[go: up one dir, main page]

CN102571733B - The access method of BOSS system and system, cloud computing platform - Google Patents

The access method of BOSS system and system, cloud computing platform Download PDF

Info

Publication number
CN102571733B
CN102571733B CN201010624230.7A CN201010624230A CN102571733B CN 102571733 B CN102571733 B CN 102571733B CN 201010624230 A CN201010624230 A CN 201010624230A CN 102571733 B CN102571733 B CN 102571733B
Authority
CN
China
Prior art keywords
boss
terminal
computing platform
cloud computing
user login
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201010624230.7A
Other languages
Chinese (zh)
Other versions
CN102571733A (en
Inventor
申民
马振尊
高芳
宋悦
罗海星
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Group Shanxi Co Ltd
Original Assignee
China Mobile Group Shanxi Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Group Shanxi Co Ltd filed Critical China Mobile Group Shanxi Co Ltd
Priority to CN201010624230.7A priority Critical patent/CN102571733B/en
Publication of CN102571733A publication Critical patent/CN102571733A/en
Application granted granted Critical
Publication of CN102571733B publication Critical patent/CN102571733B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

本发明提供了一种BOSS系统的访问方法及系统、云计算平台,其中,该方法包括:云计算平台接收至少一个用户登录终端发送的登录认证请求,并在根据登录认证请求确定认证成功后,向至少一个用户登录终端发布BOSS应用程序;云计算平台代替至少一个用户登录终端运行BOSS应用程序。本发明可以将用户登录终端功能弱化,减少终端的消耗,从而减少因终端故障而引起需要更换导致效率较低等负面影响;同时大幅降低安全管理难度,极大提升安全性能。

The present invention provides a BOSS system access method, system, and cloud computing platform, wherein the method includes: the cloud computing platform receives a login authentication request sent by at least one user login terminal, and after determining that the authentication is successful according to the login authentication request, Publish the BOSS application program to at least one user login terminal; the cloud computing platform replaces at least one user login terminal to run the BOSS application program. The present invention can weaken the function of the user login terminal, reduce the consumption of the terminal, thereby reducing negative effects such as the need for replacement due to terminal failure and low efficiency; at the same time, the difficulty of security management is greatly reduced, and the security performance is greatly improved.

Description

BOSS系统的访问方法及系统、云计算平台BOSS system access method, system, and cloud computing platform

技术领域 technical field

本发明涉及业务支撑领域,具体涉及一种BOSS系统的访问方法及系统、云计算平台。The invention relates to the field of business support, in particular to a method and system for accessing a BOSS system, and a cloud computing platform.

背景技术 Background technique

目前营业厅的运行架构是“业务支撑系统(businessOperationsupportsystem,简称BOSS)-个人计算机(personalcomputer,简称PC终端)”的直连架构,即采用普通PC终端接入到BOSS系统,进行日常所需的查询、开/销户、缴费、发票打印等等营业操作。在实际操作中,常常因业务发展造成PC终端处理能力不够,需要主机更新,且经常会出现系统故障,包括操作系统受损、所需软件受损、所需软件配置环境破坏,以及出现安全故障,包括信息泄露、恶意软件和越权访问等各类安全事件。由此可见,基于现有直连架构,为了应对上述PC终端事件,需要投入大量人力与精力,但仍然在成本控制、时效性、安全性方面收效甚微,具体阐述如下:At present, the operating structure of the business hall is a direct connection structure of "business operation support system (BOSS)-personal computer (PC terminal)", that is, ordinary PC terminals are used to connect to the BOSS system for daily inquiries , Open/cancellation account, payment, invoice printing and other business operations. In actual operation, due to business development, the processing capacity of the PC terminal is often insufficient, and the host needs to be updated, and system failures often occur, including damage to the operating system, damage to the required software, damage to the configuration environment of the required software, and security failures , including various security incidents such as information leakage, malware, and unauthorized access. It can be seen that based on the existing direct connection architecture, in order to deal with the above-mentioned PC terminal incidents, a lot of manpower and energy are needed, but there is still little effect in terms of cost control, timeliness, and security. The details are as follows:

由于每台主机都需要具备处理相关业务的计算能力,刚购进的时候每台终端都具有远远超出的处理能力,导致大量计算资源的累积浪费;随着业务高速发展,终端的处理能力无法满足需求,因此每隔几年需要进行一次终端更新,现有直连架构的计算资源不均衡导致PC计算能力的利用率非常低;Since each host needs to have the computing power to handle related businesses, each terminal has processing power far beyond the initial purchase, resulting in the accumulation and waste of a large amount of computing resources; with the rapid development of business, the processing power of the terminal cannot To meet the demand, it is necessary to update the terminal every few years. The unbalanced computing resources of the existing direct connection architecture lead to a very low utilization rate of PC computing power;

现有直连架构中机重新部署或系统故障,都会导致大量的人力进行故障排除、重新部署和调测工作,而且还会影响到营业厅的工作效率,进而对客户满意度造成一定负面影响;Re-deployment or system failure in the existing direct-connection architecture will lead to a large amount of manpower for troubleshooting, redeployment and commissioning, and will also affect the work efficiency of the business hall, which will have a negative impact on customer satisfaction;

终端使用人员的复杂性,直接导致对内网安全的威胁和信息泄露的事件难以发现和控制;导致现有直连架构的安全性较差。The complexity of end-users directly leads to the difficulty of discovering and controlling threats to intranet security and information leakage events; resulting in poor security of the existing direct connection architecture.

发明内容 Contents of the invention

本发明的第一目的是提出一种高效的BOSS系统的访问方法。The first purpose of the present invention is to propose an efficient method for accessing the BOSS system.

本发明的第二目的是提出一种高效的云计算平台。The second purpose of the present invention is to propose an efficient cloud computing platform.

本发明的第三目的是提出一种高效的BOSS系统的访问系统。The third object of the present invention is to propose an efficient BOSS system access system.

为实现上述第一目的,本发明提供了一种BOSS系统的访问方法,包括:云计算平台接收至少一个用户登录终端发送的登录认证请求,并在根据登录认证请求确定认证成功后,向至少一个用户登录终端发布BOSS应用程序;云计算平台代替至少一个用户登录终端运行BOSS应用程序。In order to achieve the above-mentioned first purpose, the present invention provides a method for accessing the BOSS system, comprising: the cloud computing platform receives a login authentication request sent by at least one user login terminal, and after determining that the authentication is successful according to the login authentication request, sends to at least one A user logs in to a terminal to publish a BOSS application; the cloud computing platform replaces at least one user logging in to a terminal to run the BOSS application.

为实现上述第二目的,本发明提供了一种云计算平台,包括:认证模块,用于接收至少一个用户登录终端发送的登录认证请求,并根据登录认证请求进行认证操作;处理模块,用于在认证模块根据登录认证请求确定认证成功后,向至少一个用户登录终端发布BOSS应用程序,以及代替至少一个用户登录终端运行BOSS应用程序。In order to achieve the above second purpose, the present invention provides a cloud computing platform, including: an authentication module, configured to receive a login authentication request sent by at least one user login terminal, and perform an authentication operation according to the login authentication request; a processing module for After the authentication module determines that the authentication is successful according to the login authentication request, the BOSS application program is issued to at least one user login terminal, and the BOSS application program is run instead of the at least one user login terminal.

为实现上述第三目的,本发明提供了一种BOSS系统的访问系统,包括:至少一个用户登录终端,用于发送登录认证请求;云计算平台,用于接收至少一个用户登录终端发送的登录认证请求,并在根据登录认证请求确定认证成功后,向至少一个用户登录终端发布BOSS应用程序代替至少一个用户登录终端运行BOSS应用程序。In order to achieve the above third purpose, the present invention provides a BOSS system access system, including: at least one user login terminal, used to send a login authentication request; a cloud computing platform, used to receive the login authentication request sent by at least one user login terminal request, and after determining that the authentication is successful according to the login authentication request, issue the BOSS application program to at least one user login terminal to replace at least one user login terminal to run the BOSS application program.

本发明各个实施例中,通过将该云计算平台作为用户登录终端的计算平台,利用云计算平台的集中化处理能力处理用户登录终端的事务,为用户登录终端提供本地化服务,实现用户登录终端的功能,可以将用户登录终端功能弱化,减少终端的消耗,从而减少因终端故障而引起需要更换导致效率较低等负面影响;同时该云计算平台作为中间层进行集中信息处理,用户登录终端到内网的连接被全部剥离,安全管理从面对多台终端,变成了面对数台服务器,从而安全管理难度会大幅降低,安全性能得到极大提升。In each embodiment of the present invention, by using the cloud computing platform as the computing platform for the user login terminal, the centralized processing capability of the cloud computing platform is used to process the affairs of the user login terminal, provide localized services for the user login terminal, and realize the user login terminal The function can weaken the user login terminal function, reduce the consumption of the terminal, thereby reducing the negative effects such as the need for replacement due to terminal failure and lower efficiency; at the same time, the cloud computing platform is used as the middle layer for centralized information processing, and the user login terminal to The intranet connection is completely stripped away, and the security management is changed from facing multiple terminals to facing several servers, so the difficulty of security management will be greatly reduced, and the security performance will be greatly improved.

附图说明 Description of drawings

附图用来提供对本发明的进一步理解,并且构成说明书的一部分,与本发明的实施例一并用于解释本发明,并不构成对本发明的限制。在附图中:The accompanying drawings are used to provide a further understanding of the present invention, and constitute a part of the description, together with the embodiments of the present invention, are used to explain the present invention, and do not constitute a limitation to the present invention. In the attached picture:

图1为本发明的BOSS系统的访问方法的实施例一流程图;Fig. 1 is a flowchart of Embodiment 1 of the access method of the BOSS system of the present invention;

图2为本发明的BOSS系统的访问方法的实施例二流程图;Fig. 2 is the flow chart of Embodiment 2 of the access method of the BOSS system of the present invention;

图3为本发明的云计算平台的实施例结构图;Fig. 3 is the embodiment structural diagram of cloud computing platform of the present invention;

图4为本发明的BOSS系统的访问系统的实施例一结构图;Fig. 4 is a structural diagram of embodiment one of the access system of the BOSS system of the present invention;

图5为本发明的BOSS系统的访问系统的实施例二示意图。FIG. 5 is a schematic diagram of Embodiment 2 of the access system of the BOSS system of the present invention.

具体实施方式 Detailed ways

以下结合附图对本发明的优选实施例进行说明,应当理解,此处所描述的优选实施例仅用于说明和解释本发明,并不用于限定本发明。The preferred embodiments of the present invention will be described below in conjunction with the accompanying drawings. It should be understood that the preferred embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention.

方法实施例method embodiment

图1为本发明的BOSS系统的访问方法的实施例一流程图。如图1所示,本实施例包括:FIG. 1 is a flow chart of Embodiment 1 of the access method of the BOSS system of the present invention. As shown in Figure 1, this embodiment includes:

步骤102:云计算平台接收至少一个用户登录终端发送的登录认证请求,并在根据登录认证请求确定认证成功后,向至少一个用户登录终端发布BOSS应用程序;本领域技术人员可以理解,该用户登录终端可以为PC终端及移动终端等;Step 102: The cloud computing platform receives the login authentication request sent by at least one user login terminal, and after determining that the authentication is successful according to the login authentication request, releases the BOSS application program to at least one user login terminal; those skilled in the art can understand that the user login The terminal can be a PC terminal and a mobile terminal, etc.;

步骤104:云计算平台代替至少一个用户登录终端运行BOSS应用程序。Step 104: The cloud computing platform replaces at least one user login terminal to run the BOSS application program.

本实施例通过将该云计算平台作为用户登录终端的计算平台,利用云计算平台的集中化处理能力处理用户登录终端的事务,为用户登录终端提供本地化服务,实现用户登录终端的功能,可以将用户登录终端功能弱化,减少终端的消耗,从而减少因终端故障而引起需要更换导致效率较低等负面影响;同时该云计算平台作为中间层进行集中信息处理,用户登录终端到内网的连接被全部剥离,安全管理从面对多台终端,变成了面对数台服务器,从而安全管理难度会大幅降低,安全性能得到极大提升。In this embodiment, the cloud computing platform is used as the computing platform for the user login terminal, and the centralized processing capability of the cloud computing platform is used to process the affairs of the user login terminal, provide localized services for the user login terminal, and realize the function of the user login terminal, which can The function of user login terminal is weakened to reduce the consumption of terminal, thereby reducing the negative effects such as low efficiency caused by the need for replacement due to terminal failure; at the same time, the cloud computing platform is used as the middle layer for centralized information processing, and the connection between user login terminal and intranet It is completely stripped, and the security management is changed from facing multiple terminals to facing several servers, so that the difficulty of security management will be greatly reduced, and the security performance will be greatly improved.

图2为本发明的BOSS系统的访问方法的实施例二流程图。如图2所示,包括:FIG. 2 is a flow chart of Embodiment 2 of the access method of the BOSS system of the present invention. As shown in Figure 2, including:

步骤200,用户登录终端接收用户的登录认证请求,具体操作时,该登录认证请求中可以包括各种认证信息,如用户通过指纹登录时,可以包括用户的指纹信息;通过密码的方式时,包括输入的密码;通过IC卡、磁卡、等方式登录时,可以包括对应的认证信息;Step 200, the user login terminal receives the user's login authentication request. During specific operations, the login authentication request may include various authentication information. For example, when the user logs in via fingerprint, it may include the user's fingerprint information; when using a password, include The password entered; when logging in through IC card, magnetic card, etc., the corresponding authentication information can be included;

步骤202,用户登录终端将登录认证请求传输到云计算平台进行验证;具体操作时,还可以在底层集成Windows的域管理来进行认证,通过上层封装,屏蔽用户对本地终端(即用户登录终端)的操作能力(本地终端此时仅相当于外设端,但不进行计算处理),用户只能使用远程平台(即云计算平台)提供的桌面和应用程序;具体解释如下:Step 202, the user login terminal transmits the login authentication request to the cloud computing platform for verification; during specific operations, the domain management of Windows can also be integrated at the bottom layer to perform authentication, and the user can be shielded from the local terminal (that is, the user login terminal) through upper layer encapsulation. (the local terminal is only equivalent to the peripheral terminal at this time, but does not perform calculation processing), and the user can only use the desktop and application program provided by the remote platform (that is, the cloud computing platform); the specific explanation is as follows:

用户登录终端在安装和配置时,就设置为登录到域服务器模式(这是在底层集成Windows的域(DC,domaincontroller,域控制器)管理来进行,用户自身无法改变),这样,在营业员(即用户)登录时,登录界面只能显示登录到域的界面,登录的请求将传输到云计算平台上进行验证;用户只能使用远程平台(即云计算平台)提供的桌面和应用程序,从而屏蔽了用户对本地终端的操作能力(本地终端此时仅相当于显示和输入终端,但不进行计算处理);When the user login terminal is installed and configured, it is set to log in to the domain server mode (this is carried out in the domain (DC, domain controller, domain controller) management integrated with Windows at the bottom layer, and the user itself cannot be changed), so that in the salesperson ( When the user) logs in, the login interface can only display the interface for logging in to the domain, and the login request will be transmitted to the cloud computing platform for verification; the user can only use the desktops and applications provided by the remote platform (ie, the cloud computing platform), thereby Block the user's ability to operate the local terminal (the local terminal is only equivalent to a display and input terminal at this time, but does not perform calculation processing);

步骤204,云计算平台根据该登录认证请求确定认证通过后,将预先设定好的BOSS应用程序发布给用户登录终端;需要说明的是,BOSS应用程序发布是可以随着用户登录的终端的改变而变化,也就是说,若用户在更换了终端进行登录,则BOSS应用程序对应发送至新的登录终端,即用户可以漫游到不同的终端,而得到相同的应用(即BOSS应用程序);Step 204, after the cloud computing platform determines that the authentication is passed according to the login authentication request, it releases the preset BOSS application program to the user login terminal; And change, that is to say, if the user logs in after changing the terminal, the BOSS application program is correspondingly sent to the new login terminal, that is, the user can roam to different terminals and obtain the same application (ie, the BOSS application program);

步骤206,在BOSS应用程序被打开后,云计算平台代填入设定好的用于单点登录(SSO,SingleSignOn)的用户名/密码;本领域技术人员可以理解,该用于SSO的用户名/密码可以与登录认证时的用户名/密码相同,也可以根据实际需要另外设置,通过SSO的实现用户登录终端与登录用户一一对应,即一个终端在某一个时刻只运行一个用户登录,一个用户在某一个时刻只允许登录一个终端,这样在登录该云计算平台后,避免多个应用的多次重复登录;Step 206, after the BOSS application program is opened, the cloud computing platform fills in the user name/password set up for single sign-on (SSO, SingleSignOn); those skilled in the art can understand that the user for SSO The username/password can be the same as the username/password for login authentication, or can be set separately according to actual needs. Through SSO, the user login terminal corresponds to the login user one by one, that is, a terminal only runs one user login at a certain moment. A user is only allowed to log in to one terminal at a certain moment, so that after logging in to the cloud computing platform, multiple repeated logins of multiple applications are avoided;

步骤208,云计算平台运行应用程序,与BOSS系统进行信息交互,完成相关业务动作;比如:终端用户进行一笔查询,将客户号码输入后,云计算平台进行运算,将客户号码和查询日期等信息进行校验和计算后,传送给BOSS系统,并将BOSS系统返回的结果进行格式化,最后,显示到终端用户的显示器上;Step 208, the cloud computing platform runs the application program, exchanges information with the BOSS system, and completes related business actions; for example: after the end user makes a query, after entering the customer number, the cloud computing platform performs calculations, and the customer number and query date, etc. After the information is verified and calculated, it is sent to the BOSS system, and the result returned by the BOSS system is formatted, and finally displayed on the terminal user's monitor;

步骤210,云计算平台接收到外设调用请求后,调用虚拟外设对应的该用户登录终端的本地外设(如打印机、扫描仪等)进行业务操作,其中,云计算平台上的虚拟外设与该用户终端的本地外设通过远程桌面协议(RemoteDesktopProtocol,RDP)协议对应在该云计算平台的虚拟外设的对应关系通过RDP协议的映射实现;Step 210, after the cloud computing platform receives the peripheral device call request, it calls the local peripheral device (such as a printer, scanner, etc.) of the user's login terminal corresponding to the virtual peripheral device to perform business operations, wherein the virtual peripheral device on the cloud computing platform The correspondence between the local peripherals of the user terminal and the virtual peripherals on the cloud computing platform through the Remote Desktop Protocol (Remote Desktop Protocol, RDP) protocol is realized through the mapping of the RDP protocol;

步骤212,用户登录终端将断开连接请求信息,如登录工号、请求时间等,发送至该云计算平台,云计算平台记录用户请求,并计算登录时间,将此用户的当前状态和BOSS应用操作日志记录到数据库中;具体操作时,该云计算平台在用户登录终端断开连接(即登出时)可以实时存储对BOSS应用程序的操作信息,这样,在对应的用户从其它终端再次登录时,该云计算平台直接从数据库中查找存储的登出时的操作信息,直接继续运行对应的BOSS应用程序,如营业员登入时继续维持上次的作业状态,实现用户的快速切换(模拟共用终端);比如:在进行开户操作时,营业员首先录入客户的各项信息,然后因需要复印客户身份证需要暂时离开5分钟,这时,营业员可以登出云计算平台,等复印完客户身份证后,可以重新登入到云计算平台,从上次录入的地方继续录入,而无需重新录入原来已经录入的客户信息;Step 212, the user login terminal sends disconnection request information, such as login ID, request time, etc., to the cloud computing platform, and the cloud computing platform records the user request, calculates the login time, and compares the current status of the user with the BOSS application The operation log is recorded in the database; during specific operations, the cloud computing platform can store the operation information of the BOSS application program in real time when the user login terminal is disconnected (that is, when logging out), so that when the corresponding user logs in again from another terminal When logging out, the cloud computing platform directly searches the stored operation information from the database, and directly continues to run the corresponding BOSS application. ); For example: when opening an account, the salesperson first enters the customer's information, and then needs to leave temporarily for 5 minutes because of the need to copy the customer's ID card. At this time, the salesperson can log out of the cloud computing platform and wait for the customer's ID card to be copied , you can log in to the cloud computing platform again, and continue to enter from the place where you entered last time, without re-entering the customer information that has already been entered;

此外,本领域技术人员可以理解,通过将该云计算平台作为用户登录终端的计算平台,利用云计算平台的集中化处理能力处理用户登录终端的事务的过程中,还可以利用云计算平台的负载均衡能力,具体如:当多个用户登录终端同时发送登录认证请求时,被云计算平台中的服务器自身的均衡算法,分布到不同的服务器为该多个用户登录终端进行实务处理,通过服务器之间的负载均衡能力实现了计算资源的动态扩展。In addition, those skilled in the art can understand that by using the cloud computing platform as the computing platform for the user login terminal, the centralized processing capability of the cloud computing platform can be used to process the transaction of the user login terminal, and the load of the cloud computing platform can also be used. Balance capability, specifically: when multiple user login terminals send login authentication requests at the same time, the balance algorithm of the server in the cloud computing platform is distributed to different servers to perform practical processing for the multiple user login terminals. The load balancing capability among servers realizes the dynamic expansion of computing resources.

本实施例通过将该云计算平台作为用户登录终端的计算平台,利用云计算平台的集中化处理能力处理用户登录终端的事务,为用户登录终端提供本地化服务,实现用户登录终端的功能,可以将用户登录终端功能弱化,减少终端的消耗,从而减少因终端故障而引起需要更换导致效率较低等负面影响;同时该云计算平台作为中间层进行集中信息处理,用户登录终端到内网的连接被全部剥离,安全管理从面对多台终端,变成了面对数台服务器,从而安全管理难度会大幅降低,安全性能得到极大提升;优选地,通过将用户登录终端加入域,实现了强制用户无法登录到本地终端,进一步提高安全性,以及通过存储登出时对BOSS应用程序的操作信息,实现了快速切入。In this embodiment, the cloud computing platform is used as the computing platform for the user login terminal, and the centralized processing capability of the cloud computing platform is used to process the affairs of the user login terminal, provide localized services for the user login terminal, and realize the function of the user login terminal, which can The function of user login terminal is weakened to reduce the consumption of terminal, thereby reducing the negative effects such as low efficiency caused by the need for replacement due to terminal failure; at the same time, the cloud computing platform is used as the middle layer for centralized information processing, and the connection between user login terminal and intranet are completely stripped, and the security management is changed from facing multiple terminals to facing several servers, so that the difficulty of security management will be greatly reduced, and the security performance will be greatly improved; preferably, by adding the user login terminal to the domain, it realizes Forcing users to be unable to log in to the local terminal further improves security, and by storing the operation information of the BOSS application when logging out, quick access is realized.

平台实施例Platform Embodiment

图3为本发明的云计算平台的实施例结构图。图1及2所示的各方法实施例均可应用于本实施例。本实施例包括:认证模块30,用于接收至少一个用户登录终端发送的登录认证请求,并根据登录认证请求进行认证操作;处理模块32,用于在认证模块30根据登录认证请求确定认证成功后,向至少一个用户登录终端发布BOSS应用程序,以及代替至少一个用户登录终端运行BOSS应用程序。FIG. 3 is a structural diagram of an embodiment of the cloud computing platform of the present invention. All method embodiments shown in FIGS. 1 and 2 can be applied to this embodiment. This embodiment includes: an authentication module 30, configured to receive a login authentication request sent by at least one user login terminal, and perform an authentication operation according to the login authentication request; a processing module 32, configured to determine that the authentication is successful according to the login authentication request by the authentication module 30 , distributing the BOSS application program to at least one user login terminal, and running the BOSS application program instead of the at least one user login terminal.

具体操作时,该云计算平台还可以包括:数据库34,用于在处理模块32代替至少一个用户登录终端运行BOSS应用程序与BOSS系统进行信息交互的过程中,实时存储对BOSS应用程序的操作信息。During specific operations, the cloud computing platform may also include: a database 34, which is used to store the operation information of the BOSS application program in real time during the process of the processing module 32 replacing at least one user login terminal to run the BOSS application program and carry out information interaction with the BOSS system .

该处理模块32可以包括:第一处理子模块322,用于在认证模块30根据登录认证请求确定认证成功后,向至少一个用户登录终端发布BOSS应用程序,以及代替至少一个用户登录终端运行BOSS应用程序;The processing module 32 may include: a first processing sub-module 322, configured to issue the BOSS application program to at least one user login terminal after the authentication module 30 determines that the authentication is successful according to the login authentication request, and run the BOSS application program instead of at least one user login terminal program;

第二处理子模块324,用于在登出至少一个用户登录终端中的任一用户终端后,再登录任一用户终端时,根据数据库34在登出时存储的对BOSS应用程序的操作信息,直接继续运行BOSS应用程序。The second processing submodule 324 is used to log out any user terminal in at least one user login terminal, when logging in any user terminal again, according to the operation information of the BOSS application stored in the database 34 when logging out, Continue running the BOSS application directly.

本实施通过该云计算平台的处理模块32将各用户登录终端的BOSS应用程序集中运行,为对应的用户登录终端提供本地化服务,实现用户登录终端的功能,可以将用户登录终端功能弱化,减少终端的消耗,从而减少因终端故障而引起需要更换导致效率较低等负面影响;同时该云计算平台各模块作为中间层进行集中信息处理,用户登录终端到内网的连接被全部剥离,安全管理从面对多台终端,变成了面对数台服务器,从而安全管理难度会大幅降低,安全性能得到极大提升;此外,该认证模块30在具体操作时可以支持多种认证方式,如密码、指纹、磁卡等;优选地,通过数据库44存储登出时对BOSS应用程序的操作信息,第二处理子模块324根据该存储的操作信息实现了快速切入。In this implementation, through the processing module 32 of the cloud computing platform, the BOSS application program of each user login terminal is centrally run, and localized services are provided for the corresponding user login terminal, so as to realize the function of the user login terminal and weaken the function of the user login terminal. Reduce the consumption of terminals, thereby reducing the negative effects such as low efficiency caused by the need for replacement due to terminal failures; at the same time, each module of the cloud computing platform is used as the middle layer for centralized information processing, and the connection between the user login terminal and the intranet is completely stripped, ensuring security Management has changed from facing multiple terminals to facing several servers, so that the difficulty of security management will be greatly reduced, and the security performance will be greatly improved; in addition, the authentication module 30 can support multiple authentication methods during specific operations, such as Password, fingerprint, magnetic card, etc.; preferably, the database 44 stores the operation information of the BOSS application program when logging out, and the second processing submodule 324 realizes quick access according to the stored operation information.

系统实施例System embodiment

图4为本发明的BOSS系统的访问系统的实施例结构图。图1及2所示的各方法实施例均可应用于本实施例。本实施例包括:至少一个用户登录终端,用于发送登录认证请求;云计算平台,用于接收至少一个用户登录终端发送的登录认证请求,并在根据登录认证请求确定认证成功后,向至少一个用户登录终端发布BOSS应用程序代替至少一个用户登录终端运行BOSS应用程序。具体操作时,该系统还可以包括BOSS系统,用于通过运行BOSS应用程序的云计算平台与至少一个用户登录终端进行信息交互。Fig. 4 is a structural diagram of an embodiment of the access system of the BOSS system of the present invention. All method embodiments shown in FIGS. 1 and 2 can be applied to this embodiment. This embodiment includes: at least one user login terminal, used to send a login authentication request; a cloud computing platform, used to receive the login authentication request sent by at least one user login terminal, and after determining that the authentication is successful according to the login authentication request, send a request to at least one The user login terminal publishes the BOSS application program instead of running the BOSS application program on at least one user login terminal. During specific operations, the system may also include a BOSS system, configured to perform information interaction with at least one user login terminal through the cloud computing platform running the BOSS application program.

具体如图4所示,解释如下:BOSS系统的访问系统的架构分为3层,第一层是多个用户登录终端(如营业终端层),第二层是云计算平台层(包含前端的软件层和后端的硬件支撑层),第三层是内部BOSS系统。各营业厅终端通过TCP/IP连接(可以是LAN(localareanetwork,局域网)或者WAN(wideareanetwork,广域网))至云计算平台;云计算平台通过LAN连接内部BOSS系统。云计算平台划分为AD(ActiveDirectory,活动目录)区域(图未示,对应于图3中的认证模块30)、数据库区域(图未示,对应于图3中的数据库34)和计算区域(图未示,对应于图3中的处理模块32),其中,AD区域用于认证,数据库区域用于存储平台信息、计算区域用于安装各种BOSS应用程序,并将BOSS应用程序发布给营业员使用,所有的运算均在计算区域完成,该计算区域实现各营业厅终端的功能。As shown in Figure 4, the explanation is as follows: the architecture of the access system of the BOSS system is divided into three layers, the first layer is a plurality of user login terminals (such as business terminal layer), the second layer is a cloud computing platform layer (including the software layer and back-end hardware support layer), and the third layer is the internal BOSS system. Each business hall terminal is connected to the cloud computing platform through TCP/IP (can be LAN (local area network, local area network) or WAN (wide area network, wide area network)); the cloud computing platform is connected to the internal BOSS system through LAN. The cloud computing platform is divided into AD (Active Directory, Active Directory) area (not shown, corresponding to the authentication module 30 in Fig. 3), database area (not shown in the figure, corresponding to the database 34 in Fig. Not shown, corresponding to the processing module 32 in Fig. 3), wherein, the AD area is used for authentication, the database area is used for storing platform information, and the computing area is used for installing various BOSS application programs, and the BOSS application programs are issued to salespersons for use , all calculations are completed in the calculation area, which realizes the functions of the terminals of each business hall.

图5为本发明的BOSS系统的访问系统的实施例二示意图。图1及2所示的各方法实施例均可应用于本实施例。本实施例包括:FIG. 5 is a schematic diagram of Embodiment 2 of the access system of the BOSS system of the present invention. All method embodiments shown in FIGS. 1 and 2 can be applied to this embodiment. This example includes:

各营业厅终端组成的终端区域,其中各营业厅终端上可以安装云计算平台客户端软件以实现更加严格的管控或者通过IE浏览器接入;The terminal area composed of terminals in each business hall, in which the client software of the cloud computing platform can be installed on the terminals of each business hall to achieve stricter control or access through the IE browser;

安全网关服务器,用于为远程用户通过IE等浏览器访问时提供一个基于Web访问的访问控制服务器;默认下开启443和80端口进行通讯,通常情况下该服务器放置在DMZ(demilitarizedzone,隔离区)区域,可以采用群集技术以作冗余设计;The security gateway server is used to provide a web-based access control server for remote users to access through browsers such as IE; by default, ports 443 and 80 are enabled for communication, and the server is usually placed in a DMZ (demilitarized zone, isolated area) Area, cluster technology can be used for redundant design;

相当于图3中处理模块32的服务器群(clusterservers,集群服务器):计算区域按照计算容量配置服务器,并进行负载均衡;It is equivalent to the server group (clusterservers, cluster server) of the processing module 32 in Fig. 3: the calculation area configures servers according to the calculation capacity, and performs load balancing;

相当于图3中数据库34的数据库(disksets,磁盘组):可以采用SQL(standardquerylanguage,标准查询语言)的Cluter(集群)设计,也可以不必要建立一个新的SQL群集,例如可以连接到一个现有的SQL群集或者是其他已经安装好的SQL服务器;The database (disksets, disk group) that is equivalent to database 34 among Fig. 3: can adopt the Clusterer (cluster) design of SQL (standardquerylanguage, standard query language), also can not set up a new SQL cluster, for example can be connected to an existing Some SQL clusters or other installed SQL servers;

相当于图3中认证模块30的AD:可以新建或采用现有的AD,如果是现有的AD,不需要做改动,仅需要连接到现有的服务器即可。It is equivalent to the AD of the authentication module 30 in Fig. 3: a new AD can be created or an existing AD can be adopted. If it is an existing AD, there is no need to modify it, only need to connect to the existing server.

其中,云计算平台包括服务器群、数据库及AD,云计算平台可以支持Microsoft(微软)的群集技术,以达到实现多个服务器并行处理客户端请求,实现负载均衡的目的。Among them, the cloud computing platform includes server farms, databases and AD, and the cloud computing platform can support the cluster technology of Microsoft (Microsoft), so as to achieve the purpose of parallel processing of client requests by multiple servers and load balancing.

本实施例通过采用了“云”计算的模式,将计算能力和营业厅终端剥离,通过负载均衡实现计算资源的合理分配,由于所有计算均在服务器统一实现,因此营业厅终端不需要频繁更换,延长使用期限;无需在终端上部署应用软件,简化终端管理;优选地,可以通过将终端加入域,让营业员无法登录到本地终端,提升终端的安全性和可管理性。In this embodiment, by adopting the "cloud" computing model, the computing power is separated from the terminals in the business hall, and the reasonable allocation of computing resources is realized through load balancing. Since all calculations are performed uniformly on the server, the terminals in the business hall do not need to be replaced frequently. The service life is extended; there is no need to deploy application software on the terminal, which simplifies terminal management; preferably, by adding the terminal to a domain, the salesperson cannot log in to the local terminal, improving the security and manageability of the terminal.

最后应说明的是:以上仅为本发明的优选实施例而已,并不用于限制本发明,尽管参照前述实施例对本发明进行了详细的说明,对于本领域的技术人员来说,其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。Finally, it should be noted that the above are only preferred embodiments of the present invention, and are not intended to limit the present invention. Although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art can still understand The technical solutions recorded in the foregoing embodiments are modified, or some of the technical features are equivalently replaced. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included within the protection scope of the present invention.

Claims (10)

1.一种BOSS系统的访问方法,其特征在于,包括:1. An access method of a BOSS system, characterized in that, comprising: 云计算平台接收至少一个用户登录终端发送的登录认证请求,并在根据所述登录认证请求确定认证成功后,向所述至少一个用户登录终端发布BOSS应用程序;The cloud computing platform receives the login authentication request sent by at least one user login terminal, and after determining that the authentication is successful according to the login authentication request, releases the BOSS application program to the at least one user login terminal; 所述云计算平台代替所述至少一个用户登录终端运行所述BOSS应用程序,与BOSS系统进行信息交互,所述云计算平台作为中间层进行集中信息处理。The cloud computing platform runs the BOSS application program instead of the at least one user login terminal, and performs information interaction with the BOSS system, and the cloud computing platform performs centralized information processing as an intermediate layer. 2.根据权利要求1所述的BOSS系统的访问方法,其特征在于,在所述云计算平台接收至少一个用户登录终端发送的登录认证请求的步骤之前还包括:2. the access method of BOSS system according to claim 1, is characterized in that, also comprises before the step that described cloud computing platform receives the login authentication request that at least one user login terminal sends: 将所述至少一个用户登录终端设置为登录到域服务器模式;Setting the at least one user login terminal to log in to the domain server mode; 所述至少一个用户登录终端的域控制器接收输入的登录认证请求,并直接将所述登录认证请求转发至所述云计算平台。The domain controller of the at least one user login terminal receives the input login authentication request, and directly forwards the login authentication request to the cloud computing platform. 3.根据权利要求1或2所述的BOSS系统的访问方法,其特征在于,在所述云计算平台代替所述至少一个用户登录终端运行所述BOSS应用程序与BOSS系统进行信息交互的步骤进行过程中还包括:3. The access method of the BOSS system according to claim 1 or 2, characterized in that, the step of performing information interaction between the BOSS application program and the BOSS system is performed on the cloud computing platform instead of the at least one user login terminal The process also includes: 实时存储对所述BOSS应用程序的操作信息。The operation information of the BOSS application program is stored in real time. 4.根据权利要求3所述的BOSS系统的访问方法,其特征在于,还包括:4. The access method of the BOSS system according to claim 3, further comprising: 在登出所述至少一个用户登录终端中的任一用户终端后,再登录任一用户终端时,所述云计算平台根据在登出时存储的对所述BOSS应用程序的操作信息,直接继续运行所述BOSS应用程序。After logging out of any user terminal in the at least one user login terminal, when logging in any user terminal again, the cloud computing platform directly continues to Run the BOSS application. 5.根据权利要求1或2所述的BOSS系统的访问方法,其特征在于,在所述至少一个用户登录终端为多个用户终端时,所述云计算平台代替所述至少一个用户登录终端运行所述BOSS应用程序的步骤包括:5. The access method of the BOSS system according to claim 1 or 2, characterized in that, when the at least one user login terminal is a plurality of user terminals, the cloud computing platform replaces the at least one user login terminal to run The steps of the BOSS application include: 所述云计算平台根据预设负载均衡方法,为所述至少一个用户登录终端分配对应的服务器,所述对应的服务器代替所述至少一个用户登录终端运行所述BOSS应用程序,与BOSS系统进行信息交互。The cloud computing platform assigns a corresponding server to the at least one user login terminal according to a preset load balancing method, and the corresponding server replaces the at least one user login terminal to run the BOSS application program and communicate with the BOSS system interact. 6.一种云计算平台,其特征在于,包括:6. A cloud computing platform, characterized in that, comprising: 认证模块,用于接收至少一个用户登录终端发送的登录认证请求,并根据所述登录认证请求进行认证操作;An authentication module, configured to receive a login authentication request sent by at least one user login terminal, and perform an authentication operation according to the login authentication request; 处理模块,用于在所述认证模块根据所述登录认证请求确定认证成功后,向所述至少一个用户登录终端发布BOSS应用程序,以及代替所述至少一个用户登录终端运行所述BOSS应用程序;A processing module, configured to issue the BOSS application program to the at least one user login terminal after the authentication module determines that the authentication is successful according to the login authentication request, and run the BOSS application program instead of the at least one user login terminal; 其中,所述云计算平台作为中间层进行集中信息处理。Wherein, the cloud computing platform performs centralized information processing as an intermediate layer. 7.根据权利要求6所述的云计算平台,其特征在于,还包括:7. The cloud computing platform according to claim 6, further comprising: 数据库,用于在所述处理模块代替所述至少一个用户登录终端运行所述BOSS应用程序与BOSS系统进行信息交互的过程中,实时存储对所述BOSS应用程序的操作信息。The database is used to store the operation information of the BOSS application in real time during the process of the processing module replacing the at least one user login terminal to run the BOSS application to exchange information with the BOSS system. 8.根据权利要求7所述的云计算平台,其特征在于,所述处理模块包括:8. cloud computing platform according to claim 7, is characterized in that, described processing module comprises: 第一处理子模块,用于在所述认证模块根据所述登录认证请求确定认证成功后,向所述至少一个用户登录终端发布BOSS应用程序,以及代替所述至少一个用户登录终端运行所述BOSS应用程序;The first processing submodule is configured to issue the BOSS application program to the at least one user login terminal after the authentication module determines that the authentication is successful according to the login authentication request, and run the BOSS instead of the at least one user login terminal application; 第二处理子模块,用于在登出所述至少一个用户登录终端中的任一用户终端后,再成功登录任一用户终端时,根据所述数据库在登出时存储的对所述BOSS应用程序的操作信息,直接继续运行所述BOSS应用程序。The second processing submodule is configured to log in any user terminal successfully after logging out of any user terminal in the at least one user login terminal, according to the BOSS application stored in the database when logging out The operation information of the program directly continues to run the BOSS application. 9.一种BOSS系统的访问系统,其特征在于,包括:9. An access system for a BOSS system, comprising: 至少一个用户登录终端,用于发送登录认证请求;at least one user login terminal for sending a login authentication request; 云计算平台,用于接收所述至少一个用户登录终端发送的登录认证请求,并在根据所述登录认证请求确定认证成功后,向所述至少一个用户登录终端发布BOSS应用程序代替所述至少一个用户登录终端运行所述BOSS应用程序,与BOSS系统进行信息交互;所述云计算平台作为中间层进行集中信息处理。The cloud computing platform is configured to receive the login authentication request sent by the at least one user login terminal, and after determining that the authentication is successful according to the login authentication request, issue a BOSS application program to the at least one user login terminal instead of the at least one The user logs in to the terminal to run the BOSS application program to interact with the BOSS system; the cloud computing platform acts as an intermediate layer for centralized information processing. 10.根据权利要求9所述的BOSS系统的访问系统,其特征在于,还包括:10. The access system of BOSS system according to claim 9, is characterized in that, also comprises: BOSS系统,用于通过运行所述BOSS应用程序的所述云计算平台与所述至少一个用户登录终端进行信息交互。The BOSS system is configured to perform information interaction with the at least one user login terminal through the cloud computing platform running the BOSS application program.
CN201010624230.7A 2010-12-31 2010-12-31 The access method of BOSS system and system, cloud computing platform Expired - Fee Related CN102571733B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010624230.7A CN102571733B (en) 2010-12-31 2010-12-31 The access method of BOSS system and system, cloud computing platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010624230.7A CN102571733B (en) 2010-12-31 2010-12-31 The access method of BOSS system and system, cloud computing platform

Publications (2)

Publication Number Publication Date
CN102571733A CN102571733A (en) 2012-07-11
CN102571733B true CN102571733B (en) 2015-11-25

Family

ID=46416221

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010624230.7A Expired - Fee Related CN102571733B (en) 2010-12-31 2010-12-31 The access method of BOSS system and system, cloud computing platform

Country Status (1)

Country Link
CN (1) CN102571733B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104753887B (en) * 2013-12-31 2018-02-23 中国移动通信集团黑龙江有限公司 Security management and control implementation method, system and cloud desktop system
CN104917735A (en) * 2014-03-14 2015-09-16 中国移动通信集团江西有限公司 Login authentication method and system based on SSO platform and SSO platform
CN109547422B (en) * 2018-11-09 2021-06-25 福建天泉教育科技有限公司 Method and terminal for automatically renewing login state
CN109617234A (en) * 2018-12-14 2019-04-12 吉林电力股份有限公司科技开发分公司 A Wind Turbine Condition Monitoring System Based on Multidimensional Data
CN111125674B (en) * 2019-12-20 2022-03-22 中国银联股份有限公司 Open type data processing system, open type data system and data processing method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1524217A (en) * 2000-06-22 2004-08-25 Distributed Computing Service Platform
CN1980444A (en) * 2005-12-02 2007-06-13 上海移动通信有限责任公司 Subscriber attaching registor data inquiring and processing concentrated convergent integrating method
CN101378329A (en) * 2007-08-30 2009-03-04 阿里巴巴集团控股有限公司 Distributed business operation support system and method for implementing distributed business

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1524217A (en) * 2000-06-22 2004-08-25 Distributed Computing Service Platform
CN1980444A (en) * 2005-12-02 2007-06-13 上海移动通信有限责任公司 Subscriber attaching registor data inquiring and processing concentrated convergent integrating method
CN101378329A (en) * 2007-08-30 2009-03-04 阿里巴巴集团控股有限公司 Distributed business operation support system and method for implementing distributed business

Also Published As

Publication number Publication date
CN102571733A (en) 2012-07-11

Similar Documents

Publication Publication Date Title
US11856050B2 (en) Multi-tenant-cloud-aggregation and application-support system
CN106462467B (en) Integrated API and UI for consuming services over different distributed networks
US10326769B2 (en) Extensible multi-tenant cloud-management system and methods for extending functionalities and services provided by multi-tenant cloud-management system
US10057189B2 (en) Virtual computing services deployment network
US20170293501A1 (en) Method and system that extends a private data center to encompass infrastructure allocated from a remote cloud-computing facility
US9807153B2 (en) Managing user state of cloud desktops
US8856917B2 (en) Single sign-on for remote desktops
US8286232B2 (en) System and method for transparent cloud access
JP2010521761A (en) Management layer method and apparatus for dynamic allocation of remote computer resources
BRPI0707220A2 (en) methods and systems for providing access to a computing environment
JP2014053050A (en) Provisioning and managing replicated data instances
CN102473170A (en) Virtual machine based application service provisioning
CN102571733B (en) The access method of BOSS system and system, cloud computing platform
CN101656718A (en) Network server system and method for establishing and starting virtual machine thereof
CN109284170A (en) USB shared system and sharing method in a kind of local area network
US7636852B1 (en) Call center dashboard
US12170643B2 (en) Application routing infrastructure for private-level redirect trapping and creation of NAT mapping to work with connectivity in cloud and customer networks
Yang et al. A cloud architecture based on smart home
US20250094608A1 (en) Techniques for providing security-related information
Girola et al. IBM Data Center Networking: Planning for virtualization and cloud computing
CN117155933B (en) Multi-cluster nano-tube method, platform, equipment and storage medium
CN112068929A (en) Unified management method for accessing multi-architecture cloud platform to third-party web service
CN114448668B (en) A method and device for implementing cloud platform docking security services
CN112733118B (en) Cloud security product user management method, device and system and readable storage medium
CN107608768A (en) Resource access method, electronic equipment and storage medium based on command mode

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20151125