Under cross-platform data synchronization of corporate security policies: Gengchang Yu 1, 2 Zhuyun Wen, Hong Jiandong 2, Ti 1 ranking Published: 2001/05/28
Abstract: This paper explores the method of cross-platform data synchronization, and examples show the application of cross-platform data synchronization in design intranet automation tools under enterprise security policies. Keywords: Enterprise Security Policy, Intranet Automation, Socket Communication, Component Programming
text:
Cross-platform data synchronization under the enterprise security policy
1 Introduction The benefits of the B-S development model have been discussed, and the application of intranet automation tools in modern enterprise automation is increasingly popular. With the development of modern enterprises, the trend of sub-division and distribution of globalization occurred between various departments in modern enterprises. The trend of division of labor is fine and distributed, making it difficult for all departments to find a more complete accessible data and tools that can be used independently between departments, and each department will develop their own intranet automation tools according to this The sectoral features and resource conditions choose your own intranet release platform. On the one hand, the authorized data release platform affects the selection of the Department to the intranet publishing platform to some extent; on the other hand, while selecting its own intranet publishing platform, the department that is originally shared with other departments is also corresponding I chose my own data release platform. At the same time, the synergy between various departments within modern enterprises is getting closer, and data that usually need to access between different departments can be updated synchronously, or at least data synchronization can be performed within a certain time interval. Although most of the database products have their own TCP / IP-based access, in the policy of corporate security, each department usually changes the configuration of the access method of the IP port, and develops its internal data access tools; Some departments have rarely disclose usernames and passwords accessed by the database even if the default settings of the database product are used. Therefore, it is hardly feasible cross-platform data access and synchronization between the various departments through the Database Client Access Tool. This article is a summary of data synchronization problem facilities facing the development of intranet automation tools during the Motorola China Software Center Internship. 2 Several cross-platform data synchronization schemes need to briefly introduce the design purposes and conditions of the Intranet automation tool developed before introducing common cross-platform data synchronization methods. The Intranet Automation tool developed is an ASP application running on the Windows NT platform. Its design is to include CR Tracking (Change Request TRACKING, Change Request Tracking) on the local Windows NT platform contains Cr Tracking on the US UNIX platform. Information Rational ClearDTS (Distributed Defects Tracking System, Distributed Error Tracking System. Herely DDTS) Database Synchronous Updates to implement local web access and tracking of CR information. The functions required in the data synchronization process include: Get new data in the DDTS database is used for the addition of the Access database, get the field value specified in the DDTS database is used for updates to the Access database. Before connecting the intranet automation tool, the project group already has a CR TRACKING Intranet tool that uses the tool to make CR input, modification, query, and list statistics. The intranet tool requires the CR-related person to actively use the DDTS tool to query the relevant CR information, and enter the information on the Web Enter page to the WEB server for CR tracking. The data synchronization method used by this intranet tool is to use the DDTS data access tool, manual data synchronization. The method of synchronization of this data is simple, but the operation is cumbersome, especially when the query needs to be repeatedly entered into similar SQL statements, so that this work is boring. In terms of strict sense, this is not a solution that is synchronized across platform data. Considering that most database products have their own TCP / IP-based access methods, requiring the relevant departments to open the IP port access and restricted usernames and passwords of the relevant department to open the INTRANET developers may be a simple implementation cross-platform data synchronization. method.
Using this method, simply install the appropriate ODBC driver in the Windows NT web server, then use ADO programming when designing ASP programs, simple query and addition, modification of data can be synchronized across platform data, design is very simple . However, this method has two problems: First, while the username and password accessed by the Open Database IP port, it is a security hazard to the department where the database is located. Once the web server is attacked and the username and password are steadped. The open database is also in the risk of being attacked; two, some departments use the third-party database-based tool (such as DDTS tool), and its department itself does not have a database management authority, which is not possible. Add username and allocate permissions. During the development process, a cross-platform data synchronization method based on Socket communication is employed. 3 A socket-based data synchronization method based on Socket Communication Based on the inter-platform data synchronization method of Socket communication, the concept of client / server is developed, and the SOCKET server responsible for listening is also responsible for listening on a computer that belongs to different platforms. Connected Socket client. Take the field value specified in the DDTS database as an example. When the client and server connection are successful, the client sends the keyword of the associated CR to the server and the field name that needs to be acquired, the server gets the customer by calling the corresponding command of the DDTS tool. The field data required for the end is sent to the client. Here, the Socket server runs on the US UNIX host where DDTS is located, using multi-process programming.
Among them, the key code to connect to the socket listener, the connection and the data transfer section is as follows (to get the field value specified in the DDTS database): void fireman () / * Clear the deadlock process * / {Signal (SIGNAL (SIGNAL (SIGNAL (SIGNAL (SIGNAL (SIGNAL (SIGNAL (SIGNAL (SIGNAL (SIGNLD, FIREMAN); while (WaitPID (-1, null, wnohang> 0);} int main () {/ * ... variable declaration, initialization * / signal (sigchld, fireman); / * Specify signal processing handle to clear the dead process * / if ((Sockfd = Socket (AF_INET, SOCK_STREAM, 0) <0) Return Printf ("Can Not Open TCP Socket!"); Bzero ((char *) & serv_addr, sizeof (serv_addr)); serv_addr.sin_family = Af_Inet; Serv_addr .SIN_ADDR.S_ADDR = HTONL (INADDR_Any); serv_addr.sin_port = htons (portnum); / * Specify port number * / if (bind (Sockfd, (STRUCKADDR *) & serv_addr, sizeof (serv_addr)) <0) Return Printf "Bind socket error!"); Listen (sockfd, 5); for (;;;) {IF ((newsockfd = accept (sockfd)) <0) / * Establish connection * / {if (errno == eintr) / * Eintr Might Happen on Accept (), * / Continue; / * Try Again * / Return Printf ("can not accept news"); / * BAD * / EXIT (1);} if ((ChildPid = fork ()) = = 0) {Close (SOCKFD); Socketopen = 1; While (socketopen == 1) {readn (newsockfd, buf, 10); buf [10] = 0; strcpy (cr_no, buf); writen (newsckfd, "ok ", 2); readn (newsockfd, buf, 3); buffer [3] = 0; len = ATOI (BUF); Writen (newsockfd, "ok", 2); readn (newsockfd, buf, len); buf [len] = 0; strcpy (field_name, buf); / * Get Socket request data * / strcpy (cmd, home); strcat (cmd, "get_ddts_field defects); strcat (cmd, cr_no); strcat (cmd,"); strcat (cmd, field_name); PTR = POPEN (CMD, "R"); / * Run Query Script * / MEMSET (BUF, 0, BUFSIZ); I = FREAD (BUF, BUFSIZ, 1, PTR); IF (Strlen (BUF) == 0) STRCPY (BUF, "Not Exist!"); WRITEN (Newsockfd, Buf, Strlen) (NEWSOCKFD, BUF, STRLEN BUF) -1); / * Send query result * / pClose (PT);} EXIT (0);} Elseclose (newsockfd); Continue;}} code, the establishment of connection is generated EINTR error processing and SIGCHLD The processing of the signal is the key. If the processing is not good, it will appear in a case where the zombie process cannot be caused multiple connections and connection shutdown.
During the development process, use the POPEN function to run a Perl script get_ddts_field and return the result through the pipeline, which uses the DDTS tool for database query. This approach takes full advantage of the flexibility of the existing tools and Perl languages. To ensure that the listener is always running, the method we use is to add an instruction to the system crontab of the UNIX host so that the system checks whether the listener SCKSVR is running every other minute, and the system is abnormal due to the system Restart down. Use the crontab command to add a command to the system crontab to perform a specific command for the system to perform a specific command per minute is as follows:> crontab * * * * /Home/start1/a16635/bin/start_scksvr.sh About UNIX Help documentation. Check if the listener SCKSVR is running the shell script start_scksvr.sh as follows: #! / Bin / sh / bin / ps -ef -o comm | grep "^ /. * / Scksvr"> / dev / null 2> / dev / NULLIF [$? -ne 0] THEN HOME / ANT1 / A16635 / BIN / SCKSVR &> / DEV / NULL 2> / dev / nullfi client runs on the Windows NT platform, using Microsoft Visual C ATL (Active Template Library Template COM development and MFC Socket programming make a COM component. Using COM components can avoid programming using the Winsock ActiveX control in multiple ASP files, implement code multiplexing. The COM component is also used for some VBScript scripts that use this COM component and access the local database to achieve data synchronization. Use Windows NT's schedule server to run these VBScript scripts to automatically synchronize these VBScript scripts. In Visual C , the COM component development process is used in the Visual C , select the ATL COM AppWizard in the Projects panel in the New Dialog box of Visual C , and enter the project name to enter the ATL COM AppWizard dialog box, in the ATL COM Appwizard dialog box. Select the Support MFC to enable Socket programming using the CSocket class. In the generated ATL project, create a new ATL Object in the INSERT menu, Visual C will automatically generate an interface definition IDL file and a class corresponding to the Full Control. Right-click New Full Control, Add Method, or Properties in ClassView, Visual C will automatically add a corresponding interface in the IDL file and add a declaration and definition of the implementation of method or attribute read and write to its corresponding classes. The following is to join the implementation code of the method or attribute read and write.
Use MFC CSocket classes Socket Connect program codes can be implemented with reference to methods and methods CRTool GetCRField of: STDMETHODIMP CCRTool :: Connect () {AFX_MANAGE_STATE (AfxGetStaticModuleState ()) USES_CONVERSION; // string conversionif (m_bConnected) return S_OK; if (AfxSocketInit! ()) {m_bConnected = false; return S_OK;} m_pSocket = new CSocket (); if (m_pSocket-> Create (!)) {delete m_pSocket; m_pSocket = NULL; m_bConnected = false; return S_OK;} while (m_pSocket-! > Connect (OLE2A (m_strHost), m_nPort)) {delete m_pSocket; m_pSocket = NULL; m_bConnected = false; return S_OK;} m_bConnected = true; return S_OK;} STDMETHODIMP CCRTool :: GetCRField (VARIANT * pCRNO, short LengthofFieldName, VARIANT * pFieldName, VARIANT * pFieldValue) {AFX_MANAGE_STATE (AfxGetStaticModuleState ()) USES_CONVERSION; // string conversionchar SendBuffer [4], ReceiveBuffer [4097]; memset (SendBuffer, 0, 4); memset (ReceiveBuffer, 0, 4097); // Send The crNM_PSocket-> Send (OLE2A (PCRNO-> BSTRVAL), 10); M_PSocket-> Receive (ReceiveBuffer, 2); // length of fieldnamesprintf ((char *) sendbuffer, "% 3d", lengthoffieldname; m_ps ocket-> Send (SendBuffer, 3); m_pSocket-> Receive (ReceiveBuffer, 2); // Send the FieldNamem_pSocket-> Send (OLE2A (pFieldName-> bstrVal), LengthofFieldName); // Receive the FieldValuememset (ReceiveBuffer, 0, 4097); m_pSocket-> Receive (ReceiveBuffer, 4096); pFieldValue-> bstrVal = SysAllocString (A2OLE (ReceiveBuffer)); / * A2OLE allocates memory off the stack, which isautomatically freed when your method exits.You need to use SysAllocString *. / RETURN S_OK;} Use variant * Type variables to pass the return value of GetCrfield because only Variant types of variables are allowed to pass to COM components in accordance with references. In addition, it should be noted that SysallocString should be used to allocate memory when returning results. 4 Conclusion The text analyzes the problems and several data synchronization methods faced by cross-platform data under the enterprise security policy. Based on Socket communication based on the advantages and disadvantages of the Handmade Synchronization and Open Database Access IP Port. .
