[go: up one dir, main page]

CN106603542A - Cloud end server and offline place server communication method and device - Google Patents

Cloud end server and offline place server communication method and device Download PDF

Info

Publication number
CN106603542A
CN106603542A CN201611196390.XA CN201611196390A CN106603542A CN 106603542 A CN106603542 A CN 106603542A CN 201611196390 A CN201611196390 A CN 201611196390A CN 106603542 A CN106603542 A CN 106603542A
Authority
CN
China
Prior art keywords
client
server
cloud server
place
line
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611196390.XA
Other languages
Chinese (zh)
Inventor
沈建荣
马哲
谭国斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING THUNDERSTONE TECHNOLOGY Ltd
Original Assignee
BEIJING THUNDERSTONE TECHNOLOGY Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING THUNDERSTONE TECHNOLOGY Ltd filed Critical BEIJING THUNDERSTONE TECHNOLOGY Ltd
Priority to CN201611196390.XA priority Critical patent/CN106603542A/en
Publication of CN106603542A publication Critical patent/CN106603542A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention discloses a cloud end server and offline place server communication method and device. The communication method includes the following steps that: an unique identifier (ID) and a RSA key pair are allocated to an offline place, and a sub-domain is allocated to the offline place according to the ID; a cloud end server is provided with a monitoring port; an offline place client initiates a control connection with a cloud end; the cloud end server side verifies the legitimacy of the offline client and thereafter associates the offline client with the ID; the cloud server receives a request of external services to access the sub-domain, and the server positions the corresponding control connection according to the sub-domain, and initiates a transmission connection establishment request for the client, and establishes a transmission connection through a handshake protocol; after the transmission connection is established, the cloud end server transmits an external data request to the client through the transmission connection; and the client sends data to the cloud end server according to the external data request. According to the method and device of the invention, through long-connection dialogues between the place server and the online server, the access of online services to the offline server is supported. With the method and device of the invention adopted, the problem that external network IPs and domain names should be purchased additionally to satisfy the requirements of data exchange between the offline place server and the online server can be solved.

