CN114050903A - Traffic management method, device, system, server and medium - Google Patents

Traffic management method, device, system, server and medium Download PDF

Info

Publication number
CN114050903A
CN114050903A CN202111393107.3A CN202111393107A CN114050903A CN 114050903 A CN114050903 A CN 114050903A CN 202111393107 A CN202111393107 A CN 202111393107A CN 114050903 A CN114050903 A CN 114050903A
Authority
CN
China
Prior art keywords
visitor
pass
external network
application
token
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111393107.3A
Other languages
Chinese (zh)
Inventor
王柳佳
蔡洁锐
李燕飞
彭伟锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Power Grid Co Ltd
Shanwei Power Supply Bureau of Guangdong Power Grid Co Ltd
Original Assignee
Guangdong Power Grid Co Ltd
Shanwei Power Supply Bureau of Guangdong Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Power Grid Co Ltd, Shanwei Power Supply Bureau of Guangdong Power Grid Co Ltd filed Critical Guangdong Power Grid Co Ltd
Priority to CN202111393107.3A priority Critical patent/CN114050903A/en
Publication of CN114050903A publication Critical patent/CN114050903A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention discloses a traffic management method, a traffic management device, a traffic management system, a traffic management server and a traffic management medium. The method comprises the following steps: acquiring a pass application of an external network visitor end; auditing the pass application; and if the verification is passed, generating a pass token, and sending the pass token to the extranet visitor terminal for the visitor party corresponding to the extranet visitor terminal to use when visiting the visited party. The embodiment of the invention improves the passing efficiency, reduces the workload of passing management and simultaneously reduces the occurrence probability of illegal passing conditions.

Description

Traffic management method, device, system, server and medium
Technical Field
The embodiment of the invention relates to a computer data processing technology, in particular to a traffic management method, a device, a system, a server and a medium.
Background
Many enterprises or public institutions still adopt the traditional visitor in-out registration system, the main resource of dependence is paper forms and manual operation, the mode is very low in passing efficiency and easy to cause problems, the basic situation of an external visitor cannot be accurately mastered, a data link system cannot be realized in management, and the situation of illegal passing cannot be avoided basically.
Disclosure of Invention
The embodiment of the invention provides a traffic management method, a device, a system and a medium, which aim to realize efficient and accurate management of access traffic data and reduce the condition of illegal traffic.
In a first aspect, an embodiment of the present invention provides a traffic management method, where the method includes:
acquiring a pass application of an external network visitor end;
auditing the pass application;
and if the verification is passed, generating a pass token, and sending the pass token to the extranet visitor terminal for the visitor party corresponding to the extranet visitor terminal to use when visiting the visited party.
In a second aspect, an embodiment of the present invention further provides a traffic management device, where the traffic management device includes:
the passage application acquisition module is used for acquiring a passage application of an external network visitor end;
the pass application auditing module is used for auditing the pass application;
and the pass token processing module is used for generating a pass token if the verification is passed, and sending the pass token to the external network visitor terminal for the visitor party corresponding to the external network visitor terminal to use when accessing the visited party.
In a third aspect, an embodiment of the present invention further provides a traffic management system, where the traffic management system includes: an outer network visitor end and an inner network server end; wherein the content of the first and second substances,
the external network visitor end is used for sending a pass application to the internal network server end;
the intranet server is used for checking the pass application, generating a pass token under the condition that the check is passed, and sending the pass token to the extranet visitor terminal for the visitor party corresponding to the extranet visitor terminal to use when visiting the visited party.
In a fourth aspect, an embodiment of the present invention further provides a server, including:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors implement the traffic management method according to any embodiment of the present invention.
In a fifth aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the traffic management method according to any embodiment of the present invention.
According to the technical scheme of the embodiment of the invention, the passing application of the visitor is obtained and checked, and the pass token is generated after the passing of the checking and is used for the visitor to access, so that the problems of low passing efficiency and inconvenient management of visitor information of the prior art are solved, the effects of improving the passing rate of the visitor and reducing the passing work management amount are realized, and the occurrence probability of illegal passing conditions is reduced.
Drawings
Fig. 1 is a flowchart of a traffic management method according to an embodiment of the present invention;
fig. 2 is a flowchart of a traffic management method according to a second embodiment of the present invention;
fig. 3 is a flowchart of a traffic management method according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of a traffic management device according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of a traffic management system according to a fifth embodiment of the present invention;
fig. 6 is a schematic structural diagram of a server according to a sixth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of a traffic management method according to an embodiment of the present invention, which is applicable to a situation how to manage the traffic of a visitor, and the entire traffic management method may be executed by the cooperation of an extranet visitor and an intranet server. The external network visitor terminal refers to an electronic device used when a visitor submits a pass application to an internal network server terminal under the condition that the visitor has a requirement for accessing a visited party, and may be an intelligent mobile terminal or a PC terminal, for example, wherein the intelligent mobile terminal may include a mobile phone, a tablet computer and other terminal devices, and the PC terminal refers to a notebook computer, a desktop computer and other devices capable of connecting an Internet network; the intranet server is a server for performing traffic management in an enterprise to which the visited party belongs. Furthermore, the local area network of the external network visitor is different from the local area network of the internal network server.
The embodiment is applied to an intranet server, and the method can be executed by a traffic management device, and the device can be implemented in a software and/or hardware manner. The device can be configured in an intranet service terminal, and the method specifically comprises the following steps:
and S110, acquiring a pass application of the external network visitor terminal.
The pass application is an application provided by a visitor when the visitor accesses the visited party. Optionally, the application information in the pass application may include mandatory information and optional filling information. The mandatory information may include information not limited to the interviewee, interview events, scheduled start time, and projected end time; the optional filling information is information which the visitor can select to fill by himself, and can include but is not limited to information such as pedestrians, customized question and answer contents and remarks.
Optionally, the external network visitor end used by the visitor is different, and the internal network service end obtains the passing application in different manners.
In one possible embodiment, the request for obtaining the pass of the external network visitor may be: acquiring a pass application of an external network visitor end sent by an external network server end through internal and external network switching equipment; or acquiring a pass application sent by the external network visitor end through the virtual private network.
The extranet server is a server capable of performing data interaction with an extranet visitor. The internal and external network exchange equipment is equipment for connecting an internal network server and an external network server; furthermore, the internal and external network exchange equipment can realize data interaction between the internal network service end and the external network service end, and simultaneously protect the data of the internal network service end from being leaked. A Virtual Private Network (VPN) is a communication method commonly used for connecting Private networks between medium and large enterprises or groups, and it uses a tunnel protocol to achieve the effects of privacy, sender authentication, message accuracy and other Private message security.
Specifically, under the condition that the external network visitor end is the intelligent mobile end, the visitor can enter the passing management system of the enterprise to which the visitor belongs through the intelligent mobile end, fill in the passing application and submit to the external network server end, the passing application of the external network visitor end is sent to the internal network server end through the internal and external network exchange equipment by the external network server end, and then the internal network server end can obtain the passing application of the external network visitor end sent by the external network server end through the internal and external network exchange equipment. Optionally, when the traffic management system is presented in the form of enterprise wechat or wechat public numbers, the external network service end may be a service end of enterprise wechat or wechat public numbers.
Under the condition that the external network visitor end is a PC end, the visitor can enter a passing management system of an enterprise to which the visitor belongs through the PC end and fill in a passing application, the PC end directly sends the passing application of the external network visitor end to the internal network service end through the VPN channel, and then the internal network service end can acquire the passing application of the external network visitor end sent by the PC end through the VPN channel.
It should be noted that the external network visitor end has different passage application sending routes under different conditions, so that the visitor can conveniently make passage applications.
And S120, checking the pass application.
It should be noted that in order to ensure the accuracy of the visitor side applying for information in the passage application so as to reduce the probability of occurrence of illegal passage, the passage application needs to be checked.
Optionally, all the contents in the pass application can be sequentially checked according to the format of the pass application; or, a part of the content in the pass application may be checked, for example, the necessary information is checked. For example, the identity information of the visitor and the visited party can be checked to ensure that the identities of the visitor and the visited party are accurate; and the access item and the access time of the visitor can be checked, so that the access item and the access time of the visitor are reasonable and the like. Further, when the visitor side information is wrong or the content in the pass application is not reasonable, the pass application is rejected.
Further, other manners may be adopted to perform the pass audit, for example, the visited party to be visited by the visitor performs the pass application audit, and the like.
And S130, if the verification result is that the verification is passed, generating a pass token, and sending the pass token to the external network visitor end for the visitor party corresponding to the external network visitor end to use when accessing the visited party.
The pass token is a certificate which is allowed to pass when a visitor accesses the system. In this embodiment, the pass token may be generated according to the content, the audit record, the audit result, the information of the auditor, the audit time, the audit place, and other information in the pass application. Furthermore, the pass token can be presented in the form of two-dimensional codes, short messages and the like.
Specifically, when the pass application is approved, the intranet server generates a pass token, and sends the pass token to the extranet visitor end in a manner of short message or mail, or directly sends the pass token to a pass management system account of a visitor corresponding to the extranet visitor end. And the visitor can use the pass token through the external network client when accessing the visited party.
Further, under the condition that the visitor does not quit the passage management system after the external network visitor sends the passage application, the visitor can wait for the verification result in the passage management system, and the passage management system interface is directly refreshed after the verification is passed, so as to check the passage token, for example, the visitor interface can be directly refreshed through a socket information mechanism; the pass token can also be viewed after receiving the notification of the audit pass result.
According to the technical scheme of the embodiment of the invention, the passing application of the visitor is obtained and checked, and the pass token is generated after the passing of the checking and is used for the visitor to access, so that the problems of low passing efficiency and inconvenient management of visitor information of the prior art are solved, the effects of improving the passing rate of the visitor and reducing the passing work management amount are realized, and the occurrence probability of illegal passing conditions is reduced.
In an optional embodiment, before acquiring the passage application of the external network visitor, the method further includes: acquiring a login request of an external network visitor terminal; and according to the account information in the login request, verifying the identity of the visitor corresponding to the external network visitor.
The login request refers to a request generated by triggering when a visitor logs in the traffic management system through an external network visitor terminal. The login request may include account information of the visitor. The account information is used for indicating the identity of the visitor and at least comprises name, gender, certificate category, certificate number, contact phone, company name, accessories and the like, and the accessories can be certificate screenshots, health code screenshots, big data passcode screenshots and the like.
Specifically, after a login request of an external network visitor end is obtained, account information of a visitor is obtained from the login request, and whether the visitor logs in the traffic management system for the first time or not is determined according to the account information of the visitor. If the visitor logs in for the first time, the identity authentication is not passed, and the visitor is required to fill in account information for registration; if the visitor does not log in for the first time, the identity authentication is passed, and the visitor can directly log in the traffic management system according to the account information logged in before.
It should be noted that, by verifying the identity of the visitor, the visitor can conveniently and quickly log in the traffic management system, and the identity information of the visitor who has accessed for the first time can be recorded in time.
Example two
Fig. 2 is a flowchart of a traffic management method according to a second embodiment of the present invention, and this embodiment further explains in detail how to "check the application for traffic".
As shown in fig. 2, the traffic management method provided in this embodiment specifically includes:
and S210, acquiring a pass application of the external network visitor terminal.
And S220, determining the visited end of the intranet according to the visited information in the pass application.
The visited information in the passage application refers to related information about the visited party in the passage information, and may include information such as name, gender, contact telephone and the like of the visited party. The intranet visited end is equipment used by the visited party during work or pass application and verification. Further, the intranet visited end may be an intelligent mobile end or a PC end, but is different from the lan connected to the extranet visitor end.
Specifically, after receiving a pass application sent by an external network visitor, the internal network service end extracts visited information from the pass application content, and can determine the internal network visited end used by a visited party through the visited information.
And S230, sending the pass application to the intranet visited end so that the intranet visited end audits the pass application and feeds back an audit result.
Wherein, the result of the audit is the conclusion given by the visited party to the passage application, and the result of the audit can include the passing and the refusing of the audit. And the verification is passed, which means that the visitor can access the visited party at the access time in the pass application. The rejection shows that the information in the passage application provided by the visitor is unreasonable, and the visitor refuses the visit of the visitor.
Specifically, after the intranet visited end is determined, the intranet server sends the pass application to the intranet visited end. After the access terminal of the intranet receives the pass application, the access terminal can be reminded of receiving the pass application in a mode of mobile phone short message, mail or application system message notification, or the pass application can be directly sent to a pass management system account of the access terminal corresponding to the access terminal of the intranet. And the visited party accesses the passing management system through the intranet access terminal, checks the passing application and gives examination and approval opinions. Further, if the audit is passed directly, the approval opinion does not need to be provided. The approval opinion refers to the reason given by the visited party when the passage application is rejected. When the passage application is rejected, the visitor side needs to check and modify the information in the passage application and reapply the visited side for examination and approval.
And S240, if the verification result is that the verification is passed, generating a pass token, and sending the pass token to the external network visitor end for the visitor party corresponding to the external network visitor end to use when accessing the visited party.
According to the technical scheme of the embodiment of the invention, the visited end of the intranet is determined, and the pass application is sent to the visited end of the intranet, so that the visited party can conveniently check the pass application, the accuracy of the check result is ensured, the pressure of the serving end of the intranet is reduced, and the efficiency of the check of the pass application is accelerated.
EXAMPLE III
Fig. 3 is a flowchart of a traffic management method according to a third embodiment of the present invention, and in this embodiment, a process of interaction based on a generated traffic token between an external network visitor and an internal network server is added on the basis of the above embodiments. As shown in fig. 3, the traffic management method provided in this embodiment specifically includes:
s310, obtaining a pass application of the external network visitor terminal.
And S320, checking the pass application.
And S330, if the verification result is that the verification is passed, generating a pass token, and sending the pass token to the external network visitor end for the visitor party corresponding to the external network visitor end to use when accessing the visited party.
S340, if a pass check-in event generated by the fact that the outer network visitor end is triggered by using the pass token is monitored, verifying the validity of the pass token.
The pass check-in event refers to an event triggered by the visitor using the pass token through the extranet when the visitor accesses the visited party. For example, an event triggered by a two-dimensional code provided by a gate sentry fixed position is identified through an external network visitor terminal; the method can also be used for scanning events triggered by the two-dimensional code of the pass token of the external network visitor terminal under the condition that the pass token is presented in the two-dimensional code form.
When the visitor accesses the visited party, the validity of the pass token needs to be verified. The use time of the pass token and the validity of the information of the visitor and the visited party at least need to be verified, the identity information of the visitor and the visited party is ensured to be accurate, the access time is within the valid time range, and the occurrence probability of the illegal passing condition is reduced. The validity time range refers to the time from the scheduled start time to the end of the expected end time in the transit application.
Specifically, when the pass management system verifies the pass token, whether the identity information of the current visitor is consistent with the information of the visitor in the pass application information corresponding to the pass token or not may be compared; or judging whether the time when the current visitor side presents the pass token is within the valid time range in the pass application information corresponding to the pass token. Furthermore, the pass token is verified, and the validity of the pass token can be verified by gate post workers.
For example, in the case that the pass token is presented in the form of a two-dimensional code, when a visitor passes through the pass token, the two-dimensional code on the mobile phone needs to be displayed to a gate post worker for verification. And displaying information such as the current time, the name of the visitor, the validity period and the like in real time on a two-dimensional code display interface. The current time includes a date and a clock. And allowing the visitor to pass when the gate post staff determines that the identity information of the visitor and the visited party is correct and the current time is within the valid period range, otherwise, the visitor needs to re-submit the pass application and check.
Illustratively, when the visitor passes through, the gate post staff can also directly scan the two-dimensional code provided by the visitor through the mobile phone for verification, after the verification is passed, the mobile phone used by the gate post staff or a computer configured by the gate post or the relevant information and the approval result of the visitor passing application are popped up for the gate post staff to check, and after the checking is passed, the visitor can pass through.
Illustratively, when the visitor passes through, the visitor can also directly scan the two-dimensional code pasted at the appointed position of the gate sentry for verification, and after the visitor actively scans the code, the gate sentry staff can automatically display the passing application information and the examination and approval result on the computer for the gate sentry staff to check, and after the checking is passed, the visitor can pass through.
According to the technical scheme of the embodiment of the invention, the pass token validity is verified, so that the occurrence probability of the illegal passing condition is reduced.
In an optional embodiment, after verifying the validity of the pass token, the method further includes: and if the validity verification of the pass token passes, recording the pass check-in time stamp.
Wherein, the pass check-in timestamp refers to the time when the visitor uses the pass token. After the validity verification of the pass token of the visitor passes, the gate post staff allows the visitor to pass and records the passing time in the passing management system, namely, the pass sign-in time stamp is recorded, so that the passing information of the visitor is conveniently recorded and managed.
In an optional implementation manner, after sending the pass token to the extranet guest terminal, the method further includes: if the pass token is identified to be used, the pass application is recorded.
The step of recording the passage application means recording the passage application content, so that the visitor can conveniently inquire the passage application information which is applied once.
It should be noted that the passing information is recorded after the visitor uses the passing token, so that the visitor can directly quote the recorded passing information when applying for passing next time, and part of the content is adjusted, thereby accelerating the passing application process and reducing the workload of the visitor applying for passing.
Example four
Fig. 4 is a schematic structural diagram of a traffic management device according to a fourth embodiment of the present invention, where the traffic management device can execute the traffic management method according to the foregoing embodiment, and the traffic management device may include: a pass application acquisition module 401, a pass application auditing module 402 and a pass token processing module 403.
The passing application acquisition module 401 is configured to acquire a passing application of an external network visitor end;
a pass application auditing module 402, configured to audit the pass application;
and the pass token processing module 403 is configured to generate a pass token if the verification is passed, and send the pass token to the extranet visitor end, so that the pass token is used when the visitor party corresponding to the extranet visitor end accesses the visited party.
According to the technical scheme of the embodiment of the invention, the passing application of the visitor is obtained and checked, and the pass token is generated after the checking is passed for the visitor to access, so that the problems of low passing efficiency and inconvenient management of visitor information of the visitor are solved, the passing rate of the visitor is improved, the passing work management amount is reduced, and the occurrence probability of illegal passing is reduced.
Optionally, the passage application acquiring module 401 may be specifically configured to:
acquiring a pass application of an external network visitor end sent by an external network server end through internal and external network switching equipment; or the like, or, alternatively,
and acquiring a pass application sent by the external network visitor terminal through the virtual private network.
Optionally, the passing application auditing module 402 includes:
the visited end determining unit is used for determining the visited end of the intranet according to the visited information in the pass application;
and the auditing feedback unit is used for sending the passing application to the intranet visited end so that the intranet visited end audits the passing application and feeds back an auditing result.
Optionally, the apparatus further comprises:
the login request acquisition module is used for acquiring a login request of an external network visitor end;
and the identity authentication module is used for authenticating the identity of the visitor corresponding to the external network visitor according to the account information in the login request.
Optionally, the pass token processing module 403 includes:
and the validity verification unit is used for verifying the validity of the pass token if a pass check-in event generated by the external network visitor end triggered by using the pass token is monitored.
Optionally, the pass token processing module 403 further includes:
and the time stamp recording unit is used for recording the pass check-in time stamp if the pass token passes the validity verification.
Optionally, the pass token processing module 403 further includes:
and the pass application recording unit is used for recording the pass application if the pass token is identified to be used.
EXAMPLE five
Fig. 5 is a schematic structural diagram of a traffic management system according to a fifth embodiment of the present invention, where the traffic management system includes a front end and a back end. The front end is mainly used for visitors, gate post managers and on-line examination and approval, wherein the front end can adopt H5 technology and apply various computer language specifications to design a front end application interface, a form, a report and the like. H5 refers to the 5 th generation HTML, and also to all digital products made in the H5 language. HTML is the english abbreviation of "hypertext markup language". The backstage is used for management of the backend, and functions of data report, statistics, backend approval and the like are provided, wherein the backend can adopt a springboot technical architecture to establish a backstage management system, and an enterprise WeChat access platform is adopted in the middle to establish a platform function of data exchange.
The traffic management system includes:
an outer network visitor end and an inner network server end; wherein the content of the first and second substances,
the outer network visitor end is used for sending a pass application to the inner network server end;
and the intranet server is used for auditing the pass application, generating a pass token under the condition that the audit is passed, and sending the pass token to the extranet visitor end for the visitor party corresponding to the extranet visitor end to use when visiting the visited party.
Specifically, the visitor can indirectly establish data communication with the intranet server through the extranet visitor, send a pass application to the intranet server, so that the intranet server can audit the pass application, and send a pass token to the extranet visitor under the condition that the audit is passed.
Illustratively, when the front end presents in the enterprise wechat, the traffic management system is bound to the enterprise wechat platform for use, and the visitor party uses the external network visitor end and can enter the traffic management system through the enterprise wechat service end or public numbers. An enterprise wechat service end or a public number (an enterprise wechat back end) mainly provides an application layer of platform services such as organization information, user information, access authorization, H5 application access configuration and the like, and supports a visitor to access a 'traffic management system' at the enterprise wechat end and the wechat end.
If the user is the enterprise WeChat authorized user, automatically identifying the enterprise WeChat user account and automatically logging in, otherwise, requiring the user to manually input basic information of a visitor to manually log in. After logging in, the visitor can access the intranet server and send a pass application to the intranet server. The intranet service end is used for deploying an office system used by an intranet visited end, deploying an intranet data service interface and deploying a relational database, establishing a local big data service platform, obtaining relevant index data by applying various calculation formulas, and pushing the relevant index data to a front end for use through a service interface program. The intranet visited end can directly access the intranet server to carry out passing application processing work, and after passing the passing application audit, the intranet server generates a passing token and sends the passing token to the extranet visitor end so as to be used when the visitor party corresponding to the extranet visitor end accesses the visited party.
According to the technical scheme of the embodiment of the invention, the passing application of the visitor is obtained and checked, and the pass token is generated after the checking is passed for the visitor to access, so that the problems of low passing efficiency and inconvenient management of visitor information of the visitor are solved, the passing rate of the visitor is improved, the passing work management amount is reduced, and the probability of illegal passing is reduced.
In one embodiment, the traffic management system further comprises: the system comprises an external network server and internal and external network switching equipment; wherein the content of the first and second substances,
the external network server is used for acquiring a pass application of an external network visitor end and sending the pass application to the internal and external network switching equipment;
and the internal and external network exchange equipment is used for sending the passing application of the external network visitor end to the internal network server end.
The external network service end provides direct data connection for the external network visitor end and the internal and external network exchange equipment. The internal and external network exchange equipment establishes direct data connection for the external network server and the internal network server, and protects the confidential data of the internal network server from leaking under the condition of ensuring the normal interaction of the data of the external network server and the internal network server.
In this embodiment, for example, the extranet service end is configured to deploy an H5 front-end application program of an "access management system" and a data service interface program of an enterprise wechat back end, and the interface service specification takes an interface specification required by an enterprise wechat as a standard, and mainly implements data of the enterprise wechat management end, such as unified identity authentication, user management, authority management, application management, and the like of the enterprise wechat.
The internal and external network exchange equipment is also an isolation layer of internal and external network data, and related network safety protection equipment and software are deployed. The internal and external network exchange equipment is arranged between the external network server and the internal network server, realizes the exchange service of internal and external network data, and can cut off the contact between the external network server and the internal network server at any time. For example, if the Internet service end cuts off the Internet network in a special period such as power supply protection and national celebration, the interface service for data push of the external network service end will go through the VPN channel to obtain the data of the internal network service end, and at this time, the external network visitor end is required to install a VPN client to connect to the internal network service end, and if the connection to the internal network service end fails, the traffic management system cannot update and synchronize the data.
The outer network server and the inner and outer network exchange equipment establish a data exchange bridge for the outer network visitor end and the inner network server end, and the data of the inner network server end is protected from being revealed while the smooth exchange of the data is ensured.
In one implementation, the intranet server is configured to:
acquiring a pass application of an external network visitor end sent by an external network server end through internal and external network switching equipment; or the like, or, alternatively,
and acquiring a pass application sent by the external network visitor terminal through the virtual private network.
In one implementation, the auditing of the pass application by the intranet service end includes: determining an intranet visited end according to the visited information in the pass application; and sending the pass application to the intranet visited end so that the intranet visited end audits the pass application and feeds back an audit result.
In an implementation manner, before acquiring the passage application of the extranet visitor, the intranet server is further configured to: acquiring a login request of an external network visitor terminal;
and according to the account information in the login request, verifying the identity of the visitor corresponding to the external network visitor.
In an implementation manner, after the internal network server sends the pass token to the external network guest, the internal network server is further configured to: and if the pass sign-in event generated by the external network visitor end triggered by using the pass token is monitored, verifying the validity of the pass token.
In an implementation manner, after verifying the validity of the pass token, the intranet service terminal is further configured to: and if the validity verification of the pass token passes, recording the pass check-in time stamp.
In an implementation manner, after the internal network server sends the pass token to the external network guest, the internal network server is further configured to: if the pass token is identified to be used, the pass application is recorded.
EXAMPLE six
Fig. 6 is a schematic structural diagram of a server according to a sixth embodiment of the present invention, as shown in fig. 6, the server includes a processor 60, a memory 61, an input device 62, and an output device 63; the number of the processors 60 in the server may be one or more, and one processor 60 is taken as an example in fig. 6; the processor 60, the memory 61, the input device 62 and the output device 63 in the server may be connected by a bus or other means, and the bus connection is exemplified in fig. 6.
The memory 61 is a computer-readable storage medium, and can be used for storing software programs, computer-executable programs, and modules, such as program instructions and/or modules corresponding to the traffic management method in the embodiment of the present invention (for example, the traffic application acquisition module 401, the traffic application auditing module 402, and the traffic token processing module 403). The processor 60 executes various functional applications of the server and data processing by executing software programs, instructions, and modules stored in the memory 61, that is, implements the above-described traffic management method.
The memory 61 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 61 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, the memory 61 may further include memory located remotely from the processor 60, which may be connected to the device/terminal/server via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 62 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the server. The output device 63 may include a display device such as a display screen.
EXAMPLE seven
An embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a traffic management method, including:
acquiring a pass application of an external network visitor end;
auditing the pass application;
and if the verification is passed, generating a pass token, and sending the pass token to the extranet visitor terminal for the visitor party corresponding to the extranet visitor terminal to use when visiting the visited party.
Of course, the storage medium provided by the embodiment of the present invention contains computer-executable instructions, and the computer-executable instructions are not limited to the method operations described above, and may also perform related operations in the traffic management method provided by any embodiment of the present invention.
From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods according to the embodiments of the present invention.
It should be noted that, in the embodiment of the traffic management method apparatus, each included unit and module are only divided according to functional logic, but are not limited to the above division as long as the corresponding function can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (12)

1. A traffic management method, comprising:
acquiring a pass application of an external network visitor end;
auditing the pass application;
and if the verification is passed, generating a pass token, and sending the pass token to the extranet visitor terminal for the visitor party corresponding to the extranet visitor terminal to use when visiting the visited party.
2. The method of claim 1,
acquiring a pass application of an external network visitor end sent by an external network server end through internal and external network switching equipment; or the like, or, alternatively,
and acquiring a pass application sent by the external network visitor terminal through the virtual private network.
3. The method of claim 1, wherein the reviewing the pass application comprises:
determining an intranet visited end according to the visited information in the pass application;
and sending the pass application to the intranet visited end so that the intranet visited end audits the pass application and feeds back an audit result.
4. The method of claim 1, wherein before the obtaining the request for passage of the foreign network client, the method further comprises:
acquiring a login request of an external network visitor terminal;
and verifying the identity of the visitor corresponding to the external network visitor according to the account information in the login request.
5. The method of claim 1, wherein after sending the pass token to the extranet client, further comprising:
and if the pass sign-in event generated by the external network visitor end triggered by using the pass token is monitored, verifying the validity of the pass token.
6. The method of claim 5, wherein after verifying the validity of the pass token, further comprising:
and if the validity of the pass token passes the verification, recording a pass check-in time stamp.
7. The method of claim 1, wherein after sending the pass token to the extranet client, further comprising:
and if the pass token is identified to be used, recording the pass application.
8. A traffic management device, comprising:
the passage application acquisition module is used for acquiring a passage application of an external network visitor end;
the pass application auditing module is used for auditing the pass application;
and the pass token processing module is used for generating a pass token if the verification is passed, and sending the pass token to the external network visitor terminal for the visitor party corresponding to the external network visitor terminal to use when accessing the visited party.
9. A traffic management system, the system comprising: an outer network visitor end and an inner network server end; wherein the content of the first and second substances,
the external network visitor end is used for sending a pass application to the internal network server end;
the intranet server is used for checking the pass application, generating a pass token under the condition that the check is passed, and sending the pass token to the extranet visitor terminal for the visitor party corresponding to the extranet visitor terminal to use when visiting the visited party.
10. The system of claim 9, further comprising: the system comprises an external network server and internal and external network switching equipment;
the external network server is used for acquiring a pass application of the external network visitor and sending the pass application to the internal and external network switching equipment;
and the internal and external network exchange equipment is used for sending the passing application of the external network visitor end to the internal network server end.
11. A server, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the traffic management method of any of claims 1-7.
12. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a traffic management method according to any one of claims 1 to 7.
CN202111393107.3A 2021-11-23 2021-11-23 Traffic management method, device, system, server and medium Pending CN114050903A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111393107.3A CN114050903A (en) 2021-11-23 2021-11-23 Traffic management method, device, system, server and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111393107.3A CN114050903A (en) 2021-11-23 2021-11-23 Traffic management method, device, system, server and medium

Publications (1)

Publication Number Publication Date
CN114050903A true CN114050903A (en) 2022-02-15

Family

ID=80210578

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111393107.3A Pending CN114050903A (en) 2021-11-23 2021-11-23 Traffic management method, device, system, server and medium

Country Status (1)

Country Link
CN (1) CN114050903A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115439967A (en) * 2022-09-22 2022-12-06 绿漫科技有限公司 Visitor passage verification method and device based on optical communication technology

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9640002B1 (en) * 2015-04-02 2017-05-02 Mark Y. Grosberg System and method for verified admission through access controlled locations using a mobile device
CN108520577A (en) * 2018-03-12 2018-09-11 南京甄视智能科技有限公司 Visitor's reservation management method based on recognition of face
WO2019192129A1 (en) * 2018-04-04 2019-10-10 平安科技(深圳)有限公司 Customer data security access method and device based on mobile terminal
CN111556069A (en) * 2020-05-12 2020-08-18 南方电网数字电网研究院有限公司 Visitor identity authentication method, system, device, computer equipment and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9640002B1 (en) * 2015-04-02 2017-05-02 Mark Y. Grosberg System and method for verified admission through access controlled locations using a mobile device
CN108520577A (en) * 2018-03-12 2018-09-11 南京甄视智能科技有限公司 Visitor's reservation management method based on recognition of face
WO2019192129A1 (en) * 2018-04-04 2019-10-10 平安科技(深圳)有限公司 Customer data security access method and device based on mobile terminal
CN111556069A (en) * 2020-05-12 2020-08-18 南方电网数字电网研究院有限公司 Visitor identity authentication method, system, device, computer equipment and storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115439967A (en) * 2022-09-22 2022-12-06 绿漫科技有限公司 Visitor passage verification method and device based on optical communication technology

Similar Documents

Publication Publication Date Title
CN101202753B (en) Method and device for accessing plug-in connector applied system by client terminal
CN112583802B (en) Data sharing platform system and equipment based on block chain and data sharing method
US20060095376A1 (en) Virtual meetings
CN112257110B (en) Electronic signature management method, management system and computer readable storage medium
CN108600203A (en) Secure Single Sign-on method based on Cookie and its unified certification service system
CN106612246A (en) Unified authentication method for simulation identity
CN111352740B (en) Application interaction processing method and device
CN107277049A (en) The access method and device of a kind of application system
CN103227799A (en) Implementing method of unified user management and single sign-on platform based on multiple application systems
CN106209726A (en) A kind of Mobile solution single-point logging method and device
US20140222478A1 (en) Method and system for creating and managing schedule on basis of social network
CN112187931A (en) Session management method, device, computer equipment and storage medium
CN110516454A (en) Exchange method, system, device and the computer readable storage medium of more equipment
CN114117264A (en) Illegal website identification method, device, equipment and storage medium based on block chain
CN113904821A (en) Identity authentication method and device and readable storage medium
CN113656123A (en) Information evaluation method, device and system for equal protection evaluation
CN114050903A (en) Traffic management method, device, system, server and medium
CN111291843A (en) Information acquisition method and system
CN114757634A (en) Portable high-integration mobile office platform as a service (PaaS)
US20080162636A1 (en) System and method for replying to questions on-line
CN109274699A (en) Method for authenticating, device, server and storage medium
CN106936832A (en) The network admittance method and system of enterprise-level
RU2712650C1 (en) Software and hardware system for authentication of electronic documents and electronic signatures
CN111382987A (en) Network office system based on high in clouds
CN116108416A (en) Application program interface safety protection method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination