Search

US-12621297-B2 - Data processing method, device, and apparatus, and storage medium

US12621297B2US 12621297 B2US12621297 B2US 12621297B2US-12621297-B2

Abstract

A data processing method applied to a service terminal includes receiving an authorization request sent by a target client terminal. The authorization request includes target path information of the target client terminal. The method further includes searching for a target identifier matching the target path information in an authorization list including at least one authorization identifier. The authorization identifier is generated at least based on network path information of an authorized client terminal. The method further includes sending the target identifier to the target client terminal to cause the target client terminal to control a target application to run according to the target identifier.

Inventors

  • Ning Zhang

Assignees

  • LENOVO (BEIJING) LIMITED

Dates

Publication Date
20260505
Application Date
20230315
Priority Date
20220610

Claims (13)

  1. 1 . A data processing method applied to a service terminal, comprising: receiving an authorization request sent by a target client terminal, the authorization request including target path information of the target client terminal; searching for a target identifier matching the target path information in an authorization list including at least one authorization identifier, the authorization identifier being generated at least based on network path information of an authorized client terminal, wherein generating the authorization identifier includes calculating the network path information of the authorized client terminal and network path information of the service terminal to obtain the authorization identifier of the authorized client terminal, and wherein: the network path information of the authorized client includes identity information of one or more network nodes connected in a network path from a target node to the authorized client terminal; the network path information of the service terminal includes identity information of one or more network nodes connected in a network path from the target node to the service terminal; and the target node is a node determined from common upper nodes of the authorized client terminal and the service terminal; and controlling the target client terminal to run a target application according to the target identifier, including: controlling the target client terminal to perform verification on the target identifier according to the target node corresponding to the target identifier and run the target application according to an obtained verification result.
  2. 2 . The method of claim 1 , wherein the target client terminal performing the verification on the target identifier according to the target node and control the target application to run according to the obtained verification result includes: obtaining second network path information of the target client terminal according to the target node; determining whether the second network path information matches the target identifier; and in response to the second network path information matching the target identifier, obtaining running permission of the target application, wherein the target application is allowed to operate on the target client under the operation authority.
  3. 3 . The method of claim 1 , wherein the target node is selected from a gateway node, a domain name resolution node, and a preset network node in a network where the authorized client terminal and the service terminal are located.
  4. 4 . The method of claim 1 , wherein computing the network path information of the authorized client terminal and the network path information of the service terminal to obtain the authorization identifier of the authorized client terminal includes: performing a logical operation on the network path information of the authorized client terminal and the network path information of the service terminal to obtain an operation result; and performing conversion on the operation result to obtain the authorization identifier of the authorized client terminal.
  5. 5 . The method of claim 4 , wherein: performing the logical operation on the network path information of the authorized client terminal and the network path information of the service terminal to obtain the operation result includes: performing XNOR operation on binary network path information of the authorized client terminal and binary network path information of the service terminal to obtain a binary string corresponding to XNOR result bits that are continuously 1 in the binary network path information; and performing the conversion on the operation result to obtain the authorization identifier of the authorized client terminal includes: converting the binary string into hexadecimal to obtain the authorization identifier of the authorized client terminal.
  6. 6 . The method of claim 1 , wherein the service terminal and the authorized client terminal are running environments of an application running in a container or a virtual machine.
  7. 7 . An electronic apparatus, comprising: a processor; and a memory storing a computer program that, when executed by the processor, causes the processor to perform the operations: receiving an authorization request sent by a target client terminal, the authorization request including target path information of the target client terminal; searching for a target identifier matching the target path information in an authorization list including at least one authorization identifier, the authorization identifier being generated at least based on network path information of an authorized client terminal, wherein generating the authorization identifier includes calculating the network path information of the authorized client terminal and network path information of the service terminal to obtain the authorization identifier of the authorized client terminal, and wherein: the network path information of the authorized client includes identity information of one or more network nodes connected in a network path from a target node to the authorized client terminal; the network path information of the service terminal includes identity information of one or more network nodes connected in a network path from the target node to the service terminal; and the target node is a node determined from common upper nodes of the authorized client terminal and the service terminal; and controlling the target client terminal to run a target application according to the target identifier, including: controlling the target client terminal to perform verification on the target identifier according to the target node corresponding to the target identifier and run the target application according to an obtained verification result.
  8. 8 . The apparatus of claim 7 , wherein the processor is further configured to: obtain second network path information of the target client terminal according to the target node; determine whether the second network path information matches the target identifier; and in response to the second network path information matching the target identifier, obtain running permission of the target application, wherein the target application is allowed to operate on the target client under the operation authority.
  9. 9 . The apparatus of claim 7 , wherein the target node is selected from a gateway node, a domain name resolution node, and a preset network node in a network where the authorized client terminal and the service terminal are located.
  10. 10 . The apparatus of claim 7 , wherein the processor is further configured to: perform a logical operation on the network path information of the authorized client terminal and the network path information of the service terminal to obtain an operation result; and perform conversion on the operation result to obtain the authorization identifier of the authorized client terminal.
  11. 11 . The apparatus of claim 10 , wherein the processor is further configured to: perform XNOR operation on binary network path information of the authorized client terminal and binary network path information of the service terminal to obtain a binary string corresponding to XNOR result bits that are continuously 1 in the binary network path information; and convert the binary string into hexadecimal to obtain the authorization identifier of the authorized client terminal.
  12. 12 . The apparatus of claim 7 , wherein the service terminal and the authorized client terminal are running environments of an application running in a container or a virtual machine.
  13. 13 . A data processing method applied to a service terminal, comprising: receiving an authorization request sent by a target client terminal, the authorization request including target path information of the target client terminal; searching for a target identifier matching the target path information in an authorization list including at least one authorization identifier, the authorization identifier being generated at least based on network path information of an authorized client terminal, wherein generating the authorization identifier includes calculating the network path information of the authorized client terminal and network path information of the service terminal to obtain the authorization identifier of the authorized client terminal, including: performing a logical operation on the network path information of the authorized client terminal and the network path information of the service terminal to obtain an operation result, including: performing XNOR operation on binary network path information of the authorized client terminal and binary network path information of the service terminal to obtain a binary string corresponding to XNOR result bits that are continuously 1 in the binary network path information; and performing conversion on the operation result to obtain the authorization identifier of the authorized client terminal, including: converting the binary string into hexadecimal to obtain the authorization identifier of the authorized client terminal; and controlling the target client terminal to run a target application according to the target identifier.

Description

CROSS-REFERENCE TO RELATED APPLICATION This application claims priority to Chinese Patent Application No. 202210654185.2, filed on Jun. 10, 2022, the entire content of which is incorporated herein by reference. TECHNICAL FIELD The present disclosure relates to the computer technology field and, more particularly, to a data processing method and a device. BACKGROUND A software authorization mode is when a software provider generates an authorization identifier according to a machine code of an electronic apparatus. The machine code is generated according to a serial number of a hardware member of the electronic apparatus. The machine code is unique for each electronic apparatus. Thus, the software provider can limit access permission of the electronic apparatus for software with the authorization identifier generated according to the machine code. However, in a virtual environment such as a container or a virtual machine, most apparatuses that run the software are virtual apparatuses. The application can drift among different physical apparatuses. If an authorization identifier is still generated according to a machine code of a physical apparatus, the access permission of the software cannot be effectively managed. SUMMARY Embodiments of the present disclosure provide a data processing method applied to a service terminal. The method includes receiving an authorization request sent by a target client terminal. The authorization request includes target path information of the target client terminal. The method further includes searching for a target identifier matching the target path information in an authorization list including at least one authorization identifier. The authorization identifier is generated at least based on network path information of an authorized client terminal. The method further includes sending the target identifier to the target client terminal to cause the target client terminal to control a target application to run according to the target identifier. Embodiments of the present disclosure provide a data processing device applied to a service terminal, including a reception module, a search module, and a transmission module. The reception module is configured to receive an authorization request sent by the target terminal. The authorization request includes target path information of the target client terminal. The search module is configured to search for a target identifier matching the target path information in an authorization list including at least one authorization identifier. The authorization identifier is generated at least based on network path information of an authorized client terminal. The transmission module is configured to send the target identifier to the target client terminal to cause the target client terminal to control a target application to run according to the target identifier. Embodiments of the present disclosure provide an electronic apparatus, including a processor and a memory. The memory stores a computer program that, when executed by the processor, causes the processor to receive an authorization request sent by the target terminal. The authorization request includes target path information of the target client terminal. The processor is further configured to search for a target identifier matching the target path information in an authorization list including at least one authorization identifier. The authorization identifier is generated at least based on network path information of an authorized client terminal. The processor is further configured to send the target identifier to the target client terminal to cause the target client terminal to control a target application to run according to the target identifier. In the above technical solution, the data processing method and device are provided in the present disclosure. When the authorization request sent by the target client terminal is received, the target identifier matching the target path information can be searched for in the authorization list including at least one authorization identifier to send the searched target identifier to the target client terminal. Thus, the target client terminal can control the target application to run according to the target identifier. In the present disclosure, the authorization identifier can be generated based on the network path information determined by the location of the authorized client terminal in the network environment, which ensures the security of application authorization for running the application in the virtual environment such as the container or virtual machine. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 illustrates a schematic flowchart of a data processing method according to embodiments of the present disclosure. FIG. 2 illustrates a schematic structural diagram of an adaptive network according to embodiments of the present disclosure. FIG. 3 illustrates a schematic diagram of an authorized list according to embodiments of the