Description

The communication means and device of place server under a kind of high in the clouds and line
Technical field
It relates under data communication field, more particularly to high in the clouds and line the communication means of place server with dress Put.
Background technology
With the arrival of O2O spring tides, KTV, the need of place and aol server data exchange under movie theatre and these lines of bar Ask increasing, whether online booking, the demand such as member's consumption requires that service server can timely have access to line on line The server in lower place.
Prior art mainly includes two kinds of solutions, and one kind is to buy independent outer net ip addresses for place under each line, Can directly be had access under line by the IP address on this line-transect and be serviced, this scheme is very simple, but weak point is also very bright Aobvious, the address of ipv4 is more rare, and the IP address meeting Jing that place is taken often changes, if will go out without time update on line It is wrong.
Another kind of scheme is to allow place under line to buy independent domain name, and dynamic analysis IP address need not be remembered concrete under line IP, it is only necessary to serviced come place under access line by domain name.This project plan comparison is popular, and uniquely unfortunately application for domain names is numerous It is trivial, while there is extra purchase cost.
In above two prior art, outer net IP and domain name are required for extra purchase, are one for place under line The extra expense of pen.
The content of the invention
To overcome problem present in correlation technique, the present disclosure provides under a kind of high in the clouds and line server communication Method and apparatus.The present invention is connected dialogue by place server with the length of aol server, on Support Line under Operational Visit line Server.
The main object of the present invention be in order to solve prior art presence line under place and aol server data exchange Demand need the problem of extra purchase outer net IP and domain name, wherein:
According to the first aspect of the embodiment of the present disclosure, there is provided the communication technology scheme of server includes under a kind of high in the clouds and line:
S100, place distribution unique ID and a pair of RSA secret key pairs under line, while distributing subdomain name according to ID;
The ID in place is 3 digit digitals coding under the line;
The mark ID and RSA secret key pairs are one-to-one relation;
S200, cloud server arranges listening port;
The listening port is arranged on cloud server;
Listening port on the cloud server is responsible for receiving the connection establishment request of client;
S300, place client is actively initiated to be connected with one with the control in high in the clouds under line;
Place client is actively initiated one and is connected with the control of the monitoring port in high in the clouds under the line;
The control connection is a TCP length connection;
S400, under cloud server end checking line after the legitimacy of client, indicates ID in association;
The checking legitimacy uses RSA asymmetric encryption verification methods;
In the RSA keys verification method, client preserves private key, and cloud server end preserves public key, by key checking visitor The legitimacy at family end, prevents illegitimate client from forging and takes resource;
S500, cloud server receive external service access subdomain name request, server according to subdomain name position for Control connection, the request for setting up " transmission connection " is initiated to client, by Handshake Protocol, is set up " transmission connection ";
It is the ID of client that the subdomain name location client end is corresponding, and ID and the subdomain name of client are one-to-one closing System;
S600, after setting up " transmission connection ", cloud server sends external data request to client by " transmission connection ";
S700, client sends data to cloud server according to external data request.
In one embodiment of the invention, with reference to the embodiment of the present invention in a first aspect, this combination is in a first aspect, In the possible implementation of the first of one side, place client is actively initiated to connect with the control in high in the clouds with one under the line Connect, control connection is a TCP length connection, so that the external data that cloud server is received can be sent by " transmission connection " To client, client sends data to cloud server, including:
Wherein, " control connection " is unimpeded, thus it is ensured that stablize with the data transfer of client in high in the clouds.
After step S400 terminates, agent clients periodically send heartbeat request to cloud server, and high in the clouds can connect to control Capable confirmation is tapped into, if can not receive confirmation, repeat step S300-S700;
The transmission time of " heartbeat request ", user can freely set in client.
Wherein, user is different for the time requirement of " control connection ", can be to during the connection of cloud server and client Between set.
Wherein in one embodiment, the time of " heartbeat request " is set as:Send once within two hours;
More excellent, because the characteristics of the service time in place, the time peak of external service request of data is at 18 points and extremely insults under line 2 points of morning, thus the time of " heartbeat request " may be set to 0 point to 17 points of 2:00 AM be within 59 minutes 3 hours once, 18 zeros are extremely 59 points of next day 1:00 AM be 1 hour once.
Embodiments of the present invention additionally provide a kind of communicator of place server under high in the clouds and line, including:
ID distribute modules, for place distribution unique ID and a pair of RSA secret key pairs under line, while distributing subdomain according to ID Name;
Module is monitored in high in the clouds, and for cloud server listening port is arranged, and duty receives the connection establishment request of client;
Link block, actively initiates to be connected with one with the control in high in the clouds for place client under line;
Authentication module, for the legitimacy that client under line is verified at cloud server end, association identification ID after the completion of checking;
High in the clouds sending module, sends external data request to client for cloud server by " transmission connection ";
Client receiver module, for receiving the external data request of cloud server transmission;
Client sending module, cloud server is sent data to for client according to external data request.
The technical scheme that embodiment of the disclosure is provided can include following beneficial effect:By on place server and line The long connection dialogue of server, server under Operational Visit line on Support Line, place is without the need for needing again extra purchase outer net under line The problem of IP and domain name.
Description of the drawings
Accompanying drawing herein is merged in specification and constitutes the part of this specification, shows the enforcement for meeting the present invention Example, and be used to explain the principle of the present invention together with specification.
Fig. 1 is the flow chart of the method according to an exemplary embodiment;
A kind of block diagram of devices of the Fig. 2 according to an exemplary embodiment.
By above-mentioned accompanying drawing, it has been shown that the clear and definite embodiment of the disclosure, hereinafter will be described in more detail.These accompanying drawings It is not intended to limit the scope of disclosure design by any mode, but is art technology by reference to specific embodiment Personnel illustrate the concept of the disclosure.
Specific embodiment
Here exemplary embodiment will be illustrated in detail, its example is illustrated in the accompanying drawings.Explained below is related to During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous key element.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the disclosure.Conversely, they be only with it is such as appended The example of the consistent apparatus and method of some aspects described in detail in claims, the disclosure.Reality of the invention Apply example, there is provided under a kind of high in the clouds and line the communication means of place server with put.
Fig. 1 is the flow chart of the communication means of place server under a kind of high in the clouds according to embodiments of the present invention and line, such as Shown in Fig. 1, the method includes:
S100, place distribution unique ID and a pair of RSA secret key pairs under line, while distributing subdomain name according to ID;
The ID in place is 3 digit digitals coding under the line;
Wherein the ID in place is encoded to 798 under one embodiment center line;
The mark ID798 and RSA secret key pairs are one-to-one relation;
Distribute correspondence subdomain name to be designated place under 798 line simultaneously;
Wherein in one embodiment, the domain name of cloud server is ktv.com, and the subdomain in place 798 is entitled under line 798.ktv.com。
S200, cloud server arranges listening port;
Wherein, after cloud server starts, a listening port is set;
Wherein the listening port in high in the clouds is 8080 ports in one embodiment;
Listening port on the cloud server is responsible for receiving the connection establishment request of client.
S300, place client is actively initiated to be connected with one with the control in high in the clouds under line;
Wherein in one embodiment, the agent clients in place can actively initiate one with the end of cloud server 8080 under line The long control connection of mouth;
It is that the long of TCP connects that place client actively initiate one to be connected with the control of the monitoring port in high in the clouds under the line Connect.
S400, under cloud server end checking line after the legitimacy of client, indicates ID in association;
Wherein in one embodiment, client and cloud server are set up after the connection of TCP length, cloud server checking client Legitimacy, the checking of legitimacy uses key mode;
The checking legitimacy uses RSA asymmetric encryption verification methods;
In the RSA keys verification method, client preserves private key, and cloud server end preserves public key, by key checking visitor The legitimacy at family end;
After the RSA keys verification method is to set up control connection, client is using transmission data after private key encryption information, service Device is received after the data with private key encryption, is decrypted using the public key of cloud server;
The RSA keys checking is the legitimacy that client is verified by control connection interaction data;
The checking of the legitimacy is to take high in the clouds resource to prevent illegitimate client from forging.
Wherein in one embodiment, cloud server completes visitor by the interaction data encrypting and decrypting process of control connection After the legitimate verification at family end, the linkage record can be got off, and to its subdomain name of the client associate;
Wherein, identify client under the line that ID is 798 and send connection request to cloud server, after setting up control connection, pass through The legitimate verification of RSA keys, cloud server records the data record of client under the line, and for the client associate its Subdomain name 798.ktv.com.
S500, cloud server receives the request that external service accesses subdomain name, and it is right that server is positioned according to subdomain name In control connection, the request for setting up " transmission connection " is initiated to client, by Handshake Protocol, set up " transmission connection ";
Wherein in one embodiment, cloud server receives high in the clouds clothes when external service accesses the request of 798.ktv.com Will be connected according to the corresponding length of outside access request positioning in business device;
Wherein, cloud server initiates the TCP requests for setting up " transmission connection " to the client of positioning after positioning, passes through TCP Handshake Protocols, " transmission connection " is successfully established;
It is the ID of client that the subdomain name location client end is corresponding, and ID and the subdomain name of client are one-to-one closing System.
S600, after setting up " transmission connection ", cloud server sends external data request to visitor by " transmission connection " Family end;
S700, client sends data to cloud server according to external data request;
After wherein in one embodiment, being successfully established " transmission connection ", server can pass through the request data of external service " transmission connection " passes to client, and client can so be achieved that outside clothes by the data forwarding for receiving to internal services Business and the intercommunication of internal services;
Wherein, to access, KTV is remaining to subscribe the remaining quantity interface http for subscribing private room for external data request:// During 798.ktv.com/left/room, server can be forwarded to the client in place under line this request by " transmission connection " End internal server, by the internal server dissection process/left/room interfaces of client, and by the data for processing by " passing Defeated connection " returns cloud server;
Cloud server passes the returned data returning to external service data request of client, the connection for completing inside and outside data It is defeated.
It is the unimpeded of guarantee " control connection " wherein in one embodiment, needs periodically in " control in agent clients Heartbeat request is sent out to server in system connection ", if can not receive the confirmation of server, initiates to reconnect application, repeat step in time S300 sets up " control connection ".
Embodiments in accordance with the present invention, additionally provide a kind of communicator of place server under high in the clouds and line, including:
Cloud server includes:ID distribute modules 1, high in the clouds monitor module 2, authentication module 3 and high in the clouds sending module 4;
Place client includes under line:Link block 5, client receiver module 6 and client sending module 7.
ID distribute modules, for place distribution unique ID and a pair of RSA secret key pairs under line, while according to ID distribution Domain name;
Module is monitored in high in the clouds, and for cloud server listening port is arranged, and duty receives the connection establishment request of client;
Link block, actively initiates to be connected with one with the control in high in the clouds for place client under line;
Authentication module, for the legitimacy that client under line is verified at cloud server end, association identification ID after the completion of checking;
High in the clouds sending module, sends external data request to client for cloud server by " transmission connection ";
Client receiver module, for receiving the external data request of cloud server transmission;
Client sending module, cloud server is sent data to for client according to external data request.
Beneficial effects of the present invention:Dialogue is connected with the length of aol server by place server, business on Support Line Server under access line, place need not again need the problem of extra purchase outer net IP and domain name under line.
Those skilled in the art will readily occur to its of the present invention after considering specification and putting into practice invention disclosed herein Its embodiment.The application is intended to any modification of the present invention, purposes or adaptations, these modifications, purposes or Person's adaptations follow the general principle of the present invention and including the undocumented common knowledge in the art of the disclosure Or conventional techniques.Description and embodiments are considered only as exemplary, and true scope and spirit of the invention are by following Claim is pointed out.
It should be appreciated that the precision architecture for being described above and being shown in the drawings is the invention is not limited in, and And can without departing from the scope carry out various modifications and changes.The scope of the present invention is only limited by appended claim.

Claims (6)

1. under a kind of high in the clouds and line place server communication means, it is characterised in that include:
Place distribution unique ID and a pair of RSA secret key pairs under line, while distributing subdomain name according to ID;
Cloud server arranges listening port;
Place client is actively initiated to be connected with one with the control in high in the clouds under line;
Under cloud server end checking line after the legitimacy of client, ID is indicated in association;
Cloud server receive external service access subdomain name request, server according to subdomain name position for control connect Connect, the request for setting up " transmission connection " is initiated to client, by Handshake Protocol, set up " transmission connection ";
After setting up " transmission connection ", cloud server sends external data request to client by " transmission connection ";
Client sends data to cloud server according to external data request.
2. method according to claim 1, it is characterised in that under line place client actively initiate with one with high in the clouds Control is connected as a TCP length connection.
3. method according to claim 1, it is characterised in that the legitimacy of client makes under cloud server end checking line It is RSA asymmetric encryption verification methods.
4. method according to claim 3, it is characterised in that the legitimacy of client makes under cloud server end checking line In being RSA asymmetric encryption verification methods, client preserves private key, and cloud server end is preserved public key, tested by key The legitimacy of card client, prevents illegitimate client from forging and takes resource.
5. method according to claim 1, it is characterised in that to ensure that high in the clouds is stablized with the data transfer of client, Agent clients periodically send heartbeat request to cloud server, and high in the clouds confirms to controlling connection.
6. under a kind of high in the clouds and line place server communicator, it is characterised in that include:
ID distribute modules, for place distribution unique ID and a pair of RSA secret key pairs under line, while distributing subdomain according to ID Name;
Module is monitored in high in the clouds, and for cloud server listening port is arranged, and duty receives the connection establishment request of client;
Link block, actively initiates to be connected with one with the control in high in the clouds for place client under line;
Authentication module, for the legitimacy that client under line is verified at cloud server end, association identification ID after the completion of checking;
High in the clouds sending module, sends external data request to client for cloud server by " transmission connection ";
Client receiver module, for receiving the external data request of cloud server transmission;
Client sending module, cloud server is sent data to for client according to external data request.
CN201611196390.XA 2016-12-22 2016-12-22 Cloud end server and offline place server communication method and device Pending CN106603542A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611196390.XA CN106603542A (en) 2016-12-22 2016-12-22 Cloud end server and offline place server communication method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611196390.XA CN106603542A (en) 2016-12-22 2016-12-22 Cloud end server and offline place server communication method and device

Publications (1)

Publication Number Publication Date
CN106603542A true CN106603542A (en) 2017-04-26

