WO2014110947A1 - 一种终端安全的处理方法及系统 - Google Patents
一种终端安全的处理方法及系统 Download PDFInfo
- Publication number
- WO2014110947A1 WO2014110947A1 PCT/CN2013/088506 CN2013088506W WO2014110947A1 WO 2014110947 A1 WO2014110947 A1 WO 2014110947A1 CN 2013088506 W CN2013088506 W CN 2013088506W WO 2014110947 A1 WO2014110947 A1 WO 2014110947A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- time slice
- terminal
- allocation
- time
- server
- Prior art date
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 7
- 238000013507 mapping Methods 0.000 claims abstract description 24
- 238000000034 method Methods 0.000 claims abstract description 21
- 238000001514 detection method Methods 0.000 claims abstract description 18
- 241000700605 Viruses Species 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 231100001261 hazardous Toxicity 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000013468 resource allocation Methods 0.000 description 2
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
Definitions
- the invention belongs to the technical field of computer security, and in particular relates to a method and system for processing terminal security. Background technique
- the present invention provides a terminal security processing method and system to solve the above problems.
- the invention provides a method for processing terminal security.
- the method includes the following steps: the mapping relationship server receives the detection data information reported by each terminal, and establishes a security problem statistics table according to the detection data information; the mapping relationship server synchronizes the security problem statistics table to the time slice distribution server and the management center server respectively; The time slice allocation server acquires the first current system time slice total from the management center server; the time slice distribution server determines the first allocated time slice of each terminal according to the security problem statistics table, the first current system time slice total quantity, and the first policy.
- the time slice allocation server uses the remaining time slice of the system as the second current system time slice.
- the total amount, the second allocation time slice of each terminal is recalculated according to the first policy, and if the remaining time slice of the system is less than or equal to the preset value, the respective terminal is obtained according to the first allocated time slice and the second allocated time slice.
- Target allocation time slice Each piece distribution server of the target terminal transmits the time slice allocated to the central management server, the processing server security management center terminal based on the target each time slices allocated to each terminal.
- the present invention also provides a terminal security processing system, including a terminal, a mapping relationship server, a time slice distribution server, and a management center server.
- the terminal connects the mapping relationship server and the management center server
- the time slice allocation server connects the mapping relationship server and the management center server.
- the mapping relationship server receives the detection data information reported by each terminal, and establishes a security problem statistics table according to the detection data information.
- the mapping relationship server synchronizes the security problem statistics table to the time slice allocation server and the management center server respectively.
- the time slice allocation server acquires the first current system time slice total from the management center server.
- the time slice allocation server determines the first allocated time slice of each terminal and the remaining time slice of the system according to the security problem statistics table, the first current system time slice total amount, and the first policy, and determines that the remaining time slice of the system is No less than or equal to the preset value. If the remaining time slice of the system is greater than the preset value, the time slice allocation server uses the remaining time slice of the system as the second current system time slice total quantity, and recalculates the second allocated time slice of each terminal according to the first policy, if the system at this time If the remaining time slice is less than or equal to the preset value, the target allocation time slice of each terminal is obtained according to the first allocated time slice and the second allocated time slice.
- the time slice allocation server sends the target allocation time slice of each terminal to the management center server, and the management center server allocates the time slice according to the target of each terminal to process the security problem of each terminal.
- the time slice allocation server determines the first allocation time of each terminal according to the security problem statistics table, the first current system time slice total amount, and the first policy. The slice and the remaining time slice of the system, and determine whether the remaining time slice of the system is less than or equal to the preset value.
- the time slice allocation server uses the remaining time slice of the system as the second current system time slice total quantity, and recalculates the second allocated time slice of each terminal according to the first policy, if the system at this time If the remaining time slice is less than or equal to the preset value, the target allocation time slice of each terminal is obtained according to the first allocated time slice and the second allocated time slice. In this way, the time slice allocation server calculates and allocates the time allocation of each terminal security problem, realizes resource allocation of the management center server, thereby fully utilizing resources, improving processing efficiency, and reducing system burden.
- FIG. 1 is a flow chart showing a method for processing terminal security according to a preferred embodiment of the present invention
- FIG. 2 is a schematic diagram of a terminal security processing system provided in accordance with a preferred embodiment of the present invention. detailed description
- FIG. 1 is a flow chart showing a method of processing terminal security according to a preferred embodiment of the present invention. As shown in FIG. 1, the terminal security processing method provided by the preferred embodiment of the present invention includes steps 101-106.
- Step 101 The mapping relationship server receives the detection data information reported by each terminal, and establishes a security problem statistics table according to the detection data information.
- the detection data information reported by each terminal includes a security problem type, a dangerous item, and a dangerous level corresponding to the dangerous item.
- types of security problems include, for example, viruses, system hazards, Trojans, and other dangerous items.
- the present invention is not limited thereto.
- the four types of terminals 1 to 4 are used as an example.
- the mapping relationship server receives the detection data information reported by the four terminals, and establishes a security problem statistics table according to the detection data information. As shown in Table 1. However, the invention is not limited thereto ;
- Step 102 The mapping relationship server synchronizes the security problem statistics table to the time slice allocation server and the management center server respectively. Specifically, after the mapping relationship server establishes a security problem statistics table, the security problem statistics table is synchronized to the time slice allocation server and the management center server respectively.
- Step 103 The time slice distribution server acquires a total amount of the first current system time slice from the management center server. Specifically, the time slice distribution server issues a system time slice acquisition request to the management center server, and after receiving the system time slice acquisition request, the management center server obtains the first current system time slice total amount of the system, and the time is The slice allocation server sends the first current system time slice total.
- Step 104 The time slice allocation server determines, according to the security problem statistics table, the first current system time slice total quantity and the first policy, the first allocated time slice of each terminal and the remaining time slice of the system, and determines Whether the remaining time slice of the system is less than or equal to the preset value.
- the first strategy is: different dangerous levels of dangerous items correspond to different time allocation degrees, and according to the dangerous items of each terminal, the time allocation degree corresponding to the dangerous items, and the total number of dangerous items of the terminal, determining corresponding The time allocation ratio of the terminal.
- the time allocation ratio of each terminal is equal to the ratio of the sum of the number of dangerous levels of the terminal and the corresponding time allocation degree to the total number of dangerous items of all terminals.
- the hazard level includes three levels: advanced, intermediate, and low.
- the advanced corresponding time allocation is 50%
- the intermediate corresponding time allocation is 40%
- the lower corresponding time allocation is 10%.
- the present invention is not limited thereto. In practical applications, the corresponding time allocation can be set as needed.
- the total number of dangerous items of the current four terminals is known as 16 in Table 1.
- Table 1 the security problem table is shown in Table 2c.
- the first allocated time slice is The product of the time allocation ratio and the total current system time slice total.
- Step 105 If the remaining time slice of the system is greater than the preset value, the time slice allocation server uses the remaining time slice of the system as the second current system time slice total quantity, and recalculates the first terminal according to the first policy. The second time slice is allocated. If the time slice remaining in the system is less than or equal to the preset value, the target allocation time slice of each terminal is obtained according to the first allocated time slice and the second allocated time slice.
- the four terminals in step 104 are still taken as an example.
- the preset value is set to, for example, 0.5a
- the remaining time slice of the system (for example, 0.675a) is greater than the preset value.
- the present invention does not limit the setting of the preset value. In actual applications, the preset value may be set as needed.
- the time slice allocation server uses the remaining time slice of the system (ie, 0.675a) as the second current system time slice total amount, and then recalculates the second allocated time slice of each terminal according to the first policy.
- the time slice distribution server obtains the target allocation time slice of each terminal according to the first allocated time slice and the second allocated time slice.
- the target allocation time slice is the sum of the first allocated time slice and the second allocated time slice.
- the time slice allocation server uses the remaining time slice of the current system as the third.
- the current total system time slice, and the third allocated time slice of each terminal is recalculated according to the first policy.
- the calculation process of the third allocated time slice is the same as the first allocated time slice and the second allocated time slice.
- the target allocated time slice of each terminal is equal to the first allocated time slice, the second allocated time slice, and the third allocated time slice. with.
- the time slice is divided.
- the distribution server stops the calculation of the allocation time slice of each terminal, and simultaneously adds the calculated allocation time slices of the respective terminals to obtain the target allocation time slice of each terminal.
- Step 106 The time slice distribution server sends a target allocation time slice of each terminal to the management center server, and the management center server processes the security problem of each terminal according to the target allocation time slice of each terminal.
- the time slice allocation server sends the determined target allocation time slice of each terminal to the management center server, and after receiving the target allocation time slice of each terminal, the management center server processes the security problem of the corresponding terminal according to the target allocation time slice.
- the management center server can directly delete the dangerous item 3 of the terminal 2 and the terminal 3, for example, in the case of the dangerous item 1, the management center server needs to update the terminal 1 and the terminal 2, for example.
- the dangerous item 1 is processed.
- the terminal security processing system provided by the preferred embodiment of the present invention includes terminals 10a-10n, a mapping relationship server 11, a time slice distribution server 12, and a management center server 13.
- the present invention does not limit the number of terminals.
- the terminals 10a to 10n are connected to the mapping relationship server 11 and the management center server 13, and the time slice distribution server 12 is connected to the mapping relationship server 11 and the management center server 13.
- the mapping relationship server 11 receives the detection data information reported by each terminal, and establishes a security problem statistics table according to the detection data information.
- the mapping relationship server 11 synchronizes the security problem statistics table to the time slice allocation server 12 and the management center server 13, respectively.
- the time slice distribution server 12 acquires the first current system time slice total from the management center server 13.
- the time slice allocation server 12 determines the first allocated time slice of each terminal and the remaining time slice of the system according to the security problem statistics table, the first current system time slice total amount, and the first policy, and determines whether the remaining time slice of the system is less than or Equal to the preset value.
- the time slice allocation server 11 uses the remaining time slice of the system as the second current system time slice total quantity, and recalculates the second allocated time slice of each terminal according to the first policy, if If the remaining time slice of the system is less than or equal to the preset value, the target allocation time slice of each terminal is obtained according to the first allocated time slice and the second allocated time slice.
- the time slice distribution server 11 transmits the target allocation time slice of each terminal to the management center server 13, and the management center server 13 processes the security issues of the respective terminals in accordance with the target allocation time slice of each terminal.
- the specific operation process of the system is the same as that described above, and therefore will not be further described herein.
- the time slice distribution server determines the number of each terminal according to the security problem statistics table, the first current system time slice total amount, and the first policy. A time slice and a remaining time slice of the system are allocated, and it is determined whether the remaining time slice of the system is less than or equal to a preset value.
- the time slice allocation server uses the remaining time slice of the system as the second current system time slice total quantity, and recalculates the second allocated time slice of each terminal according to the first policy, if the system at this time If the remaining time slice is less than or equal to the preset value, the target allocation time slice of each terminal is obtained according to the first allocated time slice and the second allocated time slice. So, through The time slice allocation server calculates and processes the time allocation of each terminal security problem, realizes resource allocation of the management center server, thereby fully utilizing resources, improving processing efficiency, and reducing system burden.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Alarm Systems (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310016487.8 | 2013-01-17 | ||
CN201310016487.8A CN103095706B (zh) | 2013-01-17 | 2013-01-17 | 一种终端安全的处理方法及系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014110947A1 true WO2014110947A1 (zh) | 2014-07-24 |
Family
ID=48207839
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2013/088506 WO2014110947A1 (zh) | 2013-01-17 | 2013-12-04 | 一种终端安全的处理方法及系统 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN103095706B (zh) |
WO (1) | WO2014110947A1 (zh) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103095706B (zh) * | 2013-01-17 | 2015-09-09 | 苏州亿倍信息技术有限公司 | 一种终端安全的处理方法及系统 |
CN105096122B (zh) * | 2014-04-16 | 2019-04-12 | 阿里巴巴集团控股有限公司 | 一种分片式交易匹配方法和装置 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1606301A (zh) * | 2004-07-09 | 2005-04-13 | 清华大学 | 一种共享资源访问的调度控制方法及装置 |
CN101452404A (zh) * | 2008-12-09 | 2009-06-10 | 中兴通讯股份有限公司 | 一种嵌入式操作系统的任务调度装置及方法 |
WO2012104898A1 (ja) * | 2011-01-31 | 2012-08-09 | トヨタ自動車株式会社 | 安全制御装置および安全制御方法 |
CN103095706A (zh) * | 2013-01-17 | 2013-05-08 | 苏州亿倍信息技术有限公司 | 一种终端安全的处理方法及系统 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101442495B (zh) * | 2008-12-26 | 2012-08-15 | 南京邮电大学 | 基于服务等级协议的时间片散列调度方法 |
-
2013
- 2013-01-17 CN CN201310016487.8A patent/CN103095706B/zh active Active
- 2013-12-04 WO PCT/CN2013/088506 patent/WO2014110947A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1606301A (zh) * | 2004-07-09 | 2005-04-13 | 清华大学 | 一种共享资源访问的调度控制方法及装置 |
CN101452404A (zh) * | 2008-12-09 | 2009-06-10 | 中兴通讯股份有限公司 | 一种嵌入式操作系统的任务调度装置及方法 |
WO2012104898A1 (ja) * | 2011-01-31 | 2012-08-09 | トヨタ自動車株式会社 | 安全制御装置および安全制御方法 |
CN103095706A (zh) * | 2013-01-17 | 2013-05-08 | 苏州亿倍信息技术有限公司 | 一种终端安全的处理方法及系统 |
Also Published As
Publication number | Publication date |
---|---|
CN103095706A (zh) | 2013-05-08 |
CN103095706B (zh) | 2015-09-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10320570B2 (en) | Digital security certificate selection and distribution | |
US20220303216A1 (en) | Application Programing Interface (API) Gateway Cluster Control Method and API Gateway Cluster | |
US9992273B2 (en) | Intelligent load balancer selection in a multi-load balancer environment | |
US9699085B2 (en) | Periodic advertisements of host capabilities in virtual cloud computing infrastructure | |
WO2019100921A1 (zh) | 消息推送方法及装置 | |
JP2016536939A5 (zh) | ||
US10263809B2 (en) | Selecting an optimal network device for reporting flow table misses upon expiry of a flow in a software defined network | |
WO2014094422A1 (zh) | 虚拟机规格调整方法及装置 | |
WO2016183799A1 (zh) | 一种硬件加速方法以及相关设备 | |
WO2013185483A1 (zh) | 签名规则的处理方法、服务器及入侵防御系统 | |
US11212077B2 (en) | Authentication of messages sent across a network of multiple data centers | |
WO2015109950A1 (zh) | 业务资源组实现方法及装置 | |
US20180285169A1 (en) | Information processing system and computer-implemented method | |
WO2020147413A1 (zh) | 一种数据备份方法、装置及计算机设备 | |
WO2014110947A1 (zh) | 一种终端安全的处理方法及系统 | |
CN106412123B (zh) | 云接入控制器分布式处理终端设备信息的方法和系统 | |
US20160323371A1 (en) | Methods and apparatus for load balancing in a network | |
CN103297514A (zh) | 基于云架构的虚拟机管理平台及管理方法 | |
CN113342517A (zh) | 资源请求的转发方法、装置、电子设备与可读存储介质 | |
US10511682B2 (en) | Group resource updating processing methods, devices and system, and CSEs | |
JP6310822B2 (ja) | 仮想マシンのリソース管理システム、方法及びプログラム | |
JP2014191378A (ja) | サーバ数調整システムおよび方法ならびにプログラム | |
US20200153698A1 (en) | Inter-connecting local control planes for state data exchange | |
CN111327437B (zh) | 流表处理方法、流表处理装置以及sdn网络系统 | |
US10102101B1 (en) | Methods, systems, and computer readable mediums for determining a system performance indicator that represents the overall operation of a network system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13872053 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13872053 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 11/10/2016) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13872053 Country of ref document: EP Kind code of ref document: A1 |