CN106021375A - Database access method and database agent node - Google Patents

Database access method and database agent node Download PDF

Info

Publication number
CN106021375A
CN106021375A CN201610310488.7A CN201610310488A CN106021375A CN 106021375 A CN106021375 A CN 106021375A CN 201610310488 A CN201610310488 A CN 201610310488A CN 106021375 A CN106021375 A CN 106021375A
Authority
CN
China
Prior art keywords
database
user terminal
pki
access request
business datum
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610310488.7A
Other languages
Chinese (zh)
Other versions
CN106021375B (en
Inventor
张锐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Longrise Technology Co Ltd
Original Assignee
Shenzhen Longrise Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Longrise Technology Co Ltd filed Critical Shenzhen Longrise Technology Co Ltd
Priority to CN201610310488.7A priority Critical patent/CN106021375B/en
Publication of CN106021375A publication Critical patent/CN106021375A/en
Application granted granted Critical
Publication of CN106021375B publication Critical patent/CN106021375B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/235Update request formulation

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a database access method. Agency service is provided for a plurality of back-end database servers via a database agent node; aiming at any back-end database server, if receiving a database access request pointing to the database server within a high-load time period of the database server, the database agent node acquires currently stored business data to which the database access request points, encrypts the acquired business data by using a public key updated by a user terminal and then returns the encrypted business data to the user terminal, and thus the user terminal uses a private key corresponding to the updated public key to decrypt the business data. The invention also discloses the database agent node. According to the method of the invention, the data transmission security can be enhanced on the premise of improving the working stability of the database server.

Description

Data bank access method and database broker node
Technology neighborhood
The present invention relates to Internet technical field, particularly relate to a kind of data bank access method and data base's generation Reason node.
Background technology
Along with the high speed development of Internet technology, various with personalized operation, abundant content, active The specialization comprehensive customer center website of interaction forms arise at the historic moment, the various electricity emerged in large numbers the most in the recent period Sub-business web site, microblogging website etc..Aforementioned customer center website is all the database server by rear end Offer content is supported, when a large amount of access request are concurrent in a short time, database server limits due to performance Tend not to perform all of access request in time, cause operating lag, even delay machine and stop service; Additionally, data are in the transmitting procedure of network, easily stolen by illegal molecule, cause user data to be revealed.
Summary of the invention
A kind of data bank access method of offer and database broker node, purport are provided On the premise of satisfied raising database server job stability, improve the safety of data transmission simultaneously.
For achieving the above object, the present invention provides a kind of data bank access method, this data bank access method Comprise the following steps:
When receiving user terminal more newly requested, database broker node is by that currently store and corresponding The PKI of described user terminal, be updated to described in the more newly requested PKI carried;
When receiving the database access request that described user terminal sends, described database broker node Judge currently whether to be positioned at the high load capacity time period of database server corresponding to described database access request Within;
Time within the high load capacity time period being currently located at described database server, described database broker Node obtains the business datum that the current described database access request stored points to, and after using renewal Send to described user terminal after the described business datum that public key encryption obtains, make for described user terminal Business datum is decrypted with the private key corresponding to the described more newly requested PKI carried;
Time outside the high load capacity time period being currently located at described database server, described database broker PKI after described database access request and renewal is sent extremely described database server by node, with The business that database access request described in public key encryption after updating for described database server points to Data, and the business datum after encryption is back to described user terminal.
Alternatively, described database broker node judges currently whether be positioned at described database access request pair Before step within the high load capacity time period of the database server answered, also include:
When receiving the database access request that described user terminal sends, described database broker node Judge the life cycle of the PKI after currently whether being positioned at renewal, the most then perform described data base's generation Reason node judges currently whether to be positioned at the high load capacity of database server corresponding to described database access request Step within time period.
Alternatively, send to described after the described business datum that the described public key encryption used after updating obtains Before user terminal, also include:
When obtaining the business datum failure stored, described database broker node is based on other data base's generations Reason node obtains and stores the business datum that described database access request points to, and proceeds to make described in execution The step to described user terminal is sent after the described business datum of the public key encryption acquisition after renewal.
Alternatively, described database broker node by the PKI of that currently store and corresponding described user terminal, Before the step of the more newly requested PKI carried described in being updated to, also include:
When receiving user terminal more newly requested, described database broker node please based on described renewal Ask and described user terminal is carried out verification operation;
When being verified, perform described database broker node by that currently store and corresponding described user The PKI of terminal, be updated to described in the step of the more newly requested PKI carried.
Alternatively, described data bank access method, also include:
The high load capacity time period information of each database server that described database broker node updates stores.
Additionally, for achieving the above object, the present invention also provides for a kind of database broker node, described data Storehouse agent node includes:
First more new module, for when receiving user terminal more newly requested, by that currently store and The PKI of corresponding described user terminal, be updated to described in the more newly requested PKI carried;
Judge module, for when receiving the database access request that described user terminal sends, it is judged that The current high load capacity time period whether being positioned at database server corresponding to described database access request it In;
Processing module, within the high load capacity time period being currently located at described database server time, Obtain the business datum that the current described database access request stored points to, and use the PKI after renewal Send after the described business datum that encryption obtains to described user terminal, use institute for described user terminal State the private key corresponding to the more newly requested PKI carried and decrypt business datum;And,
Time outside the high load capacity time period being currently located at described database server, described data base is visited PKI after the request of asking and renewal sends to described database server, for described database server Use the business datum that database access request described in the public key encryption after updating points to, and by after encryption Business datum is back to described user terminal.
Alternatively, described judge module is additionally operable to, and is receiving data base's visit that described user terminal sends When asking request, it is judged that currently whether be positioned at the life cycle of the PKI after renewal;And
Time in the life cycle of the PKI after being currently located at renewal, it is judged that currently whether be positioned at described data Within the high load capacity time period of the database server that storehouse access request is corresponding.
Alternatively, described processing module is additionally operable to, when obtaining the business datum failure stored, based on it His database broker node obtains and stores the business datum that described database access request points to.
Alternatively, described database broker node also includes:
Authentication module, for when receiving user terminal more newly requested, based on described the most newly requested right Described user terminal carries out verification operation;
Described first more new module is additionally operable to when being verified, by that currently store and corresponding described user The PKI of terminal, be updated to described in the more newly requested PKI carried.
Alternatively, described database broker node also includes:
Second more new module, for updating the high load capacity time period information of each database server of storage.
The data bank access method that the present invention proposes, is applied to database broker node, by database broker Multiple database servers that node is rear end provide agency service, for any database service of rear end Device, if database broker node receives sensing within the high load capacity time period of this database server and is somebody's turn to do The database access request of database server, then obtain the current described database access request stored and refer to To business datum, and return after using the described business datum that the public key encryption that user terminal updates obtains To described user terminal, decrypt business datum for the private key corresponding to the PKI that user terminal updates. Compared to prior art, the present invention is that part work shared by database server by database broker node Pressure, and the business datum of encrypted transmission, on the premise of the job stability promoting database server, Improve the safety of data transmission.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of data bank access method first embodiment of the present invention;
Fig. 2 is the data base's topological structure exemplary plot in data bank access method first embodiment of the present invention;
Fig. 3 is the high-level schematic functional block diagram of database broker node first embodiment of the present invention.
The realization of the object of the invention, functional characteristics and advantage will in conjunction with the embodiments, do referring to the drawings further Explanation.
Detailed description of the invention
Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not used to limit Determine the present invention.
The present invention provides a kind of data bank access method, with reference to Fig. 1, at data bank access method of the present invention First embodiment in, this data bank access method includes:
Step S10, when receiving user terminal more newly requested, database broker node will currently store up That deposit and corresponding described user terminal PKI, be updated to described in the more newly requested PKI carried;
Reference Fig. 2, the data base's topological structure exemplary plot applied for data bank access method of the present invention, as Shown in Fig. 2, multiple database servers that database broker node is rear end provide agency service, for Any database server of rear end, if database broker node is when the high load capacity of this database server Between when receiving the database access request pointing to this database server within section, obtain current storage The business datum that described database access request points to, and use the public key encryption acquisition that user terminal updates Described business datum after be back to described user terminal, for user terminal update PKI corresponding to Private key decrypt business datum, thus alleviate the operating pressure of database server, promote data base's clothes The job stability of business device, and improve the safety of data transmission.
