CN108763950A - A kind of safety middleware system of facing moving terminal - Google Patents

A kind of safety middleware system of facing moving terminal Download PDF

Info

Publication number
CN108763950A
CN108763950A CN201810358653.5A CN201810358653A CN108763950A CN 108763950 A CN108763950 A CN 108763950A CN 201810358653 A CN201810358653 A CN 201810358653A CN 108763950 A CN108763950 A CN 108763950A
Authority
CN
China
Prior art keywords
security
service
indicates
security service
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810358653.5A
Other languages
Chinese (zh)
Inventor
张正联
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jurong Bao Kai Electronic Technology Co Ltd
Original Assignee
Jurong Bao Kai Electronic Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jurong Bao Kai Electronic Technology Co Ltd filed Critical Jurong Bao Kai Electronic Technology Co Ltd
Priority to CN201810358653.5A priority Critical patent/CN108763950A/en
Publication of CN108763950A publication Critical patent/CN108763950A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of safety middleware system of facing moving terminal, role module, security service management module and basic resource modules;The role module provides the function module based on two kinds of roles of terminal user and developer, and it includes that demand for services publication and query interface, platform service information inquiry and calling interface are used for the interface that system is interacted with user and developer that role module, which provides,;The security service management module provides cross-platform security service and information on services inquiry, and asks the corresponding security application of deployment to serve the basic resource module according to user;The security service information metadata that the basic resource module is provided according to security service management module loads and runs corresponding security service and ability.

Description

A kind of safety middleware system of facing moving terminal
Technical field
The present invention relates to a kind of safety middleware systems of facing moving terminal.
Background technology
Information security technology is combined by security middleware with middleware Technology, is needed by extracting common security service It asks, simple unified security service interface is externally provided, to efficiently solve the interaction energy of current information security field software The problems such as force difference, big development difficulty.
However, when conventional security middleware system is applied to mobile terminal, it is long there are the development cycle, and to customizable Property, scalability support it is inadequate the problems such as.
Invention content
In view of the deficiencies of the prior art, the present invention provides a kind of safety middleware systems of facing moving terminal, including Role module, security service management module and basic resource module;
The role module provides the function module based on two kinds of roles of terminal user and developer, and role module provides packet It includes demand for services publication and query interface, platform service information inquiry and calling interface is interacted for system with user and developer Interface;
The security service management module provides cross-platform security service and information on services inquiry, and according to user's request unit It affixes one's name to corresponding security application and serves the basic resource module;
The security service information metadata that the basic resource module is provided according to security service management module is loaded and is transported The corresponding security service of row and ability.
Following formal definitions are carried out to system:
Definition system security capabilities, security capabilities SecAbilit are shown as SecAbility=with a triple table (SecAbName, SecAbDes, SecAbCallURL), wherein SecAbName indicates security capabilities title, for retrieving and only One marked capacity;SecAbDes is used for the brief description to security capabilities function;SecAbCallURL indicates the tool of security capabilities Body call address, to ensure the availability and certainty of service;
Definition system security service, security service SecService are SecService=with a quadruple notation (SecServName, SecServDes, SecServInvokeURL, fcomp), wherein SecServName indicates security service Title has uniqueness;SecServDes is used for the brief description to security service function;SecServInvokeURL indicates peace The specific call address serviced entirely, each security service must have unique specific call address to ensure the availability of service And certainty;Fcomp indicates the combination of the security service;
Definition set TransMod=(a, b, c), wherein set TransMod indicates security service or security capabilities combination Type;A indicates that the many-one between ability and service maps, i.e., a kind of security capabilities is presented in the form of a variety of security services;B is indicated One-to-one mapping, i.e., a kind of ability only have a kind of service form;C indicates many-one mapping, i.e., a kind of service is by multiple ability structures At;
Defined function fcomp=(input, output, mod), wherein input indicates the security capabilities or clothes of input Business;Output indicates the desired service generated;Mod ∈ TransMod indicate ability or Services Composition type;
By above-mentioned definition, system is using secure resources as ability and service, wherein first number of the security capabilities as system According to, there is inseparability, and the security service that user uses is one or more capabilities maps or passes through different brackets Services Composition form.
Advantageous effect:Present system realizes to be taken on different mobile terminal using various platform safeties without barrier Business.Simultaneity factor moves to resource consumption high terminal applies on middleware platform, largely reduces terminal applies Device requirement, efficiently solve terminal unit ability it is limited apply bottleneck.
Description of the drawings
The present invention is done with reference to the accompanying drawings and detailed description and is further illustrated, it is of the invention above-mentioned or Otherwise advantage will become apparent.
Fig. 1 is system structure of the invention figure.
Specific implementation mode
The present invention will be further described with reference to the accompanying drawings and embodiments.
As shown in Figure 1, the invention discloses a kind of safety middleware system of facing moving terminal, including role module, Security service management module and basic resource module;
The role module provides the function module based on two kinds of roles of terminal user and developer, and role module provides packet It includes demand for services publication and query interface, platform service information inquiry and calling interface is interacted for system with user and developer Interface;
The security service management module provides cross-platform security service and information on services inquiry, and according to user's request unit It affixes one's name to corresponding security application and serves the basic resource module;
The security service information metadata that the basic resource module is provided according to security service management module is loaded and is transported The corresponding security service of row and ability.
Following formal definitions are carried out to system:
Definition system security capabilities, security capabilities SecAbilit are shown as SecAbility=with a triple table (SecAbName, SecAbDes, SecAbCallURL), wherein SecAbName indicates security capabilities title, for retrieving and only One marked capacity;SecAbDes is used for the brief description to security capabilities function;SecAbCallURL indicates the tool of security capabilities Body call address, to ensure the availability and certainty of service;
Definition system security service, security service SecService are SecService=with a quadruple notation (SecServName, SecServDes, SecServInvokeURL, fcomp), wherein SecServName indicates security service Title has uniqueness;SecServDes is used for the brief description to security service function;SecServInvokeURL indicates peace The specific call address serviced entirely, each security service must have unique specific call address to ensure the availability of service And certainty;Fcomp indicates the combination of the security service;
Definition set TransMod=(a, b, c), wherein set TransMod indicates security service or security capabilities combination Type;A indicates that the many-one between ability and service maps, i.e., a kind of security capabilities is presented in the form of a variety of security services;B is indicated One-to-one mapping, i.e., a kind of ability only have a kind of service form;C indicates many-one mapping, i.e., a kind of service is by multiple ability structures At;
Defined function fcomp=(input, output, mod), wherein input indicates the security capabilities or clothes of input Business;Output indicates the desired service generated;Mod ∈ TransMod indicate ability or Services Composition type;
By above-mentioned definition, system is using secure resources as ability and service, wherein first number of the security capabilities as system According to, there is inseparability, and the security service that user uses is one or more capabilities maps or passes through different brackets Services Composition form.
The present invention provides a kind of safety middleware system of facing moving terminal, the method for implementing the technical solution It is many with approach, the above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill of the art For personnel, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications It should be regarded as protection scope of the present invention.All undefined components in this embodiment can be implemented in the prior art.

Claims (2)

1. a kind of safety middleware system of facing moving terminal, which is characterized in that manage mould including role module, security service Block and basic resource module;
The role module provides the function module based on two kinds of roles of terminal user and developer, and role module offer includes clothes Business demand is issued and query interface, platform service information inquiry and calling interface connect for system with what user and developer interacted Mouthful;
The security service management module provides cross-platform security service and information on services inquiry, and according to user ask deployment with Corresponding security application serve the basic resource module;
The security service information metadata that the basic resource module is provided according to security service management module is loaded and is run pair The security service answered and ability.
2. system according to claim 1, which is characterized in that carry out following formal definitions to system:
Definition system security capabilities, security capabilities SecAbilit are shown as SecAbility=with a triple table (SecAbName, SecAbDes, SecAbCallURL), wherein SecAbName indicates security capabilities title, for retrieving and only One marked capacity;SecAbDes is used for the brief description to security capabilities function;SecAbCallURL indicates the tool of security capabilities Body call address, to ensure the availability and certainty of service;
Definition system security service, security service SecService are SecService=with a quadruple notation (SecServName, SecServDes, SecServInvokeURL, fcomp), wherein SecServName indicates security service Title has uniqueness;SecServDes is used for the brief description to security service function;
SecServInvokeURL indicates that the specific call address of security service, each security service must have unique specific Call address is to ensure the availability and certainty of service;Fcomp indicates the combination of the security service;
Definition set TransMod=(a, b, c), wherein set TransMod indicates security service or security capabilities composite class Type;A indicates that the many-one between ability and service maps, i.e., a kind of security capabilities is presented in the form of a variety of security services;B indicates one It maps one, i.e., a kind of ability only has a kind of service form;C indicates many-one mapping, i.e., a kind of service is by multiple ability scores;
Defined function fcomp=(input, output, mod), wherein input indicates security capabilities or the service of input; Output indicates the desired service generated;Mod ∈ TransMod indicate ability or Services Composition type;
By above-mentioned definition, system is using secure resources as ability and service, wherein metadata of the security capabilities as system, With inseparability, and the security service that user uses is one or more capabilities maps either by different grades of clothes Business is composed.
CN201810358653.5A 2018-04-20 2018-04-20 A kind of safety middleware system of facing moving terminal Pending CN108763950A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810358653.5A CN108763950A (en) 2018-04-20 2018-04-20 A kind of safety middleware system of facing moving terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810358653.5A CN108763950A (en) 2018-04-20 2018-04-20 A kind of safety middleware system of facing moving terminal

Publications (1)

Publication Number Publication Date
CN108763950A true CN108763950A (en) 2018-11-06

Family

ID=64011379

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810358653.5A Pending CN108763950A (en) 2018-04-20 2018-04-20 A kind of safety middleware system of facing moving terminal

Country Status (1)

Country Link
CN (1) CN108763950A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101980152A (en) * 2010-10-18 2011-02-23 华南理工大学 Mobile middleware system and implementation method thereof
CN102346669A (en) * 2011-09-21 2012-02-08 重庆邮电大学 Mobile terminal safety middleware system and method based on metadata
EP2955689A1 (en) * 2014-05-30 2015-12-16 Hitec Luxembourg S. A. Dynamic information sharing platform
CN106611046A (en) * 2016-12-16 2017-05-03 武汉中地数码科技有限公司 Big data technology-based space data storage processing middleware framework
CN106650418A (en) * 2016-12-21 2017-05-10 天津大学 Android access control system and method based onmulti-strategy

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101980152A (en) * 2010-10-18 2011-02-23 华南理工大学 Mobile middleware system and implementation method thereof
CN102346669A (en) * 2011-09-21 2012-02-08 重庆邮电大学 Mobile terminal safety middleware system and method based on metadata
EP2955689A1 (en) * 2014-05-30 2015-12-16 Hitec Luxembourg S. A. Dynamic information sharing platform
CN106611046A (en) * 2016-12-16 2017-05-03 武汉中地数码科技有限公司 Big data technology-based space data storage processing middleware framework
CN106650418A (en) * 2016-12-21 2017-05-10 天津大学 Android access control system and method based onmulti-strategy

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
胡文平 等: "面向移动终端的安全中间件***设计与实现", 《重庆邮电大学学报(自然科学版)》 *

Similar Documents

Publication Publication Date Title
CN104270472B (en) A kind of remote service calling method, apparatus and system
US20030126196A1 (en) System for optimizing the invocation of computer-based services deployed in a distributed computing environment
CN101087314A (en) A system and method for application to use socket interface across processes
Tsai et al. Two-tier multi-tenancy scaling and load balancing
US20150312378A1 (en) System and method for supporting a proxy model for across-domain messaging in a transactional middleware machine environment
CN1643879A (en) AAA server system for efficient access control and address assignment
CN104618508A (en) Load balancing mesh architecture based on Nginx, Memcached and Tomcat
CN103617255B (en) A kind of business datum for power information system exchanges and synchronizes system and method
CN110737508A (en) cloud container service network system based on wave cloud and implementation method
CN102137128A (en) Method and device for balancing load of cluster service
CN106209402A (en) The telescopic method of a kind of virtual network function and equipment
CN113746928B (en) Cross-cloud service calling method, device and system
CN103747044B (en) Service locking method and system
CN102111288A (en) Machine to machine (M2M) network management architecture
CN113821268A (en) Kubernetes network plug-in method fused with OpenStack Neutron
CN105635083A (en) Service processing method and service processing system based on server and client architecture
CN106210058A (en) A kind of reverse proxy method of multi-core parallel concurrent
CN105516250A (en) Internet-of-things service invoking platform and system
CN100484014C (en) Distributed cluster service management system and service management method in intelligent network
CN103929365B (en) A kind of SiteServer LBS and method suitable for UDP service
CN102523164A (en) System and method for implementing complex homologous and homoclinic flow division in network card
CN108763950A (en) A kind of safety middleware system of facing moving terminal
CN105025042B (en) A kind of method and system of determining data information, proxy server
CN103152428A (en) Method for carrying out service communication among nodes on cloud platform
CN102710772B (en) A kind of mass data communication system based on cloud platform

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181106