CN114745228B - Gateway request processing method, device, computer equipment and storage medium - Google Patents
Gateway request processing method, device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN114745228B CN114745228B CN202210371971.1A CN202210371971A CN114745228B CN 114745228 B CN114745228 B CN 114745228B CN 202210371971 A CN202210371971 A CN 202210371971A CN 114745228 B CN114745228 B CN 114745228B
- Authority
- CN
- China
- Prior art keywords
- network
- network address
- target
- gateway
- target object
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 19
- 238000004458 analytical method Methods 0.000 claims abstract description 101
- 238000004590 computer program Methods 0.000 claims abstract description 38
- 238000000034 method Methods 0.000 claims abstract description 25
- 238000012545 processing Methods 0.000 claims abstract description 16
- 230000006399 behavior Effects 0.000 claims description 78
- 238000012795 verification Methods 0.000 claims description 17
- 230000002159 abnormal effect Effects 0.000 claims description 9
- 238000011156 evaluation Methods 0.000 claims description 7
- 230000004044 response Effects 0.000 claims description 7
- 238000010276 construction Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000004088 simulation Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 238000012512 characterization method Methods 0.000 description 1
- 229910021389 graphene Inorganic materials 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
Abstract
The application relates to a gateway request processing method, a gateway request processing device, a gateway request processing computer device, a gateway request processing storage medium and a gateway request processing computer program product. The method comprises the following steps: responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned; based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result; constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result; and establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model. By adopting the method, the security of network access can be improved.
Description
Technical Field
The present application relates to the field of network technologies, and in particular, to a gateway request processing method, apparatus, computer device, storage medium, and computer program product.
Background
VPN (Virtual Private Network ) refers to providing a secure communication channel over a public network for two private networks, providing a private data packet service between two public gateways, and VPN technology is to implement network interconnection above the network layer through the gateways.
However, the existing VPN gateway technology does not have a better changing capability, so that the gateway technology is safe, but still cannot play a role in protection for a period of time in the operation process, so that personal information of a network access object is leaked, network address data is accessed and downloaded under the condition that the network access object is not operated, and a great potential safety hazard exists.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a gateway request processing method, apparatus, computer device, computer readable storage medium, and computer program product that can improve security.
In a first aspect, the present application provides a gateway request processing method. The method comprises the following steps:
responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned;
based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result;
Constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result;
and establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the establishing, based on the gateway distribution model, a network connection between a client where the target object is located and a server where the target network address is located includes:
retrieving a network address within the network domain range of the target object;
obtaining access behavior characteristic data packets matched with the network domain range based on access data corresponding to the network address in the network domain range;
and establishing network connection between the client side where the target object is and the server side where the target network address is according to the access behavior characteristic data packet and the gateway distribution model.
In one embodiment, the establishing a network connection between the client where the target object is located and the server where the target network address is located according to the access behavior feature data packet and the gateway distribution model includes:
based on the access behavior feature data packet, intercepting the offline behavior of the connection object of the target network address;
And when the offline behavior is detected, establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the intercepting the offline behavior of the connection object of the target network address based on the access behavior feature data packet includes:
according to the data content recorded by the access behavior feature data packet, analyzing first feature data of a gateway request initiated by a connection object of a target network address and second feature data of the access network address;
determining an identity verification comparison period according to the first characteristic data and the second characteristic data;
and verifying the identity information of the connection object of the target network address according to the identity verification comparison period so as to intercept the offline behavior of the connection object of the target network address.
In one embodiment, the constructing a gateway distribution model according to the network domain range where the target object is located and the compatibility analysis result includes:
constructing a plurality of gateway distribution models with different logic characteristic attributes according to the network domain range where the target object is located and the compatibility analysis result;
The establishing network connection between the client side where the target object is located and the server side where the target network address is located based on the gateway distribution model includes:
selecting a gateway distribution model with optimal configuration performance based on the simulated operation data of each gateway distribution model,
and establishing network connection between the client side where the target object is located and the server side where the target network address is located based on the gateway distribution model with optimal configuration performance.
In one embodiment, the method further comprises:
according to the network type, carrying out security assessment on the network connected with the client where the target object is located, and obtaining an assessment result;
when the evaluation result is abnormal, analyzing the application authority of the target network address;
based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, performing compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result, wherein the method comprises the following steps:
and carrying out compatibility analysis on the target network address according to the network domain range based on the application authority of the target network address, the network address item number corresponding to the optimal load under the network type and the allowed network access user number, and obtaining a compatibility analysis result.
In a second aspect, the application further provides a gateway request processing device. The device comprises:
the request response module is used for responding to a gateway request initiated by a target object aiming at a target network address and determining the network type of a network connected with a client where the target object is positioned;
the compatibility analysis module is used for carrying out compatibility analysis on the target network address according to the network domain range based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users to obtain a compatibility analysis result;
the model construction module is used for constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result;
and the network connection module is used for establishing network connection between the client side where the target object is positioned and the server side where the target network address is positioned based on the gateway distribution model.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor which when executing the computer program performs the steps of:
responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned;
Based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result;
constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result;
and establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:
responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned;
based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result;
constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result;
And establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In a fifth aspect, the present application also provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of:
responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned;
based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result;
constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result;
and establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
According to the gateway request processing method, the device, the computer equipment, the storage medium and the computer program product, the network type of the network connected with the client where the target object is located is determined by responding to the gateway request initiated by the target object aiming at the target network address, based on the network address item number corresponding to the optimal load under the network type and the allowed network access user number, the compatibility analysis is carried out on the target network address according to the network domain range, the compatibility analysis result is obtained, the admission threshold of the target network address is improved, the gateway distribution model is constructed according to the network domain range where the target object is located and the compatibility analysis result, so that the network connection between the target object established based on the gateway distribution model and the server where the target network address is located is ensured, the better security is realized, the leakage of personal information of the network access object is avoided, and the network address data is accessed or downloaded under the condition that the network address is not operated.
Drawings
FIG. 1 is an application environment diagram of a gateway request processing method in one embodiment;
FIG. 2 is a flow chart of a gateway request processing method according to another embodiment;
FIG. 3 is a flow chart of a gateway request processing method according to yet another embodiment;
FIG. 4 is a flowchart of a gateway request processing method according to another embodiment;
FIG. 5 is a block diagram of a gateway request processing device in one embodiment;
fig. 6 is an internal structural diagram of a computer device in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The gateway request processing method provided by the embodiment of the application can be applied to an application environment shown in figure 1. Wherein the terminal 102 communicates with the server 104 via a controller. The data storage system may store data that the server 104 needs to process. The data storage system may be integrated on the server 104 or may be located on a cloud or other network server. The controller responds to a gateway request initiated by a target object on the terminal 102 aiming at a target network address, and determines the network type of a network connected with a client where the target object is positioned; the controller performs compatibility analysis on the target network address according to the network domain range based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users to obtain a compatibility analysis result; the controller builds a gateway distribution model according to the network domain range where the target object is located and the compatibility analysis result, and builds network connection between the client where the target object is located and the server where the target network address is located based on the gateway distribution model. The terminal 102 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, and portable wearable devices, where the internet of things devices may be smart speakers, smart televisions, smart air conditioners, smart vehicle devices, and the like. The portable wearable device may be a smart watch, smart bracelet, headset, or the like. The server 104 may be implemented as a stand-alone server or as a server cluster of multiple servers.
In one embodiment, as shown in fig. 2, a gateway request processing method is provided, and the method is applied to a controller for illustration, and includes the following steps:
step 202, determining the network type of the network connected to the client where the target object is located in response to the gateway request initiated by the target object for the target network address.
The target object is an object which initiates a request to a server where a target network address is located through a client to realize data interaction with the server, and specifically, the target object can be a user who logs in the client through an account password for access or a user who temporarily accesses the client. The gateway request is a request to establish a network connection between the client and the server where the target network address is located through the gateway. The gateway is also called an intersystem connector and a protocol converter, and realizes network interconnection above a network layer, is complex network interconnection equipment and is only used for network interconnection with two different higher-layer protocols. A gateway, which is a computer system or device that acts as a translation authority, is used between different communication protocols, data formats or languages, and even two systems that are completely different in architecture, and may be used for both wide area network interconnections and local area network interconnections. The client where the target object is located is the client where the target object is currently accessed, and the client is a program corresponding to the server and providing local service for the user. The network type of the network connected with the client where the target object is located includes a wired network, a wireless network, a mobile hot spot network, and the like.
Specifically, the target object initiates a gateway request aiming at a target network address at the client, and the gateway responds to the gateway request initiated by the target object to analyze the network type of the network connected with the client where the target object is located. In a specific implementation, the gateway may acquire the network domain attribute of the target object at the client based on the gateway request, and determine the network type of the network connected to the client where the target object is located based on the network domain attribute.
And 204, carrying out compatibility analysis on the target network address according to the network domain range based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, and obtaining a compatibility analysis result.
Different network types have different optimal loads, and the optimal loads comprise the number of network address items under the network type and the number of allowed network access users. Based on the number of network address entries and the number of allowed network access users, it may be determined whether to allow the target object to access the target network address according to the number of network access users. The domain scope is the scope of the virtual network domain under the specified network type. Different network types can have different network domain range division modes, and compatibility analysis is carried out according to the network domain range to obtain a compatibility analysis result, so that data distribution of different network domain ranges can be realized.
Specifically, the controller determines the number of network address items and the number of allowed network access users in the network domain range of the gateway according to the optimal load under the network type of the network connected by the client where the target object is located, performs compatibility analysis on whether the target object is allowed to access the target network address through the gateway according to the current number of network access users and the number of allowed network access users in the network domain range, and obtains a compatibility analysis result, when the current number of network access users in the network domain range is smaller than the number of allowed network access users, the compatibility analysis result is that the target object is allowed to access the target network address through the gateway, and when the current number of network access users in the network domain range is equal to the number of allowed network access users, the compatibility analysis result is that the target object cannot access the target network address through the gateway.
And 206, constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result.
The network domain range of the target object is the network domain range of the client in the connected network, and the dividing mode of the network domain range of the network is the same as the dividing mode of the network domain range corresponding to the gateway. Specifically, the controller constructs a gateway distribution model according to the compatibility analysis result of the network domain range where the target object is located and the target network address. The gateway distribution model is a model for establishing network connection between the client and the server, the number of the established gateway distribution models can be more than 1, and different gateway distribution models have different logic characteristic attributes.
In a specific application, the control end adaptively selects any gateway distribution model for use, and under the non-response state, the control end simulates the operation of each gateway distribution model, collects operation data, and selects the gateway distribution model with optimal configuration performance for issuing. The collected operation data comprise time for the gateway distribution model to simulate operation until a target object jumps to a target network address through a gateway and the number of the gateways, and the collected operation data for the gateway distribution model are obtained based on execution logic issued by selecting a gateway distribution model with optimal configuration performance.
Step 208, based on the gateway distribution model, establishing network connection between the client where the target object is located and the server where the target network address is located.
Specifically, the control end determines the gateway path and the number of gateways between the client end where the target object is located and the server end where the target network address is located based on the gateway distribution model, and establishes the network connection between the client end where the target object is located and the server end where the target network address is located according to the determined gateway path. By establishing the gateway distribution model, the method can intelligently analyze the good gateway distribution model issuing logic and provide better network use experience for the target object.
According to the gateway request processing method, the network type of the network connected with the client where the target object is located is determined by responding to the gateway request initiated by the target object for the target network address, based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, the target network address is subjected to compatibility analysis according to the network domain range to obtain a compatibility analysis result, the admission threshold of the target network address is improved, and a gateway distribution model is constructed according to the network domain range where the target object is located and the compatibility analysis result, so that the network connection between the target object established based on the gateway distribution model and the server where the target network address is located is ensured, the network request processing method has good safety, the leakage of personal information of the network access object is avoided, and the network address data is accessed or downloaded under the condition that the network address is not operated.
In one embodiment, as shown in fig. 3, based on the gateway distribution model, establishing a network connection between a client where a target object is located and a server where a target network address is located includes:
step 302, searching a network address in the network domain range of the target object;
step 304, based on the access data corresponding to the network address in the network domain range, obtaining an access behavior feature data packet with the matched network domain range;
And step 306, establishing network connection between the client side where the target object is located and the server side where the target network address is located according to the access behavior characteristic data packet and the gateway distribution model.
The access data refers to a combination of data characteristics, such as an online connection time, a offline disconnection time, and access contents, of the access data of the access target of the network address, when the access target of the network address accesses the recorded access data, and the access behavior characteristic data packet is the access data of the access target of the network address.
Specifically, the control end collects behavior characteristics of a network address accessed by a connection object of a network address in a network domain range where a target object is located, and generates a process behavior characteristic data packet of the network address accessed by the connection object in the network domain range. And the controller performs effective information refreshing on recorded contents of the behavior feature data packet according to the acquired characteristic period of the behavior feature of the access network address so as to obtain real-time access object data of the gateway, and determines a gateway path based on the gateway distribution model and the real-time access object data, so that network connection between a client where a target object is located and a server where the target network address is located is established based on the gateway path.
In this embodiment, the controller obtains the access behavior feature data packet through the access data corresponding to the network address, so that the network connection data can be obtained quickly and timely, the network connection between the client where the target object is located and the server where the target network address is located can be established timely, and the timeliness of the network connection can be ensured.
In one embodiment, establishing a network connection between a client where a target object is located and a server where a target network address is located according to an access behavior feature data packet and a gateway distribution model includes:
based on the access behavior feature data packet, monitoring the offline behavior of the connection object of the target network address; when the offline behavior is monitored, based on the gateway distribution model, establishing network connection between the client where the target object is located and the server where the target network address is located.
The offline behavior refers to a behavior that a connection object of the target network address disconnects a network connection with a server where the target network address is located. Because the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users are fixed, when the connection object of the target network address is offline, the characterization can allow the other connection object to be connected with the server where the target network address is located.
Specifically, the controller monitors the offline behavior of the connection object of the target network address based on the characteristic behavior represented by the data in the access behavior characteristic data packet, and when the controller monitors the offline behavior of at least one connection object of the target network address, the gateway path of the target object is determined through the gateway corresponding to the offline connection object, and network connection between the client side where the target object is located and the server side where the target network address is located is established based on the gateway distribution model and the gateway path.
In a specific application, a controller dynamically monitors the offline behavior of a connection object of a network address, cancels a gateway request of the connection object for accessing a target network address, synchronously generates a gateway path based on the target object with access requirement on the target network address, sends the generated gateway path to a gateway distribution model of the current application in real time, and establishes network connection between a client where the target object is located and a server where the target network address is located.
In this embodiment, the controller monitors the offline behavior, so as to quickly and timely determine the offline behavior of at least one connection object of the target network address, and timely establish the network connection between the client where the target object is located and the server where the target network address is located, so that timeliness of the network connection can be ensured.
In one embodiment, based on the access behavior feature data packet, interception of the offline behavior of the connection object of the target network address includes: according to the data content recorded by the access behavior feature data packet, analyzing first feature data of a gateway request initiated by a connection object of a target network address and second feature data of the access network address; determining an identity verification comparison period according to the first characteristic data and the second characteristic data; and verifying the identity information of the connection object of the target network address according to the identity verification comparison period so as to intercept the offline behavior of the connection object of the target network address.
The first feature data refers to feature data of a gateway request initiated by a connection object of a target network address, the second feature data refers to second feature data of a connection object of the target network address accessing the network address, and the feature data can be used for representing habit of a user. Specifically, the controller analyzes the gateway request habit and access habit of the connection object of the target network address according to the data content recorded by the behavior feature data packet, sets an identity verification period according to the gateway request habit and access habit of the connection object of the corresponding target network address, and performs network access identity information verification of the connection object according to the set identity verification period.
In a specific application, the controller can determine the access period of the connection object of the target network address based on the user habit represented by the first characteristic data and the second characteristic data, and periodically check the identity information of the connection object of the target network address by taking the access period as an identity check comparison period to monitor the offline behavior of the connection object of the target network address, so that the effective monitoring of the offline behavior of the connection object of the target network address can be realized on the premise of saving data processing resources in the monitoring process, the accuracy of the monitoring result is ensured,
in one embodiment, as shown in fig. 4, constructing a gateway distribution model according to the domain range where the target object is located and the compatibility analysis result includes:
step 402, constructing a plurality of gateway distribution models with different logic characteristic attributes according to the network domain range where the target object is and the compatibility analysis result;
based on the gateway distribution model, establishing network connection between the client side where the target object is located and the server side where the target network address is located, including:
step 404, selecting a gateway distribution model with optimal configuration performance based on the simulated operation data of each gateway distribution model;
Step 406, based on the gateway distribution model with optimal configuration performance, establishing network connection between the client where the target object is located and the server where the target network address is located.
The gateway distribution model is used for establishing network connection between the client and the server, the number of the established gateway distribution models can be more than 1, and different gateway distribution models have different logic characteristic attributes. The control end simulates the operation of each gateway distribution model, collects simulation operation data generated in the simulation operation process of the gateway distribution models, and establishes network connection between a client where a target object is located and a server where a target network address is located by selecting the gateway distribution model with optimal configuration performance. The simulation operation data comprise time for the gateway distribution model to simulate operation until the target object jumps to the target network address through the gateway and the number of the gateway.
In this embodiment, the controller obtains the simulated operation data of the gateway distribution model, and selects the gateway distribution model with optimal configuration performance to establish the network connection between the client where the target object is located and the server where the target network address is located, so that stability of the established network connection can be ensured, and safe and reliable connection can be realized.
In one embodiment, the method further comprises: according to the network type, carrying out security assessment on the network connected with the client where the target object is located, and obtaining an assessment result; when the assessment result is abnormal, analyzing the application authority of the target network address;
based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to the network domain range to obtain a compatibility analysis result, wherein the method comprises the following steps: and carrying out compatibility analysis on the target network address according to the network domain range based on the application authority of the target network address, the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, and obtaining a compatibility analysis result.
Specifically, the controller evaluates the security of the corresponding network type by acquiring the network type used when the target object initiates the gateway request; when the assessment result is safe, the gateway request is ignored, the virtual network user gateway is jumped to the target network address requested by the virtual network user gateway, and when the assessment result is abnormal, the application authority of the virtual network user gateway to request the target network address is analyzed.
In this embodiment, by evaluating the security of the corresponding network type, the security and stability of the gateway ensure that the personal information data of the target object is not stolen, and the target network address and the gateway can be subjected to bidirectional association management, so that the virtual network user can safely access the target network address in the same network domain range used by the gateway.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a gateway request processing device for realizing the gateway request processing method. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in the embodiments of the gateway request processing device or devices provided below may refer to the limitation of the gateway request processing method hereinabove, and will not be described herein.
In one embodiment, as shown in fig. 5, there is provided a gateway request processing apparatus, including: a request response module 502, a compatibility analysis module 504, a model building module 506, and a network connection module 508, wherein:
a request response module 502, configured to determine a network type of a network to which a client where a target object is located is connected, in response to a gateway request initiated by the target object for a target network address;
the compatibility analysis module 504 is configured to perform compatibility analysis on the target network address according to a network domain range based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, so as to obtain a compatibility analysis result;
the model construction module 506 is configured to construct a gateway distribution model according to the network domain range where the target object is located and the compatibility analysis result;
and the network connection module 508 is configured to establish a network connection between the client where the target object is located and the server where the target network address is located based on the gateway distribution model.
In one embodiment, the network connection module is further configured to retrieve a network address within a domain where the target object is located; obtaining access behavior characteristic data packets matched with the network domain range based on access data corresponding to the network address in the network domain range; and establishing network connection between the client side where the target object is and the server side where the target network address is according to the access behavior characteristic data packet and the gateway distribution model.
In one embodiment, the network connection module is further configured to monitor, based on the access behavior feature packet, a downlink behavior of the connection object of the target network address; and when the offline behavior is detected, establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the network connection module is further configured to analyze, according to the data content recorded in the access behavior feature data packet, first feature data requested by the gateway initiated by the connection object of the target network address and second feature data of the access network address; determining an identity verification comparison period according to the first characteristic data and the second characteristic data; and verifying the identity information of the connection object of the target network address according to the identity verification comparison period so as to intercept the offline behavior of the connection object of the target network address.
In one embodiment, the model building module is further configured to build a plurality of gateway distribution models with different logic characteristic attributes according to a domain range where the target object is located and the compatibility analysis result;
The network connection module is further configured to select a gateway distribution model with optimal configuration performance based on the simulated operation data of each gateway distribution model, and establish network connection between the client where the target object is located and the server where the target network address is located based on the gateway distribution model with optimal configuration performance.
In one embodiment, the device further includes a security assessment module, configured to perform security assessment on a network connected to a client where the target object is located according to the network type, to obtain an assessment result; when the evaluation result is abnormal, analyzing the application authority of the target network address;
the compatibility analysis module is further configured to perform compatibility analysis on the target network address according to a network domain range based on the application authority of the target network address, the number of network address entries corresponding to the optimal load under the network type, and the number of allowed network access users, so as to obtain a compatibility analysis result.
According to the gateway request processing device, the network type of the network connected with the client side where the target object is located is determined by responding to the gateway request initiated by the target object aiming at the target network address, based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, the target network address is subjected to compatibility analysis according to the network domain range to obtain a compatibility analysis result, the admission threshold of the target network address is improved, and a gateway distribution model is constructed according to the network domain range where the target object is located and the compatibility analysis result, so that the network connection between the target object and the server side where the target network address is located, which is established based on the gateway distribution model, is guaranteed, the network request processing device has good safety, prevents personal information of a network access object from being revealed, and network address data is accessed or downloaded under the condition that the network address is not operated.
The respective modules in the gateway request processing apparatus described above may be implemented in whole or in part by software, hardware, or a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 6. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used to store XX data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program when executed by a processor implements a gateway request processing method.
It will be appreciated by those skilled in the art that the structure shown in FIG. 6 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the computer device to which the present inventive arrangements may be applied, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of:
responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned; based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result; constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result; and establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the processor when executing the computer program further performs the steps of:
retrieving a network address within the network domain range of the target object; obtaining access behavior characteristic data packets matched with the network domain range based on access data corresponding to the network address in the network domain range; and establishing network connection between the client side where the target object is and the server side where the target network address is according to the access behavior characteristic data packet and the gateway distribution model.
In one embodiment, the processor when executing the computer program further performs the steps of:
based on the access behavior feature data packet, intercepting the offline behavior of the connection object of the target network address; and when the offline behavior is detected, establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the processor when executing the computer program further performs the steps of:
according to the data content recorded by the access behavior feature data packet, analyzing first feature data of a gateway request initiated by a connection object of a target network address and second feature data of the access network address; determining an identity verification comparison period according to the first characteristic data and the second characteristic data; and verifying the identity information of the connection object of the target network address according to the identity verification comparison period so as to intercept the offline behavior of the connection object of the target network address.
In one embodiment, the processor when executing the computer program further performs the steps of:
constructing a plurality of gateway distribution models with different logic characteristic attributes according to the network domain range where the target object is located and the compatibility analysis result; and selecting a gateway distribution model with optimal configuration performance based on the simulated operation data of each gateway distribution model, and establishing network connection between a client side where the target object is positioned and a server side where the target network address is positioned based on the gateway distribution model with optimal configuration performance.
In one embodiment, the processor when executing the computer program further performs the steps of:
according to the network type, carrying out security assessment on the network connected with the client where the target object is located, and obtaining an assessment result; when the evaluation result is abnormal, analyzing the application authority of the target network address; and carrying out compatibility analysis on the target network address according to the network domain range based on the application authority of the target network address, the network address item number corresponding to the optimal load under the network type and the allowed network access user number, and obtaining a compatibility analysis result.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
Responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned; based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result; constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result; and establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
retrieving a network address within the network domain range of the target object; obtaining access behavior characteristic data packets matched with the network domain range based on access data corresponding to the network address in the network domain range; and establishing network connection between the client side where the target object is and the server side where the target network address is according to the access behavior characteristic data packet and the gateway distribution model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
based on the access behavior feature data packet, intercepting the offline behavior of the connection object of the target network address; and when the offline behavior is detected, establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
according to the data content recorded by the access behavior feature data packet, analyzing first feature data of a gateway request initiated by a connection object of a target network address and second feature data of the access network address; determining an identity verification comparison period according to the first characteristic data and the second characteristic data; and verifying the identity information of the connection object of the target network address according to the identity verification comparison period so as to intercept the offline behavior of the connection object of the target network address.
In one embodiment, the computer program when executed by the processor further performs the steps of:
constructing a plurality of gateway distribution models with different logic characteristic attributes according to the network domain range where the target object is located and the compatibility analysis result; and selecting a gateway distribution model with optimal configuration performance based on the simulated operation data of each gateway distribution model, and establishing network connection between a client side where the target object is positioned and a server side where the target network address is positioned based on the gateway distribution model with optimal configuration performance.
In one embodiment, the computer program when executed by the processor further performs the steps of:
according to the network type, carrying out security assessment on the network connected with the client where the target object is located, and obtaining an assessment result; when the evaluation result is abnormal, analyzing the application authority of the target network address; and carrying out compatibility analysis on the target network address according to the network domain range based on the application authority of the target network address, the network address item number corresponding to the optimal load under the network type and the allowed network access user number, and obtaining a compatibility analysis result.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of:
responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned; based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result; constructing a gateway distribution model according to the network domain range where the target object is and the compatibility analysis result; and establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
retrieving a network address within the network domain range of the target object; obtaining access behavior characteristic data packets matched with the network domain range based on access data corresponding to the network address in the network domain range; and establishing network connection between the client side where the target object is and the server side where the target network address is according to the access behavior characteristic data packet and the gateway distribution model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
based on the access behavior feature data packet, intercepting the offline behavior of the connection object of the target network address; and when the offline behavior is detected, establishing network connection between the client side where the target object is and the server side where the target network address is based on the gateway distribution model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
according to the data content recorded by the access behavior feature data packet, analyzing first feature data of a gateway request initiated by a connection object of a target network address and second feature data of the access network address; determining an identity verification comparison period according to the first characteristic data and the second characteristic data; and verifying the identity information of the connection object of the target network address according to the identity verification comparison period so as to intercept the offline behavior of the connection object of the target network address.
In one embodiment, the computer program when executed by the processor further performs the steps of:
constructing a plurality of gateway distribution models with different logic characteristic attributes according to the network domain range where the target object is located and the compatibility analysis result; and selecting a gateway distribution model with optimal configuration performance based on the simulated operation data of each gateway distribution model, and establishing network connection between a client side where the target object is positioned and a server side where the target network address is positioned based on the gateway distribution model with optimal configuration performance.
In one embodiment, the computer program when executed by the processor further performs the steps of:
according to the network type, carrying out security assessment on the network connected with the client where the target object is located, and obtaining an assessment result; when the evaluation result is abnormal, analyzing the application authority of the target network address; and carrying out compatibility analysis on the target network address according to the network domain range based on the application authority of the target network address, the network address item number corresponding to the optimal load under the network type and the allowed network access user number, and obtaining a compatibility analysis result.
The user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or sufficiently authorized by each party.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processor referred to in the embodiments provided in the present application may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic unit, a data processing logic unit based on quantum computing, or the like, but is not limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the application and are described in detail herein without thereby limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of the application should be assessed as that of the appended claims.
Claims (10)
1. A gateway request processing method, the method comprising:
responding to a gateway request initiated by a target object aiming at a target network address, and determining the network type of a network connected with a client where the target object is positioned;
based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, carrying out compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result; the compatibility analysis refers to analyzing whether the target object is allowed to access the target network address through the gateway according to the current network access user quantity and the allowed network access user quantity in the network domain range; when the current network access user number in the network domain is smaller than the allowed network access user number, the compatibility analysis result is that the target object is allowed to access the target network address through the gateway, and when the current network access user number in the network domain is equal to the allowed network access user number, the compatibility analysis result is that the target object cannot access the target network address through the gateway;
Determining gateway paths and the number of gateways between a client side where the target object is located and a server side where a target network address is located according to the network domain range where the target object is located and the compatibility analysis result, and constructing a plurality of gateway distribution models for establishing network connection between the client side and the server, wherein each gateway distribution model has different logic characteristic attributes;
and selecting a gateway distribution model with optimal configuration performance based on the simulated operation data of each gateway distribution model, and establishing network connection between a client side where the target object is positioned and a server side where the target network address is positioned based on the gateway distribution model with optimal configuration performance.
2. The method of claim 1, wherein the establishing a network connection between the client where the target object is located and the server where the target network address is located based on the gateway distribution model with optimal configuration performance includes:
retrieving a network address within the network domain range of the target object;
obtaining access behavior characteristic data packets matched with the network domain range based on access data corresponding to the network address in the network domain range;
And establishing network connection between the client side where the target object is and the server side where the target network address is according to the access behavior characteristic data packet and the gateway distribution model with optimal configuration performance.
3. The method according to claim 2, wherein the establishing a network connection between the client where the target object is located and the server where the target network address is located according to the access behavior feature packet and the gateway distribution model with optimal configuration performance includes:
based on the access behavior feature data packet, intercepting the offline behavior of the connection object of the target network address;
when the offline behavior is detected, based on the gateway distribution model with optimal configuration performance, establishing network connection between the client side where the target object is located and the server side where the target network address is located.
4. A method according to claim 3, wherein said listening for the offline behaviour of the connection object of the target network address based on the access behaviour characteristic data packet comprises:
according to the data content recorded by the access behavior feature data packet, analyzing first feature data of a gateway request initiated by a connection object of a target network address and second feature data of the access network address;
Determining an identity verification comparison period according to the first characteristic data and the second characteristic data;
and verifying the identity information of the connection object of the target network address according to the identity verification comparison period so as to intercept the offline behavior of the connection object of the target network address.
5. The method according to claim 1, wherein the method further comprises:
according to the network type, carrying out security assessment on the network connected with the client where the target object is located, and obtaining an assessment result;
when the evaluation result is abnormal, analyzing the application authority of the target network address;
based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users, performing compatibility analysis on the target network address according to a network domain range to obtain a compatibility analysis result, wherein the method comprises the following steps:
and carrying out compatibility analysis on the target network address according to the network domain range based on the application authority of the target network address, the network address item number corresponding to the optimal load under the network type and the allowed network access user number, and obtaining a compatibility analysis result.
6. A gateway request processing apparatus, the apparatus comprising:
The request response module is used for responding to a gateway request initiated by a target object aiming at a target network address and determining the network type of a network connected with a client where the target object is positioned;
the compatibility analysis module is used for carrying out compatibility analysis on the target network address according to the network domain range based on the number of network address items corresponding to the optimal load under the network type and the number of allowed network access users to obtain a compatibility analysis result; the compatibility analysis refers to analyzing whether the target object is allowed to access the target network address through the gateway according to the current network access user quantity and the allowed network access user quantity in the network domain range; when the current network access user number in the network domain is smaller than the allowed network access user number, the compatibility analysis result is that the target object is allowed to access the target network address through the gateway, and when the current network access user number in the network domain is equal to the allowed network access user number, the compatibility analysis result is that the target object cannot access the target network address through the gateway;
the model construction module is used for determining gateway paths and the number of gateways between a client side where the target object is located and a server side where a target network address is located according to the network domain range where the target object is located and the compatibility analysis result, and constructing a plurality of gateway distribution models for establishing network connection between the client side and the server, wherein each gateway distribution model has different logic characteristic attributes;
The network connection module is used for selecting a gateway distribution model with optimal configuration performance based on the simulated operation data of each gateway distribution model, and establishing network connection between the client side where the target object is located and the server side where the target network address is located based on the gateway distribution model with optimal configuration performance.
7. The apparatus of claim 6, wherein the network connection module is further configured to retrieve a network address within a domain of the target object; obtaining access behavior characteristic data packets matched with the network domain range based on access data corresponding to the network address in the network domain range; and establishing network connection between the client side where the target object is and the server side where the target network address is according to the access behavior characteristic data packet and the gateway distribution model with optimal configuration performance.
8. The apparatus of claim 6, wherein the apparatus further comprises:
the security assessment module is used for carrying out security assessment on the network connected with the client where the target object is located according to the network type to obtain an assessment result; when the evaluation result is abnormal, analyzing the application authority of the target network address;
The compatibility analysis module is further configured to perform compatibility analysis on the target network address according to a network domain range based on the application authority of the target network address, the number of network address entries corresponding to the optimal load under the network type, and the number of allowed network access users, so as to obtain a compatibility analysis result.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any one of claims 1 to 5 when the computer program is executed.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210371971.1A CN114745228B (en) | 2022-04-11 | 2022-04-11 | Gateway request processing method, device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210371971.1A CN114745228B (en) | 2022-04-11 | 2022-04-11 | Gateway request processing method, device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114745228A CN114745228A (en) | 2022-07-12 |
| CN114745228B true CN114745228B (en) | 2023-11-03 |
Family
ID=82281141
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210371971.1A Active CN114745228B (en) | 2022-04-11 | 2022-04-11 | Gateway request processing method, device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114745228B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105657711A (en) * | 2015-03-24 | 2016-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Network connection method and electronic device |
| CN106878259A (en) * | 2016-12-14 | 2017-06-20 | 新华三技术有限公司 | A kind of message forwarding method and device |
| CN111031129A (en) * | 2019-12-12 | 2020-04-17 | 北京金山云网络技术有限公司 | Access request processing method, processing device, electronic equipment and storage medium |
| CN111901357A (en) * | 2020-08-06 | 2020-11-06 | 腾讯科技(深圳)有限公司 | Remote network connection method, system, computer device and storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10412048B2 (en) * | 2016-02-08 | 2019-09-10 | Cryptzone North America, Inc. | Protecting network devices by a firewall |
-
2022
- 2022-04-11 CN CN202210371971.1A patent/CN114745228B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105657711A (en) * | 2015-03-24 | 2016-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Network connection method and electronic device |
| CN106878259A (en) * | 2016-12-14 | 2017-06-20 | 新华三技术有限公司 | A kind of message forwarding method and device |
| CN111031129A (en) * | 2019-12-12 | 2020-04-17 | 北京金山云网络技术有限公司 | Access request processing method, processing device, electronic equipment and storage medium |
| CN111901357A (en) * | 2020-08-06 | 2020-11-06 | 腾讯科技(深圳)有限公司 | Remote network connection method, system, computer device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114745228A (en) | 2022-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11681812B2 (en) | IoT device risk assessment | |
| US10944795B2 (en) | Rating organization cybersecurity using active and passive external reconnaissance | |
| CN105531679B (en) | The abnormality detection carried out on networking client | |
| US9473355B2 (en) | Inferring application inventory | |
| US20210120026A1 (en) | Detection of Anomalous Lateral Movement in a Computer Network | |
| CN109669718A (en) | System permission configuration method, device, equipment and storage medium | |
| CN110839023B (en) | Electric power marketing multi-channel customer service system | |
| CN116545678A (en) | Network security protection method, device, computer equipment and storage medium | |
| CN114244808B (en) | Offline illegal external connection method and device based on passive inspection of non-client mode | |
| CN114745228B (en) | Gateway request processing method, device, computer equipment and storage medium | |
| US10083246B2 (en) | Apparatus and method for universal personal data portability | |
| CN117042026A (en) | Business visualization model construction method, device, equipment, medium and program product | |
| Chertchom et al. | Data management portfolio for improvement of privacy in fog-to-cloud computing systems | |
| CN114257438A (en) | Honeypot-based power monitoring system management method and device and computer equipment | |
| CN114268481A (en) | Method, device, equipment and medium for processing illegal external connection information of intranet terminal | |
| CN111897869A (en) | Data display method and device and readable storage medium | |
| CN117234951B (en) | Function test method and device of application system, computer equipment and storage medium | |
| CN110008220B (en) | Method and device for obtaining attenuation coefficient of blacklist conduction spectrum and computer equipment | |
| CN116938678A (en) | Cloud platform operation and maintenance method and device, computer equipment and storage medium | |
| CN116545833A (en) | Network analysis method and device and computer equipment | |
| Lagesse et al. | A novel utility and game-theoretic based security mechanism for mobile p2p systems | |
| CN116489089A (en) | Flow control method and device and computer equipment | |
| CN116319938A (en) | Device connection method, device, computer device, and storage medium | |
| US20120136908A1 (en) | Virtual attribute based access control | |
| CN116909785A (en) | Processing method, device, equipment, storage medium and program product for abnormal event |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |