CN114253519B

CN114253519B - Wisdom garden security protection management system and electronic equipment

Info

Publication number: CN114253519B
Application number: CN202210188935.1A
Authority: CN
Inventors: 蒯亮; 卫建芳; 王涛; 刘付顺; 王鑫; 宋君君; 张瑞权; 张晋芳; 赵亮; 张志成
Original assignee: 6th Research Institute of China Electronics Corp
Current assignee: 6th Research Institute of China Electronics Corp
Priority date: 2022-03-01
Filing date: 2022-03-01
Publication date: 2022-06-24
Anticipated expiration: 2042-03-01
Also published as: CN114253519A

Abstract

The application provides a wisdom garden security protection management system and electronic equipment. Wisdom garden security protection management system adopts little service architecture, includes: the micro-service application layer comprises a view layer and a micro-service layer; the view layer is used for displaying various functions provided by the micro service layer; the microservice layer comprises a plurality of business microservices associated with security management in an intelligent park; the data layer is in communication connection with the micro-service application layer; the data layer provides a data base for the microservice layer. In the embodiment of the application, each type of business service in the micro-service architecture has respective resource, configuration and environment, decoupling is performed between the services, and each type of business service can be better expanded and upgraded independently, so that the intelligent park security management system can meet the requirements of massive front-end internet-of-things equipment, complex business logic, frequent change and rapid technology updating and upgrading.

Description

Wisdom garden security protection management system and electronic equipment

Technical Field

The application relates to the technical field of security management, in particular to an intelligent park security management system and electronic equipment.

Background

The single-body architecture is a system architecture which realizes delivery of software applications through one-time design, development, construction and deployment. In the single architecture, various resources and configuration environments for supporting applications are packaged together, and upper-layer applications are also packaged together and deeply coupled. The single architecture is mainly suitable for systems with small scale, simple system, single function and little change.

At present, the security management system of the smart park mainly adopts a single body architecture. The whole security management system of the intelligent park comprises a plurality of functional modules such as message service, entrance guard service, personnel and vehicle management service and the like. For a large number of functional modules, once a service is in a problem, systematic adverse effects can occur for a single architecture, and the whole body is driven by one action. In addition, the security management system can continuously perform capacity expansion and upgrade iteration of various services based on the front-end internet of things equipment, but due to deep coupling of application modules in a single framework, the whole system can be influenced by upgrading or capacity expansion of a certain service, the upgrade iteration is difficult, the expandability is poor, meanwhile, the construction and management mode of the security management system are closely related, and the single software framework is poor in variability and difficult to adjust service logic according to actual requirements.

Disclosure of Invention

An object of the embodiment of the application is to provide a security management system and an electronic device for an intelligent park, so as to solve the problems that the security management system of the current single architecture is difficult to upgrade and iterate, poor in expandability, poor in variability and difficult to adjust service logic according to actual requirements.

The invention is realized by the following steps:

in a first aspect, an embodiment of the present application provides a smart park security management system, the smart park security management system adopts a micro-service architecture, including: the micro-service application layer comprises a view layer and a micro-service layer; the view layer is used for displaying various functions provided by the micro service layer; the microservice layer includes a plurality of business microservices associated with security management in an intelligent campus; the data layer is in communication connection with the micro-service application layer; the data layer provides a data base for the micro service layer.

In the embodiment of the application, the security management system of the smart park is realized by adopting a micro-service architecture. The system comprises a micro-service application layer and a data layer. The microservice application layer includes a plurality of business microservices associated with security management in the intelligent campus. The micro-service architecture is adopted to deploy the business micro-services, so that a plurality of business services can be respectively separated, and independent design, development, construction and deployment are carried out. That is, each type of business service in the architecture has its own resources, configuration, and environment. Decoupling between services, independent expansion and upgrading can be better performed on each type of service, and therefore the intelligent park security management system can meet the requirements of mass front-end Internet of things equipment, complex service logic, frequent change and quick technology updating and upgrading.

With reference to the technical solution provided by the first aspect, in some possible implementation manners, the micro-service application layer further includes a common service layer; the public service layer comprises: log microservice, authentication microservice and cache microservice; the log micro-service is used for recording the state conversion of the presentation layer; the authentication micro-service is used for system platform login verification and third party platform login verification; the cache micro-service is used for caching the data of the data layer.

In the embodiment of the application, public services facing users and back-end service applications are subjected to micro-service, so that the applicability and the variability of the whole intelligent park security management system can be further improved.

With reference to the technical solution provided by the first aspect, in some possible implementation manners, each microservice of the microservice layer is deployed in a container manner.

In the embodiment of the present application, the deployment of each micro service of the micro service layer in a container mode has the following advantages: based on the characteristics of the mirror image and the centralized management capability of the mirror image warehouse, rapid delivery and deployment are carried out, and system deployment personnel can conveniently deploy based on the standard mirror image of the application. Meanwhile, more flexible application migration and expansion can be realized, the container can start service in any environment, and when the system architecture is adjusted or recombined, service redeployment and application expansion deployment can be performed more flexibly.

With reference to the technical solution provided by the first aspect, in some possible implementation manners, a plurality of container instances are created for the microservice deployed in a container manner; the intelligent park security management system also comprises a load balancing layer; the load balancing layer is used for scheduling the plurality of container instances according to user requests.

In the embodiment of the application, because the micro-services are deployed in a container mode, multiple instances can be created for the same micro-service, each instance has an independent running space and a configuration environment, and further, the load balancing layer is utilized to realize more reasonable distribution of bottom layer resources, and meanwhile, real-time scheduling can be realized according to user access requirements through the load balancing layer, so that the stability and the fault tolerance of the system are ensured.

In combination with the technical solution provided by the first aspect, in some possible implementation manners, the smart campus security management system is constructed by using a SpringCloud framework, and the container is a Docker container.

In the embodiment of the application, when the Docker container is adopted, the Docker provides the incremental modification capability for the mirror image, when the application is upgraded or updated, the service can be upgraded in batches through the mirror image center, the execution efficiency is high, and the error probability is low. The Docker technology well solves the problems of high system deployment cost, difficult system upgrading and expansion, high operation and maintenance labor cost and the like caused by multiple application types, large service granularity systems and large service data volumes of the intelligent park security management system, provides guarantee for efficient and stable operation of the system, and becomes a solid base of the whole system.

With reference to the technical solution provided by the first aspect, in some possible implementation manners, the intelligent park security management system further includes an internet of things service layer; the Internet of things service layer comprises Internet of things equipment and third-party services; the internet of things service layer is in communication connection with the data layer; the data layer comprises a first database, a second database and a cloud database; the first database is a database based on an MQTT protocol, and the second database is a database based on an HTTP protocol; the first database is used for acquiring data of the Internet of things equipment and the third-party service through an MQTT protocol; the second database is used for acquiring the data of the third-party service through an HTTP (hyper text transport protocol); the cloud database is used for storing data which need to be called and modified repeatedly in the security management system of the smart park.

In the embodiment of the application, the data layer comprises a database based on the MQTT protocol, a database based on the HTTP protocol and a cloud database. Different databases to facilitate the invocation of different types of data. When the first database is used for acquiring the data of the Internet of things equipment through the MQTT protocol, the method can better adapt to the characteristics that the transmission of single equipment of the Internet of things equipment is small, but the data transmission frequency is high, and the waste of server resources and bandwidth caused by the use of the HTTP protocol is avoided. And the database based on the HTTP protocol is constructed to realize the interface with each platform and application. And the cloud database can be used for rapidly calling some static data (such as the data of the security management system of the intelligent park).

With reference to the technical solution provided by the first aspect, in some possible implementation manners, each of the service microservices is connected to at least one other service microservices.

In the embodiment of the application, the business microservices are connected, so that information can be mutually transmitted and data can be shared among the business microservices.

With reference to the technical solution provided by the first aspect, in some possible implementation manners, the micro service layer includes: the system micro-service is used for managing roles, groups, authorities and login information of system platform users; the personnel microservice is used for managing basic information of personnel in the intelligent park; and the vehicle micro-service is used for managing basic information of the vehicles in the intelligent park.

In the embodiment of the application, personnel service, vehicle service and system service are respectively split and independently designed, developed, constructed and deployed. That is, the personnel service, the vehicle service and the system service in the architecture have respective resources, configurations and environments, so that decoupling between the services is realized, and the three services can be better and independently expanded and upgraded. And because the three services are the most basic services in the security management system of the smart park, the security management requirements of most smart parks can be met by deploying the three services in a micro-service architecture.

With reference to the technical solution provided by the first aspect, in some possible implementation manners, the microservice layer further includes: the dynamic ring micro service is used for inquiring real-time, historical, alarm and report data of equipment and environment monitoring information in the intelligent park; the intelligent analysis microservice is used for analyzing the data based on a preset intelligent algorithm and outputting an analysis result; the security micro service is used for managing security related data; the access control micro-service is used for managing data related to access control; the message micro service is used for transmitting alarm messages and system messages for reminding; the perimeter microservice is used for inquiring data related to the perimeter security of the intelligent park; and the intelligent micro-service is used for inquiring and managing the intelligent service in the intelligent park.

In the embodiment of the application, the dynamic ring micro-service, the intelligent analysis micro-service, the security micro-service, the entrance guard micro-service, the information micro-service, the perimeter micro-service and the intelligent micro-service are constructed, so that the functions of the security management system of the intelligent park are enriched, and meanwhile, the follow-up maintenance, upgrading and updating of each micro-service are facilitated.

In a second aspect, an embodiment of the present application provides an electronic device on which an intelligent campus security management system is deployed, the intelligent campus security management system being provided as described in the foregoing first aspect embodiment and/or in combination with some possible implementations of the foregoing first aspect embodiment.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.

Fig. 1 is a block diagram of an electronic device according to an embodiment of the present disclosure.

Fig. 2 is a block diagram of a first security management system for an intelligent park according to an embodiment of the present disclosure.

Fig. 3 is a block diagram of a security management system for a smart park according to an embodiment of the present disclosure.

Fig. 4 is a block diagram of a third smart park security management system according to an embodiment of the present disclosure.

Fig. 5 is a block diagram of a fourth security management system for an intelligent park according to an embodiment of the present disclosure.

Fig. 6 is a block diagram of modules of a fifth security management system for an intelligent park according to an embodiment of the present disclosure.

Fig. 7 is a schematic diagram illustrating software components of the intelligent campus security management system according to an embodiment of the present disclosure.

Icon: 100-an electronic device; 10-a processor; 11-a memory; 200-an intelligent park security management system; 20-micro service application layer; 201-view layer; 202-micro service layer; 2020-system microservice; 2021-personnel microservice; 2022-vehicle microservice; 2023-dynamic ring microservice; 2024-intelligent analytics microservice; 2025-security microservice; 2026-door access microservice; 2027-message microservice; 2028-perimeter microservice; 203-public service layer; 2030-log microservice; 2031 — authentication microservice; 2032-cache microservice; 21-data layer; 210-a first database; 211-a second database; 212-cloud database; 22-load balancing layer; 23-the internet of things service layer; 230-internet of things devices; 231-third party services.

Detailed Description

The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.

Referring to fig. 1, a schematic block diagram of an electronic device 100 with an intelligent campus security management system deployed therein is provided in an embodiment of the present application. In the embodiment of the present application, the electronic device 100 may be a terminal or a server, and the terminal may be, but is not limited to, a Personal Computer (PC), a notebook Computer, and the like. The server may be, but is not limited to, a web server, a database server, a cloud server, or a server assembly composed of a plurality of sub-servers, etc. Of course, the above-mentioned devices are only used to facilitate understanding of the embodiments of the present application, and should not be taken as limiting the embodiments.

Structurally, electronic device 100 may include a processor 10 and a memory 11.

The processor 10 and the memory 11 are electrically connected directly or indirectly to enable data transmission or interaction, for example, the components may be electrically connected to each other via one or more communication buses or signal lines. The business logic code configured by the smart campus security management System includes at least one software module which can be stored in the memory 11 in the form of software or Firmware (Firmware) or solidified in an Operating System (OS) of the electronic device 100. The processor 10 is arranged to execute executable modules stored in the memory 11. That is, the processor 10 is configured to execute the business logic code configured with the smart campus security management system, so as to implement corresponding security management, such as access control management, personnel management, vehicle management, and the like.

The processor 10 may be, for example, an integrated circuit chip having signal processing capabilities. The Processor 10 may also be a general-purpose Processor, for example, a Central Processing Unit (CPU), a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a discrete gate or transistor logic device, or a discrete hardware component, which may implement or execute the methods, steps, and logic blocks disclosed in the embodiments of the present Application. Further, a general purpose processor may be a microprocessor or any conventional processor or the like.

The Memory 11 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Programmable Read-Only Memory (EPROM), and an electrically Erasable Programmable Read-Only Memory (EEPROM). The memory 11 is used for storing a program, and the processor 10 executes the program after receiving the execution instruction.

It should be noted that the structure shown in fig. 1 is only an illustration, and the electronic device 100 provided in the embodiment of the present application may also have fewer or more components than those shown in fig. 1, or have a different configuration than that shown in fig. 1. Further, the components shown in fig. 1 may be implemented by software, hardware, or a combination thereof.

Referring to fig. 2, fig. 2 is a block diagram of an intelligent park security management system 200 according to an embodiment of the present disclosure.

In the embodiment of the application, the smart park security management system 200 adopts a micro-service architecture. The system can be constructed by adopting a SpringCloud framework. Wisdom garden security protection management system 200 specifically includes: microservice application layer 20 and data layer 21.

The microservice application layer 20 specifically includes a view layer 201 and a microservice layer 202.

Wherein, the view layer 201 is a unified portal based on a geographic information system, and the view layer 201 is used for displaying various functions provided by the microservice layer 202. That is, all portal functions of the microservice layer 202 can be exposed by the view layer 201.

The microservice layer 202 includes a plurality of business microservices associated with security management in an intelligent campus. In the embodiment of the application, the micro-service architecture is adopted to deploy the business micro-services, so that a plurality of business services can be respectively separated, and independent design, development, construction and deployment can be carried out. That is, each type of business service in the architecture has its own resources, configuration, and environment. Decoupling between services, independent expansion and upgrade can be better performed on each type of service, and therefore the intelligent park security management system 200 can meet the requirements of massive front-end internet of things equipment, complex service logic, frequent change and quick technology update and upgrade.

The data layer 21 is in communication connection with the micro-service application layer 20; specifically, the data layer 21 is in communication connection with the microservice layer 202, and further provides a data base for the microservice layer 202.

Referring to fig. 3, in an embodiment, the business microservices include a system microservices 2020, a personnel microservices 2021, and a vehicle microservices 2022. That is, the microservice layer 202 specifically includes a system microservice 2020, a personnel microservice 2021, and a vehicle microservice 2022.

The system microservice 2020 is used for managing roles, groups, permissions and login information of system platform users.

The personnel microservice 2021 is used for managing basic information of personnel in the intelligent park. The person in the smart park may be a resident person in the park, a visitor, etc., and the present application is not limited thereto. The basic information of the person may include, but is not limited to, name, age, gender, and identification number.

The vehicle microservice 2022 is used for managing basic information of vehicles in the intelligent park. Wherein, the vehicle in the wisdom garden can be the vehicle of each personnel in the wisdom garden, also can be the vehicle of each unit in the wisdom garden. The basic information of the vehicle may include, but is not limited to, a license plate, an entrance time, a parking time, and an exit time.

Therefore, the above manner separates the personnel service, the vehicle service and the system service respectively to carry out independent design, development, construction and deployment. Namely, the personnel service, the vehicle service and the system service in the architecture have respective resources, configuration and environment, so that decoupling between the services is realized, and the three services can be better and independently expanded and upgraded. And because the three services are the most basic services in the security management system 200 for the smart park, the security management requirements of most smart parks can be met by deploying the three services in a micro-service architecture.

With continued reference to fig. 3, the business microservices may be connected as needed. For example, the human microservice 2021 may be connected to the vehicle microservice 2022 and the system microservice 2020, respectively; system microservice 2020 may also interface with vehicle microservice 2022.

By connecting the business microservices, information can be transmitted among the business microservices and data can be shared. For example, basic information of the people in the smart park can be shared between the personnel microservice 2021 and the system microservice 2020, and the access requirements of the user can be quickly responded to through the basic information.

Referring to fig. 4, in another embodiment, the business microservices may further include a mobile ring microservice 2023, a smart analysis microservice 2024, a security microservice 2025, a door access microservice 2026, a message microservice 2027, a perimeter microservice 2028, and a smart microservice (not shown). That is, the microservice layer 202 may also include a live-loop microservice 2023, a smart analytics microservice 2024, a security microservice 2025, an access microservice 2026, a message microservice 2027, a perimeter microservice 2028, and a smart microservice.

The dynamic ring microservice 2023 is used for inquiring real-time, history, alarm and report data of equipment and environment monitoring information in the intelligent park. The devices in the smart campus may be, but are not limited to, cameras, detection instruments, etc. The detection instrument may be, but is not limited to, a pressure gauge, a thermometer, a smoke alarm, etc.

And the intelligent analysis micro-service 2024 is used for analyzing the data based on a preset intelligent algorithm and outputting an analysis result.

The preset intelligent algorithm can be a face recognition algorithm, an emotion recognition algorithm and a clothing recognition algorithm for people in a park; it may also be a brand and model identification algorithm for campus vehicles and a dangerous action identification algorithm for drivers.

The security micro-service 2025 is used for managing security related data. Security related data includes, but is not limited to, video data, smoke concentration data, temperature data. The video data may refer to data such as vehicle overspeed and illegal parking in the video, or may be related data for detecting suspicious people in the video.

An access microservice 2026 for managing access related data. Entrance guard related data such as entrance and exit records of people, vehicles, white lists, black lists, etc. for each gate in the smart park.

And the message microserver 2027 is used for transmitting alarm messages and system messages for reminding. Namely, the message microserver 2027 is mainly used for transmitting alarm messages, system messages and the like from the background to remind the front end, so that the front end staff can handle abnormal behaviors in the campus at the first time.

And the perimeter micro-service 2028 is used for inquiring data related to the perimeter security of the intelligent park. The data relevant to the perimeter security of the smart campus may be traffic data of the perimeter of the smart campus.

And the intelligent micro-service is used for inquiring and managing the intelligent service in the intelligent park. Intelligent services include, but are not limited to, intelligent irrigation, ferry cars, radio, and the like.

It can be seen that in the embodiment of the present application, by constructing the dynamic loop micro service 2023, the intelligent analysis micro service 2024, the security micro service 2025, the door access micro service 2026, the message micro service 2027, the perimeter micro service 2028, and the smart micro service, the functions of the security management system 200 in the smart park are enriched, and meanwhile, the maintenance, the upgrade, and the update of each micro service are facilitated.

With continued reference to fig. 4, the business microservices may be connected as needed. For example, personnel microservices 2021 may be connected to security microservices 2025, vehicle microservices 2022, message microservices 2027, door microservices 2026, system microservices 2020, intelligent analytics microservices 2024, and perimeter microservices 2028, respectively. Accordingly, the door micro-service 2026 may also be connected to the message micro-service 2027 and the system micro-service 2020, respectively.

It should be noted that the connection relationship between the microservices shown in fig. 4 is only an example in the embodiment of the present application. In addition, the connection relationship between the micro services may continue to refer to the connection relationship shown in fig. 4, and the present application does not make much description.

By connecting the business microservices, information can be transmitted among the business microservices and data can be shared. For example, the message microserver 2027 may be connected to all other business microservers, and further obtain the exception of all other business microservers in a data sharing manner, so as to transmit an alarm message and a system message for reminding at the first time.

Referring to fig. 5, in an embodiment, the microservice application layer 20 further includes a public service layer 203.

The public service layer 203 includes public services for users and backend service applications, and extracts underlying public services formed by the common requirements of various services in the microservice layer 202. Specifically, the common server layer 203 includes: log microservice 2030, authentication microservice 2031, and cache microservice 2032.

The log microservice 2030 is used to record a presentation State Transfer (REST). Such as recording the POST, PUT, DELETE operations of the REST layer.

The authentication microservice 2031 is used for system platform login verification and third party platform login verification.

The cache microservice 2032 is used to cache data for the data layer 21. By the cache micro-service 2032, data preprocessing capability under high concurrency and big data scenes can be realized during large-scale information system construction, and service performance is improved.

It can be seen that, in the embodiment of the present application, the applicability and the variability of the entire security management system 200 for the smart campus can be further improved by micro-servicing the public service facing the user and the backend service application.

In the embodiment of the present application, each of the micro services is deployed in a container manner. The using process of the container mainly comprises the steps of constructing an image, creating the container, starting the container, closing the container, deleting the container and the like. The process of constructing the mirror image can adopt a Dockerfile mode, the Dockerfile provides a series of functions and instructions, and the Dockerfile can realize the self-defined mirror image construction including system commands, file attributes, container names, content structure hierarchy and the like. Creating the mirror image is to pack related resources in the system according to the content of the Dockerfile, and execute a related configuration command to form a mirror image file. The container creating process is to create a container instance according to the image file, and since all related resources are packaged in the image file and configuration setting is realized, the container creating process does not depend on any external environment, which also forms that the container can be flexibly deployed in different environments and systems. When the container is used, the container is started first to carry out service, when the service is finished, the container is closed, the hardware resource is released, and the hardware resource can be logically released by deleting the container.

The container may be embodied as a Docker container.

In the embodiment of the present application, the main reasons why the smart park security management system 200 selects the container technology for micro-service deployment are as follows:

firstly, rapid delivery and deployment are carried out based on the characteristics of the mirror image and the centralized management capability of the mirror image warehouse, and system deployment personnel can conveniently carry out deployment based on the standard mirror image of the application.

And secondly, the application migration and expansion are more flexible, the container can start the service in any environment, and the redeployment of the service and the expansion deployment of the application can be more flexible when the system architecture is adjusted or recombined.

In addition, when a Docker container is adopted, the Docker provides incremental modification capability to the mirror image, when the application is upgraded or updated, the service can be upgraded in batches through the mirror image center, the execution efficiency is high, and the error probability is low. Moreover, the Docker technology well solves the problems of high system deployment cost, difficult system upgrade and expansion, high operation and maintenance labor cost and the like caused by multiple application types, large service granularity systems and large service data volumes of the intelligent park security management system 200, provides guarantee for efficient and stable operation of the system, and becomes a solid base of the whole system.

In addition, a microserver deployed in a container fashion may create multiple container instances. Referring to fig. 5, the smart park security management system further includes a Load balancing layer (SLB) 22.

The load balancing layer 22 is used to schedule multiple container instances according to user requests. Illustratively, a plurality of container examples can be established to entrance guard's microservice, and then make wisdom garden security management system 200 can carry out the dispatch of entrance guard's microservice container according to the discrepancy circumstances of each gate in the garden.

Obviously, because the micro-service is deployed in a container mode, multiple instances can be created for the same micro-service, each instance has an independent running space and a configuration environment, and further, the load balancing layer 22 can be used for realizing more reasonable distribution of bottom layer resources, and meanwhile, real-time scheduling can be realized according to the access requirements of users through the load balancing layer 22, so that the stability and the fault tolerance of the system are ensured.

Each micro service is deployed in a virtual machine mode.

Referring to fig. 6, a data layer 21 in the embodiment of the present application will be described.

In one embodiment, the data layer 21 may include a first database 210, a second database 211, and a cloud database 212.

The first database 210 is a database based on MQTT (Message Queuing Transport protocol), that is, an MQ (Message Queuing) Message Queuing mechanism is adopted. The first database 210 is used for acquiring data of the internet of things device and third-party services through an MQTT protocol, so as to realize the call of each micro server. The second database 211 is a database based on HTTP (Hyper Text Transfer Protocol) Protocol. The second database 211 is configured to obtain data of a third-party service through an HTTP protocol to implement invocation of each micro server, and is configured with a remote connection interface. The cloud database 212 is mainly used for storing data which needs to be called and modified repeatedly in the smart park security management system 200, so that calling of each micro server is achieved. The data of the smart campus security management system 200 itself may be static, not easily changeable data.

The internet of things equipment can be, but is not limited to, a camera, a pressure gauge, a thermometer and the like; the internet of things device uses a perimeter Control Protocol (TCP) device as a Transmission medium, and uses an MQTT Protocol to transmit data. A third-party service may refer to a third-party Application, such as an APP (Application), applet, or other Application platform.

Further, the smart park security management system 200 also includes an internet of things service layer 23. The internet of things service layer 23 includes an internet of things device 230 and a third party service 231. The internet of things service layer 23 is in communication connection with the data layer 21.

The internet of things device may be, but is not limited to, a camera, a pressure gauge, a thermometer, and the like. The third party service may refer to a third party Application, such as an APP (Application), applet, or other Application platform.

That is, the internet of things service layer 23 mainly provides the internet of things device 230 and the third party service 231 as external data collection. The third-party service 231 interacts and transmits data in the database (the first database 210) connected with the MQTT protocol, the database (the second database 211) connected with the HTTP protocol, and the cloud database 212, and the internet-of-things device 230 transmits data by using the MQTT protocol through the perimeter TCP device as a transmission medium.

In summary, in the embodiment of the present application, the data layer 21 includes a database based on MQTT protocol, a database based on HTTP protocol, and the cloud database 212. Different databases to facilitate the invocation of different types of data. When the first database 210 is used for acquiring data of the internet of things device through the MQTT protocol, the method can better adapt to the characteristics that the transmission of the internet of things device at a time is small, but the data transmission frequency is high, and avoids the waste of server resources and bandwidth caused by using the HTTP protocol. And the database based on the HTTP is constructed, so that the interface with each platform and each application can be realized. And the cloud database 212 can be used for quickly calling some static data (such as the data of the smart park security management system 200).

The following is a detailed description of the construction between the first database 210 and the internet of things device 230 in fig. 6:

in this embodiment, the first database 210 is a database based on MQTT protocol, that is, MQTT protocol is adopted as a communication protocol of the internet-of-things device 230.

The MQTT protocol message format is as follows:

the fixed message header of the MQTT protocol has two bytes, the first byte mainly represents the relevant information and configuration of the message, and the second byte (Remaining Length) is used for the Length of the whole message and adds identification bits for identification.

The Message Type is the first four bits of the first byte, and represents a Message Type, and the Message types are 14 types, and the common types include: SUBSCRIBE, PUBLISH, connect.

The DUP flag is a fifth bit of the first byte, and represents a reliable transmission identifier, which is used for identifying when the first database 210 and the internet of things device 230 perform message transmission, and when the identification value is 0, it represents that the message is sent for the first time, and when the identification value is 1, it represents that the message is not sent for the first time, that is, the message has been sent at the current time point.

The Qos level is the sixth bit and the seventh bit of the first byte, and represents the service quality level. The service quality grade aims at the PUBLISH type message, when the value is 00, the message is sent at most once, the content of the message is deleted after the message is sent, and the 00 is also the default value of the service quality; 01 represents that the message is sent at least once, and the reply and confirmation are required to be received, and the message can be sent for multiple times due to the instability of the network environment; 10 is the most stringent quality of service, and it is also necessary to receive a reply and acknowledge, and to ensure that the message has arrived only once, and different quality of service can be selected according to different scenario requirements.

The RETAIN is the last bit of the first byte and represents whether the storage function of the message is opened or not, the function is directed at the PUBLISH type message, when the value of the function is 0, the message is represented to be pushed by the client which currently subscribes the theme, and the message is not stored after being sent; and when the value is 1, the current information needs to be stored after being sent to the subscribed client, and when a new user subscribes, the stored information is pushed to the new user. When the no-content release information of the same theme with the RETAIN value of 0 is received, the reserved content of the theme is cleared.

Functionally, the MQTT protocol adopts a mode of setting publishers and subscribers to transmit messages, which is compared with a generalized observer mode, in which a message broker is added, and publishers publish messages to the message broker, and subscribers acquire subscribed messages through the message broker, so that the mode realizes decoupling between subscribers and publishers, and is more suitable for an unstable network environment. That is, in this mode, neither the publisher nor the subscriber knows the existence of the other party, and the subscriber transmits the topic to be subscribed to the message broker, and the publisher transmits the published topic to the message broker, so that the message broker pushes the message according to the corresponding topic.

Secondly, each internet of things device 230 exists as a client, the message broker serves as a server (the first database 210), the client can serve as both a subscriber and a publisher, the client ID (Identity Document) is unique, one server and the same client ID can only maintain one link, if the same client ID is logged in, the previous connection of the same client ID can be replaced, when the client is disconnected, the reconnection can be performed in a CONNECT manner, and the original information is recovered according to a preset policy.

Thirdly, heartbeat information is set in the message. The internet of things device 230 sets a transmission interval of heartbeat information in the message sent to the first database 210, and if the internet of things device 230 does not receive the heartbeat information of the internet of things device 230 within a preset multiple of the set transmission interval time, the internet of things device 230 is disconnected.

The preset times may be 1.2 times, 1.5 times, 2 times, and the like, and the application is not limited thereto.

By setting the heartbeat information in the message, the reliability and the stability of the connection can be improved.

Fourthly, the message is provided with the wish information. When the internet of things device 230 establishes a connection with the first database 210, a wish Topic (Will Topic) and a wish Message (Will Message) are filled in a header of the variable Message transmitted to the first database 210. After the internet of things equipment 230 is disconnected from the first database 210, the first database 210 sends the wish message to the specified wish subject, and by the above manner, when the internet of things equipment 230 is disconnected, the real-time notification to other internet of things equipment 230 is realized.

Fifthly, wildcard characters are set in the message. The purpose of wildcards is to enable a request to subscribe to multiple topics simultaneously, mainly through a topic filter (TopicFilter). Where "/" is used to make a hierarchical division of topics, "+" is used to match all subjects under a single layer, "#" is used to match all topics under multiple layers, wildcards may be available anywhere in the subscription information, e.g., abc/+ and abc/+/def.

It should be noted that the theme is the most important design for message pushing, all message pushing is implemented based on publishing and subscribing of the theme, the design of the theme is mainly divided into two parts, namely, design of theme syntax and area allocation of the theme, and the embodiment of the present application performs uniform theme design on the internet of things device 230.

Because the internet of things 230 is various in types and originated from different manufacturers, and a large amount of expansion is possible in a later period, and different applications are different for data required to be acquired by the same internet of things 230, based on these requirements, the embodiment of the present application specifies the theme syntax according to the MQTT protocol standard, and the UTF-8 (8-bit, Universal charcter Set/Universal transform Format) code is adopted, which does not exceed 65535 bytes, and the number of levels without an upper limit can be Set for the theme, so as to more conveniently perform message management on the message of the internet of things 230, the embodiment of the present application provides a message theme design Format based on the above-mentioned internet of things environment of the smart park.

The theme interval can be divided into three parts, namely a system state interval, a user interval and a public type interval.

The topic format of the system state interval is started by $ and the topic at the beginning cannot be matched by wildcards, so that the system state interval is used for counting system information, such as the number of online devices in the system, the number of published topics in the system and the like.

The second part is a user interval which is divided into two parts of equipment information and micro-service information, the equipment information part provides a self-defined theme definition interval according to different equipment, different use modes and functional characteristics of equipment provided by different manufacturers, and pre-distribution of themes is carried out on each type of equipment and different manufacturers. The micro-service information interval is designed for upper micro-service application, each type of micro-service has a corresponding micro-service list, the list of the micro-service is maintained when a new micro-service is started or an old micro-service is closed or started, and the micro-service application and the matched equipment of the internet of things generate a publishing/subscribing relationship, so that various instructions are pushed.

The third part is a common type interval, the common attribute refers to common characteristics of the internet of things devices 230, such as attribute information of residual electric quantity, terminal states and the like, and the common events include event information of terminal online, terminal offline and the like, which all belong to message types common to the internet of things devices 230, so that uniform interval distribution is performed, a user can directly query related common information according to requirements when subsequently performing topic subscription and related information query, the complexity is reduced, and the operation convenience is improved.

In addition, when a complete topic is subscribed and published, a detailed location of the internet-of-things device 230 needs to be located according to a system and a location where the topic is located, and then a topic name is input according to a preset topic allocation rule, for example, humidity monitoring data of a certain humidity sensor in a computer room needs to be queried, where the topic name is "devTopic/device type number/device manufacturer number/device number", if a policy of wildcard is adopted, if a subscription topic name is "devTopic/device type number/device manufacturer number/#", all monitoring data of a certain type of device provided by a certain manufacturer are returned, and if the subscription name is "+/+/public attribute number/", all public attribute states, such as a power state, of all types of the internet-of-things devices 230 in the campus are returned, Operating conditions, etc.

In conclusion, the MQTT protocol has the following advantages:

the information transmission overhead is small, in the MQTT protocol, the transmitted information is usually only 2 bytes at least, which is much smaller than the message header in the HTTP protocol, and the MQTT protocol is constructed based on a long connection, the information for creating the connection is usually sent only once, and the connection is re-established each time the protocol based on a short connection performs the message transmission.

Secondly, the adaptability to complex network environments is realized, the MQTT protocol designs a recovery mode after disconnection, and simultaneously designs rich strategies to minimize the loss caused by abnormal disconnection of the connection, and the native abnormal recovery modes are not possessed by other protocols such as HTTP protocol.

Thirdly, through a message push mechanism, a message push mechanism and a publish/subscribe mode provided by the MQTT protocol, any third-party system or device based on the MQTT protocol can be quickly and conveniently added into the constructed internet of things network without any other auxiliary means or intervention of the third-party system, and the method is suitable for the conditions that the internet of things device 230 is large in variety and quantity and continuously expands in the application.

Finally, the software components of the intelligent park security management system 200 according to the embodiment of the present application will be described.

Referring to fig. 7, 35, the user can also be regarded as a front-end access command, and the user accesses through a portal based on the geographic information system.

Js, which is the entry of all users into the back-end application service through the front-end page operation of the application, from which all code is run, and the front-end pages of all upper-layer applications load main. Js can be internally provided with plug-ins and CSS (Cascading Style Sheets) styles used by developers in the field, so that the calling of the developers is facilitated, the packaging, compression and confusion of front-end pages are realized, and the service application of the rear end is connected.

37 for the Controller component can define the return mode of multiple data to the front end, the developer can develop according to the requirement, the Controller component encapsulates the data requested by the user into a Model after processing, and then returns to the front end page for displaying, realizes the connection of the front end and the back end data, the Controller component of the system provides the data call of the REST type, and realizes the call of the subsequent Service interface.

The Web socket component 38 is a WebSocket component, the MQTT protocol and the WebSocket protocol are long link protocols based on the TCP protocol, the MQTT protocol is mainly applied in the internet of things scene, and the WebSocket protocol is mainly applied in the Web development field due to a matched browser API (Application Programming Interface), and meanwhile, the MQTT protocol is more flexible than the WebSocket protocol and the WebSocket protocol, so that the MQTT protocol can be used for communication on the basis of the WebSocket protocol, and a Web page is used as a client of the MQTT protocol, and can receive and display device messages on the page in real time and send messages to the device.

And 39, the Service interface receives the request sent by the front end and is connected with the back-end Service, and the Service interface is used as the interface of the front end and the back end, and finds out the related implementation class, namely, the serviceImpl, through a Service discovery mechanism.

40, a ServiceImpl implementation class calls different instances according to different service scenarios, and mainly comprises the steps of interacting data from a database instance by calling repeatability, interacting data from a third-party system by calling a third-party HTTP API, acquiring data by monitoring MQ messages, and returning the data to a front end by WebSocket.

41. And 43, calling different instances according to different required calling of the internet of things equipment and third-party services, wherein the instances correspond to an MQTT protocol and an HTTP protocol of a data layer.

42 is a Specification component, first, Specification is the key to team collaboration. If the program is written without the specification, the program cannot be written, and the correctness of the program cannot be judged even if the program is written. Second, specification is also the agreement between the program and the client. The Specification determines responsibility not only for the program, but also for the client.

44 is a hierarchy interface that provides additional benefits to the DAO. It imports IoC the DAO container and qualifies the unchecked exceptions for conversion to Spring DataAccess Exception.

45 are domain components that allow for business logic, such as filtering conditions, passing or returning, and processing of data, ready for invoking DAO layers, one domain may invoke one or a set of related DAO layers.

46 is a cloud database, and data transmission of the database is performed by a DAO method, where DAO encapsulates all operations on the database. DAO separates the underlying data access logic from the higher level business logic.

To sum up, the communication and data functions of the smart campus security management system 200 provided in the embodiment of the present application may be implemented by using an asynchronous message transmission manner based on MQTT protocol and a synchronous message transmission manner based on HTTP protocol, and the deployment and scheduling functions of microservice applications may be implemented by using a technical system based on a Docker container. Because the micro-services are deployed in a container mode, multiple instances can be created for the same micro-service, each instance has an independent running space and a configuration environment, further, the load balancing layer 22 can be used for realizing more reasonable distribution of bottom layer resources, meanwhile, real-time scheduling can be realized according to user access requirements through the load balancing layer 22, and the stability and the fault tolerance of the system are guaranteed.

In addition, the design and the partition principle of the little service function module that adopt scientific and reasonable in this application embodiment is provided, realizes the partition and the structure of reasonable little service function module, adopts spring cloud development frame, realizes the development of each little service application in the comprehensive application platform in wisdom garden, mainly includes: log microservice 2030, cache microservice 2032, system microservice 2020, personnel microservice 2021, vehicle microservice 2022, rotating ring microservice 2023, intelligent analytics microservice 2024, security microservice 2025, access microservice 2026, message microservice 2027, perimeter microservice 2028, and the like. According to the actual requirement and the business requirement of security management, the view layer 201, the micro service layer 202 and the public service layer 203 are divided, public capacity is fully extracted, and a platform public service is formed, so that each micro service facing to the business can be concentrated on the service provided by the micro service, the micro service is lighter, upgrading and iteration are easier, and the problems of business redundancy, function module repetition and the like when the single framework application is integrated are solved. Meanwhile, the various business microservices are effectively interconnected, for example, the personnel microservices 2021 simultaneously carry out mutual information transmission and data sharing with the entrance guard microservices 2026, the security protection microservices 2025, the perimeter microservices 2028, the system microservices 2020 and the intelligent analysis microservices 2024, business logic during microservice components is fully explained, and meanwhile, based on a microservice architecture, the interconnection logic and the data sharing logic of the microservices can be remodeled according to the change of user requirements, so that software can be upgraded and changed more flexibly according to the user requirements.

In addition, data such as video monitoring, perimeter alarm, access control, personnel and vehicle information in the intelligent camp are extracted and utilized to form a data warehouse (data layer 21), data interfaces among the micro services are opened, a communication channel among the micro services is constructed, and information intercommunication and data multiplexing among the micro services are realized.

The above-described system embodiments are merely illustrative, and for example, the division of the units is only one logical functional division, and there may be other divisions in actual implementation, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.

In addition, units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

Furthermore, the functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.

In this document, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.

The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims

1. The utility model provides a wisdom garden security protection management system which characterized in that, wisdom garden security protection management system adopts little service architecture, includes:

the micro-service application layer comprises a view layer and a micro-service layer; the view layer is used for displaying various functions provided by the micro service layer; the microservice layer includes a plurality of business microservices associated with security management in an intelligent campus;

the data layer is in communication connection with the micro-service application layer; the data layer provides a data base for the micro service layer;

wherein the microservice application layer further comprises a common service layer; the public service layer comprises: log microservice, authentication microservice and cache microservice; the log micro-service is used for recording the state conversion of the presentation layer; the authentication micro-service is used for system platform login verification and third party platform login verification; the cache micro-service is used for caching the data of the data layer;

the intelligent park security management system also comprises an internet of things service layer; the Internet of things service layer comprises Internet of things equipment and third-party services; the internet of things service layer is in communication connection with the data layer; the data layer comprises a first database, a second database and a cloud database; the first database is a database based on an MQTT protocol, and the second database is a database based on an HTTP protocol; the first database is used for acquiring data of the Internet of things equipment and the third-party service through an MQTT protocol; the second database is used for acquiring the data of the third-party service through an HTTP (hyper text transport protocol); the cloud database is used for storing data which need to be called and modified repeatedly in the security management system of the smart park.

2. The system of claim 1, wherein each microservice of the microservice layer is deployed in containers.

3. The system of claim 2, wherein the container-wise deployed microservice is created with a plurality of container instances;

the intelligent park security management system further comprises a load balancing layer;

the load balancing layer is used for scheduling the plurality of container instances according to user requests.

4. The system of claim 2, wherein the smart campus security management system is built using a SpringCloud framework, and the containers are Docker containers.

5. The system of claim 1, wherein each of said business microservices is connected to at least one other business microservice.

6. The system of claim 1, wherein the microservice layer comprises:

the system micro-service is used for managing roles, groups, authorities and login information of system platform users;

the personnel microservice is used for managing basic information of personnel in the intelligent park;

and the vehicle micro-service is used for managing basic information of the vehicles in the intelligent park.

7. The system of claim 6, wherein the microservice layer further comprises:

the dynamic loop micro service is used for inquiring real-time, history, alarm and report data of equipment and environment monitoring information in the intelligent park;

the intelligent analysis micro-service is used for analyzing the data based on a preset intelligent algorithm and outputting an analysis result;

the security micro service is used for managing security related data;

the access control micro-service is used for managing data related to access control;

the message micro service is used for transmitting alarm messages and system messages for reminding;

the perimeter microservice is used for inquiring the data related to the perimeter security protection of the intelligent park;

and the intelligent micro-service is used for inquiring and managing the intelligent services in the intelligent park.

8. An electronic device on which is deployed the intelligent campus security management system of any one of claims 1 to 7.