In embodiments of the present invention, user terminal can be made an appointment according to itself and database broker node Update cycle, timing send carry PKI to be updated update request to database broker node;Also may be used With by user terminal real-time response user operation, send carry PKI to be updated update request to data Storehouse agent node.Database broker node receive user terminal send more newly requested after, extract Go out this more newly requested entrained PKI, and the PKI of the described user terminal of correspondence currently stored is updated For the described more newly requested PKI carried.
Step S20, when receiving the database access request that described user terminal sends, described data Storehouse agent node judges currently whether to be positioned at the height of database server corresponding to described database access request Within duration of load application section, it is then to perform step S30, otherwise performs step S40;
In embodiments of the present invention, user terminal provides visualized operation interface based on database server, Such as the web interface provided by browser;User terminal is receiving user's address field based on browser The URL of input, or the clicking operation that hyperlink address based on browser display triggers, or other During the operation of type, generate and carry corresponding URL (or IP address) and the data base of SQL statement Access request sends to database broker node, to ask aforementioned URL or industry corresponding to hyperlink address Business data;Described database broker node receive user terminal send database access request time, When first determining whether the high load capacity currently whether being positioned at database server corresponding to described database access request Between within section.
It should be noted that database broker node also stores the height of each database server of its agency Duration of load application segment information, is likely to be at the time period of high load capacity for describing each database server.Wherein, High load capacity time period information can be manually entered by the management personnel with authority, it is possible to by each database service Device draws according to its real time operation load recorded statistics, and sends to database broker node.Data base Agent node, when receiving the database access request that user terminal sends, directly judges current system Whether the time is the high load capacity time period being positioned at database server corresponding to this database access request, It is to determine that this database server is in high load capacity duty.
It should be noted that in other embodiments, before above-mentioned steps S10, also include:
Data base's routing device receives the raw data base access request that described user terminal sends, described former Beginning database access request carries the original URL of described user terminal requests, described original URL pair The domain name answered is the original domain name of described user terminal requests;Described data base's routing device is to described user Terminal returns and redirects response message, wraps in the domain name corresponding for URL that described redirection response message carries Include the node identification of the database broker node that described data base's routing device is described user terminal selecting, Database access request is sent to described database broker node, by described data for described user terminal Storehouse agent node provides agency service.
Such as, the URL that user terminal carries in the database access request that database broker node sends For https://www.XXX.com/news/a.html, wherein, content corresponding for www.XXX.com is by rear The database server of platform provides, and provides agency service, data base road by database broker node It is one data base's agent node of user terminal selecting by equipment according to predetermined policy, the data base's generation chosen The node identification of reason node is C1, then constructing new URL is https://C1/www.XXX.com/news/a.html.User terminal sends data base to described new URL Access request, to ask the business datum of the corresponding aforementioned page.
Step S30, described database broker node obtains the current described database access request stored and refers to To business datum, and send to the most described after using the described business datum that the public key encryption after renewal obtains User terminal, for the private key solution corresponding to the more newly requested PKI carried described in the use of described user terminal Close go out business datum;
It will be appreciated by persons skilled in the art that database server high load capacity work in the case of, The delay of its response database access request will substantially increase, and, along with the database access received please Ask sustainable growth, the process resource consumption of database server will be made totally, in fact it could happen that machine of delaying stops The situation of service.Therefore, in embodiments of the present invention, it is being currently located at described database access request pair Time within the high load capacity time period of the database server answered, first database broker node obtains current storage The business datum that the described database access request deposited points to, if getting, directly uses the industry got Business serving data.
Database broker node gets the business datum that currently stored described data access request is pointed to Time, use the described business datum that the public key encryption after updating obtains, and the business datum after encryption is sent out Deliver to described user terminal.User terminal business after receiving the encryption that database broker node sends After data, use the private key corresponding to the PKI after this renewal to decrypt business datum, present to user. Wherein, database broker node, specifically can be based on more when the business datum obtained is encrypted operation PKI after Xin uses the rivest, shamir, adelman such as RSA Algorithm or the Elgamal algorithm business number to obtaining According to being encrypted.
It should be noted that in other embodiments, described database broker node is also in preset time period When inside not receiving the database access request of the business datum pointing to storage, delete the described business of storage Data.Wherein, described preset time period can be configured according to actual needs, and such as, the present embodiment is by institute State preset time period to be set to 24 hours, it will be appreciated by persons skilled in the art that by periodically deleting It is not accessed for business datum for a long time, it is possible to promote the utilization rate of database broker node storage space, Preferably to provide agency service.
Step S40, described database broker node is by the public affairs after described database access request and renewal Key sends to described database server, uses the public key encryption after updating for described database server The business datum that described database access request points to, and the business datum after encryption is back to described use Family terminal.
It is easily understood that outside the high load capacity time period being positioned at database server, i.e. data base's clothes During business device non-high load capacity work, the data, services that database server can provide normally, data base's generation Reason node obviously there is no need to provide agency service.Therefore, in embodiments of the present invention, it is being currently located at Time outside the high load capacity time period of the database server that described database access request is corresponding, data base's generation The database access request of reception and the PKI after updating directly are forwarded to described data base clothes by reason node Business device, is used database access request described in the public key encryption after updating to point to by described database server Business datum, and will encryption after business datum be back to described user terminal, user terminal use Corresponding private key decrypts business datum.Wherein, the cryptographic operation that database server is carried out can refer to number The cryptographic operation carried out according to storehouse agent node, here is omitted.
Further, in embodiments of the present invention, database broker node is currently located at data recognizing Time outside the high load capacity time period of storehouse server, also judging currently whether store described database access please Seek the business datum of sensing;
If not storing the business datum pointed by described database access request, then described in it receives Database access request adds the node identification of himself, is returning institute for described database server While stating the business datum extremely described user terminal that database access request points to, described data base is taken The business datum (unencrypted business datum) that business device points to is back to described database broker node;
Database broker node, after receiving the business datum that described database server returns, will connect The business datum received saves as the business datum that described database access request points to, for follow-up offer generation Reason service.
The data bank access method that the present embodiment proposes, by many numbers that database broker node is rear end Agency service is provided according to storehouse server, for any database server of rear end, if database broker joint Point receives the data pointing to this database server within the high load capacity time period of this database server Storehouse access request, then obtain the business datum that the current described database access request stored points to, and make It is back to described user terminal after the described business datum that the public key encryption updated with user terminal obtains, supplies User terminal uses the private key corresponding to PKI updated to decrypt business datum.Compared to prior art, The present invention is that database server shares part operating pressure, and encrypted transmission by database broker node Business datum, promote database server job stability on the premise of, improve data transmission Safety.
Further, based on first embodiment, it is proposed that the second enforcement of data bank access method of the present invention Example, in the present embodiment, before step S20, also includes:
When receiving the database access request that described user terminal sends, described database broker node Judge the life cycle of the PKI after currently whether being positioned at renewal, the most then perform described data base's generation Reason node judges currently whether to be positioned at the high load capacity of database server corresponding to described database access request Step within time period.
It should be noted that the difference of the present embodiment and first embodiment is, the present embodiment is to being used for adding Close PKI adds the restriction of life cycle, the most only illustrates this difference, and other repeat no more.
Concrete, the life cycle of PKI can also be by the on-demand setting of user with default setting, such as, Default setting life cycle of PKI is " before updating effectively " by the present embodiment, i.e. database broker node Receive more newly requested before, the current PKI continuous and effective stored, receive more newly requested after, The PKI currently stored is updated to more newly requested entrained PKI, and the PKI manufacture after renewal receives Before newly more newly requested, continuous and effective;The most such as, user is all by the existence of PKI based on user terminal Phase is set to 60 minutes, and the most newly requested middle of user terminal transmission will carry PKI to be updated and correspondence thereof Life cycle " 60 minutes ", database broker node receiving user terminal send more newly requested Afterwards, the PKI currently stored is updated to this more newly requested entrained PKI, starts simultaneously at timing, In 60 minutes, this PKI is effective, even if not being newly received more newly requested after 60 minutes, this PKI is also Cannot be continuing with.
In embodiments of the present invention, database broker node is receiving data base's visit that user terminal sends When asking request, first determine whether the life cycle of the PKI after currently whether being positioned at renewal, be that then explanation should PKI is effective, determines whether currently whether be positioned at the database service that described database access request is corresponding Within the high load capacity time period of device, to determine the need for providing agency service, specifically can refer to above-mentioned the One embodiment, here is omitted.
PKI for encryption is limited by the present embodiment by life cycle, it is possible to promote number further Safety according to transmission.
Further, based on first embodiment, the 3rd embodiment of data bank access method of the present invention is proposed, In the present embodiment, send to institute after the described business datum that the described public key encryption used after updating obtains Before stating user terminal, also include:
When obtaining the business datum failure stored, described database broker node is based on other data base's generations Reason node obtains and stores the business datum that described database access request points to, and proceeds to make described in execution The step to described user terminal is sent after the described business datum of the public key encryption acquisition after renewal.
It should be noted that the difference of the present embodiment and first embodiment is, embodiment adds number According to storehouse agent node obtain storage business datum failure time process operation, below only for this distinguish into Row explanation, other repeat no more.
Based on described above, it will be appreciated by persons skilled in the art that database server is at high load capacity In the case of work, the delay of its response database access request will substantially increase, and, along with reception Database access request sustainable growth, the process resource consumption of database server will be made totally, can Can occur that machine of delaying stops the situation of service.Therefore, in embodiments of the present invention, described database broker joint Point is when obtaining the business datum failure of storage, and described database broker node is based on other database brokers Node obtains and stores the business datum that described database access request points to, below with aforementioned data base's generation Reason node is first agent's node, and other database broker nodes aforementioned are that second agent's node is carried out specifically Illustrate:
First agent's node is when obtaining the business datum failure of storage, and the database access received please Asking and be forwarded to second agent's node, wherein, first agent's node is added with use in database access request In describing the identification information that user terminal is verified, to avoid second agent's node to carry out secondary checking, Cause the unnecessary process wasting of resources;Second agent's node is receiving the number that first agent's node forwards During according to storehouse access request, recognize the aforementioned identification information that this database access request carries, directly obtain The business datum that the described database access request of storage points to is back to first agent's node;First agent The business datum of reception, when receiving the business datum that second agent's node returns, is stored as institute by node State the business datum that database access request points to, meanwhile, use this business number of public key encryption after updating Described user terminal it is back to after according to.
The present embodiment is not storing its database access request indication received by database broker node To business datum time, based on other database broker nodes provide agency service, it is ensured that user terminal energy Enough normally obtain data, services.
Further, based on first embodiment, the 4th embodiment of data bank access method of the present invention is proposed, In the present embodiment, before step S10, also include:
When receiving user terminal more newly requested, described database broker node please based on described renewal Ask and described user terminal is carried out verification operation;
When being verified, perform described database broker node by that currently store and corresponding described user The PKI of terminal, be updated to described in the step of the more newly requested PKI carried.
It should be noted that the difference of the present embodiment and first embodiment is, the present embodiment is real first On the basis of executing example, add the verification operation to user terminal, illustrate only for this difference below, Other repeat no more.
In embodiments of the present invention, described database broker node is receiving the renewal that user terminal sends During request, the more newly requested identity to user terminal being primarily based on reception is verified, such as, and user Terminal send more newly requested in also carry user's user name based on user terminal pre-entered and correspondence Password, database broker node receive user terminal send more newly requested time, according to more newly requested The identity of user terminal is verified by the user name and the password that carry, to determine that whether the user of correspondence is The user authorized.After being verified, then the public affairs by that currently store and corresponding described user terminal Key, be updated to described in the more newly requested PKI carried, to start the handling process of agency service, specifically may be used With reference to first embodiment, here is omitted.
The present embodiment is by verifying user terminal, it can be ensured that be used for the PKI of encryption not by illegally No molecule is distorted, and improves the safety storing data.
Further, based on aforementioned any embodiment, it is proposed that the 5th of data bank access method of the present invention Embodiment, in the present embodiment, described data bank access method, also include:
The high load capacity time period information of each database server that described database broker node updates stores.
It should be noted that the difference of the present embodiment and aforementioned any embodiment is, the present embodiment increases Renewal operation to the high load capacity time period information of database server, the most only retouches this difference Stating, other can respectively refer to foregoing embodiments, and here is omitted.
In embodiments of the present invention, it is provided that three kinds of modes updating high load capacity time period information:
One, database broker node receive the management personnel with default access renewal instruct time, The instruction that updates according to receiving updates the high load capacity time period information of corresponding database server;
Its two, database broker node receiving database server send high load capacity time period information Time, by store to should the high load capacity time period information updating of database server be the high load capacity received Time period information;
Its three, the timing of database broker node sends and updates request to each database server, and is receiving During to each database server high load capacity time period information based on the more newly requested return received, by correspondence The high load capacity time period information of each data server is updated to the letter of corresponding high load capacity time period received respectively Breath.
The present embodiment by the high load capacity time period information of each database server stored is updated, Make database broker node can preferably provide agency service, promote database server work further The stability made.
The present invention also provides for a kind of database broker node, with reference to Fig. 3, saves at database broker of the present invention In the first embodiment of point, this database broker node includes:
First more new module 10, for when receiving user terminal more newly requested, by currently store And the PKI of corresponding described user terminal, be updated to described in the more newly requested PKI carried;
As in figure 2 it is shown, multiple database servers that database broker node is rear end provide agency service, For any database server of rear end, if database broker node is born at the height of this database server When receiving the database access request pointing to this database server within the lotus time period, obtain current storage The business datum that the described database access request deposited points to, and use the public key encryption that user terminal updates It is back to described user terminal, the PKI institute updated for user terminal after the described business datum obtained Corresponding private key decrypts business datum, thus alleviates the operating pressure of database server, promotes data The job stability of storehouse server, and improve the safety of data transmission.
In embodiments of the present invention, user terminal can be made an appointment according to itself and database broker node Update cycle, timing send carry PKI to be updated update request to database broker node;Also may be used With by user terminal real-time response user operation, send carry PKI to be updated update request to data Storehouse agent node.Receive user terminal send more newly requested after, the first more new module 10 is extracted Go out this more newly requested entrained PKI, and the PKI of the described user terminal of correspondence currently stored is updated For the described more newly requested PKI carried.
Judge module 20, for when receiving the database access request that described user terminal sends, sentencing The disconnected high load capacity time period currently whether being positioned at database server corresponding to described database access request it In;
In embodiments of the present invention, user terminal provides visualized operation interface based on database server, Such as the web interface provided by browser;User terminal is receiving user's address field based on browser The URL of input, or the clicking operation that hyperlink address based on browser display triggers, or other During the operation of type, generate and carry corresponding URL (or IP address) and the data base of SQL statement Access request sends to database broker node, to ask aforementioned URL or industry corresponding to hyperlink address Business data;Described database broker node receive user terminal send database access request time, When first determining whether the high load capacity currently whether being positioned at database server corresponding to described database access request Between within section.
It should be noted that database broker node also stores the height of each database server of its agency Duration of load application segment information, is likely to be at the time period of high load capacity for describing each database server.Wherein, High load capacity time period information can be manually entered by the management personnel with authority, it is possible to by each database service Device draws according to its real time operation load recorded statistics, and sends to database broker node.Receiving To user terminal send database access request time, it is judged that module 20 directly judges current system time Whether it is the high load capacity time period being positioned at database server corresponding to this database access request, is then Determine that this database server is in high load capacity duty.
It should be noted that in other embodiments, database broker node before agency service is provided, Also include:
Data base's routing device receives the raw data base access request that described user terminal sends, described former Beginning database access request carries the original URL of described user terminal requests, described original URL pair The domain name answered is the original domain name of described user terminal requests;Described data base's routing device is to described user Terminal returns and redirects response message, wraps in the domain name corresponding for URL that described redirection response message carries Include the node identification of the database broker node that described data base's routing device is described user terminal selecting, Database access request is sent to described database broker node, by described data for described user terminal Storehouse agent node provides agency service.
Such as, the URL that user terminal carries in the database access request that database broker node sends For https://www.XXX.com/news/a.html, wherein, content corresponding for www.XXX.com is by rear The database server of platform provides, and provides agency service, data base road by database broker node It is one data base's agent node of user terminal selecting by equipment according to predetermined policy, the data base's generation chosen The node identification of reason node is C1, then constructing new URL is https://C1/www.XXX.com/news/a.html.User terminal sends data base to described new URL Access request, to ask the business datum of the corresponding aforementioned page.
Processing module 30, within the high load capacity time period being currently located at described database server Time, obtain the business datum that the current described database access request stored points to, and after using renewal Send to described user terminal after the described business datum that public key encryption obtains, make for described user terminal Business datum is decrypted with the private key corresponding to the described more newly requested PKI carried;And,
Time outside the high load capacity time period being currently located at described database server, described data base is visited PKI after the request of asking and renewal sends to described database server, for described database server Use the business datum that database access request described in the public key encryption after updating points to, and by after encryption Business datum is back to described user terminal.
It will be appreciated by persons skilled in the art that database server high load capacity work in the case of, The delay of its response database access request will substantially increase, and, along with the database access received please Ask sustainable growth, the process resource consumption of database server will be made totally, in fact it could happen that machine of delaying stops The situation of service.Therefore, in embodiments of the present invention, it is being currently located at described database access request pair Time within the high load capacity time period of the database server answered, first processing module 30 obtains current storage The business datum that described database access request points to, if getting, directly uses the business number got According to providing service.
When getting the business datum that currently stored described data access request is pointed to, processing module 30 Use the described business datum that the public key encryption after updating obtains, and the business datum after encryption is sent extremely Described user terminal.User terminal is in adding of receiving that database broker node (processing module 30) sends After business datum after close, the private key corresponding to the PKI after this renewal is used to decrypt business datum, Present to user.Wherein, processing module 30 is when being encrypted operation to the business datum obtained, specifically The rivest, shamir, adelman such as RSA Algorithm or Elgamal algorithm can be used acquisition based on the PKI after updating Business datum be encrypted.
It should be noted that in other embodiments, described processing module 30 also in preset time period not When receiving the database access request of the business datum pointing to storage, delete the described business datum of storage. Wherein, described preset time period can be configured according to actual needs, and such as, the present embodiment is preset described Time period is set to 24 hours, it will be appreciated by persons skilled in the art that by periodically deleting long-time It is not accessed for business datum, it is possible to promote the utilization rate of database broker node storage space, with more preferably Offer agency service.
Additionally, it is easily understood that outside the high load capacity time period being positioned at database server, several When working according to the non-high load capacity of storehouse server, the data, services that database server can provide normally, number Obviously there is no need according to storehouse agent node to provide agency service.Therefore, in embodiments of the present invention, working as When anteposition is outside the high load capacity time period of database server corresponding to described database access request, place PKI after the direct database access request by reception of reason module 30 and renewal is forwarded to described data Storehouse server, is used database access request described in the public key encryption after updating by described database server The business datum pointed to, and the business datum after encryption is back to described user terminal, by user terminal Corresponding private key is used to decrypt business datum.Wherein, the cryptographic operation that database server is carried out can be joined The cryptographic operation carried out according to processing module 30, here is omitted.
Further, in embodiments of the present invention, processing module 30 recognize be currently located at data base clothes Time outside the high load capacity time period of business device, also judge that currently whether storing described database access request refers to To business datum;
If not storing the business datum pointed by described database access request, then described in it receives Database access request adds the node identification of himself, is returning institute for described database server While stating the business datum extremely described user terminal that database access request points to, described data base is taken The business datum (unencrypted business datum) that business device points to is back to the database broker node at its place;
After receiving the business datum that described database server returns, processing module 30 is by reception Business datum saves as the business datum that described database access request points to, and provides agency clothes for follow-up Business.
The database broker node that the present embodiment proposes, the multiple database servers for rear end provide agency Service, for any database server of rear end, if database broker node is at this database server The high load capacity time period within receive point to this database server database access request, then obtain The business datum that the current described database access request stored points to, and use the public affairs that user terminal updates It is back to described user terminal after the described business datum that key encryption obtains, updates for user terminal Private key corresponding to PKI decrypts business datum.Compared to prior art, the present invention passes through data base's generation Reason node is that database server shares part operating pressure, and the business datum of encrypted transmission, is promoting On the premise of the job stability of database server, improve the safety of data transmission.
Further, based on first embodiment, it is proposed that the second enforcement of database broker node of the present invention Example, in the present embodiment, described judge module 20 is additionally operable to, and is receiving what described user terminal sent During database access request, it is judged that currently whether be positioned at the life cycle of the PKI after renewal;And
Time in the life cycle of the PKI after being currently located at renewal, it is judged that currently whether be positioned at described data Within the high load capacity time period of the database server that storehouse access request is corresponding.
It should be noted that the difference of the present embodiment and first embodiment is, the present embodiment is to being used for adding Close PKI adds the restriction of life cycle, the most only illustrates this difference, and other repeat no more.
Concrete, the life cycle of PKI can also be by the on-demand setting of user with default setting, such as, Default setting life cycle of PKI is " before updating effectively " by the present embodiment, i.e. database broker node Receive more newly requested before, the current PKI continuous and effective stored, receive more newly requested after, The PKI currently stored is updated to more newly requested entrained PKI, and the PKI manufacture after renewal receives Before newly more newly requested, continuous and effective;The most such as, user is all by the existence of PKI based on user terminal Phase is set to 60 minutes, and the most newly requested middle of user terminal transmission will carry PKI to be updated and correspondence thereof Life cycle " 60 minutes ", database broker node receiving user terminal send more newly requested Afterwards, the PKI currently stored is updated to this more newly requested entrained PKI, starts simultaneously at timing, In 60 minutes, this PKI is effective, even if not being newly received more newly requested after 60 minutes, this PKI is also Cannot be continuing with.
In embodiments of the present invention, when receiving the database access request that user terminal sends, it is judged that Module 20 first determines whether the life cycle of the PKI after currently whether being positioned at renewal, is that this PKI is described Effectively, determine whether currently whether be positioned at database server corresponding to described database access request Within the high load capacity time period, to determine the need for providing agency service, specifically can refer to above-mentioned first real Executing example, here is omitted.
PKI for encryption is limited by the present embodiment by life cycle, it is possible to promote number further Safety according to transmission.
Further, based on first embodiment, the 3rd embodiment of database broker node of the present invention is proposed, In the present embodiment, described processing module 30 is additionally operable to, when obtaining the business datum failure stored, and base Obtain and store, in other database broker nodes, the business datum that described database access request points to.
It should be noted that the difference of the present embodiment and first embodiment is, embodiment adds number According to storehouse agent node obtain storage business datum failure time process operation, below only for this distinguish into Row explanation, other repeat no more.
Based on described above, it will be appreciated by persons skilled in the art that database server is at high load capacity In the case of work, the delay of its response database access request will substantially increase, and, along with reception Database access request sustainable growth, the process resource consumption of database server will be made totally, can Can occur that machine of delaying stops the situation of service.Therefore, in embodiments of the present invention, described processing module 20 When obtaining the business datum failure of storage, obtain and store described number based on other database broker nodes The business datum pointed to according to storehouse access request, with the database broker node at processing module 20 place be below First agent's node, other database broker nodes are that second agent's node is specifically described:
First agent's node (processing module 20), when obtaining the business datum failure of storage, is received Database access request be forwarded to second agent's node, wherein, first agent's node is in database access Request is added with for describing the identification information that user terminal is verified, to avoid second agent's node Carry out secondary checking, cause the unnecessary process wasting of resources;Second agent's node is receiving the first generation During the database access request that reason node forwards, recognize the aforementioned mark that this database access request carries Information, the business datum of the described database access request sensing directly obtaining storage is back to first agent Node;First agent's node receive second agent's node return business datum time, will receive industry Business data are stored as the business datum that described database access request points to, and this business datum are back to Described user terminal.
The present embodiment is not storing its database access request indication received by database broker node To business datum time, based on other database broker nodes provide agency service, it is ensured that user terminal energy Enough normally obtain data, services.
Further, based on first embodiment, the 4th embodiment of database broker node of the present invention is proposed, In the present embodiment, described database broker node also includes:
Authentication module, for when receiving user terminal more newly requested, based on described the most newly requested right Described user terminal carries out verification operation;
Described first more new module is additionally operable to when being verified, by that currently store and corresponding described user The PKI of terminal, be updated to described in the more newly requested PKI carried.
It should be noted that the difference of the present embodiment and first embodiment is, the present embodiment is real first On the basis of executing example, add the verification operation to user terminal, illustrate only for this difference below, Other repeat no more.
In embodiments of the present invention, receive user terminal send more newly requested time, first by verifying Module is verified based on the more newly requested identity to user terminal received, and such as, user terminal sends More newly requested in also carry user's user name based on user terminal pre-entered and the password of correspondence, number According to storehouse agent node receive user terminal send more newly requested time, according to the more newly requested use carried Whether the identity of user terminal is verified by name in an account book and password, be authorized to determine the user of correspondence User.After being verified, the more newly requested transmission received is entered by authentication module to the first more new module Row renewal processes, and to start the handling process of agency service, specifically can refer to first embodiment, the most not Repeat again.
The present embodiment is by verifying user terminal, it can be ensured that be used for the PKI of encryption not by illegally No molecule is distorted, and improves the safety storing data.
Further, based on aforementioned any embodiment, it is proposed that the 5th of database broker node of the present invention Embodiment, in the present embodiment, described database broker node also includes:
Second more new module, for updating the high load capacity time period information of each database server of storage.
It should be noted that the difference of the present embodiment and aforementioned any embodiment is, the present embodiment increases Renewal operation to the high load capacity time period information of database server, the most only retouches this difference Stating, other can respectively refer to foregoing embodiments, and here is omitted.
In embodiments of the present invention, it is provided that three kinds of modes updating high load capacity time period information:
One, the second more new module receive the management personnel with default access renewal instruct time, The instruction that updates according to receiving updates the high load capacity time period information of corresponding database server;
Its two, the second more new module receive database server send high load capacity time period information time, By store to should the high load capacity time period information updating of database server be the high load capacity time received Segment information;
Its three, the second more new module timing sends and updates request to each database server, and is receiving During each database server high load capacity time period information based on the more newly requested return received, correspondence is each The high load capacity time period information of data server is updated to the corresponding high load capacity time period information received respectively.
The present embodiment by the high load capacity time period information of each database server stored is updated, Make database broker node can preferably provide agency service, promote database server work further The stability made.
These are only the preferred embodiments of the present invention, not thereby limit the scope of the claims of the present invention, every Utilize equivalent structure or equivalence flow process conversion that description of the invention and accompanying drawing content made, or directly or Connect and be used in other relevant technology neighborhoods, be the most in like manner included in the scope of patent protection of the present invention.

Claims (10)

1. a data bank access method, it is characterised in that described data bank access method includes following step Rapid:
When receiving user terminal more newly requested, database broker node is by that currently store and corresponding The PKI of described user terminal, be updated to described in the more newly requested PKI carried;
When receiving the database access request that described user terminal sends, described database broker node Judge currently whether to be positioned at the high load capacity time period of database server corresponding to described database access request Within;
Time within the high load capacity time period being currently located at described database server, described database broker Node obtains the business datum that the current described database access request stored points to, and after using renewal Send to described user terminal after the described business datum that public key encryption obtains, make for described user terminal Business datum is decrypted with the private key corresponding to the described more newly requested PKI carried;
Time outside the high load capacity time period being currently located at described database server, described database broker PKI after described database access request and renewal is sent extremely described database server by node, with The business that database access request described in public key encryption after updating for described database server points to Data, and the business datum after encryption is back to described user terminal.
Data bank access method the most according to claim 1, it is characterised in that described data base's generation Reason node judges currently whether to be positioned at the high load capacity of database server corresponding to described database access request Before step within time period, also include:
When receiving the database access request that described user terminal sends, described database broker node Judge the life cycle of the PKI after currently whether being positioned at renewal, the most then perform described data base's generation Reason node judges currently whether to be positioned at the high load capacity of database server corresponding to described database access request Step within time period.
Data bank access method the most according to claim 1, it is characterised in that described use updates After the described business datum that obtains of public key encryption after send to before described user terminal, also include:
When obtaining the business datum failure stored, described database broker node is based on other data base's generations Reason node obtains and stores the business datum that described database access request points to, and proceeds to make described in execution The step to described user terminal is sent after the described business datum of the public key encryption acquisition after renewal.
Data bank access method the most according to claim 1, it is characterised in that described data base's generation Reason node by the PKI of that currently store and corresponding described user terminal, be updated to described in more newly requested carry PKI step before, also include:
When receiving user terminal more newly requested, described database broker node please based on described renewal Ask and described user terminal is carried out verification operation;
When being verified, perform described database broker node by that currently store and corresponding described user The PKI of terminal, be updated to described in the step of the more newly requested PKI carried.
5. according to the data bank access method described in any one of claim 1-4, it is characterised in that described Data bank access method, also includes:
The high load capacity time period information of each database server that described database broker node updates stores.
6. a database broker node, it is characterised in that described database broker node includes:
First more new module, for when receiving user terminal more newly requested, by that currently store and The PKI of corresponding described user terminal, be updated to described in the more newly requested PKI carried;
Judge module, for when receiving the database access request that described user terminal sends, it is judged that The current high load capacity time period whether being positioned at database server corresponding to described database access request it In;
Processing module, within the high load capacity time period being currently located at described database server time, Obtain the business datum that the current described database access request stored points to, and use the PKI after renewal Send after the described business datum that encryption obtains to described user terminal, use institute for described user terminal State the private key corresponding to the more newly requested PKI carried and decrypt business datum;And,
Time outside the high load capacity time period being currently located at described database server, described data base is visited PKI after the request of asking and renewal sends to described database server, for described database server Use the business datum that database access request described in the public key encryption after updating points to, and by after encryption Business datum is back to described user terminal.
Database broker node the most according to claim 6, it is characterised in that described judge module It is additionally operable to, when receiving the database access request that described user terminal sends, it is judged that currently the most whether position In the life cycle of the PKI after updating;And
Time in the life cycle of the PKI after being currently located at renewal, it is judged that currently whether be positioned at described data Within the high load capacity time period of the database server that storehouse access request is corresponding.
Database broker node the most according to claim 6, it is characterised in that described processing module It is additionally operable to, when obtaining the business datum failure stored, obtains based on other database broker nodes and store up Deposit the business datum that described database access request points to.
Database broker node the most according to claim 6, it is characterised in that described data base's generation Reason node also includes:
Authentication module, for when receiving user terminal more newly requested, based on described the most newly requested right Described user terminal carries out verification operation;
Described first more new module is additionally operable to when being verified, by that currently store and corresponding described user The PKI of terminal, be updated to described in the more newly requested PKI carried.
10. according to the database broker node described in any one of claim 6-9, it is characterised in that institute State database broker node also to include:
Second more new module, for updating the high load capacity time period information of each database server of storage.
CN201610310488.7A 2016-05-11 2016-05-11 Data bank access method and database broker node Active CN106021375B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610310488.7A CN106021375B (en) 2016-05-11 2016-05-11 Data bank access method and database broker node

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610310488.7A CN106021375B (en) 2016-05-11 2016-05-11 Data bank access method and database broker node

Publications (2)

Publication Number Publication Date
CN106021375A true CN106021375A (en) 2016-10-12
CN106021375B CN106021375B (en) 2019-11-26

Family

ID=57099913

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610310488.7A Active CN106021375B (en) 2016-05-11 2016-05-11 Data bank access method and database broker node

Country Status (1)

Country Link
CN (1) CN106021375B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107545031A (en) * 2017-07-17 2018-01-05 招商银行股份有限公司 Account comprehensive inquiry service, system and computer-readable recording medium
CN110457944A (en) * 2019-08-02 2019-11-15 爱友智信息科技(苏州)有限公司 A kind of data sharing method and system
CN110941838A (en) * 2019-11-12 2020-03-31 深圳昂楷科技有限公司 Database access method and device and electronic equipment
CN111355693A (en) * 2018-12-24 2020-06-30 北京奇虎科技有限公司 Method and device for realizing proxy service, electronic equipment and storage medium
CN113342370A (en) * 2021-05-25 2021-09-03 北京小米移动软件有限公司 Configuration updating method and device, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1928873A (en) * 2006-09-25 2007-03-14 华为技术有限公司 System and method for database access for implementing load sharing
WO2012086918A2 (en) * 2010-12-24 2012-06-28 (주)케이티 Distributed storage system for distributed storing of object based on position of plurality of data nodes, method for distributed storing based on same position, and storage medium readable by computer
CN103729373A (en) * 2012-10-15 2014-04-16 北京新媒传信科技有限公司 Database agency method and device
CN105227577A (en) * 2015-10-27 2016-01-06 江苏电力信息技术有限公司 Unified database access agent equalization methods under a kind of multi-client

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1928873A (en) * 2006-09-25 2007-03-14 华为技术有限公司 System and method for database access for implementing load sharing
WO2012086918A2 (en) * 2010-12-24 2012-06-28 (주)케이티 Distributed storage system for distributed storing of object based on position of plurality of data nodes, method for distributed storing based on same position, and storage medium readable by computer
CN103729373A (en) * 2012-10-15 2014-04-16 北京新媒传信科技有限公司 Database agency method and device
CN105227577A (en) * 2015-10-27 2016-01-06 江苏电力信息技术有限公司 Unified database access agent equalization methods under a kind of multi-client

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107545031A (en) * 2017-07-17 2018-01-05 招商银行股份有限公司 Account comprehensive inquiry service, system and computer-readable recording medium
CN111355693A (en) * 2018-12-24 2020-06-30 北京奇虎科技有限公司 Method and device for realizing proxy service, electronic equipment and storage medium
CN110457944A (en) * 2019-08-02 2019-11-15 爱友智信息科技(苏州)有限公司 A kind of data sharing method and system
CN110457944B (en) * 2019-08-02 2023-08-25 爱友智信息科技(苏州)有限公司 Data sharing method and system
CN110941838A (en) * 2019-11-12 2020-03-31 深圳昂楷科技有限公司 Database access method and device and electronic equipment
CN110941838B (en) * 2019-11-12 2024-03-01 深圳昂楷科技有限公司 Database access method and device and electronic equipment
CN113342370A (en) * 2021-05-25 2021-09-03 北京小米移动软件有限公司 Configuration updating method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN106021375B (en) 2019-11-26

Similar Documents

Publication Publication Date Title
CN110324287B (en) Access authentication method, device and server
Raju et al. Identity management using blockchain for cognitive cellular networks
Razouk et al. A new security middleware architecture based on fog computing and cloud to support IoT constrained devices
CN102771102B (en) The network of distribute digital content and management method
CN101873331B (en) Safety authentication method and system
CN106021375A (en) Database access method and database agent node
CN110311899A (en) Multiservice system access method, device and server
CN110213223B (en) Service management method, device, system, computer equipment and storage medium
CN105553920A (en) Data interaction method, apparatus, and system
CN108243176B (en) Data transmission method and device
CN105207996A (en) Account merging method and apparatus
EP2924944B1 (en) Network authentication
CN105956143B (en) Data bank access method and database broker node
CN101834861A (en) Method for protecting track privacy by forwarding inquiries based on neighboring nodes in location service
EP2624612A1 (en) A method for near field communication operation, a device and a system thereto
CN103905399A (en) Account registration management method and apparatus
CN109819068A (en) User terminal and its block chain domain name analytic method
CN102186173A (en) Identity authentication method and system
CN105577619B (en) Client login method, client and system
WO2016115759A1 (en) Method for logging in website, server, client and peripheral
CN102970308A (en) User authentication method and server
CN108737390A (en) Protect the authentication method and system of user name privacy
CN104322031A (en) Implementing policies for an enterprise network using policy instructions that are executed through a local policy framework
WO2017210914A1 (en) Method and apparatus for transmitting information
CN1885768B (en) Worldwide web authentication method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 518057 Shenzhen Software Park, Nanshan District high tech Industrial Park, Guangdong, China,, 6 401-402

Applicant after: Yongxing Shenzhen Polytron Technologies Inc

Address before: 518057 Shenzhen Software Park, Nanshan District high tech Industrial Park, Guangdong, China,, 6 401-402

Applicant before: Shenzhen Longrise Technology Co., Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant