TWI825923B - Field programmable logic gate array for financial transactions - Google Patents
Field programmable logic gate array for financial transactions Download PDFInfo
- Publication number
- TWI825923B TWI825923B TW111130807A TW111130807A TWI825923B TW I825923 B TWI825923 B TW I825923B TW 111130807 A TW111130807 A TW 111130807A TW 111130807 A TW111130807 A TW 111130807A TW I825923 B TWI825923 B TW I825923B
- Authority
- TW
- Taiwan
- Prior art keywords
- address
- transaction
- message packet
- programmable logic
- gate array
- Prior art date
Links
- 239000003999 initiator Substances 0.000 claims abstract description 53
- 238000000034 method Methods 0.000 claims abstract description 20
- 230000000977 initiatory effect Effects 0.000 claims abstract description 16
- 230000008569 process Effects 0.000 claims description 9
- 238000010586 diagram Methods 0.000 description 8
- 238000012545 processing Methods 0.000 description 7
- 230000001133 acceleration Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000013461 design Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000010365 information processing Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012954 risk control Methods 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Logic Circuits (AREA)
Abstract
一種用於金融交易的現場可程式化邏輯閘陣列,包含一收發單元及一運算單元。該運算單元具有一位址置換程序,該位址置換程序記憶至少一發起端位址、至少一執行端位址,及一替換發起位址,該現場可程式化邏輯閘陣列作為該交易發起端或該交易執行端的暫時目標而具有一中繼位址,該收發單元接受來自該交易發起端或該交易執行端傳遞的一交易訊息封包,該運算單元執行該位址置換程序而在一TCP/IP協定中的一網際網路層對該交易訊息封包所包含的該發起端位址、該執行端位址、該替換發起端位址與該中繼位址的至少其一進行替換後續向目標發送。 A field programmable logic gate array used for financial transactions includes a transceiver unit and an arithmetic unit. The computing unit has an address replacement program. The address replacement program stores at least one initiator address, at least one execution end address, and a replacement initiator address. The field programmable logic gate array serves as the transaction initiator. Or the temporary target of the transaction execution end has a relay address. The transceiver unit accepts a transaction message packet transmitted from the transaction initiation end or the transaction execution end. The computing unit executes the address replacement procedure and performs a TCP/ An Internet layer in the IP protocol replaces at least one of the initiator address, the execution end address, the replacement initiator address and the relay address included in the transaction message packet and then forwards to the target. Send.
Description
本發明涉及一種用於金融交易的現場可程式化邏輯閘陣列,尤指一種達到具體硬體加速目的的現場可程式化邏輯閘陣列。 The present invention relates to a field programmable logic gate array for financial transactions, and in particular to a field programmable logic gate array that achieves specific hardware acceleration purposes.
在金融交易領域中,金融商品經紀商與投資者受到金融監督管理委員會的監控與保護,金融商品的交易必須符合金管會的規範,因此金融商品經紀商必須在滿足規範的條件下有效提升交易訊息的速度與安全性。 In the field of financial transactions, financial product brokers and investors are monitored and protected by the Financial Supervisory Commission. The trading of financial products must comply with the regulations of the Financial Supervisory Commission. Therefore, financial product brokers must effectively improve trading information under the conditions of meeting the regulations. speed and security.
然而,現有的金融交易方式存在不足,駭客可以依循交易訊息中的內容,對投資者或是金融商品經紀商展開攻擊,致使用戶設備或是金融交易伺服器無法正常工作。當前雖然可利用額外增設防火牆的機制提供保護,然而防火牆在轉發交易訊息的過程中,容易造成大量時間延遲,同樣不利於金融交易。 However, existing financial transaction methods have shortcomings. Hackers can follow the content in transaction messages to attack investors or financial product brokers, causing user equipment or financial transaction servers to fail to work properly. Although additional firewall mechanisms can currently be used to provide protection, firewalls can easily cause a large amount of time delays in the process of forwarding transaction messages, which is also not conducive to financial transactions.
再者,當前交易系統雖可具備安全且快速的運算能力,惟交易系統的運算功能仰賴中央處理器的工作效率,而中央處理器的訊息處理機制受到自身軟體的限制,導致中央處理器於訊息處理過程中無法有效率且迅速的進行,使得習用交易系統在優化運算功能上的可能性有限。承此,本案申請人旨在於解決前述問題,因此透過現場可程式化邏輯閘陣列加速訊息處理速度,以減輕中央處理器工作量,並達到硬體加速目的。 Furthermore, although the current trading system can have safe and fast computing capabilities, the computing function of the trading system relies on the efficiency of the central processing unit, and the central processing unit's message processing mechanism is limited by its own software, resulting in the central processor's inefficiency in message processing. The processing process cannot be carried out efficiently and quickly, which makes the possibility of optimizing the computing function of the conventional trading system limited. Therefore, the applicant of this case aims to solve the above-mentioned problems, so it accelerates the information processing speed through on-site programmable logic gate array to reduce the workload of the central processor and achieve the purpose of hardware acceleration.
當前已公開專利,如CN 108183978B及TW 201926975A等,公開利用現場可程式化邏輯閘陣列置換IP地址(Internet Protocol Address,網際協議地址)的技術。以CN 108183978B舉例言,CN 108183978B在通信設備啟動後,由通信設備讀取到第一IP地址後,現場可程式化邏輯閘陣列基於上位機的指令決定置換第一IP地址與否。惟,由前述內容可知,CN 108183978B所揭的現場可程式化邏輯閘陣列必須仰賴上位機的指令工作,一旦上位機指令傳送延遲或是錯誤時,則令現場可程式化邏輯閘陣列無法快速工作。再者,當現場可程式化邏輯閘陣列於接收訊息過程中後必須接收完整封包後,再依序解譯完整封包後,才能讀取到第一IP地址,如此一來,當此現場可程式化邏輯閘陣列被應用於交易系統時,此現場可程式化邏輯閘陣列仍無法具體達到硬體加速目的,不利於分秒必爭的金融交易領域。而TW 201926975A雖同樣揭露利用現場可程式化邏輯閘陣列置換IP的標頭的技術,惟TW 201926975A仍存在必須等待封包完整傳輸及完整解譯的問題。 There are currently published patents, such as CN 108183978B and TW 201926975A, which disclose the technology of using field programmable logic gate arrays to replace IP addresses (Internet Protocol Address). Take CN 108183978B as an example. After the communication equipment of CN 108183978B is started and the first IP address is read by the communication equipment, the on-site programmable logic gate array decides whether to replace the first IP address based on instructions from the host computer. However, it can be seen from the foregoing that the field programmable logic gate array disclosed in CN 108183978B must rely on instructions from the host computer. Once the instruction transmission from the host computer is delayed or incorrect, the field programmable logic gate array will not be able to work quickly. . Furthermore, when the field programmable logic gate array is in the process of receiving a message, it must receive the complete packet and then interpret the complete packet in sequence before it can read the first IP address. In this way, when the field programmable logic gate array When a customized logic gate array is used in a trading system, this on-site programmable logic gate array still cannot specifically achieve the purpose of hardware acceleration, which is not conducive to the financial transaction field where every second counts. Although TW 201926975A also discloses the technology of using a field programmable logic gate array to replace the header of the IP, TW 201926975A still has the problem of having to wait for the complete transmission and complete interpretation of the packet.
本發明的主要目的,在於解決現有金融交易領域中無法提供可滿足交易所規範、安全並可快速運算的交易系統。 The main purpose of the present invention is to solve the problem that the existing financial transaction field cannot provide a trading system that can meet the specifications of the exchange, is safe and can operate quickly.
本發明的另一目的,在於當前現場可程式化邏輯閘陣列雖可加速訊息處理速度,仍無法具體達到硬體加速的問題。 Another object of the present invention is to solve the problem that although the current field programmable logic gate array can accelerate the information processing speed, it still cannot achieve specific hardware acceleration.
為達上述目的,本發明提供一種用於金融交易的現場可程式化邏輯閘陣列,包含一收發單元,以及一與該收發單元連接的運算單元。該運算單元具有一位址置換程序,該位址置換程序關聯記憶至少 一對應一交易發起端的發起端位址、至少一對應一交易執行端的執行端位址,及一與該交易發起端關聯的替換發起位址,該現場可程式化邏輯閘陣列作為該交易發起端與該交易執行端之間傳遞一交易訊息封包的中繼,並以該收發單元接受該交易訊息封包,該現場可程式化邏輯閘陣列具有一中繼位址,該運算單元執行該位址置換程序而在一TCP/IP協定中的一網際網路層對該交易訊息封包進行後續描述的至少其中一者才向該交易訊息封包描述的目標位址發送:(1)該交易訊息封包的來源標示為該發起端位址時,變更為該替換發起位址;(2)該交易訊息封包的目標標示為該替換發起位址時,變更為該發起端位址;(3)該交易訊息封包的目標標示為該中繼位址時,變更為該執行端位址;(4)該交易訊息封包的來源標示為該執行端位址時,變更為該中繼位址。 To achieve the above object, the present invention provides a field programmable logic gate array for financial transactions, including a transceiver unit and a computing unit connected to the transceiver unit. The computing unit has an address replacement program, and the address replacement program has an associated memory of at least One initiator address corresponding to a transaction initiator, at least one execution end address corresponding to a transaction execution end, and an alternative initiation address associated with the transaction initiator, and the field programmable logic gate array serves as the transaction initiator A relay that transmits a transaction message packet with the transaction execution end, and uses the transceiver unit to receive the transaction message packet. The field programmable logic gate array has a relay address, and the computing unit performs the address replacement. The program sends at least one of the subsequent descriptions of the transaction message packet to the destination address described in the transaction message packet by an Internet layer in a TCP/IP protocol: (1) the source of the transaction message packet When it is marked as the initiator address, it is changed to the alternative initiator address; (2) When the destination of the transaction message packet is marked as the alternative initiator address, it is changed to the initiator address; (3) The transaction message packet When the destination is marked as the relay address, it is changed to the execution end address; (4) When the source of the transaction message packet is marked as the execution end address, it is changed to the relay address.
一實施例中,該運算單元具有一來源確認程序,該來源確認程序運行時比對該交易訊息封包所包含一訊息來源位址是否為下列中的其中一者:該發起端位址、該執行端位址,如是續行該位址置換程序並令該交易訊息封包通過,如否阻擋該交易訊息封包通過。 In one embodiment, the computing unit has a source confirmation program. When running, the source confirmation program compares whether a message source address included in the transaction message packet is one of the following: the initiator address, the execution terminal address, if it is to continue the address replacement process and allow the transaction message packet to pass, if not to prevent the transaction message packet from passing.
一實施例中,該收發單元包含至少一訊息輸入埠以及至少一訊息輸出埠。 In one embodiment, the transceiver unit includes at least one message input port and at least one message output port.
一實施例中,該運算單元包含二分別連接該訊息輸入埠與該訊息輸出埠的網路位址置換模組,以及一連接該二網路位址置換模組的運算模組。 In one embodiment, the computing unit includes two network address replacement modules connected to the message input port and the message output port respectively, and a computing module connected to the two network address replacement modules.
一實施例中,該運算單元具有一發送延遲與一接收延遲,該發送延遲的時長不同於該接收延遲的時長。 In one embodiment, the computing unit has a sending delay and a receiving delay, and the length of the sending delay is different from the length of the receiving delay.
透過本發明前述實施,相較於習用具有以下特點:本發明該現場可程式化邏輯閘陣列透過該運算單元具有該位址置換程序,使得該現場可程式化邏輯閘陣列無須解譯完整的該交易訊息封包。該收發單元接收該交易訊息封包過程中,該運算單元無須待該交易訊息封包完整傳遞,而可直接在該TCP/IP協定中的該網際網路層對該交易訊息封包所包含的位址進行替換。 Through the foregoing implementation of the present invention, compared with the conventional ones, it has the following characteristics: the field programmable logic gate array of the present invention has the address replacement program through the computing unit, so that the field programmable logic gate array does not need to interpret the complete Transaction message packet. When the transceiver unit receives the transaction message packet, the computing unit does not need to wait for the transaction message packet to be completely transmitted, but can directly perform the processing on the address contained in the transaction message packet at the Internet layer in the TCP/IP protocol. Replace.
10:現場可程式化邏輯閘陣列 10: Field programmable logic gate array
11:收發單元 11: Transceiver unit
111:訊息輸入埠 111:Message input port
112:訊息輸出埠 112:Message output port
13:運算單元 13:Arithmetic unit
130:位址置換程序 130:Address replacement procedure
131:網路位址置換模組 131:Network address replacement module
132:運算模組 132:Computational module
133:來源確認程序 133: Source confirmation procedure
20:交易訊息封包 20: Transaction message packet
21:訊息來源位址 21:Message source address
30:網際網路 30:Internet
40:交易發起端 40: Transaction initiator
41:發起端位址 41: Initiator address
50:交易執行端 50: Transaction execution end
51:執行端位址 51: Execution end address
60:防火裝置 60: Fire protection device
圖1,本發明一實施例的單元示意圖(一)。 Figure 1 is a unit schematic diagram (1) of an embodiment of the present invention.
圖2,本發明一實施例的單元示意圖(二)。 Figure 2 is a unit schematic diagram (2) of an embodiment of the present invention.
圖3,本發明一實施例的位址置換程序實施示意圖(一)。 Figure 3 is a schematic diagram (1) of the implementation of the address replacement program according to an embodiment of the present invention.
圖4,本發明一實施例的位址置換程序實施示意圖(二)。 Figure 4 is a schematic diagram (2) of the implementation of the address replacement program according to an embodiment of the present invention.
圖5,本發明一實施例的來源確認程序實施示意圖(一)。 Figure 5 is a schematic diagram (1) of the implementation of the source confirmation program according to an embodiment of the present invention.
圖6,本發明一實施例的來源確認程序實施示意圖(二)。 Figure 6 is a schematic diagram (2) of the implementation of the source confirmation program according to an embodiment of the present invention.
圖7,本發明一實施例搭配防火裝置的單元示意圖。 Figure 7 is a schematic diagram of a unit equipped with a fire protection device according to an embodiment of the present invention.
圖8,本發明一實施例的單元示意圖(三)。 Figure 8 is a unit schematic diagram (3) of an embodiment of the present invention.
本發明詳細說明及技術內容,茲配合圖式說明如下:請參閱圖1,本發明提供一種現場可程式化邏輯閘陣列10,該現場可程式化邏輯閘陣列10被應用於金融交易領域,並可設置於一伺服設備中,該現場可程式化邏輯閘陣列10的功能在於提供硬體加速,令該伺服設備的運算速率提升,並使金融交易過程中可實現訊息加速處理。
The detailed description and technical content of the present invention are as follows with reference to the drawings: Please refer to Figure 1. The present invention provides a field programmable
承上,復請參閱圖1至圖4,該現場可程式化邏輯閘陣列10包含一收發單元11及一運算單元13,其中,該收發單元11作為該現場可程式化邏輯閘陣列10與外部聯絡的窗口,舉例來說,該收發單元11可透過一網際網路30與一用戶終端設備資訊連接,該收發單元11接收該用戶終端設備經由該網際網路30傳入的資訊。一實施例中,該收發單元11包含至少一訊息輸入埠111及至少一訊息輸出埠112,該訊息輸入埠111負責接收由外部而來的資訊,該訊息輸出埠112則在於向外部傳輸訊息,就如圖8。該運算單元13與該收發單元11連接,詳細來說,該運算單元13接收由該訊息輸入埠111而來的訊息,並藉由該訊息輸出埠112將處理後的訊息傳遞至外部。
Continuing with the above, please refer to Figures 1 to 4 again. The field programmable
承上,該運算單元13具有一位址置換程序130,該位址置換程序130關聯記憶至少一發起端位址41、至少一執行端位址51,及一替換發起位址,該發起端位址41與一交易發起端40對應,該交易發起端40所指為在金融交易領域建立金融交易者,舉例來說,
該交易發起端40可以是一金融用戶所持有的該用戶終端設備,而該發起端位址41則可為該用戶終端設備的IP位址。該執行端位址51與一交易執行端50對應,該交易執行端50所指為在金融交易領域執行金融交易者(如一金融交易所等),舉例來說,該交易執行端50可以是該金融交易所的一金融交易伺服器,而該執行端位址51則可為該金融交易伺服器的IP位址。該替換發起位址與該發起端位址41關聯,該替換發起位址可預先被儲存於該現場可程式化邏輯閘陣列10中,並在該運算單元13工作時被對應提取。
Following the above, the
承上,該現場可程式化邏輯閘陣列10作為該交易發起端40與該交易執行端50之間傳遞一交易訊息封包20的中繼站,且該現場可程式化邏輯閘陣列10具有一中繼位址。該現場可程式化邏輯閘陣列10以該收發單元11接收該交易訊息封包20,當該交易訊息封包20是由該交易發起端40而來時,該交易訊息封包20描述該交易發起端40向該金融交易所提出的交易請求。另外,當該交易訊息封包20是由該交易執行端50而來時,該交易訊息封包20則用以描述該金融交易所的該金融交易伺服器擬向該交易發起端40傳遞的交易執行結果。由上述可知,該現場可程式化邏輯閘陣列10僅是該交易訊息封包20傳遞過程的中繼,該交易訊息封包20實際的傳遞目標為該交易發起端40或該交易執行端50。
Following the above, the field programmable
又,該運算單元13於該收發單元11接收該交易訊息封包20的過程中,無須待該交易訊息封包20被完整傳遞,該運算單元13可直
接執行該位址置換程序130。詳細來說,本發明該交易訊息封包20是基於一TCP/IP協定進行傳輸,該領域具通常知識者所通知的,該TCP/IP協定包含四層,依序為網路存取層(Network Access Layer)、網際網路層(Internet Layer)、傳輸層(Transport Layer)及應用層(Application Layer)。該運算單元13於該收發單元11接收該交易訊息封包20過程中時,該運算單元13無須完整由該交易訊息封包20的網路存取層至應用層進行解譯,該運算單元13可在解讀至該交易訊息封包20的網際網路層時,直接執行該位址置換程序130,該運算單元13對該交易訊息封包20所包含的該發起端位址41、該執行端位址51、該替換發起位址及該中繼位址的至少其一進行替換。詳細來說,該運算單元13對該交易訊息封包20進行後續描述的至少其中一者才向該交易訊息封包20描述的目標位址發送:(1)該交易訊息封包20的來源標示為該發起端位址41時,變更為該替換發起位址;(2)該交易訊息封包20的目標標示為該替換發起位址時,變更為該發起端位址41;(3)該交易訊息封包20的目標標示為該中繼位址時,變更為該執行端位址51;(4)該交易訊息封包20的來源標示為該執行端位址51時,變更為該中繼位址。
In addition, when the
承上,復請參閱圖1至圖4,現就該現場可程式化邏輯閘陣列10的實施進行說明。於後為便於解釋,本文先行假設該發起端位
址41為78.78.78.78,該執行端位址51為192.168.2.3,該中繼位址為10.3.4.5,該替換發起位址為10.111.57.161。
Continuing with the above, please refer to FIGS. 1 to 4 again to describe the implementation of the field programmable
於後暫以該交易發起端40向該交易執行端50提出交易請求解釋。此時,該交易訊息封包20的來源為該交易發起端40,該現場可程式化邏輯閘陣列10以該收發單元11接收該交易訊息封包20,該運算單元13於該收發單元11接收該交易訊息封包20的過程中,該運算單元13不完整解讀該交易訊息封包20,即該運算單元13無須完整地解譯該TCP/IP協定所包含的四層,該運算單元13在解譯至該交易訊息封包20的網際網路層時,該運算單元13執行該位址置換程序130,於此當下,該運算單元13將該交易訊息封包20的來源由該發起端位址(標號41)78.78.78.78置換為該替換發起位址10.111.57.161,於後該運算單元13再將置換後的該交易訊息封包20續傳予該收發單元11,令該交易執行端50接收置換後的該交易訊息封包20。當該交易執行端50擬向該交易發起端40回傳執行結果時,該交易執行端50所發出的該交易訊息封包20的目標被標示為該替換發起位址10.111.57.161。於此當下,該運算單元13再次執行該位址置換程序130,令該交易訊息封包20所標示的目標由該替換發起位址10.111.57.161變更為該發起端位址(標號41)78.78.78.78。
In the following, the
於另一實施中,當該交易發起端40向該交易執行端50傳遞該交易訊息封包20傳遞的過程中,該現場可程式化邏輯閘陣列10
作為該交易發起端40與該交易執行端50之間的中繼,而以該收發單元11接收該交易訊息封包20。此時,該交易訊息封包20標示的目標為該中繼位址,而該運算單元13於該收發單元11接收該交易訊息封包20的過程中,該運算單元13不完整解讀該交易訊息封包20,即該運算單元13無須完整地解譯該TCP/IP協定所包含的四層,該運算單元13在解譯至該交易訊息封包20的網際網路層時,該運算單元13執行該位址置換程序130。該運算單元13將該交易訊息封包20所標示的目標由該中繼位址10.3.4.5替換為該執行端位址(標號51)192.168.2.3,接著該運算單元13再將置換後的該交易訊息封包20續傳予該收發單元11,令該交易執行端50接收置換後的該交易訊息封包20。當該交易執行端50擬向該交易發起端40回傳執行結果時,該交易執行端50所發出的該交易訊息封包20的來源被標示為該執行端位址(標號51)192.168.2.3。該運算單元13再次執行該位址置換程序130,令該交易訊息封包20所標示的來源由該執行端位址(標號51)192.168.2.3變更為該中繼位址10.3.4.5。
In another implementation, when the
承上,本案申請人又將該替換發起位址或該中繼位址稱為Vincent IP,透過該位址置換程序130的設計,令該交易訊息封包20所標示來源與目標的至少其一可以被替換,進而達到類似紋身的效果。而在該交易執行端50回傳該交易訊息封包20時,該運算單元13可回復該交易訊息封包20所標示來源與目標的至少其一,令該交易訊息封包20仍可得以符合金融交易規範。此外,本發明為確
保該交易訊息封包20傳遞安全性,避免該交易發起端40或該交易執行端50受到網路攻擊,本發明該現場可程式化邏輯閘陣列10不以額外建立防火牆的方式實施,可降低因防火牆所造成的延遲。再者,本發明該運算單元13具有該位址置換程序130,該運算單元13於執行該位址置換程序130時無須完整解譯該交易訊息封包20,該運算單元13僅需擷取該交易訊息封包20的該網際網路層,對該發起端位址41或該替換位址進行替換,藉此令該現場可程式化邏輯閘陣列10於實施過程中可分擔部分的運算,達到硬體加速的效果。
Following the above, the applicant in this case also called the replacement originating address or the relay address Vincent IP. Through the design of the
復請參閱圖5與圖6,一實施例中,該運算單元13具有一來源確認程序133,該運算單元13於該來源確認程序133執行時,比對該交易訊息封包20所包含的一訊息來源位址21。詳細來說,該訊息來源位址21對應於該交易訊息封包20的發起者的IP位址,例如當該交易訊息封包20由該交易發起端40提出時,該交易訊息封包20的該訊息來源位址21即為該交易發起端40的該發起端位址41,例如該發起端位址41為78.78.78.78時,該交易訊息封包20的該訊息來源位址21被表示為78.78.78.78。而當該交易訊息封包20由該交易執行端50提出時,該交易訊息封包20的該訊息來源位址21則與該交易執行端50的該執行端位址51對應,例如該執行端位址51為192.168.2.3時,該交易訊息封包20的該訊息來源位址21被表示為192.168.2.3。進一步地,該運算單元13比對該交易訊息封包20的該訊息來源位址21是否為下列群組中的其中一者:該
發起端位址41、該執行端位址51,如是則續行該位址置換程序130並令該交易訊息封包20通過,如否則阻擋該交易訊息封包20通過。以圖5舉例可知,當該交易訊息封包20的該訊息來源位址21符合該發起端位址41時,該運算單元13續行該位址置換程序130並令該交易訊息封包20被傳遞予該交易執行端50;反之,當該訊息來源位址21不符合該發起端位址41時,該運算單元13阻擋該交易訊息封包20通過,就如圖6所示。承此可知,本發明透過該來源確認程序133的設計,令該現場可程式化邏輯閘陣列10實現風險管控,並可使得該交易訊息封包20在不減低訊息傳遞速率的情況下受到管理。
Please refer to FIG. 5 and FIG. 6 again. In one embodiment, the
承上,請參閱圖7,於另一實施例中,本發明該現場可程式化邏輯閘陣列10於實施過程中亦可搭配複數防火裝置60實施,該些防火裝置60的至少其一設置於該現場可程式化邏輯閘陣列10與該交易發起端40的連線之間,而該些防火裝置60的至少另一則設置於該現場可程式化邏輯閘陣列10與該交易執行端50的連線之間。換句來說,該交易發起端40提出該交易訊息封包20後,該交易訊息封包20經由該網際網路30傳遞與該些防火裝置60的至少其一,該些防火裝置60中接收由該交易發起端40而來的該交易訊息封包20後,對該交易訊息封包20提供初步的風險管理,於後再將該交易訊息封包20傳遞予該收發單元11。另外,當該交易執行端50發出該交易訊息封包20後,該交易訊息封包20被傳遞予該些防
火裝置60的至少另一,該些防火裝置60中接收由該交易執行端50而來的該交易訊息封包20後,對該交易訊息封包20提供初步的風險管理,於後再將該交易訊息封包20傳遞予該收發單元11。於本實施中,該些防火裝置60為該現場可程式化邏輯閘陣列10提供基礎的風險管理,並可允許或是限制該交易訊息封包20的通過。
Continuing with the above, please refer to FIG. 7 . In another embodiment, the field programmable
承上,請參閱圖8,該運算單元13包含二網路位址置換模組131及一運算模組132,該二網路位址置換模組131分別連接該訊息輸入埠111與該訊息輸出埠112,該二網路位址置換模組131可提供該運算單元13執行該位址置換程序130,而該運算模組132連接該二網路位址置換模組131,並可置換該交易訊息封包20的該發起端位址41與該替換位址。又,於另一實施例中,該二網路位址置換模組131的其中之一接收由該訊息輸入埠111而來的該交易訊息封包20,該二網路位址置換模組131中連接該訊息輸入埠111者對該交易訊息封包20執行該位址置換程序130,所述該交易訊息封包20是由該交易發起端40而來,該二網路位址置換模組131中連接該訊息輸入埠111者於執行過程中,令該運算單元13具有一接收延遲,舉例來說,該接收延遲的時長為32毫秒。另外,該二網路位址置換模組131的其中另一接收由該訊息輸出埠112而來的該交易訊息封包20,該二網路位址置換模組131中連接該訊息輸出埠112者對該交易訊息封包20執行該位址置換程序130,所述該交易訊息封包20是由該交易執行端50而來,該二網路位址置換模組131中連接該訊息輸出埠112者於執行過程中,令該運算單元13具有一發送延遲,該發送延遲的時長不同於該接收延遲的
時長。舉例來說,該發送延遲的時長為44.8毫秒,長於該接收延遲的時長。
Continuing with the above, please refer to Figure 8. The
綜上所述者,僅為本發明的一較佳實施例而已,當不能以此限定本發明實施的範圍,即凡依本發明申請專利範圍所作的均等變化與修飾,皆應仍屬本發明的專利涵蓋範圍。 To sum up, the above is only a preferred embodiment of the present invention. It should not be used to limit the scope of the present invention. That is, all equivalent changes and modifications made according to the patent scope of the present invention should still belong to the present invention. patent coverage.
10:現場可程式化邏輯閘陣列 10: Field programmable logic gate array
11:收發單元 11: Transceiver unit
13:運算單元 13:Arithmetic unit
130:位址置換程序 130:Address replacement procedure
20:交易訊息封包 20: Transaction message packet
40:交易發起端 40: Transaction initiator
41:發起端位址 41: Initiator address
50:交易執行端 50: Transaction execution end
51:執行端位址 51: Execution end address
Claims (5)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW111130807A TWI825923B (en) | 2022-08-16 | 2022-08-16 | Field programmable logic gate array for financial transactions |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW111130807A TWI825923B (en) | 2022-08-16 | 2022-08-16 | Field programmable logic gate array for financial transactions |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TWI825923B true TWI825923B (en) | 2023-12-11 |
| TW202409941A TW202409941A (en) | 2024-03-01 |
Family
ID=90053138
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW111130807A TWI825923B (en) | 2022-08-16 | 2022-08-16 | Field programmable logic gate array for financial transactions |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI825923B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW495671B (en) * | 1997-02-11 | 2002-07-21 | Xaqti Corp | Media access control micro-RISC stream processor and method for implementing the same |
| TW567699B (en) * | 2001-04-17 | 2003-12-21 | Intel Corp | Communication protocols, method, and apparatus operable through network address translation (NAT) type devices |
| TWI528762B (en) * | 2014-09-30 | 2016-04-01 | 國立臺北大學 | Method of a base station and apparatus for routing packet and routing packet transform system |
| CN108183978A (en) * | 2018-03-29 | 2018-06-19 | 北京环境特性研究所 | A kind of communication equipment IP address configuration method and communication equipment |
| US10333846B2 (en) * | 2016-02-19 | 2019-06-25 | Citrix Systems, Inc. | Systems and methods for routing network packets between multi-core intermediaries |
| TW201926975A (en) * | 2017-11-27 | 2019-07-01 | 南韓商三星電子股份有限公司 | Communication system, communication device, application processor and network address translation method of communication system |
| CN110313162A (en) * | 2017-02-17 | 2019-10-08 | 思科技术公司 | System and method for facilitating content delivery to multiple recipients in a network environment |
| CN110662197A (en) * | 2019-09-02 | 2020-01-07 | 京信通信系统(中国)有限公司 | Parameter configuration method, device, communication device and storage medium |
-
2022
- 2022-08-16 TW TW111130807A patent/TWI825923B/en active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW495671B (en) * | 1997-02-11 | 2002-07-21 | Xaqti Corp | Media access control micro-RISC stream processor and method for implementing the same |
| TW567699B (en) * | 2001-04-17 | 2003-12-21 | Intel Corp | Communication protocols, method, and apparatus operable through network address translation (NAT) type devices |
| TWI528762B (en) * | 2014-09-30 | 2016-04-01 | 國立臺北大學 | Method of a base station and apparatus for routing packet and routing packet transform system |
| US10333846B2 (en) * | 2016-02-19 | 2019-06-25 | Citrix Systems, Inc. | Systems and methods for routing network packets between multi-core intermediaries |
| CN110313162A (en) * | 2017-02-17 | 2019-10-08 | 思科技术公司 | System and method for facilitating content delivery to multiple recipients in a network environment |
| TW201926975A (en) * | 2017-11-27 | 2019-07-01 | 南韓商三星電子股份有限公司 | Communication system, communication device, application processor and network address translation method of communication system |
| CN108183978A (en) * | 2018-03-29 | 2018-06-19 | 北京环境特性研究所 | A kind of communication equipment IP address configuration method and communication equipment |
| CN110662197A (en) * | 2019-09-02 | 2020-01-07 | 京信通信系统(中国)有限公司 | Parameter configuration method, device, communication device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| TW202409941A (en) | 2024-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105827646B (en) | SYN attack protection method and device | |
| CN101175013B (en) | Refused service attack protection method, network system and proxy server | |
| CN104486336A (en) | Device for safely isolating and exchanging industrial control networks | |
| CN111800401B (en) | Service message protection method, device, system and computer equipment | |
| US20120023359A1 (en) | Method, apparatus and computer program for processing invalid data | |
| CN105429975B (en) | A kind of data safety system of defense, method and cloud terminal security system based on cloud terminal | |
| CN101202742A (en) | A method and system for preventing denial of service attack | |
| CN109005194A (en) | Portless shadow communication means and computer storage medium based on KCP agreement | |
| CN106330479A (en) | Equipment operation and maintenance method and equipment operation and maintenance system | |
| CN107317816B (en) | Network access control method based on client application program authentication | |
| CN107800723A (en) | CC attack guarding methods and equipment | |
| KR101200906B1 (en) | High Performance System and Method for Blocking Harmful Sites Access on the basis of Network | |
| CN105282172A (en) | Uniprocessing system based on hardware data transformation technology and network security isolation method thereof | |
| US20170124648A1 (en) | Financial products trading system and financial products trading control method | |
| TWI825923B (en) | Field programmable logic gate array for financial transactions | |
| US11223689B1 (en) | Methods for multipath transmission control protocol (MPTCP) based session migration and devices thereof | |
| CN102143173A (en) | Method and system for defending distributed denial of service (Ddos) attacks and gateway equipment | |
| Horak et al. | The vulnerability of securing IoT production lines and their network components in the Industry 4.0 concept | |
| CN109936566A (en) | A kind of data transmission method system, device and computer readable storage medium | |
| CN119030804A (en) | A hardware firewall, data filtering method and product | |
| CN111131173A (en) | A method for proactively providing services in an intranet | |
| CN105827615A (en) | An optimization method for Smart Rack to prevent DDOS attacks | |
| CN100429881C (en) | Method for preventing network state synchronous flood attack and protecting network in transparent mode | |
| CN113965388A (en) | Safe transmission device for calculating check sum according to classification | |
| US8935406B1 (en) | Network adaptor configured for connection establishment offload |