[go: up one dir, main page]

CN102377603B - Policy processing method and policy processing devices - Google Patents

Policy processing method and policy processing devices Download PDF

Info

Publication number
CN102377603B
CN102377603B CN201110329587.7A CN201110329587A CN102377603B CN 102377603 B CN102377603 B CN 102377603B CN 201110329587 A CN201110329587 A CN 201110329587A CN 102377603 B CN102377603 B CN 102377603B
Authority
CN
China
Prior art keywords
policy
management
node unit
provincial
control node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201110329587.7A
Other languages
Chinese (zh)
Other versions
CN102377603A (en
Inventor
万倩
牛妍华
崔竞飞
欧阳峰
朱里越
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National News Publishes Broadcast Research Institute Of General Bureau Of Radio Film And Television
Original Assignee
Academy of Broadcasting Science Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Academy of Broadcasting Science Research Institute filed Critical Academy of Broadcasting Science Research Institute
Priority to CN201110329587.7A priority Critical patent/CN102377603B/en
Publication of CN102377603A publication Critical patent/CN102377603A/en
Application granted granted Critical
Publication of CN102377603B publication Critical patent/CN102377603B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a policy processing method, a policy processing system and devices. The method includes the following steps: a provincial control center receives a first policy synchronization message sent by a central control center; according to the first policy synchronization message, a policy is obtained from a central policy library corresponding to the central control center, and according to the policy, a policy in a provincial policy library corresponding to the provincial control center is synchronously processed; a generated second policy synchronization message is sent to control node units, so that the control node units can obtain the updated policy from the provincial policy library corresponding to the provincial control center according to the second policy synchronization message, and according to the policy, policies in policy sub-libraries corresponding to the control node units are updated.

Description

策略处理方法和系统以及设备Policy processing method, system and device

技术领域 technical field

本发明涉及技术通信领域,尤其涉及一种策略处理方法和系统以及设备。The present invention relates to the technical communication field, in particular to a policy processing method, system and equipment.

背景技术 Background technique

下一代广播电视网络(Next Generation Broadcasting Network;简称:NGB)是具有统一技术标准的、可管可控可信的、全程全网的带宽交互式网络。基于NGB的安全管控体系包括:内容服务层(CP)、业务运营层(SP)、网络运营层(NP)和用户终端层(USER),其中,内容服务层与内容发布平台连接,业务运营层与业务平台连接,网络运营层与承载网连接,用户终端层与用户终端连接,从而使得该安全管控体系实现了对内容、业务、网络和用户的安全保障功能。Next Generation Broadcasting Network (NGB for short) is an interactive network with unified technical standards, manageable, controllable and credible, and full network bandwidth. The security management and control system based on NGB includes: content service layer (CP), business operation layer (SP), network operation layer (NP) and user terminal layer (USER). It is connected to the service platform, the network operation layer is connected to the bearer network, and the user terminal layer is connected to the user terminal, so that the security management and control system realizes the security protection function for content, business, network and users.

但是,随着三网融合的演进,NGB不断引进新的业务,终端类型也随之增加,从而使得网络架构和传输体制也发生了重大地转变,例如:出现了分级管理模式,但是现有的策略管理方法无法适用该分级管理模式,从而使得安全管控体系对内容、业务、网络和用户的安全保障功能降低。However, with the evolution of triple play, NGB continues to introduce new services, and the types of terminals also increase accordingly, resulting in major changes in the network architecture and transmission system. For example, a hierarchical management mode appears, but the existing The policy management method cannot be applied to this hierarchical management mode, thus reducing the security protection function of the security management and control system for content, business, network and users.

发明内容 Contents of the invention

本发明提供一种策略处理方法和系统以及设备,用于解决了现有技术中的策略管理方法无法适用该分级管理模式,从而使得安全管控体系对内容、业务、网络和用户的安全保障功能降低的问题。The present invention provides a policy processing method, system and equipment, which are used to solve the problem that the policy management method in the prior art cannot be applied to the hierarchical management mode, thereby reducing the security protection function of the security management and control system for content, business, network and users The problem.

本发明提供的一种策略处理方法,包括:A policy processing method provided by the present invention includes:

省级管控中心接收中央管控中心发送的第一策略同步消息;The provincial management and control center receives the first policy synchronization message sent by the central management and control center;

所述省级管控中心根据所述第一策略同步消息,从所述中央管控中心对应的中央策略库中获取策略,并根据所述策略,对所述省级管控中心对应的省级策略库中的策略进行同步处理;The provincial management and control center obtains the policy from the central policy database corresponding to the central management and control center according to the first policy synchronization message, and according to the policy, updates the policy in the provincial policy database corresponding to the provincial management and control center The strategy is synchronized;

所述省级管控中心将生成的第二策略同步消息发送给管控节点单元,以供管控节点单元根据所述第二策略同步消息,从所述省级管控中心对应的省级策略库中获取更新处理后的策略,并根据所述策略,更新所述管控节点单元对应的策略分库中的策略。The provincial management and control center sends the generated second policy synchronization message to the management and control node unit, so that the management and control node unit obtains an update from the provincial policy library corresponding to the provincial management and control center according to the second policy synchronization message The processed policy, and according to the policy, update the policy in the policy sub-base corresponding to the management and control node unit.

本发明还提供了一种策略处理方法,包括:The present invention also provides a policy processing method, including:

中央管控中心接收省级管控中心上报的标识信息;The central management and control center receives the identification information reported by the provincial management and control center;

所述中央管控中心对所述标识信息进行分析处理,并根据获取的分析结果,对所述中央管控中心对应的中央策略库中的策略进行更新处理;The central management and control center analyzes and processes the identification information, and updates the policies in the central policy library corresponding to the central management and control center according to the obtained analysis results;

所述中央管控中心发送第一策略同步消息给所述省级管控中心,以供所述省级管控中心根据所述第一策略同步消息,从所述中央管控中心对应的中央策略库中获取更新处理后的策略,并根据所述更新处理后的策略,对所述省级管控中心对应的省级策略库中的策略进行同步处理;The central management and control center sends a first policy synchronization message to the provincial management and control center, so that the provincial management and control center can obtain updates from the central policy library corresponding to the central management and control center according to the first policy synchronization message The processed policy, and according to the updated policy, synchronously process the policies in the provincial policy library corresponding to the provincial management and control center;

所述中央管控中心接收所述省级管控中心返回的第一策略同步响应信息。The central management and control center receives the first policy synchronization response information returned by the provincial management and control center.

本发明还提供了一种策略处理方法,包括:The present invention also provides a policy processing method, including:

管控节点单元接收省级管控中心发送的第二策略同步消息;The management and control node unit receives the second policy synchronization message sent by the provincial management and control center;

所述管控节点单元根据所述第二策略同步消息,从所述省级管控中心对应的省级策略库中获取更新处理后的策略,并根据所述策略,对所述管控节点单元对应的策略分库中的策略进行同步处理;The management and control node unit obtains the updated policy from the provincial policy library corresponding to the provincial management and control center according to the second policy synchronization message, and according to the policy, the policy corresponding to the management and control node unit The strategies in the sub-database are synchronized;

所述管控节点单元向所述省级管控中心发送第二策略同步响应消息。The management and control node unit sends a second policy synchronization response message to the provincial management and control center.

本发明提供了一种省级管控中心,包括:The invention provides a provincial management and control center, including:

收发模块,用于接收中央管控中心发送的第一策略同步消息;A transceiver module, configured to receive the first policy synchronization message sent by the central management and control center;

策略同步模块,用于根据所述第一策略同步消息,从所述中央管控中心对应的中央策略库中获取策略,并根据所述策略,对所述省级管控中心对应的省级策略库中的策略进行同步处理;A policy synchronization module, configured to obtain a policy from the central policy library corresponding to the central management and control center according to the first policy synchronization message, and, according to the policy, update the policy in the provincial policy library corresponding to the provincial management and control center The strategy is synchronized;

所述收发模块还用于将生成的第二策略同步消息发送给管控节点单元,以供管控节点单元根据所述第二策略同步消息,从所述省级管控中心对应的省级策略库中获取更新处理后的策略,并根据所述策略,更新所述管控节点单元对应的策略分库中的策略。The transceiver module is further configured to send the generated second policy synchronization message to the management and control node unit, so that the management and control node unit can obtain the corresponding provincial policy library from the provincial management and control center according to the second policy synchronization message. The processed policy is updated, and the policy in the policy sub-base corresponding to the management and control node unit is updated according to the policy.

本发明提供了一种中央管控中心,包括:The invention provides a central management and control center, comprising:

收发模块,用于接收省级管控中心上报的标识信息;The transceiver module is used to receive the identification information reported by the provincial management and control center;

策略更新模块,用于对所述标识信息进行分析处理,并根据获取的分析结果,对所述中央管控中心对应的中央策略库中的策略进行更新处理;A policy update module, configured to analyze and process the identification information, and update the policies in the central policy library corresponding to the central management and control center according to the obtained analysis results;

所述收发模块还用于发送第一策略同步消息给所述省级管控中心,以供所述省级管控中心根据所述第一策略同步消息,从所述中央管控中心对应的中央策略库中获取更新处理后的策略,并根据所述更新处理后的策略,对所述省级管控中心对应的省级策略库中的策略进行同步处理;The transceiver module is also used to send a first policy synchronization message to the provincial management and control center, so that the provincial management and control center can retrieve the information from the central policy library corresponding to the central management and control center according to the first policy synchronization message. Acquiring the updated policy, and synchronizing the policies in the provincial policy library corresponding to the provincial management and control center according to the updated policy;

所述收发模块还用于接收所述省级管控中心返回的第一策略同步响应信息。The transceiver module is also used to receive the first policy synchronization response information returned by the provincial management and control center.

本发明提供了一种管控节点单元,包括:The present invention provides a control node unit, including:

收发模块,用于接收省级管控中心发送的第二策略同步消息;A transceiver module, configured to receive the second policy synchronization message sent by the provincial management and control center;

策略同步模块,用于根据所述第二策略同步消息,从所述省级管控中心对应的省级策略库中获取更新处理后的策略,并根据所述策略,对所述管控节点单元对应的策略分库中的策略进行同步处理;The policy synchronization module is configured to obtain the updated policy from the provincial policy database corresponding to the provincial management and control center according to the second policy synchronization message, and according to the policy, to the corresponding management and control node unit The strategies in the strategy sub-library are processed synchronously;

所述收发模块还用于向所述省级管控中心发送第二策略同步响应消息。The transceiver module is further configured to send a second policy synchronization response message to the provincial management and control center.

本发明的策略处理方法和系统以及设备,通过省级管控中心将从管控节点单元接收到的标识信息上报给中央管控中心,以供中央管控中心对该标识信息进行分析,并根据获取的分析结果,对中央管控中心对应的策略库中的策略进行更新处理,再将更新后的策略同步到省级管控中心对应的策略库中以及管控节点单元对应的策略库中,从而有效地提高了安全管控体系对内容、业务、网络和用户的安全保障功能,进而实现了整个策略处理系统至上而下的策略动态更新和无缝管控能力。The strategy processing method, system and equipment of the present invention report the identification information received from the management and control node unit to the central management and control center through the provincial management and control center, so that the central management and control center can analyze the identification information, and according to the obtained analysis results , update the policy in the policy library corresponding to the central management and control center, and then synchronize the updated policy to the policy library corresponding to the provincial management and control center and the policy library corresponding to the control node unit, thus effectively improving security management and control The system's security protection functions for content, business, network and users, and then realize the top-down policy dynamic update and seamless management and control capabilities of the entire policy processing system.

附图说明 Description of drawings

图1为本发明各实施例所基于的策略处理系统的网络部署架构图;FIG. 1 is a network deployment architecture diagram of a policy processing system based on various embodiments of the present invention;

图2为本发明策略处理方法的一个实施例的流程图;Fig. 2 is a flowchart of an embodiment of the policy processing method of the present invention;

图3为本发明策略处理方法的又一个实施例的结构示意图;FIG. 3 is a schematic structural diagram of another embodiment of the policy processing method of the present invention;

图4为本发明策略处理方法的再一个实施例的流程图;Fig. 4 is a flowchart of another embodiment of the policy processing method of the present invention;

图5为本发明省级管控中心的一个实施例的结构示意图;Fig. 5 is a structural schematic diagram of an embodiment of the provincial management and control center of the present invention;

图6为本发明中央管控中心的一个实施例的结构示意图;Fig. 6 is a structural schematic diagram of an embodiment of the central management and control center of the present invention;

图7为本发明管控节点单元的一个实施例的结构示意图。Fig. 7 is a schematic structural diagram of an embodiment of the management and control node unit of the present invention.

具体实施方式 Detailed ways

图1为本发明各实施例所基于的策略处理系统的网络部署架构图,如图1所示,该安策略处理系统包括:中央管控中心11、省级管控中心12和管控节点单元13,其中,中央管控中心11中包括与该中央管控中心对应的中央策略库、省级管控中心12中包括与该省级管控中心12对应的省级策略库,管控节点单元13中包括与该管控节点单元13对应的策略分库。Fig. 1 is a network deployment architecture diagram of the policy processing system based on various embodiments of the present invention. As shown in Fig. 1, the security policy processing system includes: a central management and control center 11, a provincial management and control center 12 and a management and control node unit 13, wherein , the central management and control center 11 includes a central strategy library corresponding to the central management and control center, the provincial management and control center 12 includes a provincial strategy library corresponding to the provincial management and control center 12, and the management and control node unit 13 includes a 13 corresponds to the strategy sub-library.

图2为本发明策略处理方法的一个实施例的流程图,如图2所示,本实施例的方法包括:Fig. 2 is a flowchart of an embodiment of the policy processing method of the present invention, as shown in Fig. 2, the method of this embodiment includes:

步骤101、省级管控中心接收中央管控中心发送的第一策略同步消息。Step 101, the provincial management and control center receives the first policy synchronization message sent by the central management and control center.

步骤102、省级管控中心根据该第一策略同步消息,从该中央管控中心对应的中央策略库中获取策略,并根据该策略,对该省级管控中心对应的省级策略库中的策略进行同步处理。Step 102, the provincial management and control center obtains the strategy from the central policy library corresponding to the central management and control center according to the first policy synchronization message, and according to the strategy, executes the policy in the provincial strategy library corresponding to the provincial management and control center Synchronous processing.

在本实施例中,该第一策略同步消息可以具体为传输控制协议(Transmission Control Protocol;简称:TCP)套接字(Socket)消息包。中央管控中心对应的中央策略库可以作为文件传输协议(File Transfer Protocol;简称:FTP)-服务(server)端,则该第一策略同步消息中携带有该中央策略库的FTP位置,从而使得省级管控中心可以根据该第一策略同步消息,从中央策略库的FTP位置对应的中央策略库中获取策略。In this embodiment, the first policy synchronization message may specifically be a Transmission Control Protocol (Transmission Control Protocol; TCP for short) socket (Socket) message packet. The central policy library corresponding to the central management and control center can be used as a file transfer protocol (File Transfer Protocol; referred to as: FTP)-server (server), and then the first policy synchronization message carries the FTP location of the central policy library, thereby saving The level management and control center can obtain the policy from the central policy repository corresponding to the FTP location of the central policy repository according to the first policy synchronization message.

步骤103、省级管控中心将生成的第二策略同步消息发送给管控节点单元,以供管控节点单元根据该第二策略同步消息,从该省级管控中心对应的省级策略库中获取更新后的策略,并根据该策略,更新该管控节点单元对应的策略分库中的策略。Step 103, the provincial management and control center sends the generated second policy synchronization message to the management and control node unit, so that the management and control node unit obtains the updated policy from the provincial policy library corresponding to the provincial management and control center according to the second policy synchronization message strategy, and according to the strategy, update the strategy in the strategy sub-base corresponding to the control node unit.

在本实施例中,该第二策略同步消息也可以具体为TCP Socket消息包。省级管控中心对应的省级策略库可以作为FTP-server端,则该第二策略同步消息中携带有该省级策略库的FTP位置,从而使得管控节点单元可以根据该第二策略同步消息,从省级策略库的FTP位置对应的省级策略库中获取策略。In this embodiment, the second policy synchronization message may also specifically be a TCP Socket message packet. The provincial policy library corresponding to the provincial management and control center can be used as the FTP-server end, and the FTP location of the provincial policy library is carried in the second policy synchronization message, so that the management and control node unit can synchronize the message according to the second policy, Obtain policies from the provincial policy library corresponding to the FTP location of the provincial policy library.

在本实施例中,该第一策略同步消息和第二策略同步消息的一种具体形式如表一所示:In this embodiment, a specific form of the first policy synchronization message and the second policy synchronization message is shown in Table 1:

表一Table I

在本实施例中,通过省级管控中心接收中央管控中心发送的第一策略同步消息,从该中央管控中心对应的中央策略库中获取策略,并根据该策略,对该省级管控中心对应的省级策略库中策略进行同步处理,另外,省级管控中心将生成的第二策略同步消息发送给管控节点单元,以供管控节点单元根据该第二策略同步消息,从该省级管控中心对应的省级策略库中获取更新处理后的策略,并根据该策略,更新管控节点单元对应的策略分库中的策略,从而有效地提高了安全管控体系对内容、业务、网络和用户的安全保障功能,进而实现了整个策略处理系统至上而下的策略动态更新和无缝管控能力。In this embodiment, the provincial management and control center receives the first policy synchronization message sent by the central management and control center, obtains the policy from the central policy database corresponding to the central management and control center, and according to the policy, the corresponding provincial management and control center The policies in the provincial policy library are synchronized. In addition, the provincial management and control center sends the generated second policy synchronization message to the management and control node unit, so that the management and control node unit can synchronize the message from the provincial management and control center according to the second policy synchronization message. The updated policy is obtained from the provincial policy library of the local government, and according to the policy, the policy in the policy sub-base corresponding to the control node unit is updated, thereby effectively improving the security of the security control system for content, business, network and users. function, and then realize the top-down policy dynamic update and seamless management and control capabilities of the entire policy processing system.

进一步的,在本发明的另一个实施例中,在上述图1所示实施例的基础上,步骤102之后还可以包括:Further, in another embodiment of the present invention, on the basis of the above embodiment shown in FIG. 1 , after step 102, it may further include:

省级管控中心将生成的第一策略同步响应消息返回给中央管控中心。The provincial management and control center returns the generated first policy synchronization response message to the central management and control center.

进一步的,步骤103之后还可以包括:Further, after step 103, it may also include:

省级管控中心接收管控节点单元返回的第二策略同步响应消息。The provincial management and control center receives the second policy synchronization response message returned by the management and control node unit.

在本实施例中,该第一策略同步响应消息和第二策略同步响应消息可以具体为TCP Socket消息包。具体的,该第一策略同步响应消息和第二策略同步响应消息的一种具体形式如表二所示:In this embodiment, the first policy synchronization response message and the second policy synchronization response message may specifically be TCP Socket message packets. Specifically, a specific form of the first policy synchronization response message and the second policy synchronization response message is shown in Table 2:

表二Table II

其中,同步处理结果的具体定义可以如表三所示:Among them, the specific definition of the synchronization processing result can be shown in Table 3:

表三Table three

更进一步的,该方法还可以包括:Further, the method may also include:

省级管控中心接收管控节点单元上报的标识信息,并将该标识信息上报给中央管控中心。The provincial management and control center receives the identification information reported by the management and control node unit, and reports the identification information to the central management and control center.

在本实施例中,管控节点单元可以每隔预定时间采集标识信息,并将该标识信息上报给省级管控中心,再由省级管控中心将该标识信息上报给中央管控中心,由该中央管控中心对该标识信息进行分析处理,并可以根据该分析结果,更新中央策略库中的策略。其中,标识信息包括业务标识信息和用户标识信息。具体的,业务标识信息可以包括:业务类型、业务来源、业务运营区域、业务优先级、终端类型以及业务类型对应的业务处理状态信息等;用户标识信息可以包括:注册区域代码、用户类型、用户代码、家庭成员代码、用户级别、终端类型以及用户类型对应的处理状态信息等。In this embodiment, the management and control node unit can collect identification information every predetermined time, and report the identification information to the provincial management and control center, and then the provincial management and control center will report the identification information to the central management and control center, and the central management and control The center analyzes and processes the identification information, and can update the policies in the central policy library according to the analysis results. Wherein, the identification information includes service identification information and user identification information. Specifically, the business identification information may include: business type, business source, business operation area, business priority, terminal type, and business processing status information corresponding to the business type, etc.; user identification information may include: registration area code, user type, user code, family member code, user level, terminal type, and processing status information corresponding to the user type, etc.

图3为本发明策略处理方法的又一个实施例的结构示意图,如图3所示,本实施例的方法包括:Fig. 3 is a schematic structural diagram of another embodiment of the policy processing method of the present invention. As shown in Fig. 3, the method of this embodiment includes:

步骤201、中央管控中心接收省级管控中心上报的标识信息。Step 201, the central management and control center receives the identification information reported by the provincial management and control center.

其中,标识信息包括业务标识信息和用户标识信息。具体的,业务标识信息可以包括:业务类型、业务来源、业务运营区域、业务优先级、终端类型以及业务类型对应的业务处理状态信息等;用户标识信息可以包括:注册区域代码、用户类型、用户代码、家庭成员代码、用户级别、终端类型以及用户类型对应的处理状态信息等。另外,在本实施例中,省级管控中心可以执行图2所示方法实施例的技术方案,其原理相类似,此处不再赘述。Wherein, the identification information includes service identification information and user identification information. Specifically, the business identification information may include: business type, business source, business operation area, business priority, terminal type, and business processing status information corresponding to the business type, etc.; user identification information may include: registration area code, user type, user code, family member code, user level, terminal type, and processing status information corresponding to the user type, etc. In addition, in this embodiment, the provincial management and control center can execute the technical solution of the method embodiment shown in FIG. 2 , the principles of which are similar and will not be repeated here.

步骤202、中央管控中心对该标识信息进行分析处理,并根据获取的分析结果,对该中央管控中心对应的中央策略库中的策略进行更新处理。Step 202, the central management and control center analyzes and processes the identification information, and updates the policy in the central policy database corresponding to the central management and control center according to the obtained analysis result.

步骤203、中央管控中心发送第一策略同步消息给省级管控中心,以供该省级管控中心根据该第一策略同步消息,从中央管控中心对应的中央策略库中获取更新处理后的策略,并根据该更新处理后的策略,对该省级管控中心对应的省级策略库中的策略进行同步处理。Step 203, the central management and control center sends the first policy synchronization message to the provincial management and control center, so that the provincial management and control center can obtain the updated policy from the central policy library corresponding to the central management and control center according to the first policy synchronization message, And according to the updated policy, the policy in the provincial policy library corresponding to the provincial management and control center is synchronously processed.

步骤204、中央管控中心接收该省级管控中心返回的第一策略同步响应消息。Step 204, the central management and control center receives the first policy synchronization response message returned by the provincial management and control center.

在本实施例中,第一策略同步消息的具体形式可以如上述表一所示,第一策略同步响应消息的具体形式可以如上述表二和表三所示。In this embodiment, the specific form of the first policy synchronization message may be as shown in Table 1 above, and the specific form of the first policy synchronization response message may be as shown in Table 2 and Table 3 above.

在本实施例中,通过中央管控中心对接收到的标识信息进行分析处理,获取分析结果,并根据该分析结果,对该中央策略库中的策略进行更新,并将更新后的策略同步到省级管控中心对应的省级策略库中,最后再由省级管控中心省级策略库中更新后的策略同步到管控节点单元对应的策略分库中,从而有效地提高了安全管控体系对内容、业务、网络和用户的安全保障功能,进而实现了整个策略处理系统至上而下的策略动态更新和无缝管控能力。In this embodiment, the central management and control center analyzes and processes the received identification information, obtains the analysis result, and updates the policy in the central policy library according to the analysis result, and synchronizes the updated policy to the provincial In the provincial policy database corresponding to the provincial management and control center, the updated policy in the provincial policy database of the provincial management and control center is synchronized to the policy sub-database corresponding to the management and control node unit, thus effectively improving the security management and control system for content, The security guarantee function of business, network and user, and then realize the top-down policy dynamic update and seamless management and control capabilities of the entire policy processing system.

图4为本发明策略处理方法的再一个实施例的流程图,如图4所示,本实施例的方法包括:Fig. 4 is a flowchart of another embodiment of the policy processing method of the present invention. As shown in Fig. 4, the method of this embodiment includes:

步骤301、管控节点单元接收省级管控中心发送的第二策略同步消息。Step 301, the management and control node unit receives the second policy synchronization message sent by the provincial management and control center.

在本实施例中,省级管控中心可以执行图2所示方法实施例的技术方案,其原理相类似,此处不再赘述。In this embodiment, the provincial management and control center can implement the technical solution of the method embodiment shown in FIG. 2 , the principles of which are similar and will not be repeated here.

步骤302、管控节点单元根据该第二策略同步消息,从该省级管控中心对应的省级策略库中获取更新后的策略,并根据该策略,对该管控节点单元对应的策略分库中的策略进行同步处理。Step 302: According to the second policy synchronization message, the management and control node unit obtains the updated policy from the provincial policy library corresponding to the provincial management and control center, and according to the policy, policies are synchronized.

步骤303、管控节点单元向该省级管控中心发送第二策略同步响应消息。Step 303, the management and control node unit sends a second policy synchronization response message to the provincial management and control center.

其中,第二策略同步消息的具体形式可以如上述表一所示,第二策略同步响应消息的具体形式可以如上述表二和表三所示。The specific form of the second policy synchronization message may be shown in Table 1 above, and the specific form of the second policy synchronization response message may be shown in Table 2 and Table 3 above.

在本实施例中,省级管控中心对应的省级策略库可以作为FTP-server端,则该第二策略同步消息中携带有该省级策略库的FTP位置,从而使得管控节点单元可以根据该第二策略同步消息,从省级策略库的FTP位置对应的省级策略库中获取策略。In this embodiment, the provincial policy library corresponding to the provincial management and control center can be used as the FTP-server end, and the FTP location of the provincial policy library is carried in the second policy synchronization message, so that the management and control node unit can according to the In the second policy synchronization message, the policy is obtained from the provincial policy library corresponding to the FTP location of the provincial policy library.

在本实施例中,通过管控节点单元根据接收的省级管控中心发送的第二策略同步消息,从省级管控中心对应的省级策略库中获取更新后的策略,并根据该策略,对该管控节点单元对应的策略分库中的策略进行同步处理,并向该省级管控中心发送第二策略同步响应消息,从而有效地提高了安全管控体系对内容、业务、网络和用户的安全保障功能,进而实现了整个策略处理系统至上而下的策略动态更新和无缝管控能力。In this embodiment, the management and control node unit obtains the updated strategy from the provincial strategy database corresponding to the provincial management and control center according to the received second policy synchronization message sent by the provincial management and control center, and according to the strategy, the The policies in the policy sub-database corresponding to the management and control node unit are synchronized, and the second policy synchronization response message is sent to the provincial management and control center, thus effectively improving the security protection function of the security management and control system for content, business, network and users , and then realize the top-down policy dynamic update and seamless management and control capabilities of the entire policy processing system.

进一步的,在本发明的另一个实施例中,在上述图4所示实施例的基础上,该方法还可以包括:Further, in another embodiment of the present invention, on the basis of the embodiment shown in FIG. 4 above, the method may further include:

管控节点单元采集标识信息,并将该标识信息上报给省级管控中心。The management and control node unit collects identification information and reports the identification information to the provincial management and control center.

其中,标识信息包括业务标识信息和用户标识信息。具体的,业务标识信息可以包括:业务类型、业务来源、业务运营区域、业务优先级、终端类型以及业务类型对应的业务处理状态信息等;用户标识信息可以包括:注册区域代码、用户类型、用户代码、家庭成员代码、用户级别、终端类型以及用户类型对应的处理状态信息等。Wherein, the identification information includes service identification information and user identification information. Specifically, the business identification information may include: business type, business source, business operation area, business priority, terminal type, and business processing status information corresponding to the business type, etc.; user identification information may include: registration area code, user type, user code, family member code, user level, terminal type, and processing status information corresponding to the user type, etc.

进一步的,该策略包括截断类策略、过滤类策略和替换类策略,其中,该截断类策略的优先级高于该过滤类策略和替换类策略,该过滤类策略高于替换类策略的优先级则该方法还可以包括:Further, the policy includes a truncation policy, a filtering policy and a replacement policy, wherein the priority of the truncating policy is higher than that of the filtering policy and the replacement policy, and the priority of the filtering policy is higher than that of the replacement policy Then the method may also include:

管控节点单元根据该管控节点单元对应的策略分库中的截断类策略,判断接收的数据包是否匹配;The management and control node unit judges whether the received data packets match according to the truncation class strategy in the strategy sub-library corresponding to the management and control node unit;

当匹配时,则丢弃该数据包。结束。When there is a match, the packet is discarded. Finish.

当不匹配时,管控节点单元根据该策略分库中的过滤类策略,判断该数据包是否匹配;When it does not match, the control node unit judges whether the data packet matches according to the filtering class strategy in the policy sub-library;

当匹配时,管控节点单元从该数据包中删除匹配部分的数据内容,并将处理后的数据包发送;When matching, the control node unit deletes the data content of the matching part from the data packet, and sends the processed data packet;

当不匹配时,管控节点单元根据该策略分库中的替换类策略,判断该数据包是否匹配;When not matching, the control node unit judges whether the data packet matches according to the replacement class strategy in the strategy sub-library;

当匹配时,管控节点单元用预先设置的数据内容替换匹配部分的数据内容,并将处理后的数据包发送;When matching, the control node unit replaces the data content of the matching part with the preset data content, and sends the processed data packet;

当不匹配时,管控节点单元发送该数据包。When there is no match, the control node unit sends the data packet.

图5为本发明省级管控中心的一个实施例的结构示意图,如图5所示,本实施例的省级管控中心包括:收发模块21和策略同步模块22,其中,收发模块21用于接收中央管控中心发送的第一策略同步消息;策略同步模块22用于根据该第一策略同步消息,从该中央管控中心对应的中央策略库中获取策略,并根据该策略,对该省级管控中心对应的省级策略库中的策略进行同步处理;收发模块21还用于将生成的第二策略同步消息发送给管控节点单元,以供管控节点单元根据该第二策略同步消息,从该省级管控中心对应的省级策略库中获取更新处理后的策略,并根据该策略,更新该管控节点单元对应的策略分库中的策略。Fig. 5 is a schematic structural diagram of an embodiment of the provincial management and control center of the present invention. As shown in Fig. The first strategy synchronization message sent by the central management and control center; the strategy synchronization module 22 is used to obtain the strategy from the central strategy library corresponding to the central management and control center according to the first strategy synchronization message, and according to the strategy, the provincial management and control center The strategies in the corresponding provincial-level strategy library are synchronized; the transceiver module 21 is also used to send the generated second strategy synchronization message to the management and control node unit, so that the management and control node unit can synchronize the message from the provincial level according to the second strategy synchronization message. The updated policy is obtained from the provincial policy database corresponding to the management and control center, and the policy in the policy sub-database corresponding to the management and control node unit is updated according to the policy.

本实施例的省级管控中心可以执行图5所示方法实施例的技术方案,其实现原理相类似,此处不再赘述。The provincial management and control center in this embodiment can implement the technical solution of the method embodiment shown in FIG. 5 , and its implementation principles are similar, so details are not repeated here.

在本实施例中,通过省级管控中心接收中央管控中心发送的第一策略同步消息,从该中央管控中心对应的中央策略库中获取策略,并根据该策略,对该省级管控中心对应的省级策略库中策略进行同步处理,另外,省级管控中心将生成的第二策略同步消息发送给管控节点单元,以供管控节点单元根据该第二策略同步消息,从该省级管控中心对应的省级策略库中获取更新处理后的策略,并根据该策略,更新管控节点单元对应的策略分库中的策略,从而有效地提高了安全管控体系对内容、业务、网络和用户的安全保障功能,进而实现了整个策略处理系统至上而下的策略动态更新和无缝管控能力。In this embodiment, the provincial management and control center receives the first policy synchronization message sent by the central management and control center, obtains the policy from the central policy database corresponding to the central management and control center, and according to the policy, the corresponding provincial management and control center The policies in the provincial policy library are synchronized. In addition, the provincial management and control center sends the generated second policy synchronization message to the management and control node unit, so that the management and control node unit can synchronize the message from the provincial management and control center according to the second policy synchronization message. The updated policy is obtained from the provincial policy library of the local government, and according to the policy, the policy in the policy sub-base corresponding to the control node unit is updated, thereby effectively improving the security of the security control system for content, business, network and users. function, and then realize the top-down policy dynamic update and seamless management and control capabilities of the entire policy processing system.

进一步的,在本发明的另一个实施例中,在上述图5所示实施例的基础上,该收发模块21还用于将第一策略同步响应消息返回给中央管控中心。Further, in another embodiment of the present invention, on the basis of the above-mentioned embodiment shown in FIG. 5 , the transceiver module 21 is further configured to return the first policy synchronization response message to the central management and control center.

进一步的,该收发模块21还用于接收管控节点单元返回的第二策略同步响应消息。Further, the transceiving module 21 is also configured to receive the second policy synchronization response message returned by the management and control node unit.

更进一步的,该收发模块21还用于接收管控节点单元上报的标识信息,并将该标识信息上报给中央管控中心。Furthermore, the transceiver module 21 is also used for receiving the identification information reported by the management and control node unit, and reporting the identification information to the central management and control center.

图6为本发明中央管控中心的一个实施例的结构示意图,如图6所示,本实施例的中央管控中心包括:收发模块31和策略更新模块32,其中,该收发模块31用于接收省级管控中心上报的标识信息;策略更新模块32用于对该标识信息进行分析处理,并根据获取的分析结果,对该中央管控中心对应的中央策略库中的策略进行更新处理;收发模块31还用于发送第一策略同步消息给该省级管控中心,以供该省级管控中心根据该第一策略同步消息,从该中央管控中心对应的中央策略库中获取更新处理后的策略,并根据该更新处理后的策略,对该省级管控中心对应的省级策略库中的策略进行同步处理;收发模块31还用于接收该省级管控中心返回的第一策略同步响应信息。Fig. 6 is a structural diagram of an embodiment of the central management and control center of the present invention. As shown in Fig. 6, the central management and control center of this embodiment includes: a transceiver module 31 and a policy update module 32, wherein the transceiver module 31 is used to receive provincial The identification information reported by the level management and control center; the policy update module 32 is used to analyze and process the identification information, and according to the obtained analysis results, update the strategy in the central policy library corresponding to the central management and control center; the transceiver module 31 also It is used to send the first policy synchronization message to the provincial management and control center, so that the provincial management and control center can obtain the updated policy from the central policy library corresponding to the central management and control center according to the first policy synchronization message, and according to the The updated policy is synchronized with the policies in the provincial policy database corresponding to the provincial management and control center; the transceiver module 31 is also used to receive the first policy synchronization response information returned by the provincial management and control center.

本实施例的中央管控中心可以执行图3所示方法实施例的技术方案,其原理相类似,此处不再赘述。The central management and control center in this embodiment can execute the technical solution of the method embodiment shown in FIG. 3 , the principles of which are similar and will not be repeated here.

在本实施例中,通过中央管控中心对接收到的标识信息进行分析处理,获取分析结果,并根据该分析结果,对该中央策略库中的策略进行更新,并将更新后的策略同步到省级管控中心对应的省级策略库中,最后再由省级管控中心省级策略库中更新后的策略同步到管控节点单元对应的策略分库中,从而有效地提高了安全管控体系对内容、业务、网络和用户的安全保障功能,进而实现了整个策略处理系统至上而下的策略动态更新和无缝管控能力。In this embodiment, the central management and control center analyzes and processes the received identification information, obtains the analysis result, and updates the policy in the central policy library according to the analysis result, and synchronizes the updated policy to the provincial In the provincial policy database corresponding to the provincial management and control center, the updated policy in the provincial policy database of the provincial management and control center is synchronized to the policy sub-database corresponding to the management and control node unit, thus effectively improving the security management and control system for content, The security guarantee function of business, network and user, and then realize the top-down policy dynamic update and seamless management and control capabilities of the entire policy processing system.

图7为本发明管控节点单元的一个实施例的结构示意图,如图7所示,该管控节点单元包括:收发模块41和策略同步模块42,其中,收发模块41用于接收省级管控中心发送的第二策略同步消息;策略同步模块42用于根据第二策略同步消息,从省级管控中心对应的省级策略库中获取更新处理后的策略,并根据策略,对管控节点单元对应的策略分库中的策略进行同步处理;收发模块41还用于向省级管控中心发送第二策略同步响应消息。Fig. 7 is a schematic structural diagram of an embodiment of the management and control node unit of the present invention. As shown in Fig. 7, the management and control node unit includes: a transceiver module 41 and a strategy synchronization module 42, wherein the transceiver module 41 is used to receive the information sent by the provincial management and control center. The second strategy synchronization message; the strategy synchronization module 42 is used to obtain the updated strategy from the provincial strategy library corresponding to the provincial management and control center according to the second strategy synchronization message, and according to the strategy, control the corresponding strategy of the node unit The policies in the sub-database are synchronized; the transceiver module 41 is also used to send a second policy synchronization response message to the provincial management and control center.

本实施例的管控节点单元可以执行图4所示方法实施例的技术方案,其实现原理相类似,此处不再赘述。The management and control node unit of this embodiment can implement the technical solution of the method embodiment shown in FIG. 4 , and its implementation principles are similar, so details will not be repeated here.

在本实施例中,通过管控节点单元根据接收的省级管控中心发送的第二策略同步消息,从省级管控中心对应的省级策略库中获取更新后的策略,并根据该策略,对该管控节点单元对应的策略分库中的策略进行同步处理,并向该省级管控中心发送第二策略同步响应消息,从而有效地提高了安全管控体系对内容、业务、网络和用户的安全保障功能,进而实现了整个策略处理系统至上而下的策略动态更新和无缝管控能力。In this embodiment, the management and control node unit obtains the updated strategy from the provincial strategy database corresponding to the provincial management and control center according to the received second policy synchronization message sent by the provincial management and control center, and according to the strategy, the The policies in the policy sub-database corresponding to the management and control node unit are synchronized, and the second policy synchronization response message is sent to the provincial management and control center, thus effectively improving the security protection function of the security management and control system for content, business, network and users , and then realize the top-down policy dynamic update and seamless management and control capabilities of the entire policy processing system.

进一步的,在本发明的另一个实施例的基础上,在上述图7所示实施例的基础上,该策略包括截断类策略、过滤类策略和替换类策略,则该管控节点单元还包括:截断类匹配模块、过滤类匹配模块和替换类匹配模块,其中,截断类匹配模块用于根据该管控节点单元对应的策略分库中的截断类策略,判断接收的数据包是否匹配;过滤类匹配模块用于该截断类匹配模块根据该过滤类策略判断出该数据包不匹配时,根据该策略分库中的替换类策略,判断该数据包是否匹配;替换类匹配模块用于该过滤类匹配模块根据该过滤类策略判断出该数据包不匹配时,根据该策略分库中的替换类策略,判断所该教据包是否匹配;当匹配时,发送该教据包。Further, on the basis of another embodiment of the present invention, on the basis of the above-mentioned embodiment shown in FIG. 7, the strategy includes a truncated strategy, a filtering strategy and a replacement strategy, and the control node unit further includes: The truncation class matching module, the filter class matching module and the replacement class matching module, wherein the truncation class matching module is used to judge whether the received data packets match according to the truncation class strategy in the policy sub-library corresponding to the control node unit; the filter class matching When the truncation class matching module judges that the data packet does not match according to the filtering class policy, it judges whether the data packet matches according to the replacement class policy in the policy sub-database; the replacement class matching module is used for the filtering class matching When the module judges that the data packet does not match according to the filtering policy, it judges whether the data packet matches according to the replacement policy in the policy sub-database; when it matches, it sends the data packet.

进一步的,当截断类匹配模块根据截断类策略判断出所述数据包匹配时,丢弃数据包;或者,Further, when the truncation class matching module judges that the data packet matches according to the truncation class policy, the data packet is discarded; or,

当过滤类匹配模块根据过滤类策略判断出数据包匹配时,从数据包中删除匹配部分的数据内容,并将处理后的数据包发送;或者,When the filtering class matching module determines that the data packet matches according to the filtering class policy, delete the data content of the matching part from the data packet, and send the processed data packet; or,

当替换类匹配模块根据替换类策略判断数据包匹配时,用预先设置的数据内容替换匹配部分的数据内容,并将处理后的数据包发送。When the replacement type matching module judges that the data packet matches according to the replacement type policy, it replaces the data content of the matching part with the preset data content, and sends the processed data packet.

本发明还提供了一个策略处理系统,该系统包括省级管控中心、中央管控中心和管控节点单元,其中,该省级管控中心可以执行图2所示方法实施例的技术方案,中央管控中心可以执行图3所示方法实施例的技术方案,管控节点单元可以执行图4所示方法实施例的技术方案,其实现原理相类似,此处不再赘述。本发明的整个策略处理系统实现了至上而下的策略动态更新和无缝管控能力。The present invention also provides a policy processing system, the system includes a provincial management and control center, a central management and control center and a management and control node unit, wherein the provincial management and control center can execute the technical solution of the method embodiment shown in Figure 2, and the central management and control center can To execute the technical solution of the method embodiment shown in FIG. 3 , the management and control node unit can execute the technical solution of the method embodiment shown in FIG. 4 , and its implementation principles are similar, so details are not repeated here. The entire policy processing system of the present invention realizes top-to-bottom policy dynamic updating and seamless management and control capabilities.

本领域普通技术人员可以理解:实现上述方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成,前述的程序可以存储于一计算机可读取存储介质中,该程序在执行时,执行包括上述方法实施例的步骤;而前述的存储介质包括:ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质。Those of ordinary skill in the art can understand that all or part of the steps for realizing the above-mentioned method embodiments can be completed by hardware related to program instructions, and the aforementioned program can be stored in a computer-readable storage medium. When the program is executed, the It includes the steps of the above method embodiments; and the aforementioned storage medium includes: ROM, RAM, magnetic disk or optical disk and other various media that can store program codes.

最后应说明的是:以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的范围。Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present invention, rather than to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still be Modifications are made to the technical solutions described in the foregoing embodiments, or equivalent replacements are made to some of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (5)

1.一种策略处理方法,其特征在于,包括:1. A policy processing method, characterized in that, comprising: 管控节点单元接收省级管控中心发送的第二策略同步消息;The management and control node unit receives the second policy synchronization message sent by the provincial management and control center; 所述管控节点单元根据所述第二策略同步消息,从所述省级管控中心对应的省级策略库中获取更新处理后的策略,并根据所述策略,对所述管控节点单元对应的策略分库中的策略进行同步处理;The management and control node unit obtains the updated policy from the provincial policy library corresponding to the provincial management and control center according to the second policy synchronization message, and according to the policy, the policy corresponding to the management and control node unit The strategies in the sub-database are synchronized; 所述管控节点单元向所述省级管控中心发送第二策略同步响应消息;The management and control node unit sends a second policy synchronization response message to the provincial management and control center; 所述管控节点单元采集标识信息,并将所述标识信息上报给所述省级管控中心;其中,所述标识信息包括业务标识信息和用户标识信息;The management and control node unit collects identification information, and reports the identification information to the provincial management and control center; wherein, the identification information includes service identification information and user identification information; 所述策略包括截断类策略、过滤类策略和替换类策略,则所述方法还包括:The strategy includes a truncation class strategy, a filter class strategy and a replacement class strategy, and the method also includes: 所述管控节点单元根据所述管控节点单元对应的策略分库中的截断类策略,判断接收的数据包是否匹配;The management and control node unit judges whether the received data packets match according to the truncation policy in the policy sub-library corresponding to the management and control node unit; 当所述管控节点单元根据所述截断类策略判断出所述数据包不匹配时,所述管控节点单元根据所述策略分库中的过滤类策略,判断所述数据包是否匹配;When the management and control node unit determines that the data packets do not match according to the truncation policy, the management and control node unit determines whether the data packets match according to the filtering policy in the policy sub-library; 当所述管控节点单元根据所述过滤类策略判断出所述数据包不匹配时,所述管控节点单元根据所述策略分库中的替换类策略,判断所述数据包是否匹配;When the management and control node unit determines that the data packets do not match according to the filtering policy, the management and control node unit determines whether the data packets match according to the replacement policy in the policy sub-database; 当所述管控节点单元根据所述替换类策略判断所述数据包不匹配时,所述管控节点单元发送所述数据包。When the management and control node unit judges that the data packet does not match according to the replacement policy, the management and control node unit sends the data packet. 2.根据权利要求1所述的策略处理方法,其特征在于,还包括:2. The policy processing method according to claim 1, further comprising: 当所述管控节点单元根据所述截断类策略判断出所述数据包匹配时,所述管控节点单元丢弃所述数据包;或者,When the management and control node unit determines that the data packet matches according to the truncation policy, the management and control node unit discards the data packet; or, 当所述管控节点单元根据所述过滤类策略判断出所述数据包匹配时,所述管控节点单元从所述数据包中删除匹配部分的数据内容,并将处理后的数据包发送;或者,When the management and control node unit determines that the data packet matches according to the filtering policy, the management and control node unit deletes the data content of the matching part from the data packet, and sends the processed data packet; or, 当所述管控节点单元根据所述替换类策略判断所述数据包匹配时,所述管控节点单元用预先设置的数据内容替换匹配部分的数据内容,并将处理后的数据包发送。When the management and control node unit judges that the data packets match according to the replacement policy, the management and control node unit replaces the data content of the matching part with the preset data content, and sends the processed data packet. 3.一种管控节点单元,其特征在于,包括:3. A control node unit, characterized in that, comprising: 收发模块,用于接收省级管控中心发送的第二策略同步消息;A transceiver module, configured to receive the second policy synchronization message sent by the provincial management and control center; 策略同步模块,用于根据所述第二策略同步消息,从所述省级管控中心对应的省级策略库中获取更新处理后的策略,并根据所述策略,对所述管控节点单元对应的策略分库中的策略进行同步处理;The policy synchronization module is configured to obtain the updated policy from the provincial policy database corresponding to the provincial management and control center according to the second policy synchronization message, and according to the policy, to the corresponding management and control node unit The strategies in the strategy sub-library are processed synchronously; 所述收发模块还用于向所述省级管控中心发送第二策略同步响应消息;The transceiver module is also used to send a second policy synchronization response message to the provincial control center; 所述收发模块还用于采集标识信息,并将所述标识信息上报给所述省级管控中心,其中,所述标识信息包括业务标识信息和用户标识信息;The transceiver module is also used to collect identification information and report the identification information to the provincial management and control center, wherein the identification information includes service identification information and user identification information; 所述策略包括截断类策略、过滤类策略和替换类策略,则所述管控节点单元还包括:The strategy includes a truncation strategy, a filter strategy and a replacement strategy, and the control node unit also includes: 截断类匹配模块,用于根据所述管控节点单元对应的策略分库中的截断类策略,判断接收的数据包是否匹配;The truncation class matching module is used to determine whether the received data packets match according to the truncation class strategy in the strategy sub-library corresponding to the control node unit; 过滤类匹配模块,用于所述截断类匹配模块根据所述过滤类策略判断出所述数据包不匹配时,根据所述策略分库中的替换类策略,判断所述数据包是否匹配;The filter type matching module is used for determining whether the data packet matches according to the replacement type strategy in the policy sub-library when the truncation type matching module determines that the data packet does not match according to the filter type policy; 替换类匹配模块,用于所述过滤类匹配模块根据所述过滤类策略判断出所述数据包不匹配时,根据所述策略分库中的替换类策略,判断所述数据包是否匹配;当不匹配时,发送所述数据包。The replacement class matching module is used for when the filter class matching module judges that the data packet does not match according to the filter class strategy, and judges whether the data packet matches according to the replacement class strategy in the policy sub-library; when When there is no match, the packet is sent. 4.根据权利要求3所述的管控节点单元,其特征在于,当所述截断类匹配模块根据所述截断类策略判断出所述数据包匹配时,丢弃所述数据包;或者,4. The management and control node unit according to claim 3, wherein, when the truncation class matching module judges that the data packet matches according to the truncation class strategy, the data packet is discarded; or, 当所述过滤类匹配模块根据所述过滤类策略判断出所述数据包匹配时,从所述数据包中删除匹配部分的数据内容,并将处理后的数据包发送;或者,When the filter type matching module determines that the data packet matches according to the filter type policy, delete the data content of the matching part from the data packet, and send the processed data packet; or, 当所述替换类匹配模块根据所述替换类策略判断所述数据包匹配时,用预先设置的数据内容替换匹配部分的数据内容,并将处理后的数据包发送。When the replacement type matching module judges that the data packet matches according to the replacement type policy, it replaces the data content of the matching part with the preset data content, and sends the processed data packet. 5.一种策略处理系统,其特征在于,包括的省级管控中心、中央管控中心和如权利要求3或4所述的管控节点单元。5. A policy processing system, characterized in that it comprises a provincial management and control center, a central management and control center and the management and control node unit as claimed in claim 3 or 4.
CN201110329587.7A 2011-10-26 2011-10-26 Policy processing method and policy processing devices Active CN102377603B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110329587.7A CN102377603B (en) 2011-10-26 2011-10-26 Policy processing method and policy processing devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110329587.7A CN102377603B (en) 2011-10-26 2011-10-26 Policy processing method and policy processing devices

Publications (2)

Publication Number Publication Date
CN102377603A CN102377603A (en) 2012-03-14
CN102377603B true CN102377603B (en) 2014-10-29

Family

ID=45795621

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110329587.7A Active CN102377603B (en) 2011-10-26 2011-10-26 Policy processing method and policy processing devices

Country Status (1)

Country Link
CN (1) CN102377603B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114663226A (en) * 2020-12-22 2022-06-24 网联清算有限公司 A transaction request processing method, device and transaction transfer system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101562541A (en) * 2009-05-19 2009-10-21 杭州华三通信技术有限公司 Unified management method and device thereof
CN102158362A (en) * 2011-04-18 2011-08-17 中兴通讯股份有限公司 Network information monitoring realization method, system and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4532708B2 (en) * 2000-09-11 2010-08-25 株式会社日立製作所 Communication network system and path connection control method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101562541A (en) * 2009-05-19 2009-10-21 杭州华三通信技术有限公司 Unified management method and device thereof
CN102158362A (en) * 2011-04-18 2011-08-17 中兴通讯股份有限公司 Network information monitoring realization method, system and device

Also Published As

Publication number Publication date
CN102377603A (en) 2012-03-14

Similar Documents

Publication Publication Date Title
US11388269B2 (en) Method for obtaining internet protocol header replacement mapping and network node
US20110222596A1 (en) Compression dictionary synchronization method and device
CN103491055A (en) Method for synchronizing information among clients, clients and server
CN103369593B (en) A kind of method compressing reconciliation compressed ethernet message and network element device
WO2021031592A1 (en) Method and device for reporting user plane functional entity information, storage medium and electronic device
CN110958150B (en) Management method and device for dynamic service configuration
CN104009894A (en) Method, system and device for automatic acquisition of service information in local area network
CN114650281B (en) File downloading method, device, equipment and storage medium based on complex network
CN101442558A (en) Method and system for providing index service for P2SP network
CN102098659A (en) Method and system for fast verifying international mobile equipment identity (IMEI)
CN113132170A (en) Data management method and system, associated subsystem and computer readable medium
CN101087208B (en) Method for configuring user access network data, function entity and system
CN102647437B (en) Centralized traffic control method and centralized traffic control system
US9699080B2 (en) Method for determining management domain, network device, and virtual cluster
WO2013083013A1 (en) Synchronization method among network devices, network device and system
CN110099128B (en) Authentication data synchronization method and device
WO2021189656A1 (en) Upgrading method, head-mounted device, storage medium, and electronic apparatus
CN116015796A (en) A flow table update method, device, firewall equipment and storage medium
CN102377603B (en) Policy processing method and policy processing devices
CN106487637B (en) An application message processing system, method and application device
CN110912871A (en) A low-power IoT method and system for preventing network access attacks
CN102725999A (en) Data configuration method and telecommunication system device
CN102510341B (en) Dataflow processing method and system as well as control node unit
CN106603418B (en) Network topology updating method and traffic analysis equipment
CN113315736B (en) Data synchronization method and device between business processes

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee
CP03 Change of name, title or address

Address after: 100866 Beijing, Xicheng District, No. 2 Fuxing Street

Patentee after: National news publishes broadcast research institute of General Bureau of Radio, Film and Television

Address before: 100045 Beijing, Xicheng District, No. 2 Fuxing Street

Patentee before: Academy of Broadcast Sciences, National Broadcast Movie Television Bureau