CN116582364A

CN116582364A - Data access method, system, device, electronic equipment and readable storage medium

Info

Publication number: CN116582364A
Application number: CN202310852011.1A
Authority: CN
Inventors: 王兴隆; 宿燕鸣; 吴安; 李金锋; 刘宝阳; 班华堂
Original assignee: Suzhou Inspur Intelligent Technology Co Ltd
Current assignee: Suzhou Inspur Intelligent Technology Co Ltd
Priority date: 2023-07-12
Filing date: 2023-07-12
Publication date: 2023-08-11
Anticipated expiration: 2043-07-12
Also published as: CN116582364B

Abstract

The invention discloses a data access method, a system, a device, electronic equipment and a readable storage medium, relates to the technical field of servers, and aims to solve the problem of unsafe data access caused by data interaction by using an unsafe protocol in the traditional data access technology, wherein the data access method applied to a server side comprises the following steps: when an access request sent by a client is received, determining a protocol conversion mark of the access request; determining the request type of the access request according to the protocol conversion mark; the request types comprise a protocol conversion request and a protocol non-conversion request, wherein the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of a non-security protocol according to a preset security protocol by a client; when the request type is a protocol conversion request, analyzing the protocol conversion request to obtain the protocol type and the protocol data of the non-safety protocol; and processing the protocol data by utilizing the non-security protocol service process corresponding to the protocol type to obtain an access result.

Description

Data access method, system, device, electronic equipment and readable storage medium

Technical Field

The present invention relates to the field of server technologies, and in particular, to a data access method, system, device, electronic apparatus, and readable storage medium.

Background

Currently, the monitoring management system in the server supports a variety of network protocols, some of which are relatively secure protocols, such as HTTP protocol (HyperText Transfer Protocol ), and some of which are relatively insecure protocols, such as IPMI protocol (Intelligent Platform Management Interface ).

However, in the development process of the monitoring management technology, different users use different interaction protocols to communicate with the monitoring management system due to the difference of the management modes of the users, and the interaction protocols can be secure protocols or non-secure protocols, wherein the interaction security of the non-secure protocols cannot be effectively ensured due to relatively old algorithms.

Therefore, how to achieve more secure data access is a technical problem that needs to be solved by those skilled in the art.

Disclosure of Invention

The invention aims to provide a data access method which can effectively improve the safety of data access; it is another object of the present invention to provide a data access system, apparatus, electronic device, computer readable storage medium, all having the above-mentioned beneficial effects.

In a first aspect, the present invention provides a data access method, applied to a server, including:

when an access request sent by a client is received, determining a protocol conversion mark of the access request;

determining the request type of the access request according to the protocol conversion mark; the request types comprise a protocol conversion request and a protocol non-conversion request, and the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of a non-security protocol according to a preset security protocol by the client;

when the request type is the protocol conversion request, analyzing the protocol conversion request to obtain the protocol type and the protocol data of the non-secure protocol;

and processing the protocol data by utilizing the non-security protocol service process corresponding to the protocol type to obtain an access result.

Optionally, the determining the request type of the access request according to the protocol conversion flag includes:

when the protocol conversion mark is a first numerical value, determining that the request type of the access request is the protocol conversion request;

and when the protocol conversion mark is a second value, determining that the request type of the access request is the protocol non-conversion request.

Optionally, receiving the access request sent by the client includes:

receiving the access request sent by the client through a server controller;

waking up a data receiving process through the server controller;

and calling a server driver to access the server controller through the data receiving process to obtain the access request.

Optionally, the data receiving process is deployed in a server kernel, and the waking up, by the server controller, the data receiving process includes:

and sending an interrupt signal to the server core through the server controller so that the server core wakes up the data receiving process according to the interrupt signal.

Optionally, the parsing the protocol conversion request to obtain the protocol type and the protocol data of the non-secure protocol includes:

the protocol conversion request is sent to a data processing process through the data receiving process;

and analyzing the data field of the protocol conversion request through the data processing process to obtain the protocol type and the protocol data of the non-secure protocol.

Optionally, the sending, by the data receiving process, the protocol conversion request to a data processing process includes:

And sending the protocol conversion request to the data processing process through the data receiving process in a message queue or a communication mode of cross-process communication.

Optionally, the processing the protocol data by using the non-security protocol service process corresponding to the protocol type to obtain an access result includes:

calling a protocol distribution program through the data processing process;

determining an unsafe protocol service process corresponding to the protocol type by utilizing the protocol distribution program;

and processing the protocol data through the non-security protocol service process to obtain the access result.

Optionally, the processing the protocol data by using the non-security protocol service process corresponding to the protocol type, after obtaining the access result, further includes:

packaging the access result and the protocol type of the non-security protocol according to the preset security protocol to obtain a security access result based on the preset security protocol;

and feeding the security access result back to the client.

Optionally, the data access method further includes:

when the request type is the protocol unconverted request, analyzing the protocol unconverted request to obtain a security protocol type and security protocol data;

And processing the security protocol data by using the security protocol service process corresponding to the security protocol type to obtain an access result.

In a second aspect, the present invention provides a data access method, applied to a client, including:

acquiring a protocol type and protocol data of a non-secure protocol;

packaging the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol;

setting a protocol conversion mark in the access request to obtain a protocol conversion request;

and sending the protocol conversion request to a server for data access.

Optionally, the acquiring the protocol type and the protocol data of the non-secure protocol includes:

acquiring the protocol type and the protocol data of the non-secure protocol through a command line interface;

correspondingly, the encapsulating the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol includes:

and filling the protocol type and the protocol data into a command line corresponding to the preset security protocol, and generating an access request based on the preset security protocol.

acquiring an initial access request based on a non-secure protocol;

and analyzing the initial access request to obtain the protocol type and the protocol data of the non-secure protocol.

Optionally, the encapsulating the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol includes:

determining target address information according to the preset security protocol;

and filling the target address information into a header field of the access request, and filling the protocol type and the protocol data into a data field of the access request to obtain the access request.

Optionally, the sending the protocol conversion request to the server for data access includes:

and sending the protocol conversion request to the server for data access according to the target address information.

the protocol conversion request is sent to a client controller through a client driver;

and sending the protocol conversion request to the server through the client controller for data access.

Optionally, the data access method further includes:

receiving a security access result fed back by the server; the security access result is obtained by the server side by packaging the access result based on the non-security protocol and the protocol type of the non-security protocol according to the preset security protocol;

analyzing the security access result according to the preset security protocol to obtain the access result and the protocol type;

and outputting the access result.

Optionally, the encapsulating the protocol type and the protocol data according to a preset security protocol, before obtaining the access request based on the preset security protocol, further includes:

determining the working state of the server; the working states comprise an unsafe protocol service opening state and an unsafe protocol service closing state;

when the working state is the non-safety protocol service closing state, executing the step of packaging the protocol type and the protocol data according to a preset safety protocol to obtain an access request based on the preset safety protocol;

and when the working state is the non-safety protocol service opening state, generating a non-safety access request based on the non-safety protocol according to the protocol type and the protocol data, and sending the non-safety access request to a server for data access.

In a third aspect, the present invention provides a data access system, including a client and a server;

the client is used for acquiring the protocol type and the protocol data of the non-secure protocol; packaging the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol; setting a protocol conversion mark in the access request to obtain a protocol conversion request; the protocol conversion request is sent to a server;

the server side is used for determining a protocol conversion mark of the access request when the access request sent by the client side is received; determining the request type of the access request according to the protocol conversion mark; the request types comprise a protocol conversion request and a protocol non-conversion request, and the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of a non-security protocol according to a preset security protocol by the client; when the request type is the protocol conversion request, analyzing the protocol conversion request to obtain the protocol type and the protocol data of the non-secure protocol; and processing the protocol data by utilizing the non-security protocol service process corresponding to the protocol type to obtain an access result.

Optionally, data communication is performed between the client and the server through a wireless communication channel.

Optionally, the client and the server communicate data through a physical communication link.

Optionally, the physical communication link is an integrated circuit bus or a universal serial bus.

In a fourth aspect, the present invention provides a data access device, applied to a server, including:

the first determining module is used for determining a protocol conversion mark of an access request sent by a client when the access request is received;

the second determining module is used for determining the request type of the access request according to the protocol conversion mark; the request types comprise a protocol conversion request and a protocol non-conversion request, and the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of a non-security protocol according to a preset security protocol by the client;

the analysis module is used for analyzing the protocol conversion request to obtain the protocol type and the protocol data of the unsafe protocol when the request type is the protocol conversion request;

and the processing module is used for processing the protocol data by utilizing the non-security protocol service process corresponding to the protocol type to obtain an access result.

In a fifth aspect, the present invention provides a data access device, applied to a client, including:

the acquisition module is used for acquiring the protocol type and the protocol data of the non-secure protocol;

the packaging module is used for packaging the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol;

the setting module is used for setting a protocol conversion mark in the access request to obtain a protocol conversion request;

and the sending module is used for sending the protocol conversion request to the server for data access.

In a sixth aspect, the present invention provides an electronic device, including:

a memory for storing a computer program;

a processor for implementing the steps of any of the data access methods described above when executing the computer program.

In a seventh aspect, the present invention provides a computer readable storage medium having stored thereon a computer program which when executed by a processor implements the steps of any of the data access methods described above.

The technical scheme provided by the invention has the following technical effects:

In the data access process, when a client needs to access data through an unsafe protocol, the protocol type and access data of the unsafe protocol can be determined first, then the unsafe protocol type and the access data are packaged according to a preset safe protocol to obtain an access request based on the preset safe protocol, and the access request is sent to a server to access the data based on the preset safe protocol; for the server, after receiving the access request, the request type of the access request can be determined by analyzing the protocol conversion mark in the request, when the request type is determined to be the protocol conversion request, the request type can be analyzed according to the preset security protocol to obtain the protocol type and the protocol data of the non-security protocol, and then the non-security protocol service process corresponding to the non-security protocol is determined according to the protocol type, so that the non-security protocol service process is called to process the access data of the non-security protocol to obtain an access result, thereby realizing the package of the non-security protocol based on the security protocol, enabling the data access based on the security protocol between the client and the server, namely ensuring that the data access of the client to the server is based on the security protocol, and effectively ensuring the security of the data access.

The invention also discloses another data access method, a data access system, a data access device, an electronic device and a computer readable storage medium, which have the same technical effects as described above, and the invention is not repeated here.

Drawings

In order to more clearly illustrate the technical solutions in the prior art and the embodiments of the present invention, the following will briefly describe the drawings that need to be used in the description of the prior art and the embodiments of the present invention. Of course, the following drawings related to embodiments of the present invention are only a part of embodiments of the present invention, and it will be obvious to those skilled in the art that other drawings can be obtained from the provided drawings without any inventive effort, and the obtained other drawings also fall within the scope of the present invention.

FIG. 1 is a schematic flow chart of a data access method according to the present invention;

FIG. 2 is a flow chart of another data access method according to the present invention;

FIG. 3 is a schematic diagram of a data access system according to the present invention;

FIG. 4 is a schematic diagram of an encapsulation format of a protocol conversion request according to the present invention;

FIG. 5 is a flowchart of a method for sending an access request by a client according to the present invention;

FIG. 6 is a flowchart of a method for receiving return data by a client according to the present invention;

FIG. 7 is a flowchart of a method for receiving and processing an access request by a server according to the present invention;

fig. 8 is a schematic diagram of a software architecture of a server provided by the present invention;

FIG. 9 is a flowchart illustrating a method for invoking an unsafe protocol service process for data processing according to the present invention;

FIG. 10 is a flowchart of data processing based on a server process according to the present invention;

FIG. 11 is a schematic diagram of a software architecture of a server with a non-security protocol switch control function according to the present invention;

FIG. 12 is a schematic diagram of a data access device according to the present invention;

FIG. 13 is a schematic diagram of another data access device according to the present invention;

fig. 14 is a schematic structural diagram of an electronic device according to the present invention.

Detailed Description

The core of the invention is to provide a data access method which can effectively improve the safety of data access; another core of the present invention is to provide a data access system, apparatus, electronic device, computer readable storage medium, which all have the above-mentioned advantages.

In order to more clearly and completely describe the technical solutions in the embodiments of the present invention, the technical solutions in the embodiments of the present invention will be described below with reference to the accompanying drawings in the embodiments of the present invention. It will be apparent that the described embodiments are only some, but not all, embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

The embodiment of the invention provides a data access method.

Referring to fig. 1, fig. 1 is a flow chart of a data access method provided by the present invention, where the data access method is applied to a server, and may include the following steps S101 to S104.

S101: when an access request sent by a client is received, a protocol conversion flag of the access request is determined.

It should be noted that, the data access method provided by the embodiment of the present invention aims to realize the data access of the client to the server, and the data access method is applied to the server.

This step aims at realizing the receiving of an access request and the determination of a protocol conversion flag, wherein the access request is initiated by a client, the protocol conversion flag is a certain data field in the access request and is used for determining the request type of the access request, and the request type comprises a converted protocol request (the access request subjected to protocol conversion) and a non-converted protocol request (the access request not subjected to protocol conversion). When the client needs to access data to the server, the access request can be a protocol conversion request or a protocol non-conversion request, so that the server can analyze the protocol conversion mark after receiving the access request initiated by the client, so that the request type of the access request can be determined according to the protocol conversion mark, and the access request can be processed according to the request type.

It should be noted that, the communication manner between the client and the server does not affect the implementation of the technical scheme, and the implementation can be set by a technician according to actual situations, which is not limited by the present invention. For example, in one possible implementation manner, the receiving the access request sent by the client may include: receiving an access request sent by a client through a wireless communication channel; that is, both the client and the server can access the internet through the network card, so that data access based on the wireless internet is realized between the client and the server. For another example, in another possible implementation manner, the receiving the access request sent by the client may include: receiving an access request sent by a client through a physical communication link; the type of physical communication link is not unique, and may be, for example, an integrated circuit bus (e.g., I2C, inter-Integrated Circuit; I3C, improved Inter Integrated Circuit) or a universal serial bus (e.g., USB, universal Serial Bus), etc.

S102: determining the request type of the access request according to the protocol conversion mark; the request types comprise a protocol conversion request and a protocol non-conversion request, and the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of the non-security protocol according to a preset security protocol by the client.

This step is intended to enable determination of the request type. As described above, the request types include a protocol conversion request, which refers to an access request after protocol conversion, and a protocol non-conversion request, which refers to an access request after no protocol conversion. Under the circumstance, when the client needs to perform data access to the server, and the data access is based on the non-secure protocol, the protocol type and the access data of the non-secure protocol can be determined first, then the protocol type and the protocol data of the non-secure protocol are packaged according to a pre-designated secure protocol (i.e. the pre-set secure protocol) to obtain the access request, the access request is a protocol conversion request, and then the protocol conversion request is sent to the server so as to perform data access to the server based on the protocol conversion request. Under another request, when the client needs to perform data access to the server, and the data access is based on a security protocol, an access request based on the security protocol can be directly generated, and the access request is a protocol unconverted request, and then the protocol unconverted request is sent to the server, so that the data access to the server is performed based on the protocol unconverted request. Therefore, whether the client needs to access data to the server based on the non-secure protocol or the secure protocol, the data interaction between the client and the server can be realized based on the secure protocol through the protocol conversion operation.

Accordingly, for the server, after the server parses and determines the protocol conversion flag in the access request, the request type of the access request can be determined according to the protocol conversion flag. As described above, the protocol conversion flag is a certain data field in the access request, and the request type of the access request can be indicated by setting different flag information therefor. For example, in one possible implementation manner, determining the request type of the access request according to the protocol conversion flag may include: when the protocol conversion mark is a first numerical value, determining that the request type of the access request is a protocol conversion request; when the protocol conversion flag is a second value, it is determined that the request type of the access request is a protocol non-conversion request. Wherein the first value may be 1 and the second value may be 0.

S103: when the request type is a protocol conversion request, the protocol conversion request is analyzed to obtain the protocol type and the protocol data of the non-security protocol.

This step aims at realizing the parsing process of the protocol conversion request. As described above, the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of the non-secure protocol by the client according to the preset secure protocol, so, for the server to process the access request, after determining that the request type of the access request is the protocol conversion request, the server can parse the protocol conversion request to obtain the encapsulated protocol type and the encapsulated protocol data of the non-secure protocol, so as to process the access request.

S104: and processing the protocol data by utilizing the non-security protocol service process corresponding to the protocol type to obtain an access result.

The step aims at realizing access request processing and obtaining a corresponding access result. Specifically, the service end is provided with unsafe protocol service processes corresponding to various unsafe protocols (namely, different unsafe protocols correspond to different unsafe protocol service processes) and is used for processing corresponding unsafe protocol requests. Therefore, after the server determines the protocol type and the protocol data of the non-secure protocol, the non-secure protocol service process corresponding to the current non-secure protocol can be determined according to the protocol type, and then the non-secure protocol service process is called to process the protocol data, and the obtained processing result is the access result of the access request.

Therefore, according to the data access method provided by the embodiment of the invention, when the client needs to access data through the non-secure protocol, the protocol type and the access data of the non-secure protocol can be determined first, then the access request based on the preset secure protocol is obtained by packaging the non-secure protocol and the access data according to the preset secure protocol, and the access request is sent to the server for data access based on the preset secure protocol; for the server, after receiving the access request, the request type of the access request can be determined by analyzing the protocol conversion mark in the request, when the request type is determined to be the protocol conversion request, the request type can be analyzed according to the preset security protocol to obtain the protocol type and the protocol data of the non-security protocol, and then the non-security protocol service process corresponding to the non-security protocol is determined according to the protocol type, so that the non-security protocol service process is called to process the access data of the non-security protocol to obtain an access result, thereby realizing the package of the non-security protocol based on the security protocol, enabling the data access based on the security protocol between the client and the server, namely ensuring that the data access of the client to the server is based on the security protocol, and effectively ensuring the security of the data access.

Based on the above embodiments:

in an embodiment of the present invention, the receiving the access request sent by the client may include the following steps:

receiving an access request sent by a client through a server controller;

waking up a data receiving process through a server controller;

and calling a server driver to access the server controller through a data receiving process to obtain an access request.

The embodiment of the invention provides a realization method for receiving an access request. Specifically, the server is provided with a data receiving process, a server controller and a server driver, wherein the data receiving process can receive the access request by combining the server controller and the server driver. In the implementation process, the data receiving process is in a silent state under the non-working condition, the data receiving process needs to be in a working state through waking up, the server side firstly receives an access request sent by the client side through the server side controller, and the server side controller wakes up the data receiving process after receiving the access request, so that the data receiving process can access the server side controller by calling a server side driver, and the access request is read and obtained in the server side controller. So far, the server side receives the client side access request.

In an embodiment of the present invention, the data receiving process is deployed in a server kernel, and the waking up of the data receiving process by a server controller may include: and sending an interrupt signal to the server core through the server controller so that the server core wakes up the data receiving process according to the interrupt signal.

The embodiment of the invention provides a method for realizing a wake-up data receiving process. Specifically, the data receiving process is deployed in the server core and is in a silent state under the non-working condition, when the server controller receives the access request sent by the client, an interrupt signal is sent to the server core to inform that the access request initiated by the client is currently received, and at the moment, the server core responds to the interrupt signal to wake up the data receiving process, so that the data receiving process can acquire the access request from the server controller for subsequent processing.

In an embodiment of the present invention, the parsing the protocol conversion request to obtain the protocol type and the protocol data of the non-secure protocol may include the following steps:

transmitting the protocol conversion request to a data processing process through a data receiving process;

And analyzing the data field of the protocol conversion request through a data processing process to obtain the protocol type and the protocol data of the non-secure protocol.

The embodiment of the invention provides a method for determining the protocol type and the protocol data of a non-secure protocol according to a protocol conversion request. In the embodiment of the invention, the client access request is received based on the data receiving process, the analysis of the client access request is realized based on the data processing process, and the protocol type and the protocol data of the non-secure protocol are encapsulated in the data field of the protocol conversion request, so that the data receiving process can forward the protocol conversion request to the data processing process after acquiring the protocol conversion request, so that the data receiving process analyzes the protocol conversion request to obtain the protocol type and the protocol data of the non-secure protocol.

In one embodiment of the present invention, the sending, by the data receiving process, the protocol conversion request to the data processing process may include: and sending the protocol conversion request to the data processing process through the data receiving process in a message queue or a communication mode of cross-process communication.

The embodiment of the invention provides a method for realizing data communication between processes, namely a communication mode of message queues or cross-process communication, namely, a data receiving process can send a protocol conversion request to a data processing process in a communication mode of message queues or cross-process communication (such as Dbus, a message bus system for communication between application programs) so as to realize data communication between the data receiving process and the data processing process.

In an embodiment of the present invention, the processing of the protocol data by using the non-secure protocol service process corresponding to the protocol type to obtain the access result may include the following steps:

calling a protocol distribution program through a data processing process;

determining an unsafe protocol service process corresponding to the protocol type by utilizing a protocol distribution program;

and processing the protocol data through the non-security protocol service process to obtain an access result.

The embodiment of the invention provides a realization method for processing protocol data. Specifically, a protocol distribution program can be created in advance at the server side, and is used for determining the non-security protocol service process based on the protocol type of the non-security protocol. In the implementation process, after determining the protocol type and the protocol data of the non-secure protocol, the data processing process can call a protocol distribution program, and the protocol distribution program can inquire the protocol type and further determine the corresponding non-secure protocol service process, so that the protocol data can be sent to the non-secure protocol service process for processing, and a corresponding access result is obtained.

In an embodiment of the present invention, the processing of the protocol data by using the non-secure protocol service process corresponding to the protocol type may further include the following steps after obtaining the access result:

Packaging the access result and the protocol type of the non-security protocol according to a preset security protocol to obtain a security access result based on the preset security protocol;

and feeding the security access result back to the client.

The data access method provided by the embodiment of the invention can further realize the feedback of the access result, and in the embodiment of the invention, the feedback of the access result of the client to the client can be realized based on the preset security protocol on the basis of realizing the data access of the client to the server based on the preset security protocol. As described above, the access result is obtained by processing the protocol data by the non-secure protocol service process, so that the access result is necessarily also an access result based on the non-secure protocol, and on this basis, the access result and the protocol type of the non-secure protocol can be similarly encapsulated according to the preset secure protocol to obtain an access result based on the preset secure protocol, that is, the secure access result; further, the security access result is fed back to the client, so that the feedback of the access result based on the security protocol can be realized, and the security of the data access interaction flow is ensured.

In one embodiment of the present invention, the data access method may further include the steps of:

When the request type is a protocol unconverted request, analyzing the protocol unconverted request to obtain a security protocol type and security protocol data;

and processing the security protocol data by using a security protocol service process corresponding to the security protocol type to obtain an access result.

The embodiment of the invention aims to realize the processing of the protocol unconverted request. As described above, the access request based on the security protocol, which is not converted by the protocol, is mainly obtained based on the security protocol type and the security protocol data package, so that the server side can obtain the security protocol type and the security protocol data through the parsing operation after determining that the request type of the access request is the protocol non-converted request. Further, corresponding to the non-security protocol service process, the server may deploy the security protocol service process as well, that is, different types of security protocols correspond to different security protocol service processes, so that the security protocol service process corresponding to the security protocol type may be utilized to process the security protocol data, and a final access result is obtained.

The embodiment of the invention provides another data access method.

Referring to fig. 2, fig. 2 is a flow chart of a data access method provided by the present invention, where the data access method is applied to a client, and may include the following steps S201 to S204.

S201: and acquiring the protocol type and the protocol data of the non-secure protocol.

It should be noted that, the data access method provided by the embodiment of the present invention aims to realize the data access of the client to the server, and the data access method is applied to the client.

This step aims at enabling the determination of the protocol type and protocol data of the non-secure protocol. Specifically, when the client needs to perform data access to the server, the communication protocol between the client and the server needs to be determined, wherein the communication protocol may be a security protocol or an unsafe protocol, and when the client needs to perform data access to the server based on the unsafe protocol, the protocol type and the access data of the unsafe protocol may be determined first, so that the client and the server may be packaged by using the security protocol (i.e. the preset security protocol described below), thereby realizing data access based on the security protocol and ensuring the security of data access.

S202: and packaging the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol.

This step aims at enabling the generation of an access request, which is then based on a preset security protocol. Specifically, after determining the protocol type and the protocol data of the non-secure protocol, in order to ensure the security of data access, a preset secure protocol may be used to encapsulate the protocol type and the protocol data to obtain an access request based on the preset secure protocol, so as to facilitate the secure access of the client to the server by using the access request. It should be noted that the type of the preset security protocol does not affect implementation of the present technical solution, and may be set by a technician according to practical situations, for example, in one possible implementation, the preset security protocol may be specifically an HTTP protocol (HyperText Transfer Protocol ).

S204: setting a protocol conversion mark in the access request to obtain a protocol conversion request;

this step aims at realizing the setting of the protocol conversion flag so as to set the access request as the protocol conversion request. Specifically, the protocol conversion flag is a certain data field in the access request, and is used for determining the request type of the access request, and the request type of the access request can be specifically indicated by setting different flag information for the request type, and the request type includes a converted protocol request (access request subjected to protocol conversion) and a non-converted protocol request (access request not subjected to protocol conversion), so that by setting different flag information for the protocol conversion flag, the protocol conversion request or the non-converted protocol request can be generated.

S205: and sending the protocol conversion request to the server for data access.

The step aims at realizing the sending of the protocol conversion request, namely sending the protocol conversion request to the server side so as to conveniently use the protocol conversion request to carry out data access on the server side. It can be appreciated that, because the protocol conversion request is encapsulated based on the preset security protocol, the security of data access can be effectively ensured by accessing the server based on the protocol conversion request.

Based on the above embodiments:

in an embodiment of the present invention, the acquiring the protocol type and the protocol data of the non-secure protocol may include: acquiring a protocol type and protocol data of a non-secure protocol through a command line interface;

correspondingly, the encapsulating the protocol type and the protocol data according to the preset security protocol to obtain the access request based on the preset security protocol may include: and filling the protocol type and the protocol data into a command line corresponding to the preset security protocol, and generating an access request based on the preset security protocol.

The embodiment of the invention provides a realization method for acquiring the protocol type and the protocol data of an unsafe protocol, namely a manual mode based on a command line interface, namely that a technician can directly input the protocol type and the protocol data of the unsafe protocol through the command line interface. On the basis, the client can directly fill the protocol type and the protocol data of the non-secure protocol into the command line corresponding to the preset secure protocol, specifically, the protocol type field and the protocol data field in the command line, so as to realize the generation of the access request based on the preset secure protocol.

In an embodiment of the present invention, the acquiring the protocol type and the protocol data of the non-secure protocol may include the following steps:

Acquiring an initial access request based on a non-secure protocol;

The embodiment of the invention provides another implementation method for acquiring the protocol type and the protocol data of the unsafe protocol, namely an automatic mode based on a computer program. When a user needs to perform data access based on a non-secure protocol to a server based on a client, an initial access request based on the non-secure protocol is sent to the client first, and in the conventional technology, the client directly forwards the initial access request to the server for data access and cannot guarantee the security of data access, so that in order to solve the technical problem, in the embodiment of the invention, the client intercepts the initial access request, analyzes the initial access request by using a pre-created computer program to obtain the protocol type and protocol data of the non-secure protocol therein, and then performs subsequent S202 to S204 to realize data access based on the pre-set secure protocol, thereby effectively guaranteeing the security of data access.

In an embodiment of the present invention, the encapsulating the protocol type and the protocol data according to the preset security protocol to obtain the access request based on the preset security protocol may include the following steps:

Determining target address information according to a preset security protocol;

The embodiment of the invention provides a method for packaging an access request based on a preset security protocol. Specifically, in the implementation process, the access request mainly includes a header field and a data field, first, the target address information set in the preset security protocol is determined, the target address information mainly includes an IP address and a port address of a server side that receives the access request, then the target address information is filled into the header field of the access request, and then the protocol type and the protocol data are filled into the data field of the access request.

In an embodiment of the present invention, the sending the protocol conversion request to the server for data access includes: and sending the protocol conversion request to the server for data access according to the target address information.

The embodiment of the invention provides a realization method for sending a protocol conversion request to a server. As described above, the target address information, that is, the address information of the server that receives the access request, is preset in the preset security protocol, and thus, when the protocol conversion request is sent to the server, the protocol conversion request can be implemented with reference to the target address information.

In an embodiment of the present invention, the sending the protocol conversion request to the server for data access may include the following steps:

transmitting a protocol conversion request to a client controller through a client driver;

The embodiment of the invention provides a realization method for sending a protocol conversion request to a server. Similar to the server, the client is also provided with a client driver and a client controller, and for the server and the client, the client and the client can directly communicate with each other through the server controller and the client controller, so when the client sends a protocol conversion request to the server, the client can send the protocol conversion request to the client controller through the client driver first, and then send the protocol conversion request to the server through the client controller, and obviously, the protocol conversion request is specifically sent to the server controller here.

receiving a security access result fed back by the server; the security access result is obtained by the server side by encapsulating the access result based on the non-security protocol and the protocol type of the non-security protocol according to a preset security protocol;

Analyzing the security access result according to a preset security protocol to obtain an access result and a protocol type;

and outputting an access result.

The data access method provided by the embodiment of the invention can further realize the feedback of the access result, and in the embodiment of the invention, the feedback of the access result of the client to the client can be realized based on the preset security protocol on the basis of realizing the data access of the client to the server based on the preset security protocol. As described above, the access result is obtained by processing the protocol data by the non-secure protocol service process, so that the access result is necessarily also an access result based on the non-secure protocol, and therefore, after obtaining the access result, the server side can encapsulate the access result and the protocol type of the non-secure protocol according to the preset secure protocol, so as to obtain an access result based on the preset secure protocol, that is, the secure access result, and feed the access result back to the client side; for the client, after the secure access result is received, the secure access result can be analyzed according to a preset secure protocol to obtain an access result and a protocol type, and because the technician accesses the data of the non-secure protocol to the server through the client, the analyzed access result is exactly the access result based on the non-secure protocol, the access result can be directly output to inform the technician of the access result of the data access.

In an embodiment of the present invention, the foregoing encapsulating the protocol type and the protocol data according to the preset security protocol may further include the following steps before obtaining the access request based on the preset security protocol:

determining the working state of a server; the working states comprise an unsafe protocol service opening state and an unsafe protocol service closing state;

when the working state is the non-safety protocol service closing state, executing the step of packaging the protocol type and the protocol data according to the preset safety protocol to obtain an access request based on the preset safety protocol;

when the working state is the non-safety protocol service opening state, generating a non-safety access request based on a non-safety protocol according to the protocol type and the protocol data, and sending the non-safety access request to a server for data access.

The data access method provided by the embodiment of the invention can realize the self-defined selection of the security access function so as to meet different user application scenes, for example, some user scenes need to open a non-security protocol to access data based on the non-security protocol, and some user scenes need to open a security protocol to access data based on the security protocol to ensure the security of the data access. Therefore, a safety switch can be arranged at the service end, and when the safety switch is turned on, the safety switch corresponds to the safety access function on state, namely the non-safety protocol service off state; when the security switch is turned off, it corresponds to the security access function off state, i.e., the above-mentioned non-security protocol service on state. On the basis, before the access request based on the preset security protocol is generated based on the protocol type and the protocol data, the working state of the server can be determined, if the service is in the non-security protocol service closing state, the steps S202 to S204 can be continuously executed to perform the data access based on the preset security protocol; if the working state of the server is the non-security protocol service opening state, a non-security access request can be directly generated according to the protocol type and the protocol data, and obviously, the non-security access request is an access request based on the non-security protocol and then is sent to the server so as to realize data access based on the non-security protocol.

On the basis of the above embodiments, the embodiment of the present invention provides yet another data access method.

1. The system architecture:

referring to fig. 3, fig. 3 is a schematic structural diagram of a data access system according to the present invention, and the data access system is a typical C/S (Client/Server) architecture. In the data interaction process, a client initiates a request, and a server responds to the request: the client runs a client process for sending data, and the process performs operations such as assembling non-safety protocol data, sending safety protocol data, receiving return data and the like; the server side will run a server side process for receiving and processing data, and the process will be used for receiving security protocol data, data parsing, non-security protocol instruction distribution, data return and other operations. The communication channel between the client and the server may be implemented by a network, that is, both the client and the server access the internet through a network card, which may be applicable to other physical link connection, for example, I2C, I3C, USB.

2. Protocol constraints:

a security protocol (preset security protocol) is set, on the basis of which an interactive data format, called "protocol constraint", can be agreed. The security protocol is a pre-selected communication protocol capable of safely transmitting data, for example, the common HTTP protocol is a recognized security communication protocol, and of course, the selectable security communication protocol is not limited to the recognized general security protocol, and can be customized, so that a user can construct the security communication protocol by himself to realize end-to-end security communication.

For example, referring to fig. 4, fig. 4 is a schematic diagram of an encapsulation format of a protocol conversion request according to the present invention, which mainly includes a security protocol header field and a security protocol data field. The security protocol header field multiplexes the original header of the selected security protocol, and generally contains the destination address and destination port of the security protocol, and since the non-security protocol data is sent through the security protocol, the security protocol is not changed as much as possible. The security protocol data field comprises a protocol conversion mark, an unsafe protocol type, unsafe protocol parameters and unsafe protocol data, and the protocol conversion mark is used for identifying that the access request is a protocol conversion request; for the non-secure protocol header and the non-secure protocol data, each non-secure protocol has its own specific data format, but three key fields can be generally extracted, namely: non-protocol type, non-protocol parameters, non-protocol data. Wherein:

(1) Non-protocol types: may be IPMI, SNMP (Simple Network Management Protocol ), email, etc.;

(2) Non-protocol parameters: filling the parameters required by each according to different protocol types;

(3) Non-protocol data: according to different protocol types, request data of different protocols are filled, and the request data are core data which need to be transferred.

Therefore, when the protocol conversion request data packet is assembled, the safety protocol header field can be filled according to the selected safety protocol format, the safety protocol data field can be constructed according to the protocol constraint, the protocol conversion mark is set, and the unsafe protocol type, unsafe protocol parameters and unsafe protocol data can be constructed according to the unsafe protocol request which is transmitted as required.

3. Client side:

3.1, data transmission:

referring to fig. 5, fig. 5 is a flow chart of a method for sending an access request by a client according to the present invention, which mainly includes a client data sending process, data assembling, secure data sending, calling a client driver, and a client controller sending data (access request).

First, data assembly and secure data transmission include two implementations:

(1) Manual mode: the user can send the security protocol command directly through the security protocol command line command or tool manually, fill the protocol type field and the protocol data field according to the protocol constraint during sending, and fill the target address (i.e. the server address) according to the security protocol during sending; then, after the data is returned from the server, the security protocol access result data can be directly returned in the security protocol command line, and the user can analyze the access result data based on the non-security protocol by himself.

(2) Automatic mode: a computer program can be designed in advance at the client, the program is compiled into an executable program or a library function which can be called by a user, necessary parameter inlets are opened for the user to call, for example, the user can directly transmit complete commands and command parameters of original non-security protocol instructions to the computer program, and the computer program can automatically analyze protocol types and protocol data and assemble security protocol data (namely, access requests based on security protocols) to be sent to the server; then, after receiving the access result data of the security protocol from the server, the computer program can automatically borrow the access result data of the non-security protocol, and present the access result data to the user.

Further, as shown in fig. 5, the implementation flow of the client sending the access request is as follows:

the client calls a data sending process, the process firstly carries out safety data assembly according to unsafe protocol data input by a user, namely, firstly analyzes two parts of the protocol type and the protocol data of the unsafe protocol, or assembles a data format (based on an access request of a preset safe protocol) required by the safe protocol according to protocol constraint; then, the security protocol interface function is called to send the security protocol data, and the process can assemble and send the data through a command line tool or a protocol interface function library call, for example, POSTMP (on-line debugging tool), curl tool (command line tool) or HTTPS library function can be used when the HTTPS data is sent; further, the client driver layer is in a kernel mode, and after the security protocol interface function is called, the function can send the assembled security protocol data to the client controller by calling the client driver; finally, the client controller is a core device for controlling the client to send the security protocol data, and the client driver can implement writing and reading of the security protocol data by setting the relevant read-write register of the client controller.

The security protocol data is divided into three main parts according to protocol constraint, namely a protocol type field, a protocol parameter field and a protocol data field. Taking HTTPS protocol as an example, the client and the server may define a URI (Uniform Resource Identifier ) interface to transmit security protocol data, for example, the URI interface may be defined as ip/SecureTransfer, a POST (transmission) method is defined for the URI interface, and the data format is defined as Json format: { TransTag: "TRUE", "Protocol": xx, "Params": yy, "Data" zz }, wherein xx represents a protocol name string (corresponding to a protocol type), and selectable items can be set according to actual needs; yy represents a parameter field under a specific protocol; zz represents data fields (corresponding to protocol data) under a particular protocol. Taking the IPMI protocol as an example, the IPMI command format is set as follows: netFN Command Data1 Data2 … DataI, wherein NetFN is a Command class number, command is a Command number, data1 Data2 … DataI is a Data field, and the Data format of transmitting the protocol Data in HTTPS protocol is: { TransTag: "TRUE", "Protocol": "IPMI", "parameters": "NetFNx Commandy", "Data": "Data1 Data2 DataI" }, and when Data is sent, sending the assembled security protocol Data to the server by using a POST method.

3.2, return data reception:

referring to fig. 6, fig. 6 is a flow chart of a method for receiving return data by a client, in which after sending security protocol data (including non-security protocol data) to a server, a data sending process of the client starts a thread to wait for data to be returned, if the server returns data, the data is received by a security data receiving program through a client controller and a client driver, then the security data analyzing program analyzes the received security protocol data, decomposes the protocol type, protocol parameters and protocol data portion of the non-security protocol according to a "protocol constraint", and finally presents the non-security protocol data to a data sending process of the client for presentation to a user.

4. The server side:

4.1, data reception:

firstly, referring to fig. 7, fig. 7 is a flow chart of a method for receiving and processing an access request by a server, specifically, the server may design a data receiving process to perform operations such as data receiving, analyzing, executing, returning, etc., where the data receiving process mainly includes a server controller, a server driver, and secure data receiving; a data processing process can be designed to perform operations such as data analysis and execution, and the process data processing process mainly comprises safe data analysis, protocol data distribution and protocol code execution and return. Further, referring to fig. 8, fig. 8 is a schematic diagram of a software architecture of a server provided by the present invention, which includes a non-security protocol service process in addition to a data receiving process and a data processing approach, and may be triggered and executed by the data processing process, and returns processing result data of the non-security protocol.

Further, the implementation flow of the server side receiving and processing the access request is as follows:

at the server, the data receiving process will access the data (here, the data is an access request) through a system call, which is in the user state, wait for the arrival of the data through the system call, and enter the wait queue of the kernel before the arrival of the data. In the execution process, the server side controller receives data and then sets a specific control register, the kernel is informed of the arrival of the data in an interrupt mode, the data receiving process is awakened to be put into a ready queue to wait for execution after the kernel finds the arrival of the data, the server side driver is called to access the server side controller to take the data after the execution of the data receiving process, and the data is transferred to the data processing program, so that the data processing process can analyze the taken data according to protocol constraint and acquire the protocol type and protocol data of a non-safety protocol. The data processing process and the data receiving process can be used for data transmission through inter-process communication, for example, the data receiving program can transmit data to the data processing process through communication modes such as queue information or Dbus. Further, referring to fig. 9, fig. 9 is a flow chart of a method for calling a non-secure protocol service process to perform data processing, where the data processing process calls a protocol distribution program, and the protocol distribution program first determines whether a protocol conversion flag is set, and if the protocol conversion flag is set, the protocol distribution process will be entered: and judging and identifying the protocol type of the non-safety protocol, and calling a corresponding non-safety protocol processing program to enter the processing flow of the non-safety protocol data according to the protocol type. Taking the above-mentioned example of sending an IPMI instruction through HTTPS protocol, assembling the data into an IPMI protocol instruction 0x06 x04, and sending the IPMI instruction data to an IPMI protocol service process, where the non-secure protocol service process calls a related instruction processing function according to the received instruction, and returns the data after the processing function is executed.

4.2, data return:

referring to fig. 10, fig. 10 is a flowchart of data processing based on a server process, where an unsafe protocol processing program processes received unsafe protocol data and returns the processed unsafe protocol data, and the unsafe protocol data is sent from an unsafe protocol service process to a data processing process. The data processing process receives the non-safety protocol data, firstly judges the protocol type of the non-safety protocol, calls a corresponding non-safety protocol data analysis program according to the protocol type to analyze the protocol data, then assembles the protocol type and the protocol data into safety protocol data and sends the safety protocol data to the data receiving process. And the data receiving process calls the server driver after receiving the safety protocol data, and the server driver controls the server controller to feed back the safety protocol data.

5. Custom selection of secure access functionality:

referring to fig. 11, fig. 11 is a schematic diagram of a software architecture of a server with a non-security protocol switch control function provided by the present invention, because the application scenarios of users are different, users hope to turn on the non-security protocol, so that a security switch can be set, and the security switch is used for indicating the enabling state of the non-security protocol to the user side, if the security switch is turned on, the user side can only transmit the non-security protocol through the security protocol; if the switch is closed, the user side can directly send a request to the server through the non-secure protocol.

The embodiment of the invention provides a data access system.

As shown in fig. 3, the data access system provided by the present invention may include a client and a server;

the client is used for acquiring the protocol type and the protocol data of the non-secure protocol; packaging the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol; setting a protocol conversion mark in the access request to obtain a protocol conversion request; transmitting a protocol conversion request to a server;

the server side is used for determining a protocol conversion mark of the access request when the access request sent by the client side is received; determining the request type of the access request according to the protocol conversion mark; the request types comprise a protocol conversion request and a protocol non-conversion request, wherein the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of a non-security protocol according to a preset security protocol by a client; when the request type is a protocol conversion request, analyzing the protocol conversion request to obtain the protocol type and the protocol data of the non-safety protocol; and processing the protocol data by utilizing the non-security protocol service process corresponding to the protocol type to obtain an access result.

Therefore, in the data access system provided by the embodiment of the invention, when the client needs to access data through the non-secure protocol, the protocol type and the access data of the non-secure protocol can be determined first, then the access request based on the preset secure protocol is obtained by packaging the non-secure protocol and the access data according to the preset secure protocol, and the access request is sent to the server for data access based on the preset secure protocol; for the server, after receiving the access request, the request type of the access request can be determined by analyzing the protocol conversion mark in the request, when the request type is determined to be the protocol conversion request, the request type can be analyzed according to the preset security protocol to obtain the protocol type and the protocol data of the non-security protocol, and then the non-security protocol service process corresponding to the non-security protocol is determined according to the protocol type, so that the non-security protocol service process is called to process the access data of the non-security protocol to obtain an access result, thereby realizing the package of the non-security protocol based on the security protocol, enabling the data access based on the security protocol between the client and the server, namely ensuring that the data access of the client to the server is based on the security protocol, and effectively ensuring the security of the data access.

In one embodiment of the present invention, data communication is performed between the client and the server through a wireless communication channel.

In one embodiment of the invention, the physical communication link is an integrated circuit bus or a universal serial bus.

For the description of the system provided by the embodiment of the present invention, please refer to the above method embodiment, and the description of the present invention is omitted here.

The embodiment of the invention provides a data access device.

Referring to fig. 12, fig. 12 is a schematic structural diagram of a data access device provided by the present invention, where the data access device is applied to a server, and may include:

a first determining module 1, configured to determine a protocol conversion flag of an access request when receiving the access request sent by a client;

a second determining module 2, configured to determine a request type of the access request according to the protocol conversion flag; the request types comprise a protocol conversion request and a protocol non-conversion request, wherein the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of a non-security protocol according to a preset security protocol by a client;

The analysis module 3 is used for analyzing the protocol conversion request to obtain the protocol type and the protocol data of the non-secure protocol when the request type is the protocol conversion request;

and the processing module 4 is used for processing the protocol data by utilizing the non-security protocol service process corresponding to the protocol type to obtain an access result.

Therefore, when the client needs to access data through the non-secure protocol, the data access device provided by the embodiment of the invention can determine the protocol type and the access data of the non-secure protocol, package the non-secure protocol and the access data according to the preset secure protocol to obtain an access request based on the preset secure protocol, and send the access request to the server for data access based on the preset secure protocol; for the server, after receiving the access request, the request type of the access request can be determined by analyzing the protocol conversion mark in the request, when the request type is determined to be the protocol conversion request, the request type can be analyzed according to the preset security protocol to obtain the protocol type and the protocol data of the non-security protocol, and then the non-security protocol service process corresponding to the non-security protocol is determined according to the protocol type, so that the non-security protocol service process is called to process the access data of the non-security protocol to obtain an access result, thereby realizing the package of the non-security protocol based on the security protocol, enabling the data access based on the security protocol between the client and the server, namely ensuring that the data access of the client to the server is based on the security protocol, and effectively ensuring the security of the data access.

In one embodiment of the present invention, the second determining module 2 may be specifically configured to determine that the request type of the access request is a protocol conversion request when the protocol conversion flag is a first value; when the protocol conversion flag is a second value, it is determined that the request type of the access request is a protocol non-conversion request.

In one embodiment of the present invention, the data access apparatus may further include a receiving module including:

the receiving unit is used for receiving the access request sent by the client through the server controller;

the wake-up unit is used for waking up the data receiving process through the server side controller;

the access unit is used for calling the server driver to access the server controller through the data receiving process to obtain an access request.

In an embodiment of the present invention, the data receiving process is disposed in a server kernel, and the wake-up unit may be specifically configured to send an interrupt signal to the server kernel through the server controller, so that the server kernel wakes up the data receiving process according to the interrupt signal.

In one embodiment of the present invention, the parsing module 3 may include:

the sending unit is used for sending the protocol conversion request to the data processing process through the data receiving process;

And the analysis unit is used for analyzing the data field of the protocol conversion request through the data processing process to obtain the protocol type and the protocol data of the non-safety protocol.

In one embodiment of the present invention, the sending unit may be specifically configured to send, through the data receiving process, the protocol conversion request to the data processing process in a message queue or a communication manner of cross-process communication.

In one embodiment of the present invention, the processing module 3 may include:

the calling unit is used for calling the protocol distribution program through the data processing process;

the determining unit is used for determining the non-safety protocol service process corresponding to the protocol type by utilizing the protocol distribution program;

and the processing unit is used for processing the protocol data through the non-security protocol service process to obtain an access result.

In one embodiment of the present invention, the data access apparatus may further include:

the feedback module is used for processing the protocol data by using the non-security protocol service process corresponding to the protocol type, and packaging the access result and the protocol type of the non-security protocol according to a preset security protocol after obtaining the access result to obtain a security access result based on the preset security protocol; and feeding the security access result back to the client.

the security access module is used for analyzing the protocol unconverted request to obtain a security protocol type and security protocol data when the request type is the protocol unconverted request; and processing the security protocol data by using a security protocol service process corresponding to the security protocol type to obtain an access result.

For the description of the apparatus provided by the embodiment of the present invention, refer to the above method embodiment, and the description of the present invention is omitted here.

The embodiment of the invention provides a data access device.

Referring to fig. 13, fig. 13 is a schematic structural diagram of a data access device provided by the present invention, where the data access device is applied to a server, and may include:

an acquisition module 5, configured to acquire a protocol type and protocol data of a non-secure protocol;

the packaging module 6 is used for packaging the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol;

a setting module 7, configured to set a protocol conversion flag in the access request, and obtain a protocol conversion request;

and the sending module 8 is used for sending the protocol conversion request to the server for data access.

In one embodiment of the present invention, the acquiring module 5 may be specifically configured to acquire the protocol type and the protocol data of the non-secure protocol through the command line interface;

accordingly, the encapsulation module 6 may be specifically configured to populate the command line corresponding to the preset security protocol with the protocol type and the protocol data, and generate the access request based on the preset security protocol.

In one embodiment of the present invention, the obtaining module 5 may be specifically configured to obtain an initial access request based on a non-secure protocol; and analyzing the initial access request to obtain the protocol type and the protocol data of the non-secure protocol.

In one embodiment of the present invention, the encapsulation module 6 may be specifically configured to determine the target address information according to a preset security protocol; and filling the target address information into a header field of the access request, and filling the protocol type and the protocol data into a data field of the access request to obtain the access request.

In one embodiment of the present invention, the sending module 8 may be specifically configured to send a protocol conversion request to a server for data access according to the destination address information.

In one embodiment of the present invention, the sending module 8 may be specifically configured to send, through a client driver, a protocol conversion request to a client controller; and sending the protocol conversion request to the server through the client controller for data access.

the output module is used for receiving the safety access result fed back by the server; the security access result is obtained by the server side by encapsulating the access result based on the non-security protocol and the protocol type of the non-security protocol according to a preset security protocol; analyzing the security access result according to a preset security protocol to obtain an access result and a protocol type; and outputting an access result.

the selection module is used for determining the working state of the server before the protocol type and the protocol data are encapsulated according to the preset security protocol and the access request based on the preset security protocol is obtained; the working states comprise an unsafe protocol service opening state and an unsafe protocol service closing state; when the working state is the non-safety protocol service closing state, executing the step of packaging the protocol type and the protocol data according to the preset safety protocol to obtain an access request based on the preset safety protocol; when the working state is the non-safety protocol service opening state, generating a non-safety access request based on a non-safety protocol according to the protocol type and the protocol data, and sending the non-safety access request to a server for data access.

The embodiment of the invention provides electronic equipment.

Referring to fig. 14, fig. 14 is a schematic structural diagram of an electronic device according to the present invention, where the electronic device may include:

a memory for storing a computer program;

a processor for implementing the steps of any one of the data access methods described above when executing the computer program.

As shown in fig. 14, which is a schematic view of a composition structure of an electronic device, the electronic device may include: a processor 10, a memory 11, a communication interface 12 and a communication bus 13. The processor 10, the memory 11 and the communication interface 12 all complete communication with each other through a communication bus 13.

In an embodiment of the present invention, the processor 10 may be a central processing unit (Central Processing Unit, CPU), an asic, a dsp, a field programmable gate array, or other programmable logic device, etc.

The processor 10 may call a program stored in the memory 11, and in particular, the processor 10 may perform operations in an embodiment of a data access method.

The memory 11 is used for storing one or more programs, and the programs may include program codes including computer operation instructions, and in the embodiment of the present invention, at least the programs for implementing the following functions are stored in the memory 11:

determining the request type of the access request according to the protocol conversion mark; the request types comprise a protocol conversion request and a protocol non-conversion request, wherein the protocol conversion request is obtained by encapsulating the protocol type and the protocol data of a non-security protocol according to a preset security protocol by a client;

when the request type is a protocol conversion request, analyzing the protocol conversion request to obtain the protocol type and the protocol data of the non-safety protocol;

In one possible implementation, the memory 11 may include a storage program area and a storage data area, where the storage program area may store an operating system, and at least one application program required for functions, etc.; the storage data area may store data created during use.

In addition, the memory 11 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device or other volatile solid-state storage device.

The communication interface 12 may be an interface of a communication module for interfacing with other devices or systems.

Of course, it should be noted that the structure shown in fig. 14 is not limited to the electronic device in the embodiment of the present invention, and the electronic device may include more or fewer components than those shown in fig. 14 or may combine some components in practical applications.

Embodiments of the present invention provide a computer-readable storage medium.

The computer readable storage medium provided by the embodiment of the present invention stores a computer program, which when executed by a processor, can implement the steps of any one of the data access methods described above.

The computer readable storage medium may include: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.

For the description of the computer-readable storage medium provided in the embodiment of the present invention, refer to the above method embodiment, and the description of the present invention is omitted here.

In the description, each embodiment is described in a progressive manner, and each embodiment is mainly described by the differences from other embodiments, so that the same similar parts among the embodiments are mutually referred. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.

Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.

The technical scheme provided by the invention is described in detail. The principles and embodiments of the present invention have been described herein with reference to specific examples, the description of which is intended only to facilitate an understanding of the method of the present invention and its core ideas. It should be noted that it will be apparent to those skilled in the art that the present invention may be modified and practiced without departing from the spirit of the present invention.

Claims

1. The data access method is characterized by being applied to a server and comprising the following steps:

2. The data access method according to claim 1, wherein the determining the request type of the access request according to the protocol conversion flag includes:

3. The method of claim 1, wherein receiving the access request sent by the client comprises:

receiving the access request sent by the client through a server controller;

waking up a data receiving process through the server controller;

4. The method of claim 3, wherein the data receiving process is deployed in a server kernel, and the waking up the data receiving process by the server controller includes:

5. A data access method according to claim 3, wherein said parsing the protocol conversion request to obtain the protocol type and protocol data of the non-secure protocol comprises:

6. The data access method according to claim 5, wherein the sending the protocol conversion request to a data processing process by the data receiving process comprises:

7. The method for accessing data according to claim 5, wherein the processing the protocol data by using the non-secure protocol service process corresponding to the protocol type to obtain an access result comprises:

calling a protocol distribution program through the data processing process;

8. The method for accessing data according to any one of claims 1 to 7, wherein the processing the protocol data by using the non-secure protocol service process corresponding to the protocol type, after obtaining the access result, further comprises:

And feeding the security access result back to the client.

9. The data access method of claim 1, further comprising:

10. A data access method, applied to a client, comprising:

acquiring a protocol type and protocol data of a non-secure protocol;

and sending the protocol conversion request to a server for data access.

11. The method for accessing data according to claim 10, wherein the acquiring the protocol type and the protocol data of the non-secure protocol comprises:

12. The method for accessing data according to claim 10, wherein the acquiring the protocol type and the protocol data of the non-secure protocol comprises:

acquiring an initial access request based on a non-secure protocol;

13. The method for accessing data according to claim 10, wherein said encapsulating the protocol type and the protocol data according to a preset security protocol to obtain an access request based on the preset security protocol comprises:

14. The method for accessing data according to claim 13, wherein the sending the protocol conversion request to a server for data access comprises:

15. The method for accessing data according to claim 10, wherein the sending the protocol conversion request to the server for data access comprises:

16. The data access method of claim 10, further comprising:

and outputting the access result.

17. The method according to any one of claims 10 to 16, wherein said encapsulating said protocol type and said protocol data according to a preset security protocol, before obtaining an access request based on said preset security protocol, further comprises:

18. The data access system is characterized by comprising a client and a server;

19. The data access system of claim 18, wherein the client and the server communicate data via a wireless communication channel.

20. The data access system of claim 18, wherein the client and the server communicate data over a physical communication link.

21. The data access system of claim 20, wherein the physical communication link is an integrated circuit bus or a universal serial bus.

22. A data access device, applied to a server, comprising:

23. A data access device, for application to a client, comprising:

24. An electronic device, comprising:

a memory for storing a computer program;

a processor for implementing the steps of the data access method according to any one of claims 1 to 17 when executing said computer program.

25. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the data access method according to any of claims 1 to 17.