CN119402284A

CN119402284A - A response handling method, device, equipment and medium

Info

Publication number: CN119402284A
Application number: CN202411671854.2A
Authority: CN
Inventors: 丘小燕
Original assignee: DBAPPSecurity Co Ltd
Current assignee: DBAPPSecurity Co Ltd
Priority date: 2024-11-20
Filing date: 2024-11-20
Publication date: 2025-02-07

Abstract

The application relates to the field of network security, in particular to a response handling method, a device, equipment and a medium, wherein the method comprises the steps of obtaining a response request of a user by utilizing a standard interface so as to enable the request of the user to be received through a unified interface; the method comprises the steps of carrying out data conversion on a response request according to identification information of target safety equipment so that request data can be matched with the target safety equipment, positioning the position of the target safety equipment in a container, and sending the request data to the target safety equipment for processing according to the position information, so that the request can be received only by a unified interface aiming at different safety equipment, the interface is not required to be switched by user equipment, the scheduling efficiency of the safety equipment is improved, and the safety response disposal efficiency of the safety equipment is further improved.

Description

Response handling method, device, equipment and medium

Technical Field

The present application relates to the field of network security, and in particular, to a response handling method, apparatus, device, and medium.

Background

With the rapid development of information technology, network security problems are increasingly highlighted, and various security devices such as firewalls, EDRs (endpoint detection and response), XDRs (extended detection and response), TGFW, intrusion detection systems, security gateways, and the like play a vital role in network environments. Different security devices provide different interfaces to the outside and use different protocols to accomplish the same thing.

In the related art, in order to implement security response handling, a communication manner based on a specific protocol or API interface is generally adopted to enable a user to access a certain security device. Customers use different security devices, all of which need to re-interface with or switch back and forth among the different devices.

With the increasing types of security devices and the increasing complexity of security requirements, when users need to access different security devices, the scheduling efficiency of the security devices in the related art is low, and thus the efficiency of security response handling is affected.

Disclosure of Invention

The application aims to provide a response handling method, a response handling device, response handling equipment and response handling media, so that a request can be received only by a unified interface aiming at different safety equipment, the user equipment is not required to switch the interface, the dispatching efficiency of the safety equipment is improved, and the safety response handling efficiency of the safety equipment is further improved.

In a first aspect, a response handling method is provided, comprising:

obtaining a response request of a user by using a standard interface, wherein the response request comprises identification information of target security equipment and request service;

Performing data conversion on the response request according to the identification information of the target security equipment to obtain request data corresponding to the target security equipment;

Determining position information corresponding to the target safety equipment in a container according to the identification information corresponding to the target safety equipment, wherein a plurality of safety equipment are integrated in the container;

and sending the request data to target safety equipment according to the position information so as to carry out safety processing according to the request service by utilizing the target safety equipment.

The present application may be further configured in a preferred example to perform security processing according to the request service using the target security device, including:

Determining a standard action corresponding to the request service according to a corresponding relation between a preset service type and the standard action;

and calling the target security equipment, and performing security processing according to the standard action corresponding to the request service.

The present application may be further configured in a preferred example to:

When the request service comprises a forbidden service and/or an unpacked service carrying parameter information, the target security equipment is utilized to perform security processing according to the request service, wherein the method comprises the steps of calling a storage medium according to the parameter information to inquire whether repeated request service exists;

and when the request service comprises a connectivity test, the target safety equipment is utilized to carry out safety processing according to the request service, and the communication test is carried out according to the request service by utilizing the target safety equipment.

The present application may be further configured in a preferred example to, prior to obtaining the response request of the user using the standard interface, further comprise at least one of:

determining a deployment architecture according to the access request so as to carry out system configuration according to the deployment architecture, wherein the deployment architecture comprises a restful mode, a central mode or an embedded mode;

acquiring a registration request of a user for the target security device by using a standard interface, and registering the user according to the registration request;

and acquiring a storage strategy of a user aiming at the target security device by using a standard interface so as to store the target data according to the storage strategy when the target data is required to be stored.

The present application may be further configured in a preferred example to store target data according to a storage policy when the target data needs to be stored, including:

when the storage strategy is a self-storage engine, storing the target data to the self-storage engine;

When the storage strategy is a storage medium of user equipment corresponding to a user, the target data is recalled to the storage medium of the user equipment through a hook function;

And when the storage strategy is that of other storage engines, sending the target data to the other storage engines for data storage.

The present application may be further configured in a preferred example to obtain a registration request for the target security device by a user using a standard interface, including:

acquiring an initial registration request of a user for target security equipment;

Determining a rendering template corresponding to the target security device according to the initial registration request so as to facilitate a user to display an interface provided by the rendering template on a page on the user device;

and acquiring a registration request triggered by an interface provided by a user through the rendering template by using a standard interface.

The present application may be further configured in a preferred example to determine, according to the identification information corresponding to the target security device, location information corresponding to the target security device in a container, including:

determining whether the target safety equipment exists in the container according to the identification information corresponding to the target safety equipment;

if so, determining the position information corresponding to the target safety equipment in the container according to the identification information corresponding to the target safety equipment;

If not, generating prompt information.

In a second aspect, there is provided a responsive handling apparatus comprising:

The acquisition module is used for acquiring a response request of a user by utilizing a standard interface, wherein the response request comprises identification information of target security equipment and request service;

The conversion module is used for carrying out data conversion on the response request according to the identification information of the target security device to obtain request data corresponding to the target security device;

The position information determining module is used for determining position information corresponding to the target safety equipment in a container according to the identification information corresponding to the target safety equipment, and a plurality of safety equipment are integrated in the container;

And the response module is used for sending the request data to target safety equipment according to the position information so as to carry out safety processing according to the request service by utilizing the target safety equipment.

In a third aspect, an electronic device is provided, comprising:

one or more processors;

A memory;

One or more applications stored in memory and configured to be executed by one or more processors, the one or more applications configured to perform operations corresponding to the response handling method according to any one of the possible implementations of the first aspect.

In a fourth aspect, a computer readable storage medium is provided, the storage medium storing at least one instruction, at least one program, code set, or instruction set, the at least one instruction, at least one program, code set, or instruction set being loaded by a processor and executing the steps of the response handling method according to any one of the possible implementations of the first aspect.

In a fifth aspect, a computer program product is provided, comprising a computer program which, when executed by a processor, implements the operations corresponding to the response handling method according to any of the possible implementations of the first aspect.

In summary, the response handling method provided by the application has the following beneficial technical effects:

According to the scheme, a standard interface is utilized to acquire a response request of a user, so that the request of the user can be received through a unified interface, data conversion is carried out on the response request according to identification information of target safety equipment, so that request data can be matched with the target safety equipment, the position of the target safety equipment in a container is positioned, the request data is sent to the target safety equipment according to the position information for processing, the request can be received only through the unified interface aiming at different safety equipment, the interface is not required to be switched by the user equipment, the scheduling efficiency of the safety equipment is improved, and the safety response processing efficiency of the safety equipment is further improved.

In addition, the application also provides a response handling device, equipment and medium, which have the beneficial technical effects.

Drawings

For a clearer description of embodiments of the application or of the prior art, the drawings that are used in the description of the embodiments or of the prior art will be briefly described, it being apparent that the drawings in the description below are only some embodiments of the application, and that other drawings can be obtained from them without inventive effort for a person skilled in the art.

Fig. 1 is an application scenario schematic diagram of a response handling method provided in an embodiment of the present application;

FIG. 2 is a flow chart of a response handling method according to an embodiment of the present application;

Fig. 3 is a schematic flow chart of a blocking service according to an embodiment of the present application;

FIG. 4 is a flow chart of a response handling configuration procedure according to an embodiment of the present application;

FIG. 5 is a flow chart of response processing performed by the deployment architecture according to an embodiment of the present application;

FIG. 6 is a schematic diagram of a process for rendering and registering an app template according to an embodiment of the present application;

FIG. 7 is a schematic diagram of a response handling device according to an embodiment of the present application;

Fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

The present embodiment is only for explanation of the present application and is not to be construed as limiting the present application, and modifications to the present embodiment, which may not creatively contribute to the present application as required by those skilled in the art after reading the present specification, are all protected by patent laws within the scope of claims of the present application.

It should be noted that, in the alternative embodiment of the present application, related data such as object information is required to obtain permission or consent of the object when the embodiment of the present application is applied to a specific product or technology, and the collection, use and processing of related data are required to comply with related laws and regulations and standards of related countries and regions. That is, in the embodiment of the present application, if data related to the object is involved, the data needs to be acquired through the approval of the object, the approval of the related department, and the compliance with the related laws and regulations and standards of the country and region. In the embodiment, for example, the personal information is involved, the acquisition of all the personal information needs to obtain the personal consent, for example, the sensitive information is involved, the individual consent of the information body needs to be obtained, and the embodiment also needs to be implemented under the condition of the authorized consent of the object.

For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.

In addition, the term "and/or" is merely an association relation describing the association object, and means that three kinds of relations may exist, for example, a and/or B, and that three kinds of cases where a exists alone, while a and B exist alone, exist alone. In this context, unless otherwise specified, the term "/" generally indicates that the associated object is an "or" relationship.

In the present-day internet situation, the importance of network security changes. There are more and more security devices on the market. Many security devices on the market, such as firewalls, EDR, XDR, TGFW and other different security devices, which provide different interfaces and different protocols to the outside, accomplish the same response handling. Many platforms, clients need to re-interface with or switch back and forth among different security devices. However, the functions of different devices are quite different, and related technologies do not have unified closing, so that standardized actions cannot be provided, various deployment modes cannot be supported, expansion cannot be supported, and response treatment solutions for selecting storage cannot be supported.

Based on the above, the application provides a solution for uniformly closing up the capability of the safety equipment, and a uniform scheduling interface can be provided in response to treatment.

Furthermore, the user can select an access mode by himself to support a plurality of deployment modes, namely a restful mode, a central mode and an embedded mode, for example, when sdk is embedded into an existing platform or used as a restful service.

Further, standardized output actions may be provided, with the request services corresponding to the output actions including, but not limited to, registration, blocking, deblocking, disposal record querying, connectivity testing, file sterilization, device monitoring, and the like.

Further, the definition of the storage layer is controlled by using a dynamic data source, and a user can use the storage devices existing in the self platform, such as s, mysql and other common storage media, and can also use the hook callback user platform for storage. Of course, a default mysql storage mode is provided, and a user can also extend a dynamic custom storage layer according to configuration (mysql is not loaded).

Furthermore, different equipment registration modes are different, and a dynamic template is provided for supporting the user to access different equipment systems.

In order to better understand the scheme provided by the embodiment of the present application, the scheme is described below in connection with a specific application scenario.

In an embodiment, please refer to fig. 1, fig. 1 is a schematic diagram of an application scenario of a response handling method provided in an embodiment of the present application, where the response handling method may be applied to a response handling system.

In some embodiments, the data administration system includes an electronic device, a user device. Among them, the user equipment includes, but is not limited to, mobile terminals such as mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), PADs (tablet computers), PMPs (portable multimedia players), car terminals (e.g., car navigation terminals), and the like, and stationary terminals such as digital TVs, desktop computers, and the like. The electronic device may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, a content distribution network (Content Delivery Network, CDN), basic cloud computing services such as big data and an artificial intelligent platform. The user equipment and the server may be directly or indirectly connected through wired or wireless communication, which is not limited in the embodiment of the present application. The user initiates a response request through the user equipment, and the electronic equipment acquires the response request of the user by using the standard interface and performs response treatment based on the response request.

It should be understood that the foregoing is merely an example, and the present embodiment is not limited thereto.

An embodiment of the present application provides a response handling method, as shown in fig. 2, where the method provided in the embodiment of the present application may be executed by an electronic device, and the method includes S101-S104, where:

s101, acquiring a response request of a user by using a standard interface, wherein the response request comprises identification information of target security equipment and request service;

In the embodiment of the application, the electronic equipment is externally embodied as a unified standard interface and is used for communicating with the user equipment. In the process that a user interacts with the electronic device, when the user needs to execute a certain service or operation for a specific security device, the electronic device obtains a response request of the user through a standard interface, wherein the response request comprises identification information of a target security device and a specific service which the user wants to execute. The electronic device provides a unified port for the security device, and the request is accepted by utilizing the unified interface, so that the interface switching is not needed even for the security device of multiple categories.

The request service comprises, but is not limited to, registration, blocking, deblocking, disposal record inquiry, connectivity test, file sterilization and equipment monitoring. For blocking, the parameters in the corresponding request service may include a blocking address, a blocking time, and the like.

In some embodiments, when a response request of a user is generated, the user may designate a security device, or the electronic device automatically allocates a target security device capable of realizing a request server and having a lower load according to a request service of the response request of the user and a current load condition of the security device, which is not limited in the embodiments of the present application.

In the embodiment of the application, the safety devices can be grouped according to the actions so as to obtain the corresponding relation between the actions and the device group. In one possible case, the target security device represents a certain security device, in another case, the target security device represents a certain type of security device. For the security device group, when the user device invokes the security device, the incoming identification information may be the id of the security device or the id of the device group, so as to execute a corresponding operation.

Further, in some possible cases, the identification information of the target security device may also be department identification information, where the correspondence between the departments and the security devices is pre-stored in the electronic device, and further, after determining the department identification information, the security device corresponding to the department identification information may be directly called. In other possible cases, group yang may be shot into a security domain, assets may be grouped into a class of security domains, and an asset occurrence vulnerability or alert may directly find the corresponding security domain and thus the corresponding device.

S102, performing data conversion on the response request according to the identification information of the target security device to obtain request data corresponding to the target security device;

wherein each security device corresponds to unique identification information or each group of security devices corresponds to identification information. The request data is a data format and structure which accords with the requirement of any one of the target security devices/target security device groups after data conversion.

It can be understood that the data formats corresponding to different security devices may be different, so that the electronic device may find the data conversion rule corresponding to the target security device according to the identification information of the target security device, and perform data format conversion on the response request by using the data conversion rule to obtain the request data meeting the requirements of the target security device.

S103, determining position information corresponding to the target safety equipment in the container according to the identification information corresponding to the target safety equipment, wherein a plurality of safety equipment are integrated in the container;

A plurality of security devices are integrated into a container in an electronic device, each security device having a respective storage path. When a responsive disposition of a target security device in a container is required, a specific location of the target security device in the container needs to be determined so as to be able to accurately perform a responsive disposition operation therewith.

In some embodiments, the container maintains a registry containing all security devices and their identification information and location information, and when the location of the target security device needs to be determined, location information can be obtained by only searching the registry for information matching the device identification information.

It can be appreciated that, since the electronic device provides a unified standard to the outside, even if the version of the internal security device is updated, the standard interface does not need to be adjusted to the outside. Meanwhile, response treatment can be realized through a standard interface as long as the safety device is recorded in the container of the electronic device. Therefore, the container can be updated periodically to add, delete, check and change the security equipment.

And S104, transmitting the request data to the target security device according to the position information so as to perform security processing according to the request service by using the target security device.

According to the location information, the request data is sent to the target security device to facilitate invoking the target security device for security processing feel ashamed.

It can be seen that in the embodiment of the application, a standard interface is utilized to acquire a response request of a user, so that the request of the user can be received through a unified interface, data conversion is performed on the response request according to the identification information of the target security device, so that the request data can be matched with the target security device, the position of the target security device in a container is positioned, the request data is sent to the target security device according to the position information for processing, so that the request can be received only through the unified interface for different security devices, the user device is not required to switch the interface, the scheduling efficiency of the security device is improved, and the safety response disposal efficiency of the security device is further improved.

One possible implementation manner of the embodiment of the present application, performing security processing according to a request service by using a target security device, includes:

Determining a standard action corresponding to the requested service according to the corresponding relation between the preset service type and the standard action;

In the embodiment of the application, classification can be performed according to standard actions. Illustratively, the deblocking class and the firewall class are blocked, and unified standard actions corresponding to each class are performed.

Therefore, in the embodiment of the application, when the target security device is utilized to perform security processing, the standard action corresponding to the request service is determined according to the corresponding relation between the preset service type and the standard action, and the target security device is called to perform security processing according to the standard action, so that standardized output action is provided, and the efficiency of corresponding processing can be further improved.

When the request service comprises a forbidden service and/or an unpacked service carrying parameter information, utilizing the target security equipment to perform security processing according to the request service, wherein the method comprises the steps of calling a storage medium according to the parameter information to inquire whether repeated request service exists or not;

Referring to fig. 3, fig. 3 is a schematic flow chart of a blocking service provided by an embodiment of the present application, which includes obtaining a blocking IP, querying a disposition record to facilitate invoking a storage medium query, determining whether to repeat blocking, if yes, and if not, invoking a security device to perform blocking.

Further, when a certain ip is blocked, the blocked ip is determined, and the operation information of the blocked ip is determined by analyzing according to the log of the security device, a white list/black list is obtained, whether the ip is abnormal is determined based on the operation information, the black list and the white list, if the ip is not abnormal, a determination prompt is sent so as to be convenient for a user to confirm again, and if the ip is abnormal, the blocking is performed. And acquiring a white list/black list, determining whether the ip is abnormal or not based on the operation information, the black list and the white list, and sending a determination prompt if the ip is abnormal, so that a user can confirm again, and if the ip is not abnormal, the ip is unsealed.

When the request service comprises a connectivity test, the target safety equipment is utilized to conduct safety processing according to the request service, and the communication test is conducted according to the request service.

The connectivity test refers to testing the connectivity of the security device and the user device. Specifically, after the user completes the APP aiming at the target security device through user setting registration, whether the network is connected and whether the account password is correct or not is checked.

In one possible implementation, the user may test the health check through a display interface test button of the user device, so as to facilitate the health detection of the electronic device, and set the app state to false when the result is unhealthy, otherwise true.

In another possible implementation, the electronic device has a periodic task to scan the status of the health check.

Therefore, in the embodiment of the application, for the blocking service and/or the deblocking service in the request service, the repeated processing is avoided by inquiring whether the repeated request service exists, so that unnecessary resource waste is reduced, and the processing efficiency is improved. Meanwhile, for the communication test request, the target safety equipment is utilized for testing, so that the user equipment can communicate with the safety equipment, and the safety equipment can be ensured to perform safety processing in time.

The method comprises the steps of obtaining a response request of a user by using a standard interface, determining a deployment architecture according to the access request so as to perform system configuration according to the deployment architecture, obtaining a registration request of the user for target security equipment by using the standard interface, registering the user according to the registration request, and obtaining a storage strategy of the user for the target security equipment by using the standard interface so as to store target data according to the storage strategy when the target data is required to be stored.

It can be understood that a plurality of security devices are put in advance in a container, refer to fig. 4, fig. 4 is a flow chart of a response handling configuration process provided by an embodiment of the present application, which includes rendering a registration template on a user interface to initiate registration of the security devices by a user, performing connectivity test after registration is completed, invoking the security devices after the test is passed, specifically invoking the security devices through a network proxy layer, directly invoking the security devices, initiating a request through a unified standard interface, performing service data conversion to obtain request data capable of invoking the security devices, implementing invocation, and invoking a storage module to record an event, and determining that a storage decision is to self-bring a storage engine/call back a user storage/other user storage engine so as to dynamically load a data source, and saving registration information and invoking time data.

In the embodiment of the application, the access request of the user is acquired by utilizing a standard interface, and the deployment architecture is determined according to the access request so as to carry out system configuration according to the deployment architecture, wherein the deployment architecture comprises a restful mode, a central mode or an embedded mode. Referring to fig. 5, fig. 5 is a flow chart of response processing performed by the deployment architecture according to the embodiment of the present application.

And (3) the RESTFUL mode is used for providing an http interface service, and independently deploying the http interface service to call other services, so that zero invasion is caused to the other services. The app is handled by the architecture response when other services or platforms onboard the user device invoke the services.

And providing sdk in a central mode, integrating the service end, and independently deploying response handling service. The user uses just as if the local method was invoked.

The embedded mode is that the whole response treatment service becomes an sdk, and the user can customize the storage layer, and the volume is small.

And dynamically loading the custom storage layer, namely dynamically loading the custom storage layer by matching with configuration based on a multi-data source mode.

It can be understood that the three modes provided by the embodiment of the application are configured to implement a module faceted presentation layer (presentation), a core layer (core), an api layer and a storage layer (storage), and a user can expand according to actual requirements, for example, the storage layer can be developed by the user, the default storage layer is mysql, or the user can realize that the interface of the storage layer is replaced by ELASTICSEARCH or other storage modes.

The presentation layer main service is used for receiving requests from other services through a unified interface in a restful architecture style, comprises data conversion (such as cloud information supplementation) of some business states, and calls a core layer.

The core layer contains the core logic for the whole response handling, including device registration, connectivity checking, invoking storage engines, decision making to invoke security devices, etc.

The api layer mainly contains an entry provided when exposed to methods called by the presentation layer or embedded, a common tool class (ID generator, etc.);

And providing a common storage mode such as mysql, redis, es, memory, a hook function and the like, starting a process, combining configuration, using a mybatis dynamic data source configuration mode by default and liquibase initialization mysql as a data source, referencing the storage layer in a core layer, shielding details of other layers to the storage layer, and providing the hook function for a user to automatically expand to realize the own storage mode.

In embedded mode, only the api layer, core layer and storage layer are required.

Furthermore, the Prometheus is used for collecting the online condition of the safety equipment, a communication detection interface is provided in response to treatment, different implementations are realized based on different equipment, some account passwords are obtained and token is used as the communication interface, and some inquiry treatment records are used as the communication detection interface. An abstract class is provided in the core layer to contain a universal interface for providing unified input and output to the outside. In particular, the policy mode determines which security device to use according to the parameters, and each security device has a corresponding implementation subclass.

In the embodiment of the application, a standard interface is utilized to acquire a registration request of a user for target security equipment, and user registration is performed according to the registration request. Referring specifically to fig. 6, fig. 6 is a schematic flow chart of rendering and registering an app template provided by an embodiment of the present application, in which a developer composes a template to be put in a server TEMPLATESSVC according to apps corresponding to different security devices, and a user selects an app registration template to be sent to the server TEMPLATESSVC. The server TEMPLATESSVC renders the parameters needed by the corresponding app to the user to realize registration. Further, the user may also input parameters required for blocking to the server TEMPLATESSVC.

Specifically, when target data is required to be stored, storing the target data according to a storage strategy, wherein the storage strategy comprises the steps of storing the target data into a self-storage engine when the storage strategy is the self-storage engine, calling back the target data to a storage medium of user equipment through a hook function when the storage strategy is a storage medium of the user equipment corresponding to a user, and sending the target data to other storage engines for data storage when the storage strategy is the other storage engines. When the target data is required to be stored, a storage mode is selected according to a storage strategy, the data can be stored by utilizing a self storage engine, the safety and reliability of the data are ensured, the data can be conveniently accessed by calling back to a storage medium of user equipment through a hook function, the data can be stored to other storage engines, and the flexibility of data storage is high.

It can be seen that in the embodiment of the application, a user can determine a deployment architecture according to actual requirements, more flexible and customized service is provided for the user, the user can register, the safety and legality of user identity are ensured, the user can determine a storage strategy according to actual requirements, more flexible and diversified selection is provided for data storage, and the flexibility and expandability of the electronic equipment are better.

One possible implementation manner of the embodiment of the present application, using a standard interface to obtain a registration request of a user for a target security device, includes:

determining a rendering template corresponding to the target security device according to the initial registration request so as to facilitate the user to display an interface provided by the rendering template on a page on the user device;

The corresponding request parameters of different security devices are different, and after the initial registration request of the user for the target security device is obtained, the corresponding rendering template can be determined, so that the user triggers the registration request on the page.

It can be seen that, in the embodiment of the present application, an initial registration request is obtained, then a rendering template is determined according to the initial request, an interface provided by the rendering template is displayed on a user device, and finally a registration request triggered by a user through the interface is obtained.

One possible implementation manner of the embodiment of the present application determines, according to identification information corresponding to a target security device, location information corresponding to the target security device in a container, including:

If not, generating prompt information.

It can be seen that, in the embodiment of the application, when determining the position information of the target security device in the container, firstly judging whether the target security device exists in the container, then determining the position information according to the identification information, if not, generating the prompt information, ensuring the accuracy and reliability of the position information, avoiding the processing error caused by the absence of the device, and prompting the user that the safety response cannot be performed or prompting the background staff to write the target security device into the container to update the container by generating the prompt information.

Based on any embodiment, the application provides a plurality of deployment modes on the basis of the user safety equipment, can better adapt to the architecture modes of different platforms, such as users with tense resources can deploy by using an embedded mode, users with non-java languages can deploy by using a restful style without influencing the original business and the like, provides a plurality of extensible storage modes, different platforms use different storage, can store the relevant business information of the equipment on the basis of the existing storage medium and also can use independent database without influencing the original business, and provides uniform closing.

The following describes an apparatus provided in an embodiment of the present application, where the apparatus described below and the method described above may be referred to correspondingly, and the apparatus of this embodiment is provided in an electronic device, and referring to fig. 7, fig. 7 is a block diagram of an apparatus according to one embodiment of the present application, where the apparatus includes:

an obtaining module 210, configured to obtain a response request of a user by using a standard interface, where the response request includes identification information of a target security device and a request service;

The conversion module 220 is configured to perform data conversion on the response request according to the identification information of the target security device, so as to obtain request data corresponding to the target security device;

A location information determining module 230, configured to determine location information corresponding to the target security device in the container according to the identification information corresponding to the target security device, where a plurality of security devices are integrated;

And a response module 240, configured to send the request data to the target security device according to the location information, so as to perform security processing according to the request service by using the target security device.

The present application may be further configured in a preferred example as a response module 240 for:

The present application may be further configured in a preferred example to:

When the request service comprises a forbidden service and/or an unpacking service carrying parameter information, a response module 240 is used for calling a storage medium according to the parameter information and inquiring whether repeated request service exists or not;

when the requested service includes a connectivity test, the response module 240 is configured to perform the connectivity test according to the requested service using the target security device.

The present application may be further configured in a preferred example to further include:

The deployment module is used for acquiring an access request of a user by utilizing a standard interface, determining a deployment architecture according to the access request so as to carry out system configuration according to the deployment architecture, wherein the deployment architecture comprises a restful mode, a central mode or an embedded mode;

The registration module is used for acquiring a registration request of a user for the target security device by utilizing the standard interface and registering the user according to the registration request;

And the storage module is used for acquiring a storage strategy of a user aiming at the target security device by utilizing the standard interface so as to store the target data according to the storage strategy when the target data is required to be stored.

The present application may be further configured in a preferred example as a storage module for:

when the storage strategy is a self-storage engine, storing the target data into the self-storage engine;

When the storage strategy is the storage medium of the user equipment corresponding to the user, the target data is recalled to the storage medium of the user equipment through the hooking function;

And when the storage strategy is that of the other storage engines, sending the target data to the other storage engines for data storage.

The present application may be further configured in a preferred example as a registration module for:

The present application may be further configured in a preferred example as a location information determining module 230 for:

If not, generating prompt information.

In an embodiment of the present application, as shown in fig. 8, an electronic device 300 shown in fig. 8 includes a processor 301 and a memory 303. Wherein the processor 301 is coupled to the memory 303, such as via a bus 302. Optionally, the electronic device 300 may also include a transceiver 304. It should be noted that, in practical applications, the transceiver 304 is not limited to one, and the structure of the electronic device 300 is not limited to the embodiment of the present application.

The Processor 301 may be a CPU (Central Processing Unit ), general purpose Processor, DSP (DIGITAL SIGNAL Processor, data signal Processor), ASIC (Application SPECIFIC INTEGRATED Circuit), FPGA (Field Programmable GATE ARRAY ) or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various exemplary logic blocks, modules and circuits described in connection with this disclosure. Processor 301 may also be a combination that implements computing functionality, e.g., comprising one or more microprocessor combinations, a combination of a DSP and a microprocessor, etc.

Bus 302 may include a path to transfer information between the components. Bus 302 may be a PCI (PERIPHERAL COMPONENT INTERCONNECT, peripheral component interconnect standard) bus or an EISA (Extended Industry Standard Architecture ) bus, or the like. Bus 302 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in fig. 8, but not only one bus or one type of bus.

The Memory 303 may be, but is not limited to, a ROM (Read Only Memory) or other type of static storage device that can store static information and instructions, a RAM (Random Access Memory ) or other type of dynamic storage device that can store information and instructions, an EEPROM (ELECTRICALLY ERASABLE PROGRAMMABLE READ ONLY MEMORY ), a CD-ROM (Compact Disc Read Only Memory, compact disc Read Only Memory) or other optical disk storage, optical disk storage (including compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.

The memory 303 is used for storing application program codes for executing the inventive arrangements and is controlled to be executed by the processor 301. The processor 301 is configured to execute the application code stored in the memory 303 to implement what is shown in the foregoing method embodiments.

The electronic device shown in fig. 8 is only an example and should not be construed as limiting the functionality and scope of use of the embodiments of the application.

Embodiments of the present application provide a computer-readable storage medium having a computer program stored thereon, which when run on a computer, causes the computer to perform the corresponding method embodiments described above.

An embodiment of the present application provides a computer program product, which includes a computer program, and the computer program when executed by a processor implements the corresponding content in the foregoing method embodiment.

It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the flowcharts of the figures may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily being sequential, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.

The foregoing is only a partial embodiment of the present application, and it should be noted that it will be apparent to those skilled in the art that modifications and adaptations can be made without departing from the principles of the present application, and such modifications and adaptations should and are intended to be comprehended within the scope of the present application.

Claims

1. A response handling method, comprising:

2. The response handling method according to claim 1, wherein the performing security processing according to the request service with the target security device includes:

3. The response handling method according to claim 1, wherein when the request service includes a blocking service and/or a deblocking service carrying parameter information, the performing security processing according to the request service by using the target security device includes calling a storage medium according to the parameter information, and inquiring whether there is a repeated request service;

4. The response handling method according to claim 1, further comprising at least one of the following before the response request of the user is acquired using the standard interface:

5. The response handling method according to claim 4, wherein storing the target data according to a storage policy when the target data needs to be stored, comprises:

6. The response handling method according to claim 4, wherein acquiring a registration request of a user for the target security device using a standard interface comprises:

7. The response handling method according to any one of claims 1 to 6, wherein the determining location information corresponding to the target security device in a container from the identification information corresponding to the target security device includes:

If not, generating prompt information.

8. A responsive treatment apparatus, comprising:

9. An electronic device, comprising:

one or more processors;

A memory;

One or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more applications configured to perform the steps of the response handling method according to any one of claims 1 to 7.

10. A computer readable storage medium, characterized in that the storage medium stores at least one instruction, at least one program, code set or instruction set, the at least one instruction, at least one program, code set or instruction set being loaded by a processor and executing the steps of the response handling method according to any of claims 1 to 7.