CN-121984716-A - Factory management system data access method and system based on double-entry hybrid deployment

Abstract

The invention relates to a factory management system data access method and system based on dual-inlet hybrid deployment, which effectively realize the deep decoupling of independent deployment feeling of a client side and actual cloud storage through a dual-inlet hybrid deployment architecture and a dynamic perception control mechanism, so that middle and small enterprise users feel a traditional local deployment system in the use process, thereby eliminating psychological barriers to cloud on data, simultaneously, core production data are all stored in the cloud in a centralized way, professional security protection capability and low-cost storage advantages of cloud service providers are fully utilized, and a corporate headquarter can access production operation data of the client factory in real time and directly through an independent public network inlet, thereby realizing efficient remote management and control and unified coordination of multiple factories. The proposal balances the contradiction of three aspects of safety, cost and management efficiency on the premise of not increasing the load of local hardware of clients and not sacrificing data consistency, and is particularly suitable for the digital transformation requirement of vast middle-small manufacturing enterprises in China at present.

Inventors

• XIONG JIAN

Assignees

• 南京前沿创业投资有限公司

Dates

Publication Date

20260505

Application Date

20251231

Claims (10)

1. 1. A factory management system data access method based on double-entry hybrid deployment is characterized by comprising the following steps of, Receiving an access request at a local portal server, calculating an access source trust level according to a request source, and calculating a perceived independent deployment tendency based on the trust level, a local cache hit rate and a cloud delay compensation factor; Calculating a dynamic routing decision factor based on the perceived independent deployment tendency, the system security risk index and the access source trust level, and determining a proxy mode; And calculating the local data visibility mask intensity on the local portal server according to the determined proxy mode and the dynamic routing decision factor to control the user interface display strategy of the sensitive field, and simultaneously uploading the core business write operation to the cloud data server through the encryption channel according to the proxy mode to execute actual storage.
2. 2. The method for data access of a plant management system based on a dual entry hybrid deployment as defined in claim 1, wherein computing an access source trust hierarchy based on the request source comprises, After the local portal server receives the access request, acquiring an authorization instruction value, a time attenuation factor and an intranet instruction value corresponding to a request source in a currently maintained state table through an encryption channel between the local portal server and the cloud data server; based on the obtained authorized indication value, time attenuation factor and intranet indication value, the access source trust grading is calculated in real time The formula is: ; Wherein, the For the normalized coefficient to be a function of the normalized coefficient, Is the weight of the indication value of the internal network, Whether an indication from the customer's intranet is requested for the current time t, For the weight of the authorized indication value, Whether the request matches an indication of corporate headquarter authorization for the current time t, As the weight of the time-decay factor, And the normalized attenuation factor of the time difference between the current time t and the last successful authentication is obtained.
3. 3. The method for accessing plant management system data based on dual-portal hybrid deployment of claim 2, wherein calculating the perceived independent deployment propensity based on the trust hierarchy, local cache hit rate, and cloud latency compensation factor comprises, Acquiring real-time counted cache hit ratio of local cache management module at local entry server And a delay compensation factor calculated according to the actual measured cloud round trip delay ; Based on current cache hit ratio and cloud latency compensation factor and the access source trust hierarchy Calculating the perceived independent deployment tendencies The formula is: ; Wherein, the To trust the coefficients of the hierarchical inverse weights, For the coefficients of the inverse weights of the cache hits, The coefficients of the weights are compensated for delay.
4. 4. The method for accessing plant management system data based on dual-portal hybrid deployment of claim 3, wherein the computing a dynamic routing decision factor based on perceived independent deployment tendencies, system security risk indices, and access source trust hierarchies, determining a proxy mode comprises, Receiving a current system security risk index issued by a cloud data server at a local portal server ; Combining the perceived independent deployment tendencies And said access source trust hierarchy Calculating the dynamic routing decision factor The formula is: ; Wherein, the Adjusting parameters for sensitivity; to be calculated to obtain Respectively with preset forced local agent triggering threshold values And a direct cloud pass-through security acceptance threshold Comparing, and determining the proxy mode accessed currently according to the comparison result; When (when) When the local agent mode is determined to be the forced local agent mode; When (when) When the method is used, determining a progressive mixed proxy mode; When (when) And determining a direct cloud transparent transmission mode.
5. 5. The method for data access of a plant management system based on dual ingress hybrid deployment of claim 4, wherein said computing local data visibility mask strength at a local ingress server based on said determined proxy mode and dynamic routing decision factor to control a user interface display policy of sensitive fields comprises, When entering the forced local proxy mode or the progressive mixed proxy mode, the local entry server counts the number of sensitive fields related to the request And request depth ; Combining the dynamic routing decision factors And access source trust hierarchy Calculating the local data visibility mask intensity The formula is: ; Wherein, the For adjusting the coefficient; According to The value determines the intensity of the mask execution for the sensitive field, The higher the value, the stronger the hiding, blurring or visual cue strength for the sensitive field; after determining to enter a progressive hybrid proxy mode, determining a moderate mask strength according to a DRDF (t) value on a local portal server and applying the moderate mask strength to realize transition control of sensitive field display; When the direct cloud transparent transmission mode is entered, the user interface display request is directly transmitted to the cloud data server for processing.
6. 6. The method for accessing plant management system data based on dual-portal hybrid deployment as defined in claim 5, wherein the uploading the core service write operation to the cloud data server via the encrypted channel according to the proxy mode comprises performing actual storage, In the forced local proxy mode, when receiving a core service write operation, the local portal server generates a temporary transaction identifier, and ranks the write operation content, the temporary transaction identifier and the current access source trust Dynamic routing decision factors The data are sent to a cloud data server through an encryption channel to execute actual writing; In a progressive mixed proxy mode, the local portal server performs partial local temporary storage on the core business write operation, and simultaneously sends the rest operation content to the cloud data server through an encryption channel, and after the cloud data server returns a new version number and a new verification value, the local temporary storage and the merging of cloud data are completed; In a direct cloud transparent transmission mode, a local portal server directly transmits core service write operation content and a temporary transaction identifier to a cloud data server through an encryption channel to execute complete writing; After the cloud data server finishes writing, a new version number and a verification value are returned to the local portal server, and the local portal server is used for carrying out the current writing according to the current version number and the verification value And updating the user interface in a local instant refreshing mode, a progressive synchronous refreshing mode or a delayed polling mode of the interface.
7. 7. The method for accessing plant management system data based on dual-portal hybrid deployment of claim 1, further comprising, After each period of incremental data synchronization is completed, the cloud data server transmits a system security risk index of the current period; local portal server collection of recent history-aware independent deployment propensity averages Recent historical local data visibility mask intensity average ; Calculating perceived safety satisfaction by combining current safety risk evaluation value The formula is: ; Wherein, the For the non-linear influencing parameter of the intensity of the mask, Contributing parameters for perceived trends; When (when) When the threshold is lower than a preset perception security minimum threshold, the forced local agent triggering threshold is improved To enhance the home agent propensity of subsequent access requests.
8. 8. The factory management system data access system based on double-entry hybrid deployment is characterized by comprising a perception tendency calculation module, a dynamic routing decision module and a write operation control module; The perception tendency calculation module is used for receiving an access request at the local portal server, calculating an access source trust level according to a request source, and calculating perception independent deployment tendency based on the trust level, the local cache hit rate and a cloud delay compensation factor; The dynamic routing decision module is used for calculating a dynamic routing decision factor based on the perceived independent deployment tendency, the system security risk index and the access source trust level, and determining a proxy mode; The write operation control module is used for calculating the local data visibility mask intensity on the local portal server according to the determined proxy mode and the dynamic routing decision factor so as to control the user interface display strategy of the sensitive field, and simultaneously, the write operation control module is used for uploading the core business write operation to the cloud data server through the encryption channel according to the proxy mode to execute actual storage.
9. 9. An electronic device comprising a memory and a processor, wherein the memory stores a computer program executable on the processor, the processor implementing the steps in the method for factory management system data access based on dual-portal hybrid deployments as defined in any of claims 1-7 when the program is executed on the processor.
10. 10. A storage medium storing a computer program, wherein the computer program when executed by a processor performs the steps in the method for accessing plant management system data based on dual-portal hybrid deployment as set forth in any one of claims 1-7.

Description

Factory management system data access method and system based on double-entry hybrid deployment Technical Field The invention belongs to the technical field of cloud computing, and particularly relates to a factory management system data access method and system based on dual-inlet hybrid deployment. Background With the deep advancement of industry 4.0 and intelligent manufacturing, factory management systems (including MES, ERP, WMS and the like) gradually evolve from traditional local independent deployment to clouding and SaaS. Cloud deployment mode has become a mainstream development trend of industry by virtue of elastic expansion, low operation and maintenance cost, high availability and convenient remote access capability. Large-scale manufacturing enterprises can accept and actively adopt a pure cloud or mixed cloud scheme to realize real-time management and control and data centralized analysis of the headquarters on multiple factories. However, there are significant differences in the situation for large, medium and small enterprises, especially small and medium-sized factories in camps. Because of data security concerns, frequent cases of industry information leakage, and strong psychological demands for "data ownership", most small and medium business owners maintain a high degree of conflict in the mode of completely hosting core production data (e.g., process formulas, order details, quality records, stock real-time status, etc.) to the cloud, rather select a purely local deployment scheme with high cost and poor expansibility, and also do not accept the potential risks brought by cloud storage. At present, although some hybrid deployment schemes (such as a local front end+a cloud back end, an edge computing gateway and the like) exist, the schemes still always require clients to clearly know and accept the fact that data is clouded, or a local server still needs to store part of core service data, so that psychological barriers of clients cannot be completely eliminated, and cost and safety advantages brought by centralized storage in a cloud are difficult to realize. The existing hybrid deployment method lacks an effective decoupling mechanism and a dynamic control means between client-aware independent deployment and actual cloud centralized storage, and is difficult to simultaneously meet the triple requirements of small and medium enterprises on security, cost control and headquarter remote management and control. Disclosure of Invention The invention aims to provide a factory management system data access method and system based on dual-entry hybrid deployment, which are used for solving the problem of realizing the actual centralized storage of core business data in a cloud and simultaneously supporting the real-time remote access and management control of a company headquarters to customer factory data on the premise of not changing the subjective perception of 'data storage in local' of customers. To achieve one of the above objects, an embodiment of the present invention provides a method for accessing data of a plant management system based on a dual-portal hybrid deployment, the method comprising, Receiving an access request at a local portal server, calculating an access source trust level according to a request source, and calculating a perceived independent deployment tendency based on the trust level, a local cache hit rate and a cloud delay compensation factor; Calculating a dynamic routing decision factor based on the perceived independent deployment tendency, the system security risk index and the access source trust level, and determining a proxy mode; And calculating the local data visibility mask intensity on the local portal server according to the determined proxy mode and the dynamic routing decision factor to control the user interface display strategy of the sensitive field, and simultaneously uploading the core business write operation to the cloud data server through the encryption channel according to the proxy mode to execute actual storage. As a further refinement of an embodiment of the present invention, the method further comprises, the computing an access source trust rating from the request source comprises, After the local portal server receives the access request, acquiring an authorization instruction value, a time attenuation factor and an intranet instruction value corresponding to a request source in a currently maintained state table through an encryption channel between the local portal server and the cloud data server; based on the obtained authorized indication value, time attenuation factor and intranet indication value, the access source trust grading is calculated in real time The formula is: Wherein, the For the normalized coefficient to be a function of the normalized coefficient,Is the weight of the indication value of the internal network,Whether an indication from the customer's intranet is requested for the current time t,For the weight