CN117318971A - Information processing method, information processing system, information processing apparatus, and storage medium - Google Patents

Information processing method, information processing system, information processing apparatus, and storage medium Download PDF

Info

Publication number
CN117318971A
CN117318971A CN202210724323.XA CN202210724323A CN117318971A CN 117318971 A CN117318971 A CN 117318971A CN 202210724323 A CN202210724323 A CN 202210724323A CN 117318971 A CN117318971 A CN 117318971A
Authority
CN
China
Prior art keywords
server
information
request information
network address
target server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210724323.XA
Other languages
Chinese (zh)
Inventor
廖珊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN202210724323.XA priority Critical patent/CN117318971A/en
Priority to PCT/CN2023/097195 priority patent/WO2023246443A1/en
Publication of CN117318971A publication Critical patent/CN117318971A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/08Protocols specially adapted for terminal emulation, e.g. Telnet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses an information processing method, an information processing system, an information processing device and a storage medium, wherein the information processing method is applied to a CAG server positioned in an intranet, the intranet further comprises the intranet server connected with the CAG server, the method comprises the steps of acquiring request information of a cloud terminal from a public network, and the request information comprises network address data of a target server; analyzing the request information to obtain network address data of the target server; and forwarding the request information to the target server according to the network address data. According to the scheme of the embodiment of the invention, the network address data of the target server is added in the request information, the request information sent by the cloud terminal of the public network is firstly transferred to the CAG server and then is transferred to the target server, and the cloud terminal of the public network only needs to see the port disclosed by the CAG server, so that the condition that the port of the target server of the internal network is exposed to the public network is reduced, and the safety of information transmission is improved.

Description

Information processing method, information processing system, information processing apparatus, and storage medium
Technical Field
The present invention relates to the field of image processing technology, and in particular, to an information processing method, an information processing system, an information processing apparatus, and a storage medium.
Background
The cloud terminal is a terminal device for remotely logging in a cloud desktop, and in the working process of the cloud terminal, the cloud terminal needs to interact with a series of working servers such as a cloud server, a network management server and the like deployed in an intranet. However, when the cloud terminal is used in a public network environment, in order to enable the cloud terminal to interact with the server of the intranet normally, the server deployed in the intranet needs to expose the service port to the public network, so that potential safety hazards can be generated, and the safety of message transmission is reduced.
Disclosure of Invention
The embodiment of the invention provides an information processing method, an information processing system, an information processing device and a storage medium, which are used for transferring request information and then transmitting the request information to a target server, so that the safety of information transmission can be improved.
In a first aspect, an embodiment of the present invention provides an information processing method, which is applied to a CAG server located in an intranet, where the intranet further includes an intranet server connected to the CAG server, and the method includes:
acquiring request information of a cloud terminal from a public network, wherein the request information comprises network address data of the target server;
analyzing the request information to obtain network address data of the target server;
and forwarding the request information to the target server according to the network address data.
In a second aspect, an embodiment of the present invention further provides an information processing system, including a cloud terminal device, a CAG server located in an intranet, and an intranet server located in the intranet, where the CAG server is connected to the intranet server, the cloud terminal device is connected to the intranet server through the CAG server, and the information processing method described above is implemented when the cloud terminal device sends request information.
In a third aspect, an embodiment of the present invention further provides an information processing apparatus, including: a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the information processing method as described above when executing the computer program.
In a fourth aspect, embodiments of the present invention also provide a computer-readable storage medium storing computer-executable instructions for performing the information processing method as described above.
The embodiment of the invention comprises the following steps: the information processing method is applied to a CAG server positioned in an intranet, the intranet further comprises the intranet server connected with the CAG server, the method comprises the steps of obtaining request information from a cloud terminal of a public network, and the request information comprises network address data of a target server; analyzing the request information to obtain network address data of the target server; and forwarding the request information to the target server according to the network address data. According to the scheme of the embodiment of the invention, the network address data of the target server is added in the request information, the request information sent by the cloud terminal of the intranet is firstly transferred to the CAG server, the CAG server analyzes the request information and then forwards the request information to the target server, and the cloud terminal of the intranet only needs to see the port disclosed by the CAG server, so that the condition that the port of the target server of the intranet is exposed in the intranet is reduced, and the aim of improving the safety of information transmission is fulfilled.
Drawings
FIG. 1 is a flow chart of an information processing method provided by an embodiment of the present invention;
FIG. 2 is a flowchart of a specific method of step S120 in FIG. 1;
FIG. 3 is a flow chart of a specific method of another embodiment of FIG. 2;
FIG. 4 is a flow chart of another specific method of step S120 in FIG. 1;
FIG. 5 is a flowchart of a specific method of step S130 in FIG. 1;
fig. 6 is a flowchart of an information processing method provided by another embodiment of the present invention;
fig. 7 is a schematic diagram of information transmission between a cloud terminal of an external network and an internal network server;
fig. 8 is a schematic diagram of information transmission between a cloud terminal of an external network and an internal network server through a CAG server.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
It should be noted that although a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be performed in an order different from that in the flowchart. The terms first, second and the like in the description and in the claims and in the above-described figures, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
The CAG (Cloud Access Gateway) server is a cloud transmission gateway server, the cloud terminal is a terminal device for remotely logging in a cloud desktop, and the cloud terminal needs to interact with a series of working servers such as a cloud server, a network management server and the like deployed in an intranet in the working process. However, when the cloud terminal is used in a public network environment, in order to enable the cloud terminal to interact with the server of the intranet normally, the server deployed in the intranet needs to expose the service port to the public network, so that potential safety hazards can be generated, and the safety of message transmission is reduced.
Referring to fig. 7, in the related art, information is generally transmitted directly between a cloud terminal of an external network and an intranet server of an intranet, the cloud terminal and the intranet server can be transmitted through various different protocols, and a firewall is disposed in the intranet, however, a port of the intranet server needs to be exposed in the public network; referring to fig. 8, in the present invention, a CAG server is disposed behind a firewall of an intranet, information transmission between a cloud terminal and the intranet server needs to be forwarded through the CAG server, and for a public network, data can be transmitted to the intranet only by knowing a port of the CAG server in the intranet.
The invention provides an information processing method, an information processing system, an information processing device and a storage medium, wherein the information processing method is applied to a CAG server located in an intranet, the intranet further comprises the intranet server connected with the CAG server, the method comprises the steps of obtaining request information of a cloud terminal from a public network, and the request information comprises network address data of a target server; analyzing the request information to obtain network address data of the target server; and forwarding the request information to the target server according to the network address data. According to the scheme of the embodiment of the invention, the network address data of the target server is added in the request information, the request information sent by the cloud terminal of the intranet is firstly transferred to the CAG server, the CAG server analyzes the request information and then forwards the request information to the target server, and the cloud terminal of the intranet only needs to see the port disclosed by the CAG server, so that the condition that the port of the target server of the intranet is exposed in the intranet is reduced, and the aim of improving the safety of information transmission is fulfilled.
Embodiments of the present invention will be further described below with reference to the accompanying drawings.
As shown in fig. 1, fig. 1 is a flowchart of an information processing method according to an embodiment of the present invention, where the information processing method is applied to a CAG server located in an intranet, and the intranet further includes an intranet server connected to the CAG server, and the method may include, but is not limited to, step S110, step S120, and step S130.
Step S110: and acquiring request information of a cloud terminal from a public network, wherein the intranet server comprises a target server, and the request information comprises network address data of the target server.
In this step, the target server refers to an intranet server that needs to receive the request information sent by the cloud terminal, the cloud terminal of the public network sends the request information to the target server in the intranet, and the request information is sent to the CAG server first, that is, for the public network, the intranet only exposes a port of the CAG server for receiving the request information. The request information comprises network address data of the target server, and the CAG server can forward the request information to the target server according to the network address data, so that only a port of the CAG server for being connected with the cloud terminal is exposed on the public network, the condition that the port of the target server is exposed on the public network can be reduced, and the aim of improving the safety of information transmission is achieved.
In another embodiment of the invention, the cloud terminal can be any cloud desktop in the related technology, and the target server is connected with the CAG server, which means that the target server and the CAG server always keep network connection, so that the CAG server can conveniently forward the request information to the target server; the network address data of the destination server refers to an IP (Internet Protocol ) address and port number of the destination server.
Step S120: and analyzing the request information to obtain the network address data of the target server.
In this step, the request information is the request information transmitted from the cloud terminal of the external network, and the request information includes the network address data of the target server, which may be a custom field, and the network address data of the target server may be newly added to the data portion of the request information, or the network address data of the target server may be newly added to the information header, which is not specifically limited herein, so that the CAG server needs to parse the request information first, thereby obtaining the network address data of the target server.
In another embodiment of the present invention, the network address data may be encrypted and then stored in the request information, and after the CAG server receives the request information, the CAG server analyzes and decrypts the request information to obtain the network address data of the target server, where the encryption rule and the decryption rule may be set in advance according to human or machine, or any encryption and decryption method in the related art may be adopted, which is not limited herein specifically.
Step S130: and forwarding the request information to the target server according to the network address data.
In this step, since the CAG server is connected to the target server and both the CAG server and the target server are disposed in the intranet, the CAG server may forward the request information to the corresponding target server according to the network address data, so that the CAG server plays a role in transferring, reducing the exposure of the port of the target server to the public network, and improving the security of information transmission.
In another embodiment of the present invention, the request information is forwarded to the target server, which may be that the CAG server transparently transmits the request information to the target server, and retains the data information of the request information, or that the request information is preprocessed and then forwarded to the target server, for example: and forwarding only the content data information in the source port information and the request information to the target server.
In this embodiment, by adopting the information processing method including the steps S110 to S130, request information of the cloud terminal from the public network is obtained, where the request information includes network address data of the target server; analyzing the request information to obtain network address data of the target server; according to the technical scheme of the invention, the request information can be transferred to the CAG server, and then the request information is transferred to the target server through the CAG server, so that the condition that the port of the target server is exposed in the public network can be reduced, and the safety of information transmission is improved.
In an embodiment, as shown in fig. 2, further describing the information processing method, the request information includes TCP request information, and step S120 may further include, but is not limited to, step S210 and step S220.
Step S210: message header data of the TCP request message is obtained.
In this step, the request message is a TCP request message, which may be an extension header data portion that stores the network address data of the target server in a header of the TCP, and the header data of the TCP request message is acquired to facilitate obtaining the network address data in a subsequent step.
In another embodiment of the present invention, TCP request information refers to any request information using a TCP transmission protocol in the related art, and is not specifically limited herein, and HTTP request information and HTTPs request information both belong to TCP request information.
Step S220: and analyzing the message header data according to the preset attribute name to obtain network address data.
In this step, the network address data of the target server may be the extension header data stored in the TCP request message, where the name of the extension header is preset, and the location of the extension header is searched according to the preset attribute name and the value corresponding to the extension header field is read, so as to obtain the network address data.
In another embodiment of the present invention, the preset attribute name refers to any preset attribute name, the name of the custom message generally starts with X, for HTTP request information, the name of the extension header may be X-Ap-Host, and for HTTPs request information, the name of the extension header may be X-Ap-sHost.
In this embodiment, the message header data of the TCP request message is obtained by adopting the information processing method including the steps S210 to S220; according to the technical scheme of the invention, the message header data of the TCP request information is customized to store the network address data of the target server, and only the port of the CAG server is exposed in the TCP request information, so that the condition that the port of the target server is exposed in the public network can be reduced, and the aim of improving the safety of information transmission is fulfilled.
In one embodiment, as shown in fig. 3, further describing the information processing method, the TCP request information includes heartbeat information, and the method may further include, but is not limited to, step S310, step S320, step S330, and step S340.
Step S310: and acquiring heartbeat information of the cloud terminal from the public network, wherein the heartbeat information comprises network address data of the target server.
In this step, the heartbeat information refers to any heartbeat information in the related art, and the CAG server is still used for transmitting the heartbeat information, that is, the heartbeat information needs to be sent to the CAG server by the cloud terminal and then forwarded to the target server through the CAG, so that the heartbeat information includes network address data of the target server so that the CAG server can forward the heartbeat information to the target server. And the cloud terminal sends heartbeat information to the target server to represent that the cloud terminal is in an online state.
When the cloud terminal sends the message to the target server for the first time, the connection relationship between the cloud terminal and the target server can be established through the heartbeat information, so that the information transmission between the subsequent cloud terminal and the target server is facilitated.
Step S320: and analyzing the heartbeat information to obtain the network address data of the target server.
In this step, the heartbeat information refers to heartbeat information transmitted from a cloud terminal of an external network, where the heartbeat information includes network address data of a target server, which may be a custom field, and the network address data of the target server is newly added to a data portion of the heartbeat information so that the heartbeat information includes the network address data of the target server; the network address data of the target server may be added to the information header so that the heartbeat information includes the network address data of the target server, which is not limited herein, and therefore, the CAG server needs to parse the heartbeat information first to obtain the network address data of the target server.
In another embodiment of the present invention, the network address data may be encrypted and then stored in the heartbeat information, and after the CAG server receives the heartbeat information, the heartbeat information is parsed and decrypted, so as to obtain the network address data of the target server, where the encryption rule and the decryption rule may be set in advance according to a person or a machine, or any encryption and decryption method in the related art may be adopted, which is not limited specifically herein.
Step S330: and forwarding the heartbeat information to the target server according to the network address data.
In this step, since the CAG server is connected to the target server and both the CAG server and the target server are disposed in the intranet, the CAG server may forward the heartbeat information to the corresponding target server according to the network address data, so that the CAG server achieves the effect of transferring, and the port of the target server is reduced to be exposed in the public network, thereby achieving the purpose of improving the security of information transmission.
In another embodiment of the present invention, the heartbeat information is forwarded to the target server, which may be that the CAG server transmits the heartbeat information to the target server, retains the data information of the heartbeat information, or may be that the heartbeat information is preprocessed and then forwarded to the target server, for example: and forwarding only the content data information in the source port information and the heartbeat information to the target server.
Step S340: and acquiring the confirmation information of the target server, and forwarding the confirmation information to the cloud terminal.
In the step, after the target server receives the heartbeat information, the target server returns the confirmation information to the CAG server, and forwards the confirmation information to the corresponding cloud terminal through the CAG server, so that the port of the target server can be prevented from being exposed in the public network, the information transmission between the cloud terminal and the target server is carried out through the CAG server of the intranet, and the aim of improving the safety of the information transmission can be achieved.
The confirmation information may be confirmation connection information or confirmation information for confirming that the cloud terminal is online, and is not limited herein, and since the TCP request information includes source port information, when the request information is forwarded back to the cloud terminal, the CAG server may forward the confirmation information to the corresponding cloud terminal according to the source port information in the heartbeat information.
In this embodiment, by adopting the information processing method including steps S310 to S340, heartbeat information of the cloud terminal from the public network is obtained, where the heartbeat information includes network address data of the target server; analyzing the heartbeat information to obtain network address data of the target server; forwarding the heartbeat information to a target server according to the network address data; the method comprises the steps of acquiring the confirmation information of the target server, forwarding the confirmation information to the cloud terminal, and according to the technical scheme of the invention, the heartbeat information sent to the target server by the cloud terminal is also required to pass through the CAG server for transfer, so that the aim of improving the safety of information transmission can be fulfilled, and the heartbeat information can play the roles of establishing connection and reminding the target server that the cloud terminal is online.
In an embodiment, as shown in fig. 4, further describing the information processing method, the request information includes UDP request information, and step S120 may further include, but is not limited to, step S410 and step S420.
Step S410: information content data of the UDP request information is acquired.
In this step, the UDP request information may be any UDP request information in the related art, and is not specifically limited herein, and the information content data of the UDP request information is acquired in order to facilitate obtaining the network address data of the target server in the subsequent step.
In another embodiment of the invention, the UDP request information does not need to be sent after the connection is suggested between the cloud terminal and the target server, so that the memory overhead and the time delay for sending data are reduced.
Step S420: and analyzing the information content data according to the preset attribute name to obtain network address data.
In this step, the network address data of the target server may be stored in the content data portion of the UDP request information, and the name of the extension header is preset, and the attribute name is searched for in the content data according to the preset attribute name, and the corresponding value is read, so as to obtain the network address data.
In another embodiment of the present invention, the preset attribute name refers to any preset attribute name, the name of the custom message generally starts with X, for HTTP request information, the name of the extension header may be X-Ap-Host, and for HTTPs request information, the name of the extension header may be X-Ap-sHost.
In this embodiment, the information content data of the UDP request information is obtained by adopting the information processing method including the steps S410 to S420 described above; according to the technical scheme of the invention, the attribute corresponding to the attribute name and the corresponding value are read from the content data part of the UDP request information to obtain the network address data of the target server, so that the condition that the port of the target server is exposed in the public network can be reduced, and the aim of improving the safety of information transmission is fulfilled.
In an embodiment, as shown in fig. 5, further describing the information processing method, step S130 may further include, but is not limited to, step S510, step S520, and step S530.
Step S510: and acquiring network address information of the intranet server.
In this step, since the CAG server and the target server are both in the intranet and maintain the network connection state, the CAG may acquire the network address information of the intranet server, where the network address information is acquired to facilitate forwarding the request information to the target server in a subsequent step.
Step S520: and taking the intranet server with the network address information matched with the network address data as a target server.
In this step, the network address data is carried by the request information, the network address information is obtained by the CAG server according to the servers of the intranet, the intranet server in which the network address information is matched with the network address data is used as the target server, the network address information and the network address data are compared respectively, so as to obtain the network address information matched with the network address data, and the intranet server corresponding to the network address information is used as the target server.
Step S530: and transmitting the request information to the target server.
In this step, transparent transmission (pass-through) refers to that no matter what the transmitted service content is, only the transmitted content is transmitted from the cloud terminal to the target server, and no change is made to the service data content in the request information. The step of transmitting the request information to the target server is that the CAG server transmits the request information to the target server, and the CAG server only forwards the request information, but does not process the service data in the request information, so that the safety of information transmission can be improved.
In this embodiment, the information processing method including steps S510 to S530 is adopted to obtain the network address information of the intranet server; an intranet server with network address information matched with the network address data is used as a target server; according to the technical scheme of the invention, the CAG searches the corresponding intranet server as the target server according to the network address data, so that the information can be transmitted to the target server, and the aim of improving the safety of information transmission is fulfilled.
In one embodiment, as shown in fig. 6, the information processing method is further described, and the method may further include, but is not limited to, step S610 and step S620.
Step S610: and acquiring response information sent to the cloud terminal by the target server.
In the step, the response information refers to response information of the cloud terminal for sending the request information after the target server receives the request information; when the target server sends the response information, the CAG server obtains the response information instead of directly transmitting the response information to the cloud terminal, the condition that the port of the target server is exposed to the public network is reduced, and the purpose of improving the safety of information transmission can be achieved.
The response information comprises the network address information of the CAG server and the network address information of the cloud terminal, so that the response information can be transferred to the CAG server from the target server and then transferred to the corresponding cloud terminal through the CAG server.
In another embodiment of the present invention, forwarding control may be further set in the program, and the interceptor is set to intercept all the response messages sent from the target server, and transmit the response messages to the CAG server, and the CAG server forwards the response messages to the corresponding cloud terminal, so that the situation that the port of the intranet server is exposed in the public network can be reduced, and the forwarding efficiency of the information sent from the intranet server to the CAG server can be improved.
Step S620: and forwarding the response information to the cloud terminal.
In this step, the response information is forwarded to the cloud terminal, that is, the CAG server forwards the response information to the cloud terminal, and because the response information is the response information that the target server needs to forward to the cloud terminal, the response information includes the network address information of the cloud terminal, and after the CAG server obtains the network address information from the response information, the CAG server forwards the response information to the cloud terminal, thereby reducing the exposure of the port of the target server to the public network, and achieving the purpose of improving the security of information transmission.
In this embodiment, by adopting the information processing method including steps S610 to S620, response information sent from the target server to the cloud terminal is obtained; according to the technical scheme of the invention, the response information is transferred to the cloud terminal through the CAG server, so that the condition that the port of the target server is exposed to the public network can be reduced, and the aim of improving the safety of information transmission is fulfilled.
In addition, one embodiment of the invention also provides an information processing system which comprises a cloud terminal positioned in a public network, a CAG server positioned in an intranet and an intranet server positioned in the intranet.
The CAG server is connected with the intranet server, the connection of the CAG server and the intranet server means that the CAG server is connected with the intranet server in a network mode, the cloud terminal is connected with the intranet server through the CAG server, request information sent by the cloud terminal is required to be forwarded to the target server through the CAG server, the situation that a port of the target server is exposed in a public network can be reduced, and the safety of information transmission is improved.
The CAG server may perform the information processing method in the above-described embodiment, for example, perform the above-described method steps S110 to S130 in fig. 1, the method steps S210 to S220 in fig. 2, the method steps S310 to S340 in fig. 3, the method steps S410 to S420 in fig. 4, the method steps S510 to S530 in fig. 5, and the method steps S610 to S620 in fig. 6.
In one embodiment, the CAG server includes a first port for receiving TCP request information and a second port for receiving UDP request information.
The first port and the second port refer to ports of the CAG server exposed in the public network, the CAG server can expose the two ports, the first port is used for receiving TCP request information, and the second port is used for receiving UDP request information, so that the request information can be forwarded conveniently, and the purpose of improving forwarding speed is achieved.
In another embodiment of the present invention, referring to fig. 8, a request message sent by a cloud terminal 1 enters a CAG server through a protocol 1, a request message sent by a cloud terminal 2 enters the CAG server through a protocol 2, the CAG server may expose different ports to process information of different protocols, and then the CAG server forwards the request information to an intranet server respectively.
The request information in the forwarding process may be the same protocol as the request information received by the CAG server, or may be a unified protocol processed on the CAG server, and then forwarded to the corresponding intranet server by using the corresponding protocol, which is not limited herein.
Still further, an embodiment of the present invention provides an information processing apparatus including: memory, a processor, and a computer program stored on the memory and executable on the processor.
The processor and the memory may be connected by a bus or other means.
The memory, as a non-transitory computer readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer executable programs. In addition, the memory may include high-speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory remotely located relative to the processor, the remote memory being connectable to the processor through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The non-transitory software programs and instructions required to implement the information processing methods of the above embodiments are stored in the memory, and when executed by the processor, the information processing methods of the above embodiments are performed, for example, the method steps S110 to S130 in fig. 1, the method steps S210 to S220 in fig. 2, the method steps S310 to S340 in fig. 3, the method steps S410 to S420 in fig. 4, the method steps S510 to S530 in fig. 5, and the method steps S610 to S620 in fig. 6 described above are performed.
Furthermore, an embodiment of the present invention provides a computer-readable storage medium storing computer-executable instructions that are executed by a processor or controller, for example, by one of the processors in the above-described apparatus embodiments, which may cause the processor to perform the information processing method in the above-described embodiment, for example, to perform the method steps S110 to S130 in fig. 1, the method steps S210 to S220 in fig. 2, the method steps S310 to S340 in fig. 3, the method steps S410 to S420 in fig. 4, the method steps S510 to S530 in fig. 5, and the method steps S610 to S620 in fig. 6 described above.
Those of ordinary skill in the art will appreciate that all or some of the steps, systems, and methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as known to those skilled in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer. Furthermore, as is well known to those of ordinary skill in the art, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.

Claims (10)

1. An information processing method is applied to a CAG server located in an intranet, the intranet further comprises an intranet server connected with the CAG server, and the method comprises the following steps:
acquiring request information of a cloud terminal from a public network, wherein the intranet server comprises a target server, and the request information comprises network address data of the target server;
analyzing the request information to obtain network address data of the target server;
and forwarding the request information to the target server according to the network address data.
2. The information processing method according to claim 1, wherein the request information includes TCP request information, and the parsing the request information to obtain network address data of the target server includes:
acquiring message header data of the TCP request information;
and analyzing the message header data according to a preset attribute name to obtain the network address data.
3. The information processing method according to claim 2, wherein the TCP request information includes heartbeat information, the information processing method further comprising:
acquiring heartbeat information of a cloud terminal from a public network, wherein the heartbeat information comprises network address data of the target server;
analyzing the heartbeat information to obtain network address data of the target server;
forwarding the heartbeat information to the target server according to the network address data;
and acquiring the confirmation information of the target server, and forwarding the confirmation information to the cloud terminal.
4. The information processing method according to claim 1, wherein the request information includes UDP request information, and the parsing of the request information to obtain the network address data of the target server includes:
acquiring information content data of the UDP request information;
and analyzing the information content data according to a preset attribute name to obtain the network address data.
5. The information processing method according to claim 1, wherein the forwarding the request information to the target server according to the network address data includes:
acquiring network address information of the intranet server;
the intranet server with the network address information matched with the network address data is used as the target server;
and transmitting the request information to the target server.
6. The information processing method according to claim 1, characterized in that the information processing method further comprises:
acquiring response information sent to the cloud terminal by the target server;
and forwarding the response information to the cloud terminal.
7. An information processing system, characterized by comprising a cloud terminal located in a public network, a CAG server located in an intranet and an intranet server located in the intranet, wherein the CAG server is connected with the intranet server, the cloud terminal is connected with the intranet server through the CAG server, and the CAG server is used for implementing the information processing method according to any one of claims 1 to 6.
8. The information handling system of claim 7, wherein the CAG server comprises a first port for receiving TCP request information and a second port for receiving UDP request information.
9. An information processing apparatus comprising: memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the information processing method according to any one of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium storing computer-executable instructions for performing the information processing method according to any one of claims 1 to 6.
CN202210724323.XA 2022-06-24 2022-06-24 Information processing method, information processing system, information processing apparatus, and storage medium Pending CN117318971A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202210724323.XA CN117318971A (en) 2022-06-24 2022-06-24 Information processing method, information processing system, information processing apparatus, and storage medium
PCT/CN2023/097195 WO2023246443A1 (en) 2022-06-24 2023-05-30 Information processing method, information processing system, information processing apparatus, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210724323.XA CN117318971A (en) 2022-06-24 2022-06-24 Information processing method, information processing system, information processing apparatus, and storage medium

Publications (1)

Publication Number Publication Date
CN117318971A true CN117318971A (en) 2023-12-29

Family

ID=89235953

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210724323.XA Pending CN117318971A (en) 2022-06-24 2022-06-24 Information processing method, information processing system, information processing apparatus, and storage medium

Country Status (2)

Country Link
CN (1) CN117318971A (en)
WO (1) WO2023246443A1 (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103118147A (en) * 2013-01-24 2013-05-22 中国联合网络通信集团有限公司 Method, equipment and system for accessing intranet server
US10826905B2 (en) * 2016-12-05 2020-11-03 Citrix Systems, Inc. Secure access to on-premises web services from multi-tenant cloud services
CN112235408A (en) * 2020-10-19 2021-01-15 新华三信息安全技术有限公司 Network system, reverse proxy method and reverse proxy server
CN112738200B (en) * 2020-12-25 2023-02-24 肯特智能技术(深圳)股份有限公司 Convenient operation and maintenance tool and method based on closed public network system
CN114584603B (en) * 2022-02-11 2024-10-29 武汉噢易云计算股份有限公司 Method and device for connecting desktop client software with server and readable storage medium

Also Published As

Publication number Publication date
WO2023246443A1 (en) 2023-12-28

Similar Documents

Publication Publication Date Title
US10715639B2 (en) Data processing method and apparatus for performing protocol parsing in a cloud
Bormann et al. CoAP (constrained application protocol) over TCP, TLS, and WebSockets
JP4575980B2 (en) Method, system, and computer program for communication in a computer system
US10645145B2 (en) Method and apparatus for accelerating data transmission in a network communication system
CN112954001B (en) Method and device for HTTP-to-HTTPS bidirectional transparent proxy
US20170054640A1 (en) Device and method for establishing connection in load-balancing system
US20170034174A1 (en) Method for providing access to a web server
CN109922144B (en) Method and apparatus for processing data
CN107205026A (en) A kind of Point-to-Point Data Transmission method and system
US20150373135A1 (en) Wide area network optimization
EP3226516B1 (en) Unified data networking across heterogeneous networks
WO2017000572A1 (en) Internet content adaptation protocol-based communication method, client and server
JP2017201776A (en) Content delivery through uneven network
CN106789993B (en) TCP agent method and device
CN117318971A (en) Information processing method, information processing system, information processing apparatus, and storage medium
CN114390095A (en) Remote equipment control method and Internet of things equipment management platform and system
CN117081990B (en) MPLS flow agent method, system, equipment and storage medium
CN114915920B (en) Message transmission method, device, robot and storage medium
CN109510801B (en) Explicit forward proxy and SSL interception integrated system and operation method thereof
WO2021049120A1 (en) Computer program, information processing method, information processing device, and information processing system
EP3541042B1 (en) Method and apparatus for generating log on basis of packet collection for each session in big data system
JP2006101431A (en) Communication method and its system
US10469377B2 (en) Service insertion forwarding
EP3668061A1 (en) Standardized hot-pluggable transceiving unit and method for implementing a micro-caching functionality
CN116112555A (en) Service proxy method, device, computer readable storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication