WO2020094157A1 - Electronic trading system based on base layer translation - Google Patents

Electronic trading system based on base layer translation Download PDF

Info

Publication number
WO2020094157A1
WO2020094157A1 PCT/CN2019/125780 CN2019125780W WO2020094157A1 WO 2020094157 A1 WO2020094157 A1 WO 2020094157A1 CN 2019125780 W CN2019125780 W CN 2019125780W WO 2020094157 A1 WO2020094157 A1 WO 2020094157A1
Authority
WO
WIPO (PCT)
Prior art keywords
content
pseudo
application
code
server
Prior art date
Application number
PCT/CN2019/125780
Other languages
French (fr)
Chinese (zh)
Inventor
张维加
Original Assignee
张维加
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201811307180.2 external-priority
Application filed by 张维加 filed Critical 张维加
Publication of WO2020094157A1 publication Critical patent/WO2020094157A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Abstract

An electronic trading system based on base layer translation, containing a supply end, an application end, a server end, master control software, and a database. The supply end provides a digital product such as development code and model resources; the operating flow of the electronic trading system is: when the supply end provides a product to a corresponding application user, the content is initially not directly provided, but rather corresponding sandboxed pseudo-content is provided; for example, pseudo-code is provided in place of development code, and a transparently encrypted pseudo-model is provided in place of model resources; the application end contains a sand box analysis tool and, when the pseudo-code or the pseudo-model is used locally, the master control software issues a dynamic replacement instruction in respect of the content of the pseudo-code or the pseudo-model upon local execution; when the pseudo-code or pseudo-model is compiled and used, the content is converted to the actual original content according to a mapping library correlation and is recompiled or executed. In this way, the application side may use but may not acquire the content, and may insert header code for the control, debugging and secondary development of said content.

Description

一种基于底层转译的电子交易系统An electronic trading system based on bottom-level translation 技术领域Technical field
本发明属于计算机与网络的计算架构领域,特别是数字内容的交易。The invention belongs to the field of computing architecture of computers and networks, especially the transaction of digital content.
背景技术Background technique
当今社会在信息化,但是数字资产流通效率低,研发效率低。每年全球研发投入已经达到2万亿美元,然而其中60%属于重复研发,基本上每个开发团队都是独立研发。本质原因就是,开发的源文件很难流通。即使在欧美国家,开源项目虽然数量很大,然而仍远远不能满足各行业的研发需求,大部分的项目是不开源的,尤其重要的或者优质的项目更是很少有开源内容。Today's society is informatization, but digital asset circulation efficiency is low, and research and development efficiency is low. Annual global R & D investment has reached 2 trillion US dollars, but 60% of them are repeated R & D, basically each development team is independent R & D. The essential reason is that the developed source files are difficult to circulate. Even in Europe and the United States, although there are a large number of open source projects, they are still far from meeting the R & D needs of various industries. Most of the projects are not open source, and especially important or high-quality projects rarely have open source content.
1.开源模式:优质内容少,对内容提供者激励机制不足。1. Open source model: less high-quality content and insufficient incentive mechanism for content providers.
2.外包模式:费用高,周期长,质量不可控,交易双方缺乏信任。2. Outsourcing mode: high cost, long cycle, uncontrollable quality, and lack of trust between both parties to the transaction.
本发明旨在提供一个高效率的数字内容流通交易系统。The present invention aims to provide a high-efficiency digital content circulation transaction system.
发明内容Summary of the invention
本发明设计了一种基于网络的编程开发系统,在文件、指令、程序、代码等层面实现隔离与转译。一种基于底层转译的电子交易系统,该系统具有如下特征:The invention designs a network-based programming development system, which implements isolation and translation at the level of files, instructions, programs, and codes. An electronic trading system based on bottom-level translation. The system has the following characteristics:
a.系统的组成上,包含供应端,应用端,服务器端,总控制软件及数据库:其中,供应端向系统平台提供开发代码、模型资源、以及实现特定功能的技术组件等各种数字形态的产品,供应产品的存管可以是1)由供应者上传到服务器端,或者2)将相关信息提交给服务器而数字产品原件保存在本地,等其他模式;应用端即数字产品的使用端,也包含二次开发性质的应用,本电子交易系统的应用端还包含了转译重定向工具,可以对数字形态的内容进行重定向、转译、替换等操作;服务器端负责系统软件与数据的存储,以及与各端交互等功能;总控制软件控制交易项目的真实映射关系等内容;a. The composition of the system includes the supply side, application side, server side, general control software and database: the supply side provides various code forms such as development codes, model resources, and technical components to realize specific functions to the system platform For products, the depository of supplied products can be 1) uploaded by the supplier to the server, or 2) submitted to the server and the original digital product is stored locally, and other modes; the application side is the user side of the digital product, also Contains applications of a secondary development nature. The application side of this electronic trading system also includes a translation redirection tool that can redirect, translate, and replace digital content; the server side is responsible for the storage of system software and data, and Functions such as interaction with each end; the total control software controls the real mapping relationship of transaction items, etc .;
b.应用端的转译重定向的实现可以采用如下的办法:1)沙盒重定向,在应用端运行的伪数字内容在执行时被重定向到位于供应端或服务器端,获取真实内容;2)应用端以WEB IDE形式或类似的客户端软件来运行接收到的数字内容,编译、执行、存储在vps或云主机等远端设备上,在远端设备上执行替换;3)其他类似效果的方法包括但不限于透明加密等;b. The translation redirection of the application side can be implemented as follows: 1) Sandbox redirection, the pseudo digital content running on the application side is redirected to the supply side or the server side during execution to obtain real content; 2) The application terminal runs the received digital content in the form of WEB IDE or similar client software, compiles, executes, and stores the remote device such as vps or cloud host, and performs replacement on the remote device; 3) Other similar effects Methods include but are not limited to transparent encryption, etc .;
c.该电子交易系统的流程:当供应端向应用者交付对应的数字产品时,先不交付真实内容,而是提供一套对应的沙盒化的伪数字产品到应用端,比如,对于开发代码,提供的是伪代码,而对于模型资源,提供的是透明加密后的伪模型,伪内容可以是标签性质的、指代性质的, 而当本系统的应用端接收到伪产品后,总控制软件作为项目与代码的真实映射控制,对伪代码或伪模型在本地执行时的内容下达动态替换指令到应用端,应用端由于包含了转译重定向工具,在将伪代码或伪模型在本地应用使用的时候,随即将伪代码或伪模型,编译、使用时被按照映射库的对应关系还原为真实原始的内容再编译或执行,从而实现用户所见非所得,对于应用端的客户,看到的均是伪代码、伪模型等,而后编译时被动态替换为真实的内容,使得真实的内容不被应用端获取、而应用端可以使用;c. The process of the electronic trading system: when the supply side delivers the corresponding digital product to the user, it does not first deliver the real content, but provides a corresponding set of sandboxed pseudo digital products to the application side, for example, for development The code provides pseudo code, and for the model resources, it provides a pseudo model with transparent encryption. The pseudo content can be of a label or referential nature. When the application of the system receives the pseudo product, the total The control software serves as the real mapping control of the project and the code, and issues dynamic replacement instructions to the application side when the pseudo code or pseudo model is executed locally. The application side contains the translation redirect tool, and the pseudo code or pseudo model is localized. When the application is used, the pseudo code or pseudo model will be restored to the real original content according to the corresponding relationship of the mapping library when compiling and using, and then compiled or executed, so as to realize what the user sees but not gain. Are pseudocode, pseudomodels, etc., and are dynamically replaced with real content when compiled, so that the real content is not used by the application Take, and end use application;
d.应用端随后执行如下四种模式中的一种或多种:1)应用端通过上述转译伪代码的方式确认数字内容的价值,完成支付或者确认后,供应端再提供给真实的数字内容;2)应用端通过上述转译伪代码的方式完成外包前的选择与试用,以衡量、选择供应端;3)应用端通过上述转译伪代码的方式实现仅仅需要使用权的数字产品出租模式;4)服务端托管真实的数字产品,而应用端通过上述转译伪代码的方式仅获得一部分真实内容,从而获得部分的产权。d. The application terminal then executes one or more of the following four modes: 1) The application terminal confirms the value of the digital content by means of the above pseudocode translation, and after the payment or confirmation is completed, the supply terminal provides the real digital content ; 2) The application side completes the selection and trial before outsourcing through the above-mentioned translation pseudo code to measure and select the supply side; 3) The application side realizes the digital product rental mode that only requires the right to use through the above-mentioned translation pseudo code; 4 ) The server side hosts real digital products, while the application side obtains only part of the real content through the above-mentioned method of translating pseudocode, thereby obtaining part of the property rights.
见说明书附图1。See attached drawing 1 of the specification.
服务器端可以是是一台专门的服务器,也可以是分布式的服务器节点,这些服务端还可以:1.作为研发项目与代码的真实的存储位置;2.存管对应与映射关系,指的是伪代码与真实代码之间的对应关系;3.接收应用端的指令,并控制应用端所执行或编译的代码或内容的动态替换,以及版本控制,权限分级控制。The server can be a dedicated server or a distributed server node. These servers can also be: 1. As the true storage location of R & D projects and codes; 2. Correspondence and mapping relationship of depository management refers to Correspondence between pseudocode and real code; 3. Receive instructions from the application side, and control the dynamic replacement of the code or content executed or compiled by the application side, as well as version control and permission level control.
应用端将指令传递给服务器端或直接给供应端,将编译器缓存与中间文件、文件与注册表操作、程序操作等的部分或全部内容的真实路径指向服务端或供应端上对应的源代码、或者项目、或者工作空间、或数据库等,服务端或供应端作为研发项目与代码等的真实存储,对客户端所执行或编译的代码等内容提供动态替换的内容,由应用端的转译重定向程序执行动态替换,从而实现应用端对数字内容的可用却不可得,如:交付的数字内容中可以插入伪代码,这部分代码不是真实代码,而是某种指代,比如//hook(document API,z.dll),正常情况下这本来应该是一行注释文字,如果非本系统的话,编译器也就是将其作为一行注释,不会有任何内容添加到程序中。然而现在,这行注释就会被替换为一行对所有文件操作相关的API进行全面hook并注入z.dll的代码,并编译供执行。The application side passes instructions to the server side or directly to the supply side, and directs the real path of part or all of the contents of the compiler cache and intermediate files, file and registry operations, and program operations to the corresponding source code on the server or supply side , Or projects, or workspaces, or databases, etc. The server or supplier serves as the real storage of R & D projects and codes, etc. It provides dynamic replacement of content executed by the client or compiled code, and is redirected by the translation of the application. The program performs dynamic replacement, so that the application can use the digital content but it is not available. For example, pseudo code can be inserted into the delivered digital content. This part of the code is not the real code, but a kind of reference, such as // hook (document API, z.dll), under normal circumstances, this should be a line of comment text. If it is not the system, the compiler will use it as a line of comments, and nothing will be added to the program. Now, however, this line of comments will be replaced by a line that comprehensively hooks all file operation-related APIs and injects z.dll code, and compiles it for execution.
本系统还在转译内容中自动添加header头部语句,以下称为工具宏,用于调试与二次开发等功能,如,数字内容的原始内容标记为Y,其所对应的伪内容标记为A,增加的工具宏的内容为H,则应用端在执行或者编译的时候,便会被重定向为HY或YH,H可以是代码也可以是其他数字内容,且真实内容Y对于H是可访问的。增加的工具宏的内容中包括了数字产品的控制语句或控制模块,以实现运行区域控制、授权场景控制、微服务模块化、 定时失效等。The system also automatically adds a header statement to the translated content, hereinafter referred to as a tool macro, which is used for debugging and secondary development. For example, the original content of digital content is marked as Y, and the corresponding pseudo content is marked as A. , The content of the added tool macro is H, when the application is executed or compiled, it will be redirected to HY or YH, H can be code or other digital content, and the real content Y is accessible to H of. The content of the added tool macro includes the control sentence or control module of the digital product, so as to realize the operation area control, authorization scene control, microservice modularization, and timing failure.
本系统还包含多次转译的流程,在系统的架构上,设计了延伸链条以进行自我延展,其控制模式为:系统的处理实现还包含多次转译的设计,如,代码ABCD在第一应用端转译为伪代码XY,假定在这个过程中经过了二次开发,又包含了来自原来第一应用端用户的新的内容EFG,新的代码XY-EFG,再存储到服务端上,然后经过本系统转译,在第二应用端以伪代码XYZ的形式处理,处理时映射回ABCDEFG,从而在过程中包括了更多的开发者的内容。见说明书附图2。The system also includes the process of multiple translations. On the architecture of the system, an extension chain is designed to self-extend. The control mode is: the system's processing implementation also includes the design of multiple translations. For example, the code ABCD is used in the first application. The end is translated into pseudo code XY, assuming that it has undergone secondary development in this process, and contains new content EFG from the original first application user, the new code XY-EFG, and then stored on the server, and then passed This system is translated and processed in the form of pseudo-code XYZ on the second application side, and is mapped back to ABCDEFG during processing, so as to include more developers' content in the process. See Attachment 2 in the specification.
在应用端的缓存文件上,首先都是经过透明加密保护的,然后还可以不写入硬盘,而是在内存创建一个的Ramdisk虚拟磁盘存储区,虚拟化为虚拟磁盘从而进行I/O控制。The cache files on the application side are first protected by transparent encryption. Then, instead of writing to the hard disk, a Ramdisk virtual disk storage area can be created in the memory and virtualized into a virtual disk for I / O control.
整个系统还进行区块链公证,对整个系统的运行过程,包括服务器与项目源主体,以及时间、MAC地址、IP、身份等都进行分布式的永久的不可篡改的记录。The entire system is also notarized by the blockchain. The operation process of the entire system, including the server and the source of the project, as well as time, MAC address, IP, identity, etc., are distributed and permanently immutable records.
当然,系统的各个环节之间的交互都进行了加密。Of course, the interaction between the various links of the system is encrypted.
服务器上的分布式存储也可以有多种模式:1.同时将真实文件拆分成多份保存,即在服务端上文件不是以完整的文件形式保存,而是将文件拆分多段分别保存到多个不同的物理机器,每个服务器分别保存一部分,或者多个不同的物理磁盘,但对于客户端上的映射与替换时则还是一个完整的文件;2.采用区块链式的分布式存储;3.系统的服务器端通过沙箱将每个用户的工作空间隔离,一个用户一个沙盒,不同的沙盒与沙盒之间映射关系不同,因此文件与进程互相之间不可访问,为每个用户设置对应的真实存储区(网络磁盘或虚拟磁盘或文件夹,或在服务器Ramdisk中创建虚拟存储区域),在同一台计算机上起到了共享计算池、分割计算机的效果。The distributed storage on the server can also have multiple modes: 1. Simultaneously split the real file into multiple copies to save, that is, the file is not saved as a complete file on the server side, but the file is split into multiple segments and saved to Multiple different physical machines, each server separately saves a part, or multiple different physical disks, but it is still a complete file for mapping and replacement on the client; 2. Adopt blockchain-style distributed storage ; 3. The server side of the system isolates each user's work space through a sandbox. Each user has a sandbox. The mapping relationship between different sandboxes and sandboxes is different. Therefore, files and processes are not accessible to each other. Each user sets the corresponding real storage area (network disk or virtual disk or folder, or creates a virtual storage area in the server Ramdisk), which has the effect of sharing the computing pool and dividing the computer on the same computer.
为了防泄密,系统中各个环节还可通过inline hook与IRP派遣控制等方式实现虚拟化沙箱,将关键文件、程序、系统环境变成映射,再由沙盒对上述所有映射进行解析,对可信程序与不可信进程可以放到不同的沙盒中,或直接将不可信进程排除到沙盒外,以使得外部进入的恶意的窃取与木马不能获得真实文件。In order to prevent leaks, various links in the system can also realize virtual sandboxes by means of inline hooking and IRP dispatch control, turning key files, programs, and system environments into maps, and then the sandbox analyzes all the above maps. Trust programs and untrusted processes can be placed in different sandboxes, or untrusted processes can be directly excluded from the sandbox, so that malicious theft and Trojan horses from outside cannot obtain real files.
本发明的优势在于:The advantages of the present invention are:
特征1,相比于开源模式,本系统实现的模式有更强的商业性与激励性,在不交出核心知识产权的前提下实现交易,而相比于外包模式,本系统效率更高,成果可试用,成本也更低,因为除了买断之外本系统还可以租用数字成果;Feature 1, compared with the open source model, the model implemented by the system has stronger commerciality and incentives, and the transaction is realized without handing over the core intellectual property. Compared with the outsourcing model, the system is more efficient, The results can be used for trial, and the cost is lower, because in addition to buying out, the system can also rent digital results;
特征2,本发明系统的工具宏对数字内容的双向两侧都可访问到,因此可实现调试与二次开发,本系统并对所有修改实时地在服务端节点链条上进行分叉;Feature 2: The tool macro of the system of the present invention is accessible to both sides of the digital content, so debugging and secondary development can be achieved. The system forks all the modifications on the server node chain in real time;
特征3.本发明系统的链结构保证了二次开发的成果可以再利用。Feature 3. The chain structure of the system of the present invention ensures that the results of secondary development can be reused.
本发明所设计的技术方案中,所涉及的各个计算设备既可以是电脑,也可以是便携式计算机包括手机与平板设备,以及嵌入式设备。In the technical solution designed by the present invention, each computing device involved may be a computer, or a portable computer including a mobile phone and a tablet device, and an embedded device.
本发明在降低了客户端的设计研发工作与难度同时,会加强辅助性与协同性,客户端应用者本身也可以是服务端的源项目的开发者与提供者,从而形成一个网络。所有的本系统的项目还可以通过工具宏header代码共享token、应用组件等。The invention reduces the design and development work and difficulty of the client, and at the same time strengthens the assistance and collaboration. The client application itself can also be the developer and provider of the source project on the server side, thereby forming a network. All projects of this system can also share tokens, application components, etc. through the tool macro header code.
本发明已经成功实现了具体实施案例,作为一个具体实施案例,在上述基本架构的基础上,实施案例还做了如下的设置:The present invention has successfully implemented a specific implementation case. As a specific implementation case, based on the above basic architecture, the implementation case has also made the following settings:
1.应用端选取了一台标准的windows7计算机,在上面安装了沙盒重定向软件,并经过重启计算机生效;1. The application selects a standard windows7 computer, installs sandbox redirection software on it, and takes effect after restarting the computer;
2.服务器端选用windows server 2008服务器3台,安装了服务端内核沙盒,以便为每个客户端创建一个隔离的用户空间沙箱,以及每个用户可以自行上传、管理、分发、控制内容的管理系统,这一实例项目的存管基于沙盒隔离与去中心化区块链分布,3台服务端组成IPFS节点网络,数据是拆分存储在所有服务器的,但是任何一台的服务器又不能构成完整性。测试中,应用端与服务端的连接不是持续的,而是当应用端与服务端连接的时候,服务端进行认证,认证成功后服务端上开启一个沙盒,真实代码或内容进入该沙盒,服务端的沙盒与应用端的沙盒联通,彼此适应同一套映射关系;2. The server uses 3 Windows Server 2008 servers, and installs a server-side kernel sandbox to create an isolated user space sandbox for each client, and each user can upload, manage, distribute, and control content by himself Management system, the depository of this example project is based on sandbox isolation and decentralized blockchain distribution. Three servers form an IPFS node network. The data is split and stored on all servers, but any one server cannot Constitute integrity. In the test, the connection between the application and the server is not continuous, but when the application and the server are connected, the server authenticates. After the authentication is successful, a sandbox is opened on the server, and the real code or content enters the sandbox. The sandbox on the server side and the sandbox on the application side are connected to each other to adapt to the same set of mapping relationships;
3.我们测试了代码型的项目交易,供应端上传了一个底层的hook代码项目作为需要交易的数字内容,而后核心算法部分被转译为伪代码hooka-hooka,在仅仅交付接口、配套函数以及经过hooka-hooka伪装过的内核代码给应用端的情况下,应用端通过转译重定向得到了服务端输出的大量代码功能,对其效果进行了评估,而后应用端利用工具宏header进行了调试和二次开发,形成了新的分叉,并上传到服务器端;3. We tested the code-based project transaction. The supplier uploaded a low-level hook code project as the digital content to be traded, and then the core algorithm part was translated into pseudo code hooka-hooka. After only delivering the interface, supporting functions and When the kernel code disguised by hooka-hooka is given to the application side, the application side obtains a large number of code functions output by the server side through translation redirection, and its effect is evaluated, and then the application side uses the tool macro header for debugging and secondary Development, formed a new fork, and uploaded to the server;
4.我们随后测试了3D模型形式的交易,供应端上传了一个fbx格式的3D模型,并将其透明加密的版本交付给了应用端,应用端在WEB IDE中打开使用没有问题,在连接WEB IDE的云主机上编译操作也没有问题。4. We then tested the transaction in the form of 3D model. The supplier uploaded a 3D model in fbx format and delivered its transparent encrypted version to the application. The application was opened and used in the WEB IDE. There is no problem in connecting to the WEB. There is no problem with the compilation operation on the IDE cloud host.
附图说明BRIEF DESCRIPTION
附图1.本系统流程图。Figure 1. Flow chart of the system.
附图2.链流程图。Figure 2. Chain flow diagram.

Claims (10)

  1. 一种基于底层转译的电子交易系统,该系统具有如下特征:An electronic trading system based on bottom-level translation. The system has the following characteristics:
    a.系统的组成上,包含供应端,应用端,服务器端,总控制软件及数据库:其中,供应端向系统平台提供开发代码、模型资源、以及实现特定功能的技术组件等各种数字形态的产品,供应产品的存管可以是1)由供应者上传到服务器端,或者2)将相关信息提交给服务器而数字产品原件保存在本地,等其他模式;应用端即数字产品的使用端,也包含二次开发性质的应用,本电子交易系统的应用端还包含了转译重定向工具,可以对数字形态的内容进行重定向、转译、替换等操作;服务器端负责系统软件与数据的存储,以及与各端交互等功能;总控制软件控制交易项目的真实映射关系等内容;a. The composition of the system includes the supply side, application side, server side, general control software and database: the supply side provides various code forms such as development codes, model resources, and technical components to realize specific functions to the system platform For products, the depository of the supplied product can be 1) uploaded by the supplier to the server, or 2) submitted to the server and the original digital product is stored locally, and other modes; the application side is the user side of the digital product, also Contains applications of a secondary development nature. The application side of this electronic trading system also includes a translation redirection tool that can redirect, translate, and replace digital content; the server side is responsible for the storage of system software and data, and Functions such as interaction with each end; the total control software controls the real mapping relationship of transaction items, etc .;
    b.应用端的转译重定向的实现可以采用如下的办法:1)沙盒重定向,在应用端运行的伪数字内容在执行时被重定向到位于供应端或服务器端,获取真实内容;2)应用端以WEB IDE形式或类似的客户端软件来运行接收到的数字内容,编译、执行、存储在vps或云主机等远端设备上,在远端设备上执行替换;3)其他类似效果的方法包括但不限于透明加密等;b. The translation redirection of the application side can be implemented as follows: 1) Sandbox redirection, the pseudo digital content running on the application side is redirected to the supply side or the server side during execution to obtain real content; 2) The application terminal runs the received digital content in the form of WEB IDE or similar client software, compiles, executes, and stores the remote device such as vps or cloud host, and performs replacement on the remote device; 3) Other similar effects Methods include but are not limited to transparent encryption, etc .;
    c.该电子交易系统的运作模式:当供应端向应用者交付对应的数字产品时,先不交付真实内容,而是提供一套对应的沙盒化的伪数字产品到应用端,比如,对于开发代码,提供的是伪代码,而对于模型资源,提供的是透明加密后的伪模型,伪内容可以是标签性质的、指代性质的,而当本系统的应用端接收到伪产品后,总控制软件作为项目与代码的真实映射控制,对伪代码或伪模型在本地执行时的内容下达动态替换指令到应用端,应用端由于包含了转译重定向工具,在将伪代码或伪模型在本地应用使用的时候,随即将伪代码或伪模型,编译、使用时被按照映射库的对应关系还原为真实原始的内容再编译或执行,从而实现用户所见非所得,对于应用端的客户,看到的均是伪代码、伪模型等,而后编译时被动态替换为真实的内容,使得真实的内容不被应用端获取、而应用端可以使用;c. The operation mode of the electronic trading system: when the supply side delivers the corresponding digital product to the user, it does not first deliver the real content, but provides a corresponding set of sandboxed pseudo digital products to the application side, for example, for The development code provides pseudo code, and for the model resources, the transparent encrypted pseudo model is provided. The pseudo content can be of a label or referential nature, and when the application of the system receives the pseudo product, As the real mapping control of the project and the code, the general control software issues dynamic replacement instructions to the content of the pseudo code or pseudo model when it is executed locally. The application side contains the translation and redirection tool. When the local application is used, the pseudo code or pseudo model will be restored to the real original content according to the corresponding relationship of the mapping library and then compiled or executed according to the corresponding relationship of the mapping library, so as to realize what the user sees and what is not gained. The received content is pseudo code, pseudo model, etc., and is dynamically replaced with real content during compilation, so that the real content should not be applied. Obtaining an end, and the end use application;
    d.应用端随后执行如下四种接收处理模式中的一种或多种:1)应用端通过上述转译伪代码的方式确认数字内容的价值,完成支付或者确认后,供应端再提供给真实的数字内容;2)应用端通过上述转译伪代码的方式完成外包前的选择与试用,依据运行结果选择供应端;3)应用端通过上述转译伪代码的方式实现仅仅需要使用权的数字产品出租模式;4)服务端托管真实的数字产品,而应用端通过上述方式仅获得一部分真实内容,从而获得部分的产权。d. The application terminal then executes one or more of the following four reception processing modes: 1) The application terminal confirms the value of the digital content by means of the above pseudocode translation, and after the payment or confirmation is completed, the supply terminal provides it to the real Digital content; 2) The application terminal completes the selection and trial before outsourcing through the above-mentioned translation pseudo code, and selects the supply side according to the operation results; 3) The application side realizes the digital product rental mode that only requires the right to use the above-mentioned translation pseudo code 4) The server end hosts real digital products, while the application end obtains only part of the real content through the above-mentioned methods, thereby obtaining part of the property rights.
  2. 根据权利要求1的一种系统,其特征在于,在转译内容中自动添加header头部语句(以下称为工具宏),用于调试与二次开发等功能,如,数字原始内容标记为Y,其所对应的伪内容标记为A,添加的工具宏的内容为H,应用端在执行或者编译A的时候,便会被重定向为HY或YH,H可以是代码也可以是其他数字内容,且真实内容Y对于H是可访问的。A system according to claim 1, characterized in that a header sentence (hereinafter referred to as a tool macro) is automatically added to the translated content for functions such as debugging and secondary development, for example, the digital original content is marked as Y, The corresponding pseudo content is marked as A, and the content of the added tool macro is H. When the application terminal executes or compiles A, it will be redirected to HY or YH. H can be code or other digital content. And the real content Y is accessible to H.
  3. 根据权利要求2的一种系统,其特征在于,增加的工具宏的内容中为数字产品的控制语句或架构语句,以实现运行区域控制、授权场景控制、微服务模块化、定时失效等。A system according to claim 2, characterized in that the content of the added tool macro is a control sentence or an architecture sentence of a digital product, so as to realize operation area control, authorization scenario control, microservice modularization, and timing failure.
  4. 根据权利要求1的一种系统,其特征在于,系统的架构上,设计了延伸链条以进行自我延展,其控制模式为:系统的处理实现还包含多次转译的设计,如,代码ABCD在第一应用端转译为伪代码XY,假定在这个过程中经过了二次开发,又包含了来自原来第一应用端用户的新的内容EFG,新的代码XY-EFG,再存储到服务端上,然后经过本系统转译,在第二应用端以伪代码XYZ的形式处理,处理时映射回ABCDEFG,从而在过程中包括了更多的开发者的内容。A system according to claim 1, characterized in that, on the architecture of the system, an extension chain is designed for self-expansion, and its control mode is: the processing implementation of the system also includes the design of multiple translations. For example, the code ABCD An application is translated into pseudo code XY, assuming that it has undergone secondary development in this process, and contains new content EFG from the original first application user, new code XY-EFG, and then stored on the server, Then, after being translated by this system, it is processed in the form of pseudo code XYZ on the second application side, and is mapped back to ABCDEFG during processing, so as to include more developers' content in the process.
  5. 根据权利要求4的一种系统,其特征在于,系统的服务端托管存储真实的数字产品,供应端将数字产品的产权也托管给与服务端,系统的总控制器及数据库将应用端的历次转译与转译后的应用均记录到数据库,并建立非标准化的数字资产的价值指标标准化数据库,而后按照一定规则向购买部分产权的应用端给予一部分真实数字内容与一部分伪内容。A system according to claim 4, characterized in that the server side of the system hosts and stores real digital products, the supply side also entrusts the property rights of the digital products to the server side, and the system's general controller and database translate the previous application side The translated and translated applications are recorded in a database, and a standardized database of value indicators for non-standardized digital assets is established, and then a part of real digital content and a part of pseudo content are given to the application that purchases part of property rights according to certain rules.
  6. 根据权利要求1的一种系统,其特征在于,系统的组成上,通过在服务器设备上设置虚拟机,再在虚拟机的基础上通过沙盒隔离创造出的互不干扰的多用户,即每个用户对应于一个沙盒,而各个沙盒之间的文件、注册表等的映射关系不同,特别地,对于linux服务器系统来说,每个用户对应于一个类似docker的容器系统。A system according to claim 1, characterized in that, in the composition of the system, by setting up a virtual machine on a server device, and then isolating multiple users that do not interfere with each other by sandbox isolation based on the virtual machine, that is, each user Each user corresponds to a sandbox, and the mapping relationship between files, registry, etc. between the different sandboxes is different. In particular, for a linux server system, each user corresponds to a container system similar to docker.
  7. 根据权利要求1的一种系统,其特征在于,系统的每个应用端用户的伪数字产品的缓存指向一个虚拟磁盘,该虚拟磁盘进行IO的控制,还通过对文件与代码的缓存的透明加密实现对用户访问的额外控制,该虚拟磁盘可以是通过内存虚拟出的虚拟磁盘ramdisk,并将部分或全部缓存存在其中。A system according to claim 1, characterized in that the cache of the pseudo-digital product of each application-end user of the system points to a virtual disk, the virtual disk performs IO control, and also transparently encrypts the cache of files and codes To achieve additional control over user access, the virtual disk may be a virtual disk ramdisk virtualized through memory, and some or all of the cache is stored therein.
  8. 根据权利要求1的一种系统,其特征在于,在系统的应用端上通过inline hook与IRP派遣控制等方式实现虚拟化沙箱,将关键文件、程序、系统环境变成映射,再由沙盒对上述所有映射进行解析。A system according to claim 1, characterized in that a virtualized sandbox is implemented on the application side of the system by means of inline hooking and IRP dispatch control, and the key files, programs, and system environment are mapped, and then the sandbox Analyze all the above mappings.
  9. 根据权利要求1的一种系统,其特征在于,服务器端是分布式的以区块链架构比如IPFS方案存储的,如果我们将本系统保护起来的数据、文件、代码与脚本统称为源的话,这些源是分布式存储在各个节点的服务器的,以区块链的方式存储,全量节点存储所有同步记录,其他轻量节点部分同步。A system according to claim 1, characterized in that the server side is distributed and stored in a blockchain architecture such as the IPFS scheme. If we collectively call the data, files, codes and scripts protected by the system as the source, These sources are distributed and stored on the servers of each node, and are stored in a blockchain manner. All nodes store all synchronized records, and other lightweight nodes are partially synchronized.
  10. 根据权利要求1的一种系统,其特征在于,服务器端由N(N大于等于2)台服务器组成,当代码或者文件被重定向到服务器的时候,在服务端上代码或者文件被拆分成多段数据分别保存到多个不同的物理机器,分别保存一部分,但相对应用端进行映射时则还原到完整的。A system according to claim 1, wherein the server side is composed of N (N is greater than or equal to 2) servers, and when the code or file is redirected to the server, the code or file is split into Multiple pieces of data are saved to multiple different physical machines, and a part is saved separately, but when they are mapped to the application side, they are restored to complete.
PCT/CN2019/125780 2018-11-05 2019-12-16 Electronic trading system based on base layer translation WO2020094157A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811307180.2A CN109413189B (en) 2018-11-05 2018-11-05 Electronic transaction system based on bottom translation
CN201811307180.2 2018-11-05

Publications (1)

Publication Number Publication Date
WO2020094157A1 true WO2020094157A1 (en) 2020-05-14

Family

ID=65471539

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/125780 WO2020094157A1 (en) 2018-11-05 2019-12-16 Electronic trading system based on base layer translation

Country Status (2)

Country Link
CN (1) CN109413189B (en)
WO (1) WO2020094157A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109413189B (en) * 2018-11-05 2022-03-11 张维加 Electronic transaction system based on bottom translation
CN112241309B (en) * 2020-10-21 2022-04-01 海光信息技术股份有限公司 Data security method and device, CPU, chip and computer equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110178932A1 (en) * 2010-01-15 2011-07-21 Anthony Kevin Johnson Artistic work download transaction (awdt)
CN104320448A (en) * 2014-10-17 2015-01-28 张维加 Method and device for accelerating caching and prefetching of computing device based on big data
CN106095427A (en) * 2016-06-07 2016-11-09 中国建设银行股份有限公司 A kind of application assembly being suitable to on-line transaction
CN107403090A (en) * 2017-08-05 2017-11-28 张维加 A kind of sandbox redirecting structure of striding equipment deployment
CN109413189A (en) * 2018-11-05 2019-03-01 张维加 A kind of electronic trading system based on bottom translation

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102496126B (en) * 2011-12-02 2015-04-22 中国工商银行股份有限公司 Custody asset transaction data monitoring equipment
US20140019298A1 (en) * 2012-07-12 2014-01-16 Shopzilla, Inc. Systems and methods for universal online checkout
CN103578012A (en) * 2012-08-03 2014-02-12 盛乐信息技术(上海)有限公司 Information trading method and system
US9124668B2 (en) * 2013-05-20 2015-09-01 Citrix Systems, Inc. Multimedia redirection in a virtualized environment using a proxy server
CN103744652B (en) * 2013-12-19 2017-02-08 深圳市蓝凌软件股份有限公司 Hybrid APP development method and device across mobile terminals
CN105447382A (en) * 2014-09-28 2016-03-30 北京云巢动脉科技有限公司 Sandbox based software registry redirection method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110178932A1 (en) * 2010-01-15 2011-07-21 Anthony Kevin Johnson Artistic work download transaction (awdt)
CN104320448A (en) * 2014-10-17 2015-01-28 张维加 Method and device for accelerating caching and prefetching of computing device based on big data
CN106095427A (en) * 2016-06-07 2016-11-09 中国建设银行股份有限公司 A kind of application assembly being suitable to on-line transaction
CN107403090A (en) * 2017-08-05 2017-11-28 张维加 A kind of sandbox redirecting structure of striding equipment deployment
CN109413189A (en) * 2018-11-05 2019-03-01 张维加 A kind of electronic trading system based on bottom translation

Also Published As

Publication number Publication date
CN109413189B (en) 2022-03-11
CN109413189A (en) 2019-03-01

Similar Documents

Publication Publication Date Title
CN108762815B (en) Method for realizing Android running environment based on non-virtualization system architecture
Bean Laravel 5 essentials
TWI676914B (en) Method for securely provisioning an asset to a target device and appliance device
WO2020094157A1 (en) Electronic trading system based on base layer translation
WO2020073877A1 (en) Distributed computing system deployed across devices
US7318215B1 (en) Stored procedure interface language and tools
US20180260199A1 (en) Method and apparatus for intermediate representation of applications
CN101763265B (en) Procedure level software and hardware collaborative design automatized development method
US20060130128A1 (en) Process for compiling and executing software applications in a multi-processor environment
US9983869B2 (en) Adaptive interface for cross-platform component generation
US20130007889A1 (en) Trusted computing source code escrow and optimization
US10579498B2 (en) Debugging tool for a JIT compiler
Herron Node Web Development
Thain et al. Techniques for preserving scientific software executions: Preserve the mess or encourage cleanliness?
US20140052558A1 (en) Methods and apparatus for sharing digital books and other digital media objects
Mugarza et al. Cetratus: A framework for zero downtime secure software updates in safety‐critical systems
CN111079097A (en) Programming development system based on network
Soliman Getting Started with Memcached
CN107092517B (en) SDK tool package generation method and device
CN106971096B (en) Method for protecting software and system
Ince et al. Building an open source Linux computing system on RISC-V
WO2017063323A1 (en) Method for implementing cloud locking of sensitive data based on reconstruction technology
Walli OpenNT: UNIX application portability to Windows NT via an alternative environment subsystem
Pekarek A Truffle-based Interpreter for x86 Binary Code
Strickland et al. Contracts for domain-specific languages in ruby

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19882628

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19882628

Country of ref document: EP

Kind code of ref document: A1