Family

ID=58602289

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611196390.XA Pending CN106603542A (en) 2016-12-22 2016-12-22 Cloud end server and offline place server communication method and device

Country Status (1)

Country Link
CN (1) CN106603542A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112653685A (en) * 2020-12-17 2021-04-13 航天信息股份有限公司 Method for assisting entry channel cloud interaction by client and electronic equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101513017A (en) * 2006-09-15 2009-08-19 艾利森电话股份有限公司 Method and apparatus for starting communication with client terminal equipment
CN102427480A (en) * 2011-12-31 2012-04-25 北京新媒传信科技有限公司 Application access method in multi-application service platform system
CN102833253A (en) * 2012-08-29 2012-12-19 五八同城信息技术有限公司 Method and server for establishing safe connection between client and server
US20130246629A1 (en) * 2012-03-14 2013-09-19 Microsoft Corporation Connecting to a Cloud Service for Secure Access
CN104917791A (en) * 2014-03-12 2015-09-16 海尔集团公司 Method and apparatus for transmitting control instructions
CN105337935A (en) * 2014-07-09 2016-02-17 阿里巴巴集团控股有限公司 Method of establishing long connection of client and server and apparatus thereof

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101513017A (en) * 2006-09-15 2009-08-19 艾利森电话股份有限公司 Method and apparatus for starting communication with client terminal equipment
CN102427480A (en) * 2011-12-31 2012-04-25 北京新媒传信科技有限公司 Application access method in multi-application service platform system
US20130246629A1 (en) * 2012-03-14 2013-09-19 Microsoft Corporation Connecting to a Cloud Service for Secure Access
CN102833253A (en) * 2012-08-29 2012-12-19 五八同城信息技术有限公司 Method and server for establishing safe connection between client and server
CN104917791A (en) * 2014-03-12 2015-09-16 海尔集团公司 Method and apparatus for transmitting control instructions
CN105337935A (en) * 2014-07-09 2016-02-17 阿里巴巴集团控股有限公司 Method of establishing long connection of client and server and apparatus thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112653685A (en) * 2020-12-17 2021-04-13 航天信息股份有限公司 Method for assisting entry channel cloud interaction by client and electronic equipment
CN112653685B (en) * 2020-12-17 2023-07-07 航天信息股份有限公司 Cloud interaction method for auxiliary entry channel of client and electronic equipment

Similar Documents

Publication Publication Date Title
JP2020080530A (en) Data processing method, device, terminal and access point computer
US8621206B2 (en) Authority-neutral certification for multiple-authority PKI environments
EP3221810B1 (en) Method and system for establishing network connection to a hearing aid
CN100518173C (en) Servers, devices, and communication systems connected to the Internet
US7702902B2 (en) Method for a web site with a proxy domain name registration to receive a secure socket layer certificate
EP3308516B1 (en) Authorization apparatus and method for an authorized issuing of an authentication token for a device
US20100024013A1 (en) Authenticating a Client Using Linked Authentication Credentials
CN106790420B (en) A kind of more session channel method for building up and system
CN110191031A (en) Network resource access method, device, electronic equipment
CA3010336A1 (en) Secure information transmitting system and method for personal identity authentication
JPH07107083A (en) Cipher communication system
US9912730B2 (en) Secured communication channel between client device and device management service
CN101421970A (en) Avoiding server storage of client state
CN105025005A (en) Provide network certificate
CN103581118A (en) Resource convergence gateway and cross-platform authorization method and system
JP2005160005A (en) Building method of encryption communication channel between terminals, device for it, and program
US20060005010A1 (en) Identification and authentication system and method for a secure data exchange
WO2004008715A1 (en) Eap telecommunication protocol extension
JP7476366B2 (en) Relay method, relay system, and relay program
US20240380611A1 (en) Data transmission method, related apparatus, device, and storage medium
US20060031492A1 (en) Automated process for a Web site to receive a secure socket layer certificate
CN112335215B (en) Method for coupling terminal devices into a network-enabled computer infrastructure
JP2001306519A (en) System and method for authentication and connection
CN106603542A (en) Cloud end server and offline place server communication method and device
CN101087224A (en) A method for access to service at nodes after firewall

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170426

RJ01 Rejection of invention patent application after publication