CN115981907A - Object determination method, device, equipment and storage medium - Google Patents

Object determination method, device, equipment and storage medium Download PDF

Info

Publication number
CN115981907A
CN115981907A CN202211687970.4A CN202211687970A CN115981907A CN 115981907 A CN115981907 A CN 115981907A CN 202211687970 A CN202211687970 A CN 202211687970A CN 115981907 A CN115981907 A CN 115981907A
Authority
CN
China
Prior art keywords
type
account information
connection account
target
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211687970.4A
Other languages
Chinese (zh)
Inventor
伍育珂
周富龙
曾春苗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Digital Guangdong Network Construction Co Ltd
Original Assignee
Digital Guangdong Network Construction Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Digital Guangdong Network Construction Co Ltd filed Critical Digital Guangdong Network Construction Co Ltd
Priority to CN202211687970.4A priority Critical patent/CN115981907A/en
Publication of CN115981907A publication Critical patent/CN115981907A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses an object determination method, an object determination device, object determination equipment and a storage medium. The method comprises the steps that when an abnormal event occurs in the project production environment, a target component with the abnormal event is determined; the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by the back-end service during operation; determining target connection account information with abnormal events according to the operation log of the target component; and determining a target object causing the abnormal event according to the target connection account information. According to the technical scheme, the account numbers of the user and the back-end service connecting component are separately created and managed in a differentiated mode, the refinement degree of account number management is improved, and the responsible party of a production accident is accurately positioned.

Description

Object determination method, device, equipment and storage medium
Technical Field
The present invention relates to the field of internet management technologies, and in particular, to a method, an apparatus, a device, and a storage medium for determining an object.
Background
The government affair service system is used as an open service platform facing the public, the number of access users is huge, components are inevitably required to be connected in the development, maintenance or use process of the government affair service system, and the components are independent software systems and have independent account systems.
The account number of a component is typically used to connect to the component in 2 ways: (1) The components are connected by client software of a graphical interface, typically a technician access component. Client-side redisclient, such as client-side workbench, redis of mysql database. (2) The components are connected through client classes in the source code, typically software access components at runtime. For example, mysql database links the pool framework hikari, the linked pool framework jedis of redis. In the conventional account application process, an operation and maintenance manager of a component creates an account and a default password for a technician, and then gives the account and the default password to the technician, and the technician uses the account connection component in the above 2 ways.
In engineering projects such as development, maintenance and use of a government affair service system, a plurality of technicians and a plurality of components are usually provided, and an account manager is usually provided for creating component accounts under each component for the technicians. The account administrator also needs to perform daily maintenance on the component account, and operations such as account password modification and account deletion need to be performed by the account administrator. However, the passwords of the component account, especially the passwords of the component account in the production environment, are all visible to an account administrator, which causes that account responsibility cannot be completely isolated, and once the component account performs illegal operation, the responsibility of the account administrator or the responsibility of a technician cannot be judged. Meanwhile, as the technical personnel remotely connect the components and the source code connecting components, the same account number is used, and after the production accident of the components occurs, the accident caused by the operation of the components in which mode is difficult to judge.
Disclosure of Invention
The invention provides an object determination method, an object determination device, an object determination equipment and a storage medium, which are used for improving the refinement degree of account management and accurately positioning a responsible party of a production accident by separately creating and differentially managing accounts of a user and a back-end service connecting assembly.
According to an aspect of the present invention, there is provided an object determination method, the method including:
when an abnormal event occurs in a project production environment, determining a target component in which the abnormal event occurs;
the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by a back-end service in operation;
determining target connection account information with the abnormal event from the first type of connection account information and the second type of connection account information according to the operation log of the target component;
and determining a target object causing the abnormal event according to the target connection account information.
According to another aspect of the present invention, there is provided an object determination apparatus, including:
the target component determination module is used for determining a target component with an abnormal event when the abnormal event occurs in the project production environment;
the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by a back-end service in operation;
the target connection account information determining module is used for determining target connection account information with the abnormal event from the first type of connection account information and the second type of connection account information according to the operation log of the target component;
and the target object determining module is used for determining a target object causing the abnormal event according to the target connection account information.
According to another aspect of the present invention, there is provided an electronic apparatus including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the first and the second end of the pipe are connected with each other,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the object determination method according to any of the embodiments of the invention.
According to another aspect of the present invention, there is provided a computer-readable storage medium storing computer instructions for causing a processor to implement the object determination method according to any one of the embodiments of the present invention when the computer instructions are executed.
According to the technical scheme of the embodiment of the invention, when an abnormal event occurs in a project production environment, a target component with the abnormal event is determined; the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by the back-end service during operation; determining target connection account information with abnormal events from the first type of connection account information and the second type of connection account information according to the operation log of the target component; the technical means of determining the target object causing the abnormal event according to the target connection account information solves the problem that the responsibility of the component account cannot be completely isolated in the prior art, so that the responsibility party is difficult to judge when the production accident occurs, improves the refinement degree of account management and accurately positions the responsibility party of the production accident by separately creating and differentially managing the accounts of the user and the back-end service connection component.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present invention, nor do they necessarily limit the scope of the invention. Other features of the present invention will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1a is a flowchart of an object determination method according to an embodiment of the present invention;
fig. 1b is a flowchart illustrating a specific application of an object determining method according to an embodiment of the present invention;
fig. 2a is a flowchart of another object determination method according to a second embodiment of the present invention;
fig. 2b is an exemplary flowchart of creating an operation and maintenance account for a component according to a second embodiment of the present invention;
fig. 2c is an exemplary flowchart of creating an operation and maintenance account and a program account for a component according to the second embodiment of the present invention;
fig. 2d is an exemplary flowchart of encryption and decryption of a program account password according to a second embodiment of the present invention;
fig. 2e is a flowchart illustrating a process of polling first-type connection account information according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an object determining apparatus according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device implementing the object determination method according to the embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example one
Fig. 1a is a flowchart of an object determination method according to an embodiment of the present invention, where this embodiment is applicable to a situation where a responsible party is located on a production accident in a production environment of a software engineering project, and the method may be executed by an object determination device, where the object determination device may be implemented in a form of hardware and/or software, and the object determination device may be configured in a server cluster. As shown in fig. 1a, the method comprises:
s110, when an abnormal event occurs in the project production environment, determining a target component with the abnormal event; the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by the backend service runtime.
The exception event may refer to a fault event occurring in a production environment of a large software engineering project. The target component may be one or more of a number of components in the project production environment, the number of target components not being limiting in this embodiment. The target component may be, for example, a component such as a database, a cache, or a message queue that is commonly used in an informational construction project.
In this embodiment, when an abnormal event occurs in the production environment of the software engineering project, the audit log of the production environment server may be checked, and a target component causing the abnormal event may be searched and determined.
And S120, determining target connection account information with abnormal events from the first type of connection account information and the second type of connection account information according to the operation log of the target component.
The operation log may be an operation record of the target component by technicians such as development/operation and maintenance, and by running software such as backend service. The first connection account information may include a first type account and a first type password corresponding to the first type account. The second type connection account information may include a second type account and a second type password corresponding to the second type account. The number of the second type accounts of the first type accounts can be one or more, that is, a plurality of users can be connected with the target component through the first type accounts and the first type passwords of the users respectively, and a plurality of running software of the back-end service can be connected with the target component through the second type passwords of the second type accounts of the users respectively. The target connection account information may specifically refer to an account causing an abnormal event.
Then, according to the operation log of the target component, an operation account causing an abnormal event may be located from among the plurality of first-type connection account information and second-type connection account information that are connected to and operated by the target component, so that the operation account is determined as the target connection account information.
And S130, determining a target object causing the abnormal event according to the target connection account information.
Wherein the target object may be a user or a backend service.
In this embodiment, the responsible party causing the abnormal event can be located according to the target connection account information. Specifically, if the target connection account information is the first-type connection account information, the attribution user of the target connection account information may be determined as a target object causing an abnormal event; if the target connection account information is the second type of connection account information, the home backend service of the target connection account information can be determined as a target object causing an abnormal event.
Exemplarily, fig. 1b is a flowchart of a specific application of an object determining method according to an embodiment of the present invention. Checking the production environment after a fault occurs, and searching a component causing the fault by checking an audit log of a production environment server; further looking up an account causing a fault by looking up an operation log of the component; thereby locating the person responsible for the fault according to the account detail information. Specifically, if the account is an operation and maintenance account (i.e., the first-type connection account information), it may be considered that a fault is caused, and the home user of the operation and maintenance account is further checked to locate a fault-responsible person; if the account is a program account (i.e., the second-type connection account information), the home backend service of the program account can be checked, so as to locate the responsible party.
According to the technical scheme of the embodiment of the invention, when an abnormal event occurs in a project production environment, a target component with the abnormal event is determined; the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by the back-end service during running; determining target connection account information with abnormal events according to the operation log of the target component; the technical means of determining the target object causing the abnormal event according to the target connection account information solves the problem that the responsibility of the component account cannot be completely isolated in the prior art, so that the responsibility party is difficult to judge when the production accident occurs, improves the refinement degree of account management and accurately positions the responsibility party of the production accident by separately creating and differentially managing the accounts of the user and the back-end service connection component.
Example two
Fig. 2a is a flowchart of another object determining method according to a second embodiment of the present invention, where on the basis of the above embodiments, when an abnormal event occurs in a project production environment, the present embodiment adds an operation before determining a target component in which the abnormal event occurs by using a preset program instance. As shown in fig. 2a, the method comprises:
s210, receiving an account number creating request of a preset object for a target component; the preset object comprises a user and a back-end service.
S220, running a preset program example, creating first type connection account information matched with the account creating request of the user, and creating second type connection account information matched with the account creating request of the back-end service.
The preset program example can be a pre-written program language for realizing a series of account management functions such as account creation, account deletion, account renewal, account password modification and account disabling. The first type of connection account information may include a first type of account and a first type of password, and the second type of connection account information may include a second type of account and a second type of password.
In this embodiment, after receiving an account creation request for a target component from a user and/or a backend service, by running a preset program instance, a first type of account and a first type of password matched with the first type of account that are matched with the account creation request of the user may be created, and a second type of account and a second type of password matched with the second type of account that are matched with the account creation request of the backend service may be created.
Optionally, after an account creation request of the preset object for the target component is received, the connection authority and/or identity validity of the preset object for the target component may be checked. And when the preset object has the connection authority and/or the identity of the target component is legal, establishing a corresponding connection account and a login password for the preset object.
And S230, providing the first type of connection account information to the user, and providing the second type of connection account information to a back-end service.
Optionally, the first type account and the first type password may be provided to the user, so that the user connects to the target component through the client software; encrypting the second type of password by using a preset private key to obtain a second type of password ciphertext; and providing the second type of account and the second type of password ciphertext for the back-end service, so that the back-end service is connected with the target component during running.
Specifically, after the connection account information matched with the account creation request is created, the first type of account and the first type of password plaintext can be directly provided for the user, so that the user can be connected with the target component through client software; and generating a second type password ciphertext through asymmetric encryption on the second type password, and providing the second type account and the second type password ciphertext for the back-end service so that the back-end service is connected with the target component during running.
Fig. 2b is an exemplary flowchart of creating an operation and maintenance account for a component according to a second embodiment of the present invention. When registering the operation and maintenance account of the component for the user, the user can enter an operation and maintenance account list page of the component to create, firstly, whether the user is registered or not can be judged, if the user is registered, the account and the password of the user can be added into an account list page of the component, and if the user is not registered, the operation and maintenance account of the user can be input into the operation and maintenance account list page of the component and the password can be automatically generated after the user is registered.
On the basis of the technical scheme, the method can further comprise the following steps: adding a preset public key to a folder of a production environment server deployed by a back-end service; and writing the second type account and the second type password ciphertext into a source code or a configuration file of the back-end service.
Further, the method can also comprise the following steps: reading a preset public key in a folder of the production environment server by using a back-end service, and decrypting a second type cipher ciphertext by using the preset public key to obtain a second type cipher; and connecting the target component by using the second type account and the second type password by using the back-end service.
The preset public key and the preset private key may be a pair. According to the technical scheme, the preset private key is used for encrypting the second type of cipher text, and correspondingly, the preset public key is used for decrypting the second type of cipher text.
Optionally, the second type of password may also be encrypted by using a preset public key, and the second type of password ciphertext may also be decrypted by using a preset private key. Namely, encrypting the second type of password by using a preset public key to obtain a second type of password ciphertext, and adding the preset private key into a folder of a production environment server deployed by a back-end service; the second type account and the second type password ciphertext are written into a source code or a configuration file of the back-end service; reading a preset private key in a folder of the production environment server by using a back-end service, and decrypting a second type password ciphertext by using the preset private key to obtain a second type password; and connecting the target component by using the second type account and the second type password by using the back-end service.
The above operation of asymmetrically encrypting the second type of password can make the second type of password invisible to all people, even if the administrator of the target component or the administrator of the preset program instance cannot see the plaintext of the second type of password.
In the technical scheme, the second type of account is available, but the plaintext of the second type of password is invisible; the first type account is available and the first type password is visible. Through the differentiated management of the first type of account and the second type of account, the management refinement degree of the component connection account can be improved, and the safety guarantee of the component is enhanced.
Fig. 2c is an exemplary flowchart of creating an operation and maintenance account number and a program account number for a component according to a second embodiment of the present invention. The operation and maintenance account can be created with reference to fig. 2b, and after the operation and maintenance account is created, the user can modify the password of the operation and maintenance account by himself. When the program account of the back-end service A access component B is created, a password can be automatically generated for the program account, the password is encrypted by using an asymmetric algorithm, the program account enters a program account list page of the back-end service A, and the program account and the encrypted password can be checked.
Fig. 2c and fig. 2d are exemplary flowcharts for encrypting and decrypting a program account password according to a second embodiment of the present invention. The component administrator places the asymmetrically encrypted private key into a folder of the production environment server to be deployed by the back-end service a. A developer of the back-end service A takes the program account number and the encrypted password of the component B; a, writing the program account number and the encrypted password of B into a source code or a configuration file of the back-end service A; the back-end service A deploys and runs to a production environment server; the back-end service A reads an asymmetrically encrypted private key in a folder on the production environment server to decrypt an encrypted password of the program account; the backend service a accesses the component B using the program account number and the decrypted password.
And S240, when the abnormal event occurs in the project production environment, determining the target component with the abnormal event.
And S250, determining target connection account information with abnormal events from the first type of connection account information and the second type of connection account information according to the operation log of the target component.
And S260, determining a target object causing the abnormal event according to the target connection account information.
According to the technical scheme of the embodiment of the invention, an account establishing request aiming at a target component is received by a user and a back-end service; running a preset program example, creating respective corresponding accounts, and respectively providing the accounts for the user and the back-end service; when an abnormal event occurs in the project production environment, determining a target component with the abnormal event; the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by the back-end service during operation; determining target connection account information with abnormal events according to the operation log of the target component; according to the technical means, the target object causing the abnormal event is determined according to the target connection account information, the problem that in the prior art, the responsible party is difficult to judge when the production accident occurs because the responsibility of the component account cannot be completely isolated is solved, the refined degree of account management is improved and the responsible party of the production accident is accurately positioned by separately creating and differentially managing the accounts of the user and the back-end service connection component.
On the basis of the above technical solution, the object determining method may further include: polling the first type of connection account information according to a preset polling period, and determining the current state of the first type of connection account information; and managing the first-type connection account information according to the current state.
The current state may include a renewal state, a disabled state, and a login address change state.
In an optional embodiment, managing the first type of connection account information according to the current state may include: if the renewal state is non-renewal, the first type of connection account information is temporarily forbidden and stored in a designated database, otherwise, a renewed polling result is generated; if the forbidden state is forbidden, storing one type of connection account information into a specified database, otherwise, generating an forbidden inspection result; if the change state of the login address is changed, the first-class connection account information is temporarily forbidden and stored in the specified database, otherwise, a login address unchanged inspection result is generated.
Fig. 2e is a diagram illustrating an example of a process for polling connection account information of a first type according to an embodiment of the present invention. The operation and maintenance account is the first type of connection account information in the technical scheme.
The advantage that sets up like this lies in, through the centralized management subassembly connection account number, can reduce manual management's work load, reduces manual management's fault rate, can also restrict the high risk operation of fortune dimension account number.
EXAMPLE III
Fig. 3 is a schematic structural diagram of an object determining apparatus according to a third embodiment of the present invention. As shown in fig. 3, the apparatus includes: a target component determination module 310, a target connection account information determination module 320, and a target object determination module 330. Wherein:
the target component determination module 310 is configured to determine, when an exception event occurs in the project production environment, a target component in which the exception event occurs;
the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by a back-end service in operation;
a target connection account information determining module 320, configured to determine, according to the operation log of the target component, target connection account information in which the abnormal event occurs from the first type of connection account information and the second type of connection account information;
and a target object determining module 330, configured to determine, according to the target connection account information, a target object causing the abnormal event.
According to the technical scheme of the embodiment of the invention, when an abnormal event occurs in a project production environment, a target component with the abnormal event is determined; the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by the back-end service during operation; determining target connection account information with abnormal events according to the operation log of the target component; the technical means of determining the target object causing the abnormal event according to the target connection account information solves the problem that the responsibility of the component account cannot be completely isolated in the prior art, so that the responsibility party is difficult to judge when the production accident occurs, improves the refinement degree of account management and accurately positions the responsibility party of the production accident by separately creating and differentially managing the accounts of the user and the back-end service connection component.
Optionally, the object determining apparatus further includes an account creating module, configured to determine that a target component of an abnormal event occurs before the target component of the abnormal event occurs when the abnormal event occurs in the project production environment, and the account creating module includes:
an account creating request receiving unit, configured to receive an account creating request of a preset object for the target component; the preset object comprises the user and the back-end service;
an account creating unit, configured to run a preset program instance, create the first type of connection account information that matches the account creating request of the user, and create the second type of connection account information that matches the account creating request of the backend service;
and the account information feedback unit is used for providing the first type of connection account information for the user and providing the second type of connection account information for the back-end service.
Optionally, the first type connection account information includes a first type account and a first type password; the second type connection account information comprises a second type account and a second type password;
the account information feedback unit may be specifically configured to:
providing the first type account and the first type password to the user, and enabling the user to be connected with the target component through the client software;
the account information feedback unit may be further specifically configured to: :
encrypting the second type of password by using a preset private key to obtain a second type of password ciphertext;
and providing the second type of account and the second type of password ciphertext to the back-end service, so that the back-end service is connected with the target component during running.
Optionally, adding a preset public key to a folder of a production environment server deployed by the backend service;
and the second type account and the second type password ciphertext are written into a source code or a configuration file of the back-end service.
Optionally, the object determining apparatus further includes a second type cipher text decryption module, configured to:
reading the preset public key in a folder of the production environment server by using the back-end service, and decrypting the second type cipher ciphertext by using the preset public key to obtain the second type cipher;
and connecting the target component by using the second type account and the second type password by using the back-end service.
Optionally, the object determining apparatus further includes a first connection account information management module, which includes:
the first-type connection account information state determining unit is used for polling the first-type connection account information according to a preset polling period and determining the current state of the first-type connection account information;
and the first-type connection account information management unit is used for managing the first-type connection account information according to the current state.
Optionally, the current state includes a renewal state, a disabled state and a login address change state;
the first-type connection account information management unit may specifically be configured to:
if the renewal state is not renewal, the first type of connection account information is temporarily forbidden and stored in a designated database, otherwise, a renewed polling result is generated;
if the forbidden state is forbidden, storing the information of the connection account numbers into a specified database, otherwise, generating an forbidden inspection result;
if the change state of the login address is changed, the first type of connection account information is temporarily forbidden and stored in a designated database, otherwise, a login address unchanged inspection result is generated.
The object determination device provided by the embodiment of the invention can execute the object determination method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
Example four
FIG. 4 shows a schematic block diagram of an electronic device 400 that may be used to implement embodiments of the invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 4, the electronic device 400 includes at least one processor 401, and a memory communicatively connected to the at least one processor 401, such as a Read Only Memory (ROM) 402, a Random Access Memory (RAM) 403, and the like, wherein the memory stores computer programs executable by the at least one processor, and the processor 401 may perform various suitable actions and processes according to the computer programs stored in the Read Only Memory (ROM) 402 or the computer programs loaded from a storage unit 408 into the Random Access Memory (RAM) 403. In the RAM 403, various programs and data required for the operation of the electronic device 400 can also be stored. The processor 401, ROM 402 and RAM 403 are connected to each other by a bus 404. An input/output (I/O) interface 405 is also connected to bus 404.
A number of components in the electronic device 400 are connected to the I/O interface 405, including: an input unit 406 such as a keyboard, a mouse, or the like; an output unit 407 such as various types of displays, speakers, and the like; a storage unit 408 such as a magnetic disk, optical disk, or the like; and a communication unit 409 such as a network card, modem, wireless communication transceiver, etc. The communication unit 409 allows the electronic device 400 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
Processor 401 may be a variety of general and/or special purpose processing components with processing and computing capabilities. Some examples of processor 401 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. The processor 401 performs the various methods and processes described above, such as the object determination method.
In some embodiments, the object determination method may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such as storage unit 408. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 400 via the ROM 402 and/or the communication unit 409. When the computer program is loaded into RAM 403 and executed by processor 401, one or more steps of the object determination method described above may be performed. Alternatively, in other embodiments, the processor 401 may be configured to perform the object determination method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for implementing the methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on a machine, as a stand-alone software package partly on a machine and partly on a remote machine or entirely on a remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the Internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above, reordering, adding or deleting steps, may be used. For example, the steps described in the present invention may be executed in parallel, sequentially, or in different orders, and are not limited herein as long as the desired results of the technical solution of the present invention can be achieved.
The above-described embodiments should not be construed as limiting the scope of the invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. An object determination method, comprising:
when an abnormal event occurs in the project production environment, determining a target component in which the abnormal event occurs;
the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by a back-end service in operation;
determining target connection account information with the abnormal event from the first type of connection account information and the second type of connection account information according to the operation log of the target component;
and determining a target object causing the abnormal event according to the target connection account information.
2. The method of claim 1, wherein upon occurrence of an exception event to a project production environment, prior to determining a target component of the occurrence of the exception event, further comprising:
receiving an account number creating request of a preset object for the target component; the preset object comprises the user and the back-end service;
running a preset program example, creating the first type of connection account information matched with the account creation request of the user, and creating the second type of connection account information matched with the account creation request of the back-end service;
and providing the first type of connection account information to the user, and providing the second type of connection account information to the back-end service.
3. The method according to claim 2, wherein the first type connection account information includes a first type account and a first type password; the second type connection account information comprises a second type account and a second type password;
providing the first type of connection account information to the user, including:
providing the first type account and the first type password to the user, and enabling the user to be connected with the target component through the client software;
providing the second type of connection account information to the backend service, including:
encrypting the second type of password by using a preset private key to obtain a second type of password ciphertext;
and providing the second type account and the second type password ciphertext to the back-end service, so that the back-end service is connected with the target component when running.
4. The method of claim 3, wherein a preset public key is added to a folder of a production environment server deployed by the backend service;
and the second type account and the second type password ciphertext are written into a source code or a configuration file of the back-end service.
5. The method of claim 4, further comprising:
reading the preset public key in a folder of the production environment server by using the back-end service, and decrypting the second type cipher ciphertext by using the preset public key to obtain the second type cipher;
and connecting the target component by using the second type account and the second type password by using the back-end service.
6. The method of claim 1, further comprising:
polling the first type of connection account information according to a preset polling period, and determining the current state of the first type of connection account information;
and managing the first type connection account information according to the current state.
7. The method of claim 6, wherein the current state comprises a renewal state, a disable state, and a login address change state;
managing the first-class connection account information according to the current state, wherein the managing comprises the following steps:
if the renewal state is non-renewal, the first type of connection account information is temporarily forbidden and stored in a designated database, otherwise, a renewed polling result is generated;
if the forbidden state is forbidden, storing the information of the connection account numbers into a specified database, otherwise, generating an forbidden inspection result;
if the change state of the login address is changed, the first type of connection account information is temporarily forbidden and stored in a designated database, and if not, a login address unchanged routing inspection result is generated.
8. An object determination apparatus, comprising:
the target component determination module is used for determining a target component with an abnormal event when the abnormal event occurs in the project production environment;
the target component is provided with corresponding first-type connection account information and second-type connection account information, and the first-type connection account information is used by a user in client software; the second type of connection account information is used by a back-end service in operation;
the target connection account information determining module is used for determining target connection account information with the abnormal event from the first type of connection account information and the second type of connection account information according to the operation log of the target component;
and the target object determining module is used for determining a target object causing the abnormal event according to the target connection account information.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the object determination method of any one of claims 1-7.
10. A computer-readable storage medium storing computer instructions for causing a processor to perform the object determination method of any one of claims 1-7 when executed.
CN202211687970.4A 2022-12-27 2022-12-27 Object determination method, device, equipment and storage medium Pending CN115981907A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211687970.4A CN115981907A (en) 2022-12-27 2022-12-27 Object determination method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211687970.4A CN115981907A (en) 2022-12-27 2022-12-27 Object determination method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115981907A true CN115981907A (en) 2023-04-18

Family

ID=85973632

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211687970.4A Pending CN115981907A (en) 2022-12-27 2022-12-27 Object determination method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115981907A (en)

Similar Documents

Publication Publication Date Title
US9544380B2 (en) Data analytics and security in social networks
US11762979B2 (en) Management of login information affected by a data breach
CN111666578A (en) Data management method and device, electronic equipment and computer readable storage medium
CN110661776B (en) Sensitive data tracing method, device, security gateway and system
CN114595481A (en) Method, device, equipment and storage medium for processing response data
CN113904821A (en) Identity authentication method and device and readable storage medium
CN115688133A (en) Data processing method, device, equipment and storage medium
CN114513350A (en) Identity verification method, system and storage medium
CN113946816A (en) Cloud service-based authentication method and device, electronic equipment and storage medium
US20180365687A1 (en) Fraud detection
CN113158196A (en) Login verification method, device, equipment and medium
CN116089985A (en) Encryption storage method, device, equipment and medium for distributed log
CN113992345B (en) Webpage sensitive data encryption and decryption method and device, electronic equipment and storage medium
CN115550413A (en) Data calling method and device, service gateway and storage medium
CN116244682A (en) Database access method, device, equipment and storage medium
CN115981907A (en) Object determination method, device, equipment and storage medium
US11580210B2 (en) Password authentication
CN114372078A (en) Data security protection method and device
CN114785583A (en) Method, device, equipment and medium for encrypted sending and verifying of interface request
CN113127825A (en) Access right verification method and device
CN113765866A (en) Method and device for logging in remote host
CN113114693B (en) Account state display method and device
CN115906131B (en) Data management method, system, equipment and storage medium
CN115776402A (en) System login and logout method and device, electronic equipment and storage medium
CN117336072A (en) Multi-fort machine access system, method, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination