CN115776379A - Internal and external network data interaction method, device and system - Google Patents
Internal and external network data interaction method, device and system Download PDFInfo
- Publication number
- CN115776379A CN115776379A CN202111039300.7A CN202111039300A CN115776379A CN 115776379 A CN115776379 A CN 115776379A CN 202111039300 A CN202111039300 A CN 202111039300A CN 115776379 A CN115776379 A CN 115776379A
- Authority
- CN
- China
- Prior art keywords
- data
- preset
- sending
- receiving
- permission attribute
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides an internal and external network data interaction method, a device and a system, wherein the method comprises the following steps: acquiring a preset sending permission attribute corresponding to the data type from a serial port object of the sending end according to the data type of the data transmitted by each transmission task; under the condition that the preset sending permission attribute is True, executing the transmission task, and sending the data and the data type of the data to a receiving end through a serial port, so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in a serial port object of the receiving end; and under the condition that the preset sending permission attribute is False, the transmission task is not executed. The invention improves the safety of data interaction between the internal network and the external network.
Description
Technical Field
The invention relates to the technical field of communication security, in particular to an internal and external network data interaction method, device and system.
Background
For enterprise private networks, especially for security-related networks, the first issue to consider is the security issue. However, in most cases, data interaction with the outside is required, so that internal and external network security isolation and data exchange are problems that must be faced and solved in daily production.
For a scene with small daily data exchange, the RS232 serial communication technology is the most original, but is widely applied due to its characteristics of simplicity, economy, safety, monopolization, and the like. By transmitting the bit stream serially on both receive and transmit sides, all network protocols are isolated, thus greatly reducing the risk of attack. In the prior art, an RS232 serial communication technology is applied to internal and external network data transmission. The communication between the internal and external network servers is carried out through the serial port communication circuit module, firstly, the serial ports of the internal and external network servers are physically connected through the circuit controller, the circuit controller ensures that the serial port circuit is connected only when data is sent, and serial ports are disconnected at other times without physical channels, so that the serial port circuit can be connected when files are transmitted.
However, since the file can be transmitted by RS232 serial communication, the file of Trojan and virus can be naturally transmitted. If the extranet and the intranet interactively transmit viruses or Trojan horse files, the security problem also exists.
Disclosure of Invention
The invention provides an internal and external network data interaction method, device and system, which are used for overcoming the defect of lower internal and external network data interaction safety in the prior art and improving the internal and external network data interaction safety.
The invention provides an internal and external network data interaction method, which is applied to a sending end in an internal and external network and comprises the following steps:
acquiring preset sending permission attributes corresponding to the data types from the serial port object of the sending end according to the data types of the data transmitted by each transmission task;
the preset sending permission attribute is a Boolean type, and the data type is pre-associated with the preset sending permission attribute;
under the condition that the preset sending permission attribute is True, executing the transmission task, and sending the data and the data type of the data to a receiving end through a serial port, so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in a serial port object of the receiving end;
the preset receiving permission attribute is a Boolean type, and the data type is pre-associated with the preset receiving permission attribute;
and under the condition that the preset sending permission attribute is False, the transmission task is not executed.
According to the method for interacting data between the internal network and the external network provided by the invention, under the condition that the preset sending permission attribute is True, the transmission task is executed, and the data is sent to a receiving end through a serial port, comprising the following steps:
adding the transmission task into a serial port task queue under the condition that the preset sending permission attribute is True;
scanning the serial port task queue every other first preset time, sequentially executing the transmission tasks according to the sequence from high to low of the priority of the data type corresponding to the transmission task in the serial port task queue scanned each time, and sending the data through the serial port;
and under the condition that the priority of the data type of the current transmitted data is not the highest and the current transmitted data is transmitted in a fragmentation mode, transmitting a preset number of fragments in the unsent fragments of the current transmitted data to the receiving end, and stopping executing the transmission task in the serial port task queue of the current scanning.
According to the method for interacting the data of the internal network and the external network provided by the invention, when the preset sending permission attribute is True, the transmission task is executed, and the data is sent to a receiving end through a serial port, the method comprises the following steps:
under the condition that the preset sending permission attribute is True and the length of the data is less than or equal to a preset threshold value, sending the data to the receiving end in a single-packet mode;
and sending the data to the receiving end in a fragmentation mode under the condition that the preset sending permission attribute is True and the length of the data is greater than a preset threshold value.
According to the method for interacting data between the internal network and the external network provided by the invention, after the data is sent to the receiving end in a single-packet mode, the method further comprises the following steps:
under the condition that the response message sent by the receiving end is not received after exceeding a second preset time length, the data is sent to the receiving end again, and then the response message sent by the receiving end is received;
after the sending the data to the receiving end in the slicing mode, the method further includes:
receiving the serial number of the data missing fragment sent by the receiving end;
and after the missing allocation is sent to the receiving end again, receiving a response message sent by the receiving end.
The invention also provides an internal and external network data interaction method, which is applied to a receiving end in the internal and external networks and comprises the following steps:
receiving data transmitted by each transmission task and the data type of the data, which are sent by a sending end, through a serial port, and acquiring a preset receiving permission attribute corresponding to the data type from a serial port object of a receiving end;
the data and the data type of the data are sent by the sending end under the condition that a preset sending permission attribute corresponding to the data type in a serial port object of the sending end is True, the preset receiving permission attribute and the preset sending permission attribute are Boolean types, the data type is pre-associated with the preset receiving permission attribute, and the data type is pre-associated with the preset sending permission attribute;
processing the data under the condition that the preset receiving permission attribute is True;
and in the case that the preset receiving permission attribute is False, discarding the data.
According to the method for interacting the data of the internal network and the external network provided by the invention, under the condition that the preset receiving permission attribute is True, the data is processed, and simultaneously, the method further comprises the following steps:
recording the number of the transmission task under the condition that the length of the data is smaller than a preset threshold value; wherein the data is transmitted in a single packet mode;
receiving data retransmitted by the transmitting end under the condition that the response message transmitted by the receiving end is not received after the preset duration is exceeded;
and if the number of the transmission task corresponding to the retransmitted data exists in the recorded number of the transmission task, sending a response message to the sending end.
According to the internal and external network data interaction method provided by the invention, under the condition that the preset receiving permission attribute is True, the data is processed, and the method comprises the following steps:
receiving the number of fragments of the data sent by the sending end under the condition that the preset sending permission attribute is True and the length of the data is greater than a preset threshold value;
under the condition that the preset receiving permission attribute is True, after a list is created according to the number of the fragments, a response message is sent to the sending end;
receiving the data fragments sent by the sending end in a fragment mode, and storing the data fragments into the corresponding positions of the serial numbers of the fragments in the list;
under the condition of receiving an end message sent by the sending end after all the fragments of the data are sent, sending the serial number of the fragment corresponding to the position with empty content in the list to the sending end;
and after receiving the fragments to which the numbers of the fragments corresponding to the empty positions retransmitted by the sending end belong, sending response messages to the sending end.
The invention also provides an internal and external network data interaction device, which comprises:
the acquisition module is used for acquiring preset sending permission attributes corresponding to data types from serial port objects of a sending end according to the data types of data transmitted by each transmission task;
the preset sending permission attribute is a Boolean type, and the data type is pre-associated with the preset sending permission attribute;
the sending module is used for executing the transmission task under the condition that the preset sending permission attribute is True, and sending the data to a receiving end through a serial port, so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in a serial port object of the receiving end;
the preset receiving permission attribute is a Boolean type, and the data type is pre-associated with the preset receiving permission attribute;
and under the condition that the preset sending permission attribute is False, the transmission task is not executed.
The invention also provides an internal and external network data interaction device, which comprises:
the receiving module is used for receiving the data transmitted by each transmission task and the data type of the data, which are sent by a sending end, through a serial port and acquiring a preset receiving permission attribute corresponding to the data type from a serial port object of a receiving end;
the data and the data type of the data are sent by the sending end under the condition that a preset sending permission attribute corresponding to the data type in a serial port object of the sending end is True, the preset receiving permission attribute and the preset sending permission attribute are Boolean types, the data type is pre-associated with the preset receiving permission attribute, and the data type is pre-associated with the preset sending permission attribute;
the processing module is used for processing the data under the condition that the preset receiving permission attribute is True; and in the case that the preset receiving permission attribute is False, discarding the data.
According to the internal and external network data interaction method, device and system, the Boolean type sending permission attribute and the Boolean type receiving permission attribute are configured for each data type in the serial port object of the internal and external networks, the transmission direction of the data of each data type in the internal and external networks is controlled, and the safety of the internal and external network serial port communication is improved.
Drawings
In order to more clearly illustrate the technical solutions of the present invention or the prior art, the drawings needed for the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
FIG. 1 is a schematic flow chart of an intranet and extranet data interaction method provided by the present invention;
FIG. 2 is a schematic diagram of a data transmission direction in the intranet and extranet data interaction method provided by the present invention;
FIG. 3 is a schematic flow chart of concurrent priority control in the intranet and extranet data interaction method provided by the present invention;
FIG. 4 is a schematic diagram of a single packet mode transmission flow in the intranet and extranet data interaction method provided by the present invention;
FIG. 5 is a schematic diagram of a transmission flow of a fragmentation mode in the intranet and extranet data interaction method provided by the present invention;
FIG. 6 is a second flowchart of the intranet and extranet data interaction method provided by the present invention;
FIG. 7 is a schematic structural diagram of an intranet and extranet data interaction device provided by the present invention;
FIG. 8 is a second schematic structural diagram of an intranet/extranet data interaction device provided by the present invention;
fig. 9 is a schematic structural diagram of an electronic device provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is obvious that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The following describes an intranet and extranet data interaction method according to the present invention with reference to fig. 1, which is applied to a sending end in an intranet and extranet, and includes: step 101, acquiring a preset sending permission attribute corresponding to a data type from a serial port object of a sending end according to the data type of data transmitted by each transmission task; the preset sending permission attribute is a Boolean type, and the data type is pre-associated with the preset sending permission attribute;
in order to solve the problem that the data transmission direction is controllable, in the embodiment, a corresponding preset sending permission attribute and a corresponding preset receiving permission attribute are added for each data type in the serial port object of the intranet and the extranet. The preset transmission permission attribute and the preset reception permission attribute are boolean types including True and False. True indicates that transmission or reception is allowed, and False indicates that transmission or reception is not allowed.
When the data type includes a message and a file, the preset transmission permission attribute includes a file transmission permission and a message transmission permission. In fig. 2, a indicates that the internal network side message transmission is allowed = True or False, B indicates that the internal network side file transmission is allowed = True or False, E indicates that the external network side message transmission is allowed = True or False, and F indicates that the external network side file transmission is allowed = True or False.
For a sending end, when processing each transmission task, a serial application program firstly checks a corresponding preset sending permission attribute according to a data type corresponding to the transmission task, such as a message or a file, and only when the preset sending permission attribute is True, the data is added into a bottom serial sending queue to wait for sending, otherwise, the data is discarded.
102, executing the transmission task under the condition that the preset sending permission attribute is True, and sending the data and the data type of the data to a receiving end through a serial port so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in the serial port object of the receiving end; the preset receiving permission attribute is a Boolean type, and the data type is pre-associated with the preset receiving permission attribute; and in the case that the preset sending permission attribute is False, not executing the transmission task.
When the data type includes a message and a file, the preset reception permission attribute includes a file reception permission and a message reception permission. C in fig. 2 denotes intra network side message reception permission = True or False, D denotes intra network side file reception permission = True or False, G denotes outer network side message reception permission = True or False, and H denotes outer network side file reception permission = True or False.
For the receiving end, every time an SI or SS message (transmission initial message of each transmission task) sent by the sending end is received, the corresponding preset receiving permission attribute of the local end is checked according to the data type of the message header, the data is further processed only when the preset receiving permission attribute is True, otherwise, the data is discarded, and the sending end is replied with a DD message to indicate to delete the transmission task and cache.
For example, in fig. 2, only if B and H are configured as True at the same time, the file at the intranet end will be successfully transmitted to the extranet. Otherwise, as long as one of the files is configured as False, the file at the intranet end fails to be transmitted.
Optionally, in practical production applications, in order to ensure the absolute security of the intranet, the messages may be configured to be transmitted in two directions, and the files may be transmitted in one direction from inside to outside. Then A, C, E and G are configured to True, B and H are configured to True, and D and F are configured to False. Under the dual guarantee, even if the external network is invaded, F is changed into True, the external network virus and the Trojan horse file can be prevented from entering the internal network.
In the embodiment, the Boolean type sending permission attribute and the Boolean type receiving permission attribute are configured for each data type in the serial port object of the internal and external networks, so that the transmission direction of the data of each data type in the internal and external networks is controlled, and the safety of serial port communication of the internal and external networks is improved.
On the basis of the foregoing embodiment, in this embodiment, when the preset transmission permission attribute is True, executing the transmission task, and transmitting the data to a receiving end through a serial port includes: adding the transmission task into a serial port task queue under the condition that the preset sending permission attribute is True;
concurrent priority control used in the prior art is controlled with serial ports or tasks as granularity. The serial port priority is ensured by adding one more serial port and setting the first serial port and the second serial port. The transmission process of a single task is not interrupted, and the subsequent tasks can only wait in a queue. If the first serial port is transmitting a large file, the second serial port needs to wait until the first serial port is idle to be processed even if a small message needs to be transmitted. The timeliness of messages is more important and sensitive than files. When multitasking is concurrent, the waiting time for message type task transmission is longer, and the perception is poor.
In the embodiment, the control strength is refined to each fragment, so that the data with high priority, such as message priority insertion processing, is realized, and the timeliness of the data transmission with high priority is improved.
In this embodiment, all transmission tasks of a data type with a preset sending permission attribute of True are added to a serial port task queue.
Scanning the serial port task queue every other first preset time, sequentially executing the transmission tasks according to the sequence from high to low of the priority of the data type corresponding to the transmission task in the serial port task queue scanned every time, and sending the data through the serial port.
The embodiment adopts a circular scanning mode to process the serial port task queue. When multiple tasks are carried out simultaneously, in order to guarantee that the data with high priority are delivered in time, each round of serial port task queue is scanned. Two processing principles were followed: firstly, a transmission task with high priority, such as message type priority processing, can process a transmission task with low priority, such as a file type task, only after the transmission task with high priority, such as the message type transmission task, is completely sent; and secondly, when processing a transmission task with low priority, such as a file type task, setting a threshold value k, directly exiting the round circulation after sending k fragments, waiting for the next round of task queue scanning, and ensuring that a newly added high-priority transmission task, such as a message task, can be processed preferentially during sending a large file.
As shown in fig. 3, at a certain time T, the serial port task queue is scanned, and there are 4 transmission tasks in total. And preferentially processing the message type task when the serial port sends the message type task. For a file-type task, every K packets sent exit and wait.
When a new round of task queue scanning is performed at the time T + L, 2 newly added tasks, namely the message 3 and the file 3, are found, the message 3 is preferentially sent, and then the file 1 is processed. In order to ensure the timeliness of message interaction, K cannot be set too large, and is generally set to be 3 to 5.
In the embodiment, the number of the fragments allowed to be sent in each cycle is introduced when the file is sent, so that the message task is preferentially inserted and processed, the priority control granularity is reduced to the fragments, and the transmission of high-priority data is more efficient.
The two transmission modes are predefined as follows. One is the single-packet mode: each time the sending end sends a data packet, the sending end needs to wait for the response returned by the receiving end to continue sending the next packet (the SI message and the SI response message). Second, a slicing mode: firstly, the necessary parameters (SS information and SS response information) of the transmission task are negotiated through the initial information, then the fragments are sent one by one, and finally the end confirmation interaction (EE information and EE response information) is carried out.
On the basis of the foregoing embodiments, in this embodiment, when the preset transmission permission attribute is True, the executing the transmission task and transmitting the data to the receiving end through the serial port includes: under the condition that the preset sending permission attribute is True and the length of the data is smaller than or equal to a preset threshold value, sending the data to the receiving end in a single-packet mode; and sending the data to the receiving end in a fragmentation mode under the condition that the preset sending permission attribute is True and the length of the data is greater than a preset threshold value.
In the prior art, the serial port transmission mode is single, and only one single packet or fragment is used in the two transmission modes. If the fragmentation mode is adopted, even if the data volume transmitted by each task is small, transmission and waiting overhead (SS, SS response, EE and EE response) of four extra messages are required; if the single-packet mode is adopted, for a transmission task with a large data volume, each data packet needs a waiting response message (SI response), and the efficiency is too low.
In order to improve the transmission efficiency, two modes, namely a single-packet mode and a slicing mode, are set for the data transmission of the bottom serial port. And when the length of the task data is less than or equal to a preset threshold, such as 3KB, adopting a single-packet mode, otherwise, adopting a slicing mode.
This embodiment can be more intelligent and high-efficient according to data size automatic adaptation transmission mode through fusing two kinds of transmission mode, and transmission efficiency improves greatly.
Optionally, in order to ensure reliable delivery of the transmission task, the present embodiment uses a Cyclic Redundancy Check (CRC) Check mechanism to ensure error-free packets. And adding a CRC code at the sending end, checking and comparing at the receiving end, discarding if the check is not passed, and waiting for the overtime retransmission of the sending end.
The check mode adopts CRC16, for each data packet or fragment, 4 bytes of original CRC check codes are calculated at a sending end, and prefix 0x is added to form CRC check codes with the length of 6 bytes, and the CRC check codes are added to the tail of the data packet or fragment. The receiving end intercepts 6 bytes after receiving the data packet or the fragment, then calculates the CRC check code for the rest data packet or the fragment, if the two are the same, the message packet is proved to have no error in the transmission process, and enters a processing link, otherwise, the message packet is discarded.
Different serial port names are set for the internal network and the external network, for example, the internal network is set as COM1, and the external network is set as COM2. Optionally, in this embodiment, a unique serial number ID is assigned to each transmission task, and the ID is marked on a message packet or a fragment transmitted by the transmission task, so as to ensure that the packet is not concatenated.
The task ID is 12 bits in length and is in the format HHMMSSss-x. HHMMSS represents 6 digits of current time, hour, minute and second, ss represents the first 4 digits of decimal part of current time and second, and x represents the last 1 digit of serial port name, so that a home terminal and an opposite terminal are distinguished.
Optionally, in order to distinguish the data types of the tasks, an AA identifier is marked on the head of the message packet or the fragment to represent the message, and a BB identifier is marked on the head of the message packet or the fragment to represent the file.
As shown in fig. 4, to ensure reliable delivery of the transmission task, for the single-packet mode, the transmission flow is as follows:
1. and the sending end sends an SI message, wherein the SI is a single-packet mode identifier. The message format is SI + task ID + data type + data content + CRC check code. And after the CRC passes, the receiving end extracts the task data type (AA or BB) of the head of the SI message, compares the task data type with the corresponding type of the receiving permission switch of the receiving end, if the task data type is True, the extracted data content is delivered to an upper application program, and meanwhile, an SI success response is sent to the sending end, wherein the message format is SI + task ID + data type + CRC check code.
2. And after receiving the SI successful response, the sending end deletes the related content of the SI message from the sending task list and the sending cache queue, otherwise, if the SI successful response is still not received after exceeding the retransmission timer, the sending end judges that the message transmission is wrong or lost, retransmits the message until the sending is successful or the DD deletion message is received, and the message format is DD + task ID + CRC check code. The DD message instructs the sending end to delete the related content of the SI message from the sending task list and the sending buffer queue.
The receiver will send back the DD message in the following two cases: 1) When receiving the SI message, checking that a message type receiving switch corresponding to a receiving end is False; 2) The receiving end has successfully received the SI message, and delivers the data content to the upper application program, but the SI response message returned to the sending end is lost, resulting in the sending end retransmitting the SI message over time.
As shown in fig. 5, to ensure reliable delivery of the transport task, for the slicing mode, the transport flow is as follows:
1. the sending end sends SS information, the SS is the slicing mode identification, and the information format is SS + task ID + data type + slicing length + CRC check code). And after the CRC of the receiving end passes, extracting the task data type (AA or BB) of the SS message header, comparing the task data type with the corresponding type of the receiving permission switch of the local end, if the task data type is True, creating a receiving queue, using the task ID as an identifier, distributing an empty list with the length of the slice number, and returning the SS message without any change.
2. And the sending end sequentially sends the fragments after receiving the SS response, and the message format is task ID + fragment number + fragment content + CRC check code. Otherwise, if the SS response is not received after the retransmission timer is exceeded, the transmission error or loss of the SS message is judged, and the SS is retransmitted. And the receiving end addresses and stores the fragments passing the CRC into the corresponding receiving queue according to the task ID and the fragment number.
3. And when the sending end finishes transmitting the fragments, sending an EE message, wherein the EE is a sending end identifier and the message format is EE + task ID + fragment length + CRC check code. And the receiving end checks the receiving queue after receiving the EE message and returns an EE response message, wherein the message format is EE + task ID + missing fragment number list + CRC check code.
4. And the transmitting end receives the EE response message, if the missing fragment number list is empty, the receiving end is indicated to complete all receiving, and the EE response message is deleted from the transmission task list and the transmitting cache queue. And if not, sequentially retransmitting the fragments with the corresponding serial numbers until receiving EE corresponding messages or DD deletion messages with empty missing fragment number lists, wherein the message format is DD + task ID + CRC codes.
The DD message instructs the sending end to delete the relevant content of the task from the sending task list and the sending buffer queue. The receiver will send back the DD message in the following two cases: 1) When receiving SS information, checking the information type receiving switch corresponding to the receiving end as False; 2) The receiving end has successfully received the EE message, checks that the task fragments are completely collected, merges the fragments and delivers the fragments to an upper application program, and deletes the task receiving cache at the same time, but the EE response message returned to the sending end is lost, which causes the sending end to retransmit the EE message overtime.
The following describes, with reference to fig. 6, an intranet/extranet data interaction method of the present invention, which is applied to a receiving end in an intranet/extranet, and includes: 601, receiving data transmitted by each transmission task and a data type of the data, which are sent by a sending end, through a serial port, and acquiring a preset receiving permission attribute corresponding to the data type from a serial port object of a receiving end;
the data and the data type of the data are sent by the sending end under the condition that a preset sending permission attribute corresponding to the data type in a serial port object of the sending end is True, the preset receiving permission attribute and the preset sending permission attribute are Boolean types, the data type is pre-associated with the preset receiving permission attribute, and the data type is pre-associated with the preset sending permission attribute;
in order to solve the problem of controllable data transmission direction, in the present embodiment, a corresponding preset sending permission attribute and a corresponding preset receiving permission attribute are added for each data type in the serial port objects of the intranet and the extranet. The preset transmission permission attribute and the preset reception permission attribute are boolean types including True and False. True indicates that transmission or reception is allowed, and False indicates that transmission or reception is not allowed.
When the data type includes a message and a file, the preset reception permission attribute includes a file reception permission and a message reception permission. The preset transmission permission attribute includes a file transmission permission and a message transmission permission.
For a sending end, when processing each transmission task, a serial application program firstly checks a corresponding preset sending permission attribute according to a data type corresponding to the transmission task, such as a message or a file, and only when the preset sending permission attribute is True, the data is added into a bottom serial sending queue to wait for sending, otherwise, the data is discarded and not processed.
For the receiving end, every time an SI or SS message sent by the sending end is received, the corresponding preset receiving permission attribute of the receiving end is checked according to the data type of the message header, the data is further processed only when the preset receiving permission attribute is True, otherwise, the data is discarded, and a response is replied to the sending end to indicate to delete the transmission task.
In the embodiment, the boolean sending permission attribute and the boolean receiving permission attribute are configured for each data type in the serial port object of the intranet and the extranet, so that the transmission direction of the data of each data type in the intranet and the extranet is controlled, and the security of serial port communication of the intranet and the extranet is improved.
On the basis of the above embodiment, after the receiving end successfully receives and processes each transmission task (closed loop), the task ID is recorded, so as to avoid subsequent repeated reception and delivery to the upper layer application program. And the task IDs of all records are completely cleared at 0 point in the next day, and the daily clearance is finished, so that the overflow caused by continuous expansion of a record list is avoided.
And after the sending end sends the SI or EE message, the sending end does not receive the response message sent by the receiving end after overtime and resends the SI or EE message. And the receiving end matches the stored successfully received task ID according to the task ID in the retransmitted SI or EE message. If the data is found, the transmission task is executed, the data is received, and a DD response message is sent to the sending end to indicate that the transmission task is deleted. The embodiment improves the reliability of data transmission.
On the basis of the foregoing embodiment, as shown in fig. 5, in this embodiment, when the preset reception permission attribute is True, the processing of the data includes: receiving the number of fragments of the data sent by the sending end under the condition that the preset sending permission attribute is True and the length of the data is greater than a preset threshold value;
under the condition that the preset receiving permission attribute is True, after a list is created according to the number of the fragments, a response message is sent to the sending end;
receiving the data fragments sent by the sending end in a fragment mode, and storing the data fragments into the corresponding positions of the serial numbers of the fragments in the list;
under the condition of receiving an end message sent by the sending end after all the fragments of the data are sent, sending the serial number of the fragment corresponding to the position with empty content in the list to the sending end;
and after receiving the fragments to which the numbers of the fragments corresponding to the empty positions retransmitted by the sending end belong, sending response messages to the sending end.
The embodiment ensures the reliability of data transmission under the condition that data is lost when the transmission data is transmitted in the fragmentation mode.
The following describes the intranet and extranet data interaction device provided by the present invention, and the intranet and extranet data interaction device described below and the intranet and extranet data interaction method described above can be referred to correspondingly.
As shown in fig. 7, the apparatus includes an obtaining module 701 and a sending module 702, where:
the obtaining module 701 is configured to obtain a preset sending permission attribute corresponding to a data type from a serial port object of a sending end according to the data type of data transmitted by each transmission task; the preset sending permission attribute is a Boolean type, and the data type is pre-associated with the preset sending permission attribute;
the sending module 702 is configured to execute the transmission task when the preset sending permission attribute is True, and send the data to a receiving end through a serial port, so that the receiving end determines to process or discard the data according to a preset receiving permission attribute corresponding to the data type in a serial port object of the receiving end;
the preset receiving permission attribute is a Boolean type, and the data type is pre-associated with the preset receiving permission attribute;
and in the case that the preset sending permission attribute is False, not executing the transmission task.
In the embodiment, the boolean sending permission attribute and the boolean receiving permission attribute are configured for each data type in the serial port object of the intranet and the extranet, so that the transmission direction of the data of each data type in the intranet and the extranet is controlled, and the security of serial port communication of the intranet and the extranet is improved.
As shown in fig. 8, the apparatus includes a receiving module 801 and a processing module 802, wherein:
the receiving module 801 is configured to receive, through a serial port, data transmitted by each transmission task and a data type of the data, which are sent by a sending end, and obtain a preset receiving permission attribute corresponding to the data type from a serial port object of a receiving end;
the data and the data type of the data are sent by the sending end under the condition that a preset sending permission attribute corresponding to the data type in a serial port object of the sending end is True, the preset receiving permission attribute and the preset sending permission attribute are Boolean types, the data type is pre-associated with the preset receiving permission attribute, and the data type is pre-associated with the preset sending permission attribute;
the processing module 802 is configured to process the data when the preset reception permission attribute is True; and in the case that the preset receiving permission attribute is False, discarding the data.
In the embodiment, the boolean sending permission attribute and the boolean receiving permission attribute are configured for each data type in the serial port object of the intranet and the extranet, so that the transmission direction of the data of each data type in the intranet and the extranet is controlled, and the security of serial port communication of the intranet and the extranet is improved.
The embodiment also provides an intranet and extranet data interaction system which comprises the intranet and extranet data interaction device in the two device embodiments.
Fig. 9 illustrates a physical structure diagram of an electronic device, and as shown in fig. 9, the electronic device may include: a processor (processor) 910, a communication Interface (Communications Interface) 920, a memory (memory) 930, and a communication bus 940, wherein the processor 910, the communication Interface 920, and the memory 930 communicate with each other via the communication bus 940. Processor 910 may invoke logic instructions in memory 930 to perform an intranet-extranet data interaction method comprising: acquiring a preset sending permission attribute corresponding to the data type from a serial port object of the sending end according to the data type of the data transmitted by each transmission task; under the condition that the preset sending permission attribute is True, executing the transmission task, and sending the data and the data type of the data to a receiving end through a serial port, so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in a serial port object of the receiving end; and under the condition that the preset sending permission attribute is False, the transmission task is not executed.
Furthermore, the logic instructions in the memory 930 may be implemented in software functional units and stored in a computer readable storage medium when the logic instructions are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, the present invention further provides a computer program product, where the computer program product includes a computer program, the computer program may be stored on a non-transitory computer-readable storage medium, and when the computer program is executed by a processor, a computer can execute the intranet and extranet data interaction method provided by the above methods, and the method includes: acquiring a preset sending permission attribute corresponding to the data type from a serial port object of the sending end according to the data type of the data transmitted by each transmission task; under the condition that the preset sending permission attribute is True, executing the transmission task, and sending the data and the data type of the data to a receiving end through a serial port, so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in a serial port object of the receiving end; and under the condition that the preset sending permission attribute is False, the transmission task is not executed.
In yet another aspect, the present invention also provides a non-transitory computer-readable storage medium, on which a computer program is stored, the computer program being implemented by a processor to perform the intranet and extranet data interaction method provided by the above methods, the method including: acquiring a preset sending permission attribute corresponding to the data type from a serial port object of the sending end according to the data type of the data transmitted by each transmission task; under the condition that the preset sending permission attribute is True, executing the transmission task, and sending the data and the data type of the data to a receiving end through a serial port, so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in a serial port object of the receiving end; and under the condition that the preset sending permission attribute is False, the transmission task is not executed.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A method for data interaction between internal and external networks is characterized in that the method is applied to a sending end in the internal and external networks and comprises the following steps:
acquiring a preset sending permission attribute corresponding to the data type from a serial port object of the sending end according to the data type of the data transmitted by each transmission task;
the preset sending permission attribute is a Boolean type, and the data type is pre-associated with the preset sending permission attribute;
under the condition that the preset sending permission attribute is True, executing the transmission task, and sending the data and the data type of the data to a receiving end through a serial port, so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in a serial port object of the receiving end;
the preset receiving permission attribute is a Boolean type, and the data type is pre-associated with the preset receiving permission attribute;
and under the condition that the preset sending permission attribute is False, the transmission task is not executed.
2. The intranet and extranet data interaction method of claim 1, wherein the executing the transmission task and transmitting the data to a receiving end through a serial port under the condition that the preset transmission permission attribute is True comprises:
adding the transmission task into a serial port task queue under the condition that the preset sending permission attribute is True;
scanning the serial port task queue every other first preset time, sequentially executing the transmission tasks according to the sequence from high to low of the priority of the data type corresponding to the transmission task in the serial port task queue scanned each time, and sending the data through the serial port;
and under the condition that the priority of the data type of the current sent data is not the highest and the data is sent in a fragment mode, sending a preset number of fragments in the unsent fragments of the current sent data to the receiving end, and stopping executing the transmission task in the serial port task queue of the current scanning.
3. The intranet and extranet data interaction method according to claim 1 or 2, wherein the executing the transmission task and transmitting the data to a receiving end through a serial port under the condition that the preset transmission permission attribute is True comprises:
under the condition that the preset sending permission attribute is True and the length of the data is smaller than or equal to a preset threshold value, sending the data to the receiving end in a single-packet mode;
and under the condition that the preset sending permission attribute is True and the length of the data is greater than a preset threshold value, sending the data to the receiving end in a slicing mode.
4. The intranet and extranet data interaction method of claim 3, wherein after the data is sent to the receiving end in a single packet mode, the method further comprises:
under the condition that the response message sent by the receiving end is not received after exceeding a second preset time length, the data is sent to the receiving end again, and then the response message sent by the receiving end is received;
after the sending the data to the receiving end in the fragmentation mode, the method further includes:
receiving the serial number of the data missing fragment sent by the receiving end;
and after the missing allocation is sent to the receiving end again, receiving a response message sent by the receiving end.
5. A data interaction method for internal and external networks is characterized in that the method is applied to a receiving end in the internal and external networks and comprises the following steps:
receiving data transmitted by each transmission task and the data type of the data, which are sent by a sending end, through a serial port, and acquiring a preset receiving permission attribute corresponding to the data type from a serial port object of a receiving end;
the data and the data type of the data are sent by the sending end under the condition that a preset sending permission attribute corresponding to the data type in a serial port object of the sending end is True, the preset receiving permission attribute and the preset sending permission attribute are Boolean types, the data type is pre-associated with the preset receiving permission attribute, and the data type is pre-associated with the preset sending permission attribute;
processing the data under the condition that the preset receiving permission attribute is True;
and in the case that the preset receiving permission attribute is False, discarding the data.
6. The intranet and extranet data interaction method according to claim 5, wherein when the preset reception permission attribute is True, the method further comprises, while processing the data:
recording the number of the transmission task under the condition that the length of the data is smaller than a preset threshold value; wherein the data is transmitted in a single packet mode;
receiving data retransmitted by the transmitting end under the condition that the response message transmitted by the receiving end is not received after the preset duration;
and if the number of the transmission task corresponding to the retransmitted data exists in the recorded number of the transmission task, sending a response message to the sending end.
7. The intranet and intranet data interaction method according to claim 5 or 6, wherein in the case that the preset reception permission attribute is True, the processing of the data includes:
receiving the number of fragments of the data sent by the sending end under the condition that the preset sending permission attribute is True and the length of the data is greater than a preset threshold value;
under the condition that the preset receiving permission attribute is True, after a list is created according to the number of the fragments, a response message is sent to the sending end;
receiving the data fragments sent by the sending end in a fragment mode, and storing the data fragments into the corresponding positions of the serial numbers of the fragments in the list;
under the condition of receiving an end message sent by the sending end after all the fragments of the data are sent, sending the serial number of the fragment corresponding to the position with empty content in the list to the sending end;
and after receiving the fragments to which the numbers of the fragments corresponding to the empty positions retransmitted by the sending end belong, sending response messages to the sending end.
8. An intranet and extranet data interaction device, comprising:
the acquisition module is used for acquiring preset sending permission attributes corresponding to the data types from the serial port object of the sending end according to the data types of the data transmitted by each transmission task;
the preset sending permission attribute is a Boolean type, and the data type is pre-associated with the preset sending permission attribute;
the sending module is used for executing the transmission task under the condition that the preset sending permission attribute is True, and sending the data to a receiving end through a serial port so that the receiving end can determine to process or discard the data according to the preset receiving permission attribute corresponding to the data type in the serial port object of the receiving end;
the preset receiving permission attribute is a Boolean type, and the data type is pre-associated with the preset receiving permission attribute;
and under the condition that the preset sending permission attribute is False, the transmission task is not executed.
9. An intranet and extranet data interaction device, comprising:
the receiving module is used for receiving the data transmitted by each transmission task and the data type of the data, which are sent by a sending end, through a serial port and acquiring a preset receiving permission attribute corresponding to the data type from a serial port object of a receiving end;
the data and the data type of the data are sent by the sending end under the condition that a preset sending permission attribute corresponding to the data type in a serial port object of the sending end is True, the preset receiving permission attribute and the preset sending permission attribute are Boolean types, the data type is pre-associated with the preset receiving permission attribute, and the data type is pre-associated with the preset sending permission attribute;
the processing module is used for processing the data under the condition that the preset receiving permission attribute is True; and in the case that the preset receiving permission attribute is False, the data is not processed.
10. An intranet and extranet data interaction system comprising the intranet and extranet data interaction apparatus according to claim 8 and claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111039300.7A CN115776379A (en) | 2021-09-06 | 2021-09-06 | Internal and external network data interaction method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111039300.7A CN115776379A (en) | 2021-09-06 | 2021-09-06 | Internal and external network data interaction method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115776379A true CN115776379A (en) | 2023-03-10 |
Family
ID=85387379
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111039300.7A Pending CN115776379A (en) | 2021-09-06 | 2021-09-06 | Internal and external network data interaction method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115776379A (en) |
-
2021
- 2021-09-06 CN CN202111039300.7A patent/CN115776379A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI353743B (en) | Method and apparatus for forwarding non-consecutiv | |
| KR100325565B1 (en) | Method and apparatus for conveying data packets in a packet data communication system | |
| RU2461147C2 (en) | Method of processing radio protocol in mobile communication system and mobile communication transmitter | |
| JP4719270B2 (en) | Data unit relay device and control method thereof | |
| CN107070613B (en) | Reliable data transmission method in distributed network environment | |
| JP2615509B2 (en) | Communication device | |
| US20150188985A1 (en) | Device and method for unidirectional data transfer | |
| CN109743143B (en) | Data retransmission method, device and computer readable storage medium | |
| WO2014065512A1 (en) | Apparatus and method for retransmitting messages | |
| CN102957522A (en) | RLC (radio link control) AM (acknowledged mode) status report processing method and system | |
| CN111886835B (en) | Message cache management in a mesh network | |
| CN108632326B (en) | Method and device for transmitting data by protocol data unit | |
| CN112769939B (en) | Big data reliable transmission method for real-time communication | |
| CN113765976A (en) | Communication method and system | |
| KR101018685B1 (en) | Apparatus and method for controling automatic repeat request reset in wireless broadbandinternet system | |
| WO2022042379A1 (en) | Data processing method, base station, terminal, and storage medium | |
| CN109039552B (en) | Data recovery method and device | |
| CN102957730A (en) | UDP (User Datagram Protocol)-based data transmission method and data transmission system | |
| CN116599953B (en) | File uploading method, device, system, equipment and readable storage medium | |
| CN115776379A (en) | Internal and external network data interaction method, device and system | |
| CN107786607B (en) | Message retransmission method, message retransmission server and user equipment | |
| CN105634894B (en) | A kind of enhanced CAN bus data re-transmitting method and device | |
| CN116455532A (en) | Reliable data transmission method, device, equipment and electronic medium | |
| CN114598651B (en) | Data transmission method and device | |
| JP3168894B2 (en) | Data transmission device and data transmission method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |