[go: up one dir, main page]

CN115643221A - HTTP asynchronous transmission method and device across power safety zone and storage medium - Google Patents

HTTP asynchronous transmission method and device across power safety zone and storage medium Download PDF

Info

Publication number
CN115643221A
CN115643221A CN202211099100.5A CN202211099100A CN115643221A CN 115643221 A CN115643221 A CN 115643221A CN 202211099100 A CN202211099100 A CN 202211099100A CN 115643221 A CN115643221 A CN 115643221A
Authority
CN
China
Prior art keywords
request
queue
data
http
security zone
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211099100.5A
Other languages
Chinese (zh)
Inventor
李树山
邓力源
李崇浩
唐红兵
王凌梓
张高峰
邹文仲
章金峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Southern Power Grid Co Ltd
NR Engineering Co Ltd
Original Assignee
China Southern Power Grid Co Ltd
NR Engineering Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Southern Power Grid Co Ltd, NR Engineering Co Ltd filed Critical China Southern Power Grid Co Ltd
Priority to CN202211099100.5A priority Critical patent/CN115643221A/en
Publication of CN115643221A publication Critical patent/CN115643221A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Computer And Data Communications (AREA)

Abstract

The invention discloses a method, a device and a storage medium for http asynchronous transmission across power safety zones in the technical field of power safety zone communication, and aims to solve the problem that requests of low-safety zones cannot be processed by high-safety zones in the prior art. The method comprises the steps of obtaining data information in a request queue in a message queue, wherein the message queue is built in a low-security area and comprises the request queue and a response queue, and the data information in the request queue is obtained by monitoring an http request in the low-security area; reassembling the http request, sending the http request to a back-end service, and applying for a request result; and pushing the obtained request result to a response queue of a message queue for subscribing and responding by the low-security area, wherein the low-security area is consumed by the browser according to the response result. The method and the device are used for normally pushing and executing the information in the high-safety area according to the information request in the low-safety area, and can enhance the information interaction capacity between the high-safety area and the low-safety area of the power monitoring system while ensuring the safety level of the power grid.

Description

一种跨电力安全区的http异步传输方法、装置及存储介质A HTTP asynchronous transmission method, device and storage medium across power safety zones

技术领域technical field

本发明涉及一种跨电力安全区的http异步传输方法、装置及存储介质,属于电力安全区通信技术领域。The invention relates to an http asynchronous transmission method, device and storage medium across a power safety zone, and belongs to the technical field of power safety zone communication.

背景技术Background technique

随着网络安全愈加重要,电网公司陆续出台了禁止低安全区主动访问高安全区的规定。有电网公司在管理信息大区划分了一个DMZ区,其安全等级比安全三区低,用于部署业务系统的前端模块,如手机APP前端。DMZ区不允许部署数据库及存放任何电网数据,所需数据皆需要安全三区主动推送,用隔离网闸完成与三区的隔离。隔离网闸是加强版防火墙,隔离网闸禁用TCP/IP协议,两端分别配置IP和端口进行一一对应,利用其内部的地址映射功能,实现仅支持从三区主动向DMZ区的定向访问策略。因此需要一种可以把低安全区的http请求转发至高安全区后端服务的技术来满足高低安全区信息交互的需要。As network security becomes more and more important, power grid companies have successively issued regulations prohibiting low-security areas from actively accessing high-security areas. Some power grid companies have divided a DMZ area in the management information area, which has a lower security level than the third security area, and is used to deploy front-end modules of business systems, such as mobile APP front-ends. The DMZ area does not allow the deployment of databases and storage of any power grid data. All the required data needs to be actively pushed by the three security areas, and the isolation gatekeeper is used to complete the isolation from the three areas. The isolation gatekeeper is an enhanced version of the firewall. The isolation gatekeeper disables the TCP/IP protocol, and configures IP and ports at both ends for one-to-one correspondence. Using its internal address mapping function, it only supports directional access from the three areas to the DMZ area. Strategy. Therefore, there is a need for a technology that can forward http requests from low-security areas to back-end services in high-security areas to meet the needs of information interaction between high and low security areas.

发明内容Contents of the invention

本发明的目的在于克服现有技术中的不足,提供一种跨电力安全区的http异步传输方法、装置及存储介质,用于根据低安全区的信息请求正常由高安全区进行推送执行,可以在保障电网安全等级的同时增强电力监控系统高低安全区间信息交互能力。The purpose of the present invention is to overcome the deficiencies in the prior art, and provide a http asynchronous transmission method, device and storage medium across the power security zone, which is used to push and execute normally from the high security zone according to the information request of the low security zone, and can While ensuring the safety level of the power grid, it enhances the information interaction capability of the high and low security intervals of the power monitoring system.

为实现上述目的,本发明是采用下述技术方案实现的:To achieve the above object, the present invention is achieved by adopting the following technical solutions:

一方面,本发明提供了一种跨电力安全区的http异步传输方法,包括由高安全区向低安全区进行定向推送指令的电网通信框架,所述异步传输方法包括如下步骤:On the one hand, the present invention provides a http asynchronous transmission method across power safety zones, including a power grid communication framework for directional push instructions from a high security zone to a low security zone, and the asynchronous transmission method includes the following steps:

获取消息队列中请求队列中的数据信息,所述消息队列构建于低安全区,所述消息队列包括请求队列和响应队列,所述请求队列中数据信息由低安全区监听http请求获得;Obtain the data information in the request queue in the message queue, the message queue is built in a low security zone, the message queue includes a request queue and a response queue, and the data information in the request queue is obtained by listening to http requests in the low security zone;

将所述http请求重新组装后发送至后端服务并申请请求结果;Reassemble the http request and send it to the backend service and apply for the request result;

将获得的请求结果推送至消息队列的响应队列中供低安全区订阅响应,所述低安全区根据响应结果供浏览器消费。The obtained request result is pushed to the response queue of the message queue for the low security area to subscribe to the response, and the low security area is used for consumption by the browser according to the response result.

具体的,所述低安全区将低安全区套接字所获取的http请求进行mqtt格式封装,并将每个http请求在进行通用唯一识别码编码后存储至消息队列中;并解析响应队列中的通用唯一识别码供低安全区的套接字响应。Specifically, the low security zone encapsulates the http request obtained by the low security zone socket in mqtt format, and stores each http request in the message queue after encoding the universal unique identification code; and parses the response queue The UUID for low-security socket responses.

具体的,所述高安全区应用套接字技术获取请求队列中的数据、将数据模拟成高安全区的http请求后发送至后端服务,并把获得的结果推送至消息队列中的响应队列。Specifically, the high-security zone uses socket technology to obtain data in the request queue, simulates the data as an http request in the high-security zone and sends it to the back-end service, and pushes the obtained result to the response queue in the message queue .

具体的,所述低安全区在响应结果前将响应队列和请求队列中的数据做响应匹配,当响应队列不存在请求队列的匹配数据时不做出响应。Specifically, the low security area matches the data in the response queue and the request queue before the response result, and does not respond when there is no matching data in the request queue in the response queue.

具体的,设定http请求的封装格式分为:Length、Header length、Header data、Body data;其中Length为4字节整数,其数值等于Header length、Header data、Body data的长度之和,Header length为4字节整数,其数值等于Header data的长度,Header data使用json序列化数据,Body data为自定义的二进制序列化数据。Specifically, set the encapsulation format of the http request into: Length, Header length, Header data, Body data; where Length is a 4-byte integer, and its value is equal to the sum of the lengths of Header length, Header data, and Body data, and Header length It is a 4-byte integer whose value is equal to the length of Header data. Header data uses json serialization data, and Body data is custom binary serialization data.

具体的,将请求队列中的数据模拟成高安全区http请求的具体方法包括如下步骤:Specifically, the specific method for simulating the data in the request queue into a high security zone http request includes the following steps:

S1、主动获取消息列队中请求队列的会话内容,并按照会话的颗粒度顺序依次进行处理;S1. Actively obtain the session content of the request queue in the message queue, and process it sequentially according to the granularity of the session;

S2、高安全区获取单个请求数据后,根据队列中serviceName查找配置文件,找到请求消息对应的ip和端口并替换http请求头中的目标ip和端口,不修改http请求bodydata中的任何数据,其中serviceName为后端服务唯一名称,包括但不限于通配符+。S2. After obtaining a single request data in the high security area, search the configuration file according to the serviceName in the queue, find the ip and port corresponding to the request message and replace the target ip and port in the http request header, without modifying any data in the http request bodydata, where serviceName is the unique name of the backend service, including but not limited to the wildcard +.

具体的,所述高安全区在后端服务发送请求后若等待反馈结果超时,生成超时错误并将错误返回。Specifically, if the high security area waits for the feedback result to time out after the backend service sends the request, a timeout error will be generated and the error will be returned.

具体的,所述高安全区和低安全区时刻监听与消息队列的连接状态,仅在对应连接状态正常时进行相应数据的订阅和发布,在对应连接状态异常时中止数据的交互。Specifically, the high security zone and the low security zone monitor the connection status with the message queue at all times, subscribe and publish corresponding data only when the corresponding connection status is normal, and stop data interaction when the corresponding connection status is abnormal.

另一方面,本发明提供了一种跨电力安全区的http异步传输的装置,包括处理器及存储介质;On the other hand, the present invention provides a device for http asynchronous transmission across power safety zones, including a processor and a storage medium;

所述存储介质用于存储指令;The storage medium is used to store instructions;

所述处理器用于根据所述指令进行操作以执行上述任意一项所述跨电力安全区的http异步传输方法的步骤。The processor is configured to operate according to the instructions to execute the steps of any one of the above-mentioned http asynchronous transmission methods across electric security zones.

再一方面,本发明提供了一种跨电力安全区的http异步传输的存储介质,其上存储有计算机程序,该计算机程序在被处理器执行时,实现如上述任意一项跨电力安全区的http异步传输方法的步骤。In yet another aspect, the present invention provides a storage medium for http asynchronous transmission across power security zones, on which a computer program is stored. The steps of the http asynchronous transfer method.

与现有技术相比,本发明所达到的有益效果:Compared with the prior art, the beneficial effects achieved by the present invention are as follows:

1、本发明通过由高安全区主动向低安全区订阅消息队列中请求队列的信息,并通过将获取的信息进行重组供后端服务识别执行,再将高安全区获得相应的数据向低安全区进行推送,本方法可以在保障电网安全等级的同时提高低安全区与高安全区之间的通信能力,有利于用户与低安全区进行交互并获得响应;1. In the present invention, the high-security area actively subscribes to the low-security area to request queue information in the message queue, and reorganizes the obtained information for back-end service identification and execution, and then transfers the corresponding data obtained from the high-security area to the low-security area. This method can improve the communication capability between the low security zone and the high security zone while ensuring the security level of the power grid, which is beneficial for users to interact with the low security zone and get a response;

2、本发明通过将相应队列中的数据和请求队列中的数据进行匹配,在无匹配结果时不做出响应,可以一定程度保障由高安全区向低安全区推送信息的安全性。2. The present invention matches the data in the corresponding queue with the data in the request queue, and does not respond when there is no matching result, which can guarantee the security of pushing information from the high security area to the low security area to a certain extent.

附图说明Description of drawings

图1是本发明实施例提供的一种异步传输方法的流程图;FIG. 1 is a flowchart of an asynchronous transmission method provided by an embodiment of the present invention;

图2是本发明实施例提供的一种异步传输方法的通信关系示意图。Fig. 2 is a schematic diagram of a communication relationship of an asynchronous transmission method provided by an embodiment of the present invention.

具体实施方式Detailed ways

下面通过附图以及具体实施例对本发明技术方案做详细的说明,应当理解本申请实施例以及实施例中的具体特征是对本申请技术方案的详细的说明,而不是对本申请技术方案的限定,在不冲突的情况下,本申请实施例以及实施例中的技术特征可以相互组合。The technical solutions of the present invention will be described in detail below through the drawings and specific examples. It should be understood that the embodiments of the present application and the specific features in the examples are detailed descriptions of the technical solutions of the present application, rather than limitations on the technical solutions of the present application. In the case of no conflict, the embodiments of the present application and the technical features in the embodiments may be combined with each other.

实施例一:Embodiment one:

本发明实施例提供的一种跨电力安全区的http异步传输方法,用于根据低安全区的信息请求正常由高安全区进行推送执行,可以在保障电网安全等级的同时增强电力监控系统高低安全区间信息交互能力,为实现上述功能,本方法具体包括如下步骤:The embodiment of the present invention provides an http asynchronous transmission method across power security areas, which is used to push and execute normally from high security areas according to information requests from low security areas, and can enhance the high and low security of the power monitoring system while ensuring the security level of the power grid Interval information interaction capability, in order to realize the above functions, this method specifically includes the following steps:

构建低安全区的消息队列,高安全区主动订阅低安全区消息队列中的消息,可由消息队列代理软件mosquitto进行消息代理,代理关系可参照图2所示;Construct the message queue in the low security zone, and the high security zone actively subscribes to the messages in the message queue in the low security zone, and the message queue proxy software mosquitto can be used for message proxying, and the proxy relationship can be shown in Figure 2;

由低安全区对http请求进行监听,并将http请求存储至消息队列的请求队列中;The http request is monitored by the low security area, and the http request is stored in the request queue of the message queue;

高安全区获取低安全区http的请求后将http请求进行重新组装,http请求重组后向后端服务发送并申请请求结果,高安全区再将请求结果推送至消息队列的响应队列中;The high-security area reassembles the http request after obtaining the http request from the low-security area. After the http request is reassembled, it sends it to the back-end service and applies for the request result, and the high-security area pushes the request result to the response queue of the message queue;

低安全区获取响应队列后响应结果供浏览器消费。本方法中,通过由高安全区主动链接低安全区的请求数据,通过将数据重组为高安全区受理的格式发送给后端服务进行相应,使低安全区的受理请求可以正常被高安全区受理反馈,由于http请求的重组服务不同于直接通信,因此可以在保障高低安全区安全等级的同时提升高、低安全区之间的通信能力,为低安全区和用户端的交互反馈提供了有效的解决方式。After the low-security area obtains the response queue, the response result is consumed by the browser. In this method, the high security zone actively links the request data of the low security zone, and reorganizes the data into a format accepted by the high security zone and sends it to the backend service for corresponding response, so that the acceptance request of the low security zone can be normally accepted by the high security zone. Accepting feedback, since the reorganization service of http requests is different from direct communication, it can improve the communication capability between high and low security areas while ensuring the security level of high and low security areas, providing an effective interaction feedback between low security areas and users solution.

本发明实施例提供的一种跨电力安全区的http异步传输方法,具体提供了一种高、低安全区之间的通信方式,为高、低安全区之间的数据交互提供了可靠有效的解决手段,具体的:The embodiment of the present invention provides an http asynchronous transmission method across power security zones, specifically provides a communication method between high and low security zones, and provides reliable and effective data interaction between high and low security zones. Solutions, specifically:

所述低安全区将低安全区套接字所获取的http请求进行mqtt格式封装,并将每个http请求在进行通用唯一识别码编码后存储至消息队列中;并解析响应队列中的通用唯一识别码供低安全区的套接字响应。The low security zone encapsulates the http request obtained by the low security zone socket in mqtt format, and stores each http request in the message queue after encoding the universal unique identification code; and parses the universal unique identifier in the response queue The identifier is for socket responses in the low security zone.

所述高安全区应用套接字技术获取请求队列中的数据、将数据模拟成高安全区的http请求后发送至后端服务,并把获得的结果推送至消息队列中的响应队列。The high-security zone uses socket technology to acquire data in the request queue, simulates the data as an http request in the high-security zone and sends it to the back-end service, and pushes the obtained result to the response queue in the message queue.

为便于进行说明,参照图2所示可以通过在系统中组建高安全区的请求重构服务和低安全区的请求处理服务,设置低安全区与高安全区的通信采用套接字(socket)技术框架,此时的两个套接字应当分别应用于请求处理服务和请求重构服务中,并设置请求重构服务和请求处理服务均与消息队列通信(如图2所示);For the convenience of explanation, as shown in Figure 2, the request reconstruction service of the high security zone and the request processing service of the low security zone can be set up in the system, and the communication between the low security zone and the high security zone is set to use a socket (socket) Technical framework, the two sockets at this time should be applied to the request processing service and the request reconstruction service respectively, and set the request reconstruction service and the request processing service to communicate with the message queue (as shown in Figure 2);

具体的,可以在应用系统的请求处理服务中设有编码模块和解码模块,编码模块用于将低安全区套接字所获取的http请求进行mqtt(消息队列遥测传输)格式封装(获取http请求的方式为用socket端口监听),并将每个http请求在进行通用唯一识别码(uuid)编码后存储至消息队列中,为高安全区提供准确的请求数据,请求重构服务应用套接字技术获取请求队列中的数据、将数据模拟成http请求发送至后端服务并把结果推送至消息队列中的响应队列,解码模块用于解析响应队列中的通用唯一识别码供低安全区的套接字响应。本方法应用套接字技术对信息进行端点传输,应用编码模块和解码模块对http请求数据进行处理,可以为请求重构服务提供相应的识别信息,并将返回的输出处理为可供请求处理服务识别的信号。可参照图2所示,为保证数据处理的高效快速,在请求重构服务中利用多线程技术建立一个连接池,即Java并发包中线程池类ThreadPoolExecutor。采用自定义线程池配置,并根据服务器资源合理配置线程池参数,使服务性能最优化。Specifically, an encoding module and a decoding module can be set in the request processing service of the application system, and the encoding module is used to encapsulate the http request obtained by the socket in the low security area into mqtt (message queue telemetry transmission) The method is to use the socket port to monitor), and store each http request in the message queue after encoding the universal unique identification code (uuid), provide accurate request data for the high security area, and request to reconstruct the service application socket The technology obtains the data in the request queue, simulates the data as an http request and sends it to the back-end service, and pushes the result to the response queue in the message queue. The decoding module is used to analyze the universal unique identification code in the response queue for the set in the low security area. Socket response. This method uses the socket technology to transmit the information to the endpoint, and uses the encoding module and the decoding module to process the http request data, which can provide corresponding identification information for the request reconstruction service, and process the returned output as a request processing service identified signal. As shown in Figure 2, in order to ensure efficient and fast data processing, a connection pool is established using multi-threading technology in the request reconstruction service, that is, the thread pool class ThreadPoolExecutor in the Java concurrent package. Use custom thread pool configuration and reasonably configure thread pool parameters according to server resources to optimize service performance.

本发明实施例提供的一种跨电力安全区的http异步传输方法,为了保障数据响应的准确性和一定的安全性,这里在低安全区在响应结果前将响应队列和请求队列中的数据做响应匹配,当响应队列不存在请求队列的匹配数据时不做出响应,通过数据对比,当返回的数据不存在相应请求时,通过不向用户显示执行结果,可以保障数据跨安全区良好的通信安全和良好的反馈准确率。The embodiment of the present invention provides an http asynchronous transmission method across power security areas. In order to ensure the accuracy and certain security of data responses, the data in the response queue and the request queue are processed before the response result in the low security area. Response matching, when there is no matching data in the request queue in the response queue, no response will be made. Through data comparison, when the returned data does not have a corresponding request, by not displaying the execution result to the user, good data communication across security zones can be guaranteed Safe and good feedback accuracy.

本发明实施例提供的一种跨电力安全区的http异步传输方法,具体提供了一种封装格式以供请求重构服务进行重组并转发重组后的请求,具体这里设定http请求的封装格式分为:Length、Header length、Header data、Body data;其中Length为4字节整数,其数值等于Header length、Header data、Body data长度的和,Header length为4字节整数,其数值等于Header data的长度,Header data部分使用json序列化数据,Body data为自定义的二进制序列化数据。消息主题格式定义如下:/v1/{serviceName}/{UUID}/request,其中serviceName为后端服务唯一名称,包括但不限于通配符+(还可以是具体后端服务名称),表示所有服务。UUID为会话id,包括但不限于通配符+,表示所有会话。封装好mqtt消息后,将其推送至消息队列中的请求列队中。The embodiment of the present invention provides an http asynchronous transmission method across power safety zones, specifically provides a packaging format for the request reconstruction service to recombine and forward the recombined request, specifically set the encapsulation format of the http request here It is: Length, Header length, Header data, Body data; where Length is a 4-byte integer whose value is equal to the sum of the lengths of Header length, Header data, and Body data, and Header length is a 4-byte integer whose value is equal to that of Header data Length, the Header data part uses json serialized data, and the Body data is custom binary serialized data. The format of the message topic is defined as follows: /v1/{serviceName}/{UUID}/request, where serviceName is the unique name of the backend service, including but not limited to the wildcard + (it can also be a specific backend service name), indicating all services. UUID is the session id, including but not limited to wildcard +, which means all sessions. After the mqtt message is encapsulated, push it to the request queue in the message queue.

本发明实施例提供的一种跨电力安全区的http异步传输方法,根据上述封装格式具体提供了一种重构服务模块的重构和数据处理过程,其中请求重构服务的具体工作步骤包括:The embodiment of the present invention provides an http asynchronous transmission method across power safety zones, specifically provides a reconfiguration and data processing process of the reconfiguration service module according to the above-mentioned encapsulation format, wherein the specific working steps of requesting the reconfiguration service include:

主动获取消息列队中请求队列的会话内容(订阅请求队列中的数据),并按照会话的颗粒度存入请求重构服务的缓存区,这里的颗粒度指的是数据的宏观与微观程度;Actively obtain the session content of the request queue in the message queue (subscribe to the data in the request queue), and store it in the cache area of the request reconstruction service according to the granularity of the session, where the granularity refers to the macro and micro levels of data;

从请求重构服务的缓存区获取单个请求数据(可以从线程池中分配一个空闲线程从缓存区获取单个请求数据),并把获取到的会话数据根据http协议进行http请求体的重构;Obtain a single request data from the cache area of the request reconstruction service (you can allocate an idle thread from the thread pool to obtain a single request data from the cache area), and reconstruct the HTTP request body according to the obtained session data according to the HTTP protocol;

根据队列中serviceName查找配置文件,找到请求消息对应的ip和端口并替换http请求头中的目标ip和端口,不修改http请求body data中的任何数据,其中serviceName为后端服务唯一名称,包括但不限于通配符+(还可以是后端服务具体名称,此步骤即可以完成请求体的重新模拟)。Search the configuration file according to the serviceName in the queue, find the corresponding ip and port of the request message and replace the target ip and port in the http request header without modifying any data in the body data of the http request, where serviceName is the unique name of the backend service, including but It is not limited to the wildcard + (it can also be the specific name of the backend service, and this step can complete the re-simulation of the request body).

重组完成后开始等待数据反馈和处理,具体的,高安全区将模拟好的请求请求转发至目标后端服务的ip地址,等待结果的返回;最后再将返回的结果数据重整为mqtt格式的数据推送至消息队列的响应队列中即可。After the reorganization is completed, it starts to wait for data feedback and processing. Specifically, the high security zone forwards the simulated request to the ip address of the target backend service, and waits for the result to be returned; finally, the returned result data is reorganized into mqtt format The data can be pushed to the response queue of the message queue.

通过上述重组方式,可以将低安全区的请求转化为高安全区的请求,并可在高安全区获得反馈结果后向低安全区进行推送执行,低安全区的请求处理服务在接收响应结果后,可以正常执行由高安全区推送的指令。Through the above reorganization method, the request of the low security area can be converted into the request of the high security area, and the feedback result can be pushed to the low security area for execution after the high security area, and the request processing service of the low security area can receive the response result , the commands pushed by the high security zone can be executed normally.

本发明实施例提供的一种跨电力安全区的http异步传输方法,设置高安全区会话响应的超时时间,若等待反馈结果超时,生成超时错误并将错误返回,以供系统通信在产生问题时可以正常进行反馈。The embodiment of the present invention provides an http asynchronous transmission method across power safety zones, setting the timeout period of the session response in the high security zone, and if waiting for the feedback result to time out, a timeout error will be generated and the error will be returned for system communication when a problem occurs Feedback can be done normally.

本发明实施例提供的一种跨电力安全区的http异步传输方法,设置请求重构服务和请求处理服务时刻监听与消息队列的连接状态,仅在对应连接状态正常时进行相应数据的订阅和发布,在对应连接状态异常时中止数据的交互。此处的中止交互具体指代连接状态错误时的暂停交互,避免在连接异常时数据的持续发送产生大量的错误或数据丢失,有利于保障通信系统的正常工作。The embodiment of the present invention provides an http asynchronous transmission method across power safety zones, setting the request reconstruction service and request processing service to monitor the connection status with the message queue at all times, and only subscribe and publish the corresponding data when the corresponding connection status is normal , when the corresponding connection status is abnormal, the data exchange is suspended. Here, the suspension of interaction specifically refers to the suspension of interaction when the connection status is wrong, so as to avoid a large number of errors or data loss caused by the continuous transmission of data when the connection is abnormal, which is conducive to ensuring the normal operation of the communication system.

实施例二:Embodiment two:

本发明提供的一种跨电力安全区的http异步传输的装置,包括处理器及存储介质;The present invention provides a device for http asynchronous transmission across power safety zones, including a processor and a storage medium;

存储介质用于存储指令;The storage medium is used to store instructions;

处理器用于根据指令进行操作以执行实施例一中任意一项跨电力安全区的http异步传输方法的步骤。The processor is configured to operate according to the instructions to execute the steps of any one of the http asynchronous transmission methods across the power security zone in the first embodiment.

实施例三:Embodiment three:

本发明提供的一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该计算机程序在被处理器执行时,实现如实施例一中任意一项跨电力安全区的http异步传输方法的步骤。The present invention provides a computer-readable storage medium, on which a computer program is stored, which is characterized in that, when the computer program is executed by a processor, it realizes the http asynchronous transmission across the power safety zone of any item in the first embodiment method steps.

本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计Those skilled in the art should understand that the embodiments of the present application may be provided as methods, systems, or computer

算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。computer program products. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

本申请是参照根据本申请实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowcharts and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the present application. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and combinations of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a Means for realizing the functions specified in one or more steps of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。 这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram. These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart flow or flows and/or block diagram block or blocks.

以上所述仅是本发明的优选实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明技术原理的前提下,还可以做出若干改进和变形,这些改进和变形也应视为本发明的保护范围。The above is only a preferred embodiment of the present invention, it should be pointed out that for those of ordinary skill in the art, without departing from the technical principle of the present invention, some improvements and modifications can also be made. It should also be regarded as the protection scope of the present invention.

Claims (10)

1.一种跨电力安全区的http异步传输方法,其特征在于,包括由高安全区向低安全区进行定向推送指令的电网通信框架,所述异步传输方法包括如下步骤:1. a kind of http asynchronous transmission method across electric power security zone, it is characterized in that, comprise the grid communication framework that carries out directional push instruction from high security zone to low security zone, described asynchronous transmission method comprises the steps: 获取消息队列中请求队列中的数据信息,所述消息队列构建于低安全区,所述消息队列包括请求队列和响应队列,所述请求队列中数据信息由低安全区监听http请求获得;Obtain the data information in the request queue in the message queue, the message queue is built in a low security zone, the message queue includes a request queue and a response queue, and the data information in the request queue is obtained by listening to http requests in the low security zone; 将所述http请求重新组装后发送至后端服务并申请请求结果;Reassemble the http request and send it to the backend service and apply for the request result; 将获得的请求结果推送至消息队列的响应队列中供低安全区订阅响应,所述低安全区根据响应结果供浏览器消费。The obtained request result is pushed to the response queue of the message queue for the low security area to subscribe to the response, and the low security area is used for consumption by the browser according to the response result. 2.根据权利要求1所述的一种跨电力安全区的http异步传输方法,其特征在于,所述低安全区将低安全区套接字所获取的http请求进行mqtt格式封装,并将每个http请求在进行通用唯一识别码编码后存储至消息队列中;并解析响应队列中的通用唯一识别码供低安全区的套接字响应。2. A kind of http asynchronous transmission method across power security zone according to claim 1, it is characterized in that, described low security zone carries out the http request that low security zone socket acquires mqtt format encapsulation, and every An http request is stored in the message queue after encoding the UUID; and the UUID in the response queue is parsed for the socket response in the low security area. 3.根据权利要求2所述的一种跨电力安全区的http异步传输方法,其特征在于,所述高安全区应用套接字技术获取请求队列中的数据、将数据模拟成高安全区的http请求后发送至后端服务,并把获得的结果推送至消息队列中的响应队列。3. A kind of http asynchronous transmission method across power security zone according to claim 2, it is characterized in that, described high security zone application socket technology obtains the data in the request queue, simulates data into high security zone The http request is sent to the backend service, and the obtained result is pushed to the response queue in the message queue. 4.根据权利要求1所述的一种跨电力安全区的http异步传输方法,其特征在于,所述低安全区在响应结果前将响应队列和请求队列中的数据做响应匹配,当响应队列不存在请求队列的匹配数据时不做出响应。4. A kind of http asynchronous transmission method across power safety zone according to claim 1, it is characterized in that, before the response result in the low security zone, the data in the response queue and the request queue are matched in response, when the response queue No response is made when there is no matching data for the request queue. 5.根据权利要求3所述的一种跨电力安全区的http异步传输方法,其特征在于,设定http请求的封装格式分为:Length、Header length、Header data、Body data;其中Length为4字节整数,其数值等于Header length、Header data、Body data的长度之和,Headerlength为4字节整数,其数值等于Header data的长度,Header data使用json序列化数据,Body data为自定义的二进制序列化数据。5. A kind of http asynchronous transmission method across power safety zone according to claim 3, it is characterized in that, the encapsulation format of setting http request is divided into: Length, Header length, Header data, Body data; Wherein Length is 4 A byte integer whose value is equal to the sum of the lengths of Header length, Header data, and Body data. Headerlength is a 4-byte integer whose value is equal to the length of Header data. Header data uses json to serialize data, and Body data is a custom binary serialized data. 6.根据权利要求5所述的一种跨电力安全区的http异步传输方法,其特征在于,将请求队列中的数据模拟成高安全区http请求的具体方法包括如下步骤:6. a kind of http asynchronous transmission method across power security zone according to claim 5, is characterized in that, the concrete method that simulates the data in the request queue into high security zone http request comprises the following steps: S1、主动获取消息列队中请求队列的会话内容,并按照会话的颗粒度顺序依次进行处理;S1. Actively obtain the session content of the request queue in the message queue, and process it sequentially according to the granularity of the session; S2、高安全区获取单个请求数据后,根据队列中serviceName查找配置文件,找到请求消息对应的ip和端口并替换http请求头中的目标ip和端口,不修改http请求body data中的任何数据,其中serviceName为后端服务唯一名称,包括但不限于通配符+。S2. After obtaining a single request data in the high security zone, search for the configuration file according to the serviceName in the queue, find the ip and port corresponding to the request message and replace the target ip and port in the http request header, without modifying any data in the http request body data, Where serviceName is the unique name of the backend service, including but not limited to the wildcard +. 7.根据权利要求3所述的一种跨电力安全区的http异步传输方法,其特征在于,所述高安全区在后端服务发送请求后若等待反馈结果超时,生成超时错误并将错误返回。7. The http asynchronous transmission method across power safety zones according to claim 3, characterized in that, if the high security zone waits for the feedback result to time out after the backend service sends a request, a timeout error will be generated and the error will be returned . 8.根据权利要求3所述的一种跨电力安全区的http异步传输方法,其特征在于,所述高安全区和低安全区时刻监听与消息队列的连接状态,仅在对应连接状态正常时进行相应数据的订阅和发布,在对应连接状态异常时中止数据的交互。8. A method of http asynchronous transmission across power safety zones according to claim 3, wherein the high security zone and the low security zone monitor the connection status with the message queue at all times, and only when the corresponding connection status is normal Subscribe and publish corresponding data, and stop data interaction when the corresponding connection status is abnormal. 9.一种跨电力安全区的http异步传输的装置,其特征在于,包括处理器及存储介质;9. A device for http asynchronous transmission across power safety zones, characterized in that it includes a processor and a storage medium; 所述存储介质用于存储指令;The storage medium is used to store instructions; 所述处理器用于根据所述指令进行操作以执行权利要求1-8中任意一项所述跨电力安全区的http异步传输方法的步骤。The processor is configured to operate according to the instructions to execute the steps of the http asynchronous transmission method across power safety zones in any one of claims 1-8. 10.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该计算机程序在被处理器执行时,实现如权利要求1-8中任意一项跨电力安全区的http异步传输方法的步骤。10. A computer-readable storage medium, on which a computer program is stored, characterized in that, when the computer program is executed by a processor, it realizes http asynchronous transmission across an electric power safety zone according to any one of claims 1-8 method steps.
CN202211099100.5A 2022-09-08 2022-09-08 HTTP asynchronous transmission method and device across power safety zone and storage medium Pending CN115643221A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211099100.5A CN115643221A (en) 2022-09-08 2022-09-08 HTTP asynchronous transmission method and device across power safety zone and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211099100.5A CN115643221A (en) 2022-09-08 2022-09-08 HTTP asynchronous transmission method and device across power safety zone and storage medium

Publications (1)

Publication Number Publication Date
CN115643221A true CN115643221A (en) 2023-01-24

Family

ID=84942025

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211099100.5A Pending CN115643221A (en) 2022-09-08 2022-09-08 HTTP asynchronous transmission method and device across power safety zone and storage medium

Country Status (1)

Country Link
CN (1) CN115643221A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103634203A (en) * 2013-11-29 2014-03-12 北京奇虎科技有限公司 Message asynchronous transmission method, device and system
US20160036903A1 (en) * 2014-07-31 2016-02-04 Splunk Inc. Asynchronous processing of messages from multiple servers
US20190208022A1 (en) * 2018-01-02 2019-07-04 Sap Se Transport channel via web socket for odata
CN111200592A (en) * 2019-12-17 2020-05-26 深圳供电局有限公司 Information transmission method, device and system
US10673971B1 (en) * 2015-06-17 2020-06-02 Amazon Technologies, Inc. Cross-partition messaging using distributed queues
CN111988283A (en) * 2020-07-30 2020-11-24 浙江兰德纵横网络技术股份有限公司 Data transmission method, system, device and computer readable storage medium
CN114553932A (en) * 2022-04-24 2022-05-27 深圳市明源云科技有限公司 System integration docking method, device, equipment and medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103634203A (en) * 2013-11-29 2014-03-12 北京奇虎科技有限公司 Message asynchronous transmission method, device and system
US20160036903A1 (en) * 2014-07-31 2016-02-04 Splunk Inc. Asynchronous processing of messages from multiple servers
US10673971B1 (en) * 2015-06-17 2020-06-02 Amazon Technologies, Inc. Cross-partition messaging using distributed queues
US20190208022A1 (en) * 2018-01-02 2019-07-04 Sap Se Transport channel via web socket for odata
CN111200592A (en) * 2019-12-17 2020-05-26 深圳供电局有限公司 Information transmission method, device and system
CN111988283A (en) * 2020-07-30 2020-11-24 浙江兰德纵横网络技术股份有限公司 Data transmission method, system, device and computer readable storage medium
CN114553932A (en) * 2022-04-24 2022-05-27 深圳市明源云科技有限公司 System integration docking method, device, equipment and medium

Similar Documents

Publication Publication Date Title
Profanter et al. OPC UA versus ROS, DDS, and MQTT: performance evaluation of industry 4.0 protocols
Nugur et al. Design and development of an IoT gateway for smart building applications
Peretti et al. BlinkToSCoAP: An end-to-end security framework for the Internet of Things
EP3576379A1 (en) Service layer interworking using mqtt protocol
CN108712485A (en) A kind of resource subscription method and apparatus of internet of things equipment
CN112039722B (en) A kind of MQTT protocol simulation method and simulation device
CN114584603B (en) Method and device for connecting desktop client software with server and readable storage medium
CN106936932A (en) A kind of method wrapped by cloud service protocol access robot software
Nugur et al. Design and development of an IoT gateway for smart building applications
CN113067737B (en) A time-sensitive network configuration management system and method
Junior et al. Privacy-preserving cloud-connected IoT data using context-aware and end-to-end secure messages
CN111262823B (en) Security gateway and data processing method thereof
CN111629059B (en) Cluster communication method, system, equipment and computer readable storage medium
CN112968965A (en) Metadata service method, server and storage medium for NFV network node
CN115378922A (en) Embedded operating system software interface method supporting APP interconnection and interworking
CN112702338B (en) IKE message acquisition method and device
CN115037588A (en) Network management method, network management device, electronic equipment and storage medium
KR20230132143A (en) OPC UA synergy platform for Industrial IoT
CN103684904A (en) Tri-networks integration network monitoring system based on IP
CN113472637A (en) LORA gateway
CN115643221A (en) HTTP asynchronous transmission method and device across power safety zone and storage medium
Peretti CoAP over DTLS TinyOS Implementation and Performance Analysis
WO2025016039A1 (en) Data transmission method and apparatus, and related device
CN116389280A (en) Network topology acquisition method, device, equipment and medium
CN111240867B (en) Information communication system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination