of the current load balancing equipment has the following defects:
1. the equipment cannot be bound, and one license can be used for a plurality of hardware equipment after being copied, so that loss is caused to manufacturers;
2. no information such as bandwidth and service life, and no control of an unlimited use manufacturer after the import.
Therefore, a method for generating, checking and binding license in the load balancing device becomes a problem to be solved urgently.
Disclosure of Invention
The invention aims to provide a method for generating, checking and binding license in load balancing equipment, thereby realizing one-to-one control of a manufacturer on the equipment, and controlling the bandwidth, the service life, the service function and the like of the equipment.
In order to achieve the purpose, the technical scheme provided by the invention is as follows: a method for license generation, verification and binding in load balancing equipment comprises the following steps,
step 1, load balancing equipment generates equipment ID
The method for generating the device ID comprises the following steps:
taking the BIOS serial number of the hardware equipment and the mac addresses of all network cards, and calculating the MD5 value:
device ID = MD5 (BIOS serial number + mac address of network card 1 + mac address of network card 2 + ·. + mac address of network card n), where n is the number of network cards;
the equipment ID is displayed through a management page of the load balancing equipment;
step 2, the manufacturer generates license
When a user prepares to use the load balancing equipment, the equipment ID is provided for a manufacturer, the manufacturer obtains the equipment ID, adds the validity period, the bandwidth and the function information, and generates a license plaintext;
after generating a license plaintext, encrypting the license plaintext by using a private key of a manufacturer, coding the license by using base64 to obtain a license ciphertext, and storing the license ciphertext as a file; after the license file is obtained, the license file can be sent to a user for use;
step 3, importing and verifying license by a user
After obtaining the license file, the user conducts import operation on a management page of the load balancing equipment; after the import operation, the load balancing equipment automatically checks and binds the license;
after the load balancing equipment obtains a license plaintext, comparing the equipment ID in the license plaintext with the equipment ID of the equipment, if the license plaintext is consistent with the equipment ID of the equipment, the license is valid and successfully verified, binding the license to the equipment, recording the bandwidth, expiration time and started function module of the license, and starting the load balancing equipment; if the equipment IDs are not consistent, prompt information of verification failure is given; at this point, the license generation, verification and binding process is finished.
Compared with the prior art, the invention has the advantages that: in the invention, the manufacturer generates the license corresponding to each device according to the device ID, and identifies the corresponding load balancing device through comparing the plaintext and the ciphertext of the license, thereby realizing one-to-one control of the manufacturer on the device, and controlling the bandwidth, the service life, the service function and the like of the device.
Drawings
FIG. 1 is a diagram of a web architecture without load balancing.
FIG. 2 is a public key to private key relationship diagram.
Fig. 3 is a flow chart of converting license plaintext into a license file.
Fig. 4 is a flowchart of converting a license file into license plaintext.
Fig. 5 is a flow chart of license check and binding.
Detailed Description
The method for license generation, checksum binding in the load balancing device of the present invention is further described in detail with reference to the accompanying drawings.
With reference to fig. 1 to 5, the implementation process of the license generation, verification and binding method in the load balancing device of the present invention is as follows:
a method for license generation, verification and binding in load balancing equipment comprises the following steps,
step 1, load balancing equipment generates equipment ID
The method for generating the device ID comprises the following steps:
taking the BIOS serial number of the hardware equipment and the mac addresses of all network cards, and calculating the MD5 value:
device ID = MD5 (BIOS serial number + mac address of network card 1 + mac address of network card 2 + ·. + mac address of network card n), where n is the number of network cards;
the equipment IDs of the load balance correspond to the hardware one by one, and each equipment has the unique equipment ID; the BIOS serial number is solidified in hardware when a mainboard manufacturer leaves a factory, is globally unique and cannot be modified; the mac address of the network card is solidified in hardware when the network card manufacturer leaves a factory, is globally unique and cannot be modified; thus ensuring the device ID to load balancing device correspondence uniqueness.
The device ID is displayed through a management page of the load balancing device, and is convenient for a user to obtain.
Step 2, the manufacturer generates license
(1) Public and private key pairs
When all the load balancing devices leave a factory, the same public key is built in for decrypting license data.
The load balancing manufacturer stores a private key for encrypting license data, and the private key is strictly kept secret and is not disclosed to the outside.
The private key of the manufacturer and the public key in the load balancing equipment are in a pair relationship, and license data is encrypted by the private key and decrypted by the public key.
(2) Generating license file
When a user prepares to use the load balancing equipment, the equipment ID is provided for a manufacturer, the manufacturer obtains the equipment ID, adds information such as an expiration date, bandwidth and functions, and generates a license plaintext:
=====ADC LICENSE======
the device ID: xxxxxxxxxxx
The effective period is as follows: xxxxxxx
And (3) bandwidth limitation: xxxxxxxxx
A functional module: xxxxxxxxxxxx
========================
After generating a license plaintext, encrypting the license plaintext by using a private key of a manufacturer, coding the license by using base64 to obtain a license ciphertext, and storing the license ciphertext as a file; and after the license file is obtained, the license file can be sent to the user for use.
Step 3, importing and verifying license by a user
After obtaining the license file, the user conducts import operation on a management page of the load balancing equipment; after the import operation, the load balancing equipment automatically checks and binds the license;
after the load balancing equipment obtains the license plaintext, comparing the equipment ID in the license plaintext with the equipment ID of the equipment, if the equipment ID is consistent with the equipment ID, the license is valid, the verification is successful, binding the license to the equipment, recording the bandwidth, the expiration time and the started functional module of the license, and starting the load balancing equipment; if the equipment IDs are not consistent, prompt information of verification failure is given; and ending the license generation, verification and binding process.
The present invention and its embodiments have been described above, and the description is not intended to be limiting, and the drawings are only one embodiment of the present invention, and the actual structure is not limited thereto. In summary, those skilled in the art should be able to conceive of the present invention without creative design of the similar structural modes and embodiments without departing from the spirit of the present invention, and all such modifications should fall within the protection scope of the present invention.
Claims (7)
1. A method for license generation, verification and binding in load balancing equipment is characterized in that: comprises the following steps of (a) preparing a solution,
step 1, load balancing equipment generates equipment ID
The method for generating the device ID comprises the following steps:
taking the BIOS serial number of the hardware equipment and the mac addresses of all network cards, and calculating the MD5 value:
device ID = MD5 (BIOS serial number + mac address of network card 1 + mac address of network card 2 + ·. + mac address of network card n), where n is the number of network cards;
the equipment ID is displayed through a management page of the load balancing equipment;
step 2, the manufacturer generates license
When a user prepares to use the load balancing equipment, the equipment ID is provided for a manufacturer, the manufacturer obtains the equipment ID, adds the validity period, the bandwidth and the function information, and generates a license plaintext;
after generating a license plaintext, encrypting the license plaintext by using a private key of a manufacturer, coding the license by using base64 to obtain a license ciphertext, and storing the license ciphertext as a file; after the license file is obtained, the license file can be sent to a user for use;
step 3, importing and verifying license by user
After obtaining the license file, the user conducts import operation on a management page of the load balancing equipment; after the import operation, the load balancing equipment automatically checks and binds the license;
after the load balancing equipment obtains a license plaintext, comparing the equipment ID in the license plaintext with the equipment ID of the equipment, if the license plaintext is consistent with the equipment ID of the equipment, the license is valid and successfully verified, binding the license to the equipment, recording the bandwidth, expiration time and started function module of the license, and starting the load balancing equipment; if the equipment IDs are not consistent, prompt information of verification failure is given; and ending the license generation, verification and binding process.
2. The method for license generation, checksum binding in load balancing equipment as claimed in claim 1, wherein: the load-balanced device IDs correspond to the hardware thereof one-to-one, and each device has a unique device ID.
3. The method for license generation, checksum binding in load balancing equipment according to claim 2, wherein the license generation, checksum binding comprises: the BIOS serial number is a number solidified in hardware when a mainboard manufacturer leaves a factory and cannot be modified.
4. The method for license generation, checksum binding in load balancing equipment according to claim 3, wherein: the mac address of the network card is an address which is solidified in hardware when the network card manufacturer leaves a factory and cannot be modified.
5. The method for license generation, checksum binding in load balancing equipment as claimed in claim 4, wherein: the public key in the step 2 is a public key which is built in when the load balancing device leaves a factory, and the public keys which are built in all the load balancing devices are the same and are used for decrypting license data.
6. The method for license generation, checksum binding in load balancing equipment as claimed in claim 5, wherein: the private key is stored by a load balancing manufacturer and used for encrypting license data, and the private key is strictly kept secret and is not disclosed to the outside.
7. The method for license generation, checksum binding in load balancing equipment as claimed in claim 6, wherein: the private key of the manufacturer and the public key in the load balancing equipment are in a pair relationship, and license data is encrypted by the private key and decrypted by the public key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211024961.7A CN115442025A (en) | 2022-08-25 | 2022-08-25 | License generation, verification and binding method in load balancing equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211024961.7A CN115442025A (en) | 2022-08-25 | 2022-08-25 | License generation, verification and binding method in load balancing equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115442025A true CN115442025A (en) | 2022-12-06 |
Family
ID=84244705
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211024961.7A Pending CN115442025A (en) | 2022-08-25 | 2022-08-25 | License generation, verification and binding method in load balancing equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115442025A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116401294A (en) * | 2023-02-09 | 2023-07-07 | 上海弘积信息科技有限公司 | Big data warehousing method based on elastic search |
-
2022
- 2022-08-25 CN CN202211024961.7A patent/CN115442025A/en active Pending
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116401294A (en) * | 2023-02-09 | 2023-07-07 | 上海弘积信息科技有限公司 | Big data warehousing method based on elastic search |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5522307B2 (en) | System and method for remote maintenance of client systems in electronic networks using software testing with virtual machines | |
US9086994B2 (en) | Verification of dispersed storage network access control information | |
US10992481B2 (en) | Two-dimensional code generation method, apparatus, data processing method, apparatus, and server | |
CN110798466B (en) | Verification method and system for software license in virtual machine scene | |
US8086856B2 (en) | Disabling on/off capacity on demand | |
CN112953930A (en) | Cloud storage data processing method and device and computer system | |
CN111641615A (en) | Distributed identity authentication method and system based on certificate | |
CN113676452B (en) | Replay attack resisting method and system based on one-time key | |
CN115442025A (en) | License generation, verification and binding method in load balancing equipment | |
CN112463454B (en) | Data recovery method, server, terminal device and storage medium | |
CN113221154A (en) | Service password obtaining method and device, electronic equipment and storage medium | |
JP6081857B2 (en) | Authentication system and authentication method | |
CN111290884A (en) | Data backup method and device for cash register equipment | |
CN110971609A (en) | Anti-cloning method of DRM client certificate, storage medium and electronic equipment | |
CN112738005A (en) | Access processing method, device, system, first authentication server and storage medium | |
CN112637160A (en) | Login verification method, device, equipment and storage medium | |
TWM618726U (en) | System for verifying identity on different devices based on certificates and verification data | |
CN112994882A (en) | Authentication method, device, medium and equipment based on block chain | |
CN116455579A (en) | Digital certificate management method and system | |
CN115114592A (en) | Hardware number and timestamp based equipment authorization method and system | |
CN115694895A (en) | Interface access method and device | |
CN117519597A (en) | Virtual disk management and control method, device, electronic equipment and readable storage medium | |
CN116232666A (en) | Identity authentication method and system based on total province mutual trust | |
CN112631735A (en) | Virtual machine authorization management method and device, electronic equipment and storage medium | |
CN117978396A (en) | User identity authentication method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |