Summary of the invention
The embodiment of the present invention provides a kind of code debugging method and debug system, can guarantee the safety of source code.
Embodiment of the present invention first aspect provides a kind of code debugging method, described code debugging method is applied to debug system, described debug system comprises debug machine, CD writers, the source code that has application program to be measured in described debug machine, described debug machine is the virtual machine in cloud computing system, and described method comprises:
Described CD writers is obtained the executable file of described application program to be measured, described CD writers by the loading of executed file of described application program to be measured to by commissioning equipment;
Described debug machine is debugged by the application program described to be measured on commissioning equipment described, and when debugging, enable security management and control strategy, described security management and control strategy is for preventing the described source code of described application program to be measured of being downloaded from described debug machine by commissioning equipment.
First aspect in conjunction with the embodiment of the present invention, in the first embodiment of embodiment of the present invention first aspect, described security management and control strategy comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
The first embodiment in conjunction with the first aspect of the embodiment of the present invention, in the second embodiment of embodiment of the present invention first aspect, described security management and control policy deployment is on the communication line between the described thin terminal corresponding with described debug machine by commissioning equipment, or be deployed on virtual machine monitor, or be deployed on the network of communicating by letter between described debug machine and described thin terminal.
Embodiment of the present invention second aspect provides a kind of debug system, and described debug system comprises debug machine, and CD writers has the source code of application program to be measured in described debug machine, and described debug machine is the virtual machine in cloud computing system;
Described CD writers comprises:
Acquiring unit, for obtaining the executable file of described application program to be measured;
Download unit, for by the loading of executed file of described application program to be measured to by commissioning equipment;
Described debug machine comprises:
Debugging unit, for being debugged by the application program described to be measured on commissioning equipment described;
Security management and control unit, for enable security management and control strategy when described debugging unit is debugged described application program to be measured, described security management and control strategy is for preventing the described source code of described application program to be measured of being downloaded from described debug machine by commissioning equipment.
Second aspect in conjunction with the embodiment of the present invention, in the first embodiment of embodiment of the present invention second aspect, described security management and control strategy comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
The first embodiment in conjunction with the second aspect of the embodiment of the present invention, in the second embodiment of embodiment of the present invention second aspect, described security management and control policy deployment is on the communication line between the described thin terminal corresponding with described debug machine by commissioning equipment, or be deployed on virtual machine monitor, or be deployed on the network of communicating by letter between described debug machine and described thin terminal.
As can be seen from the above technical solutions, the embodiment of the present invention has the following advantages:
In the embodiment of the present invention, by CD writers, obtained the executable file of application program to be measured, and by the loading of executed file of application program to be measured to by commissioning equipment, then debug machine is to being debugged by the application program to be measured on commissioning equipment, and when debugging, enable security management and control strategy, security management and control strategy is for preventing from being downloaded from debug machine by commissioning equipment the source code of application program to be measured.In the embodiment of the present invention, the executable file of application program to be measured is downloaded to by commissioning equipment by CD writers, in whole debug process, debug machine only need to be to being sent debug command by commissioning equipment, and debug machine can be enabled security management and control strategy when the application program debugging to be measured to by commissioning equipment, under the restriction of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot download the source code on debug machine, so just guarantee the safety of source code.
The embodiment of the present invention third aspect provides another kind of code debugging method, and described code debugging method is applied to debug system, and described debug system comprises debug machine, cloud management platform, and described debug machine is the virtual machine in cloud computing system, described method comprises:
Described debug machine sends debugging application to described cloud management platform;
Described cloud management platform receives after described debugging application, opens the control gateway between source code volume and described debug machine;
Described debug machine obtains the source code of application program to be measured from described source code volume by described control gateway, by the source code of described application program to be measured, described debug machine is debugged described application program to be measured, and when debugging, enable security management and control strategy, described security management and control strategy is downloaded the source code of described application program to be measured for preventing from described debug machine by commissioning equipment.
The third aspect in conjunction with the embodiment of the present invention, in the first embodiment of the embodiment of the present invention third aspect, before described debug machine sends debugging application to described cloud management platform, described debug machine by the loading of executed file of described application program to be measured to described by commissioning equipment.
In conjunction with the third aspect of the embodiment of the present invention, in the second embodiment of the embodiment of the present invention third aspect, before described cloud management platform is opened the control gateway between described source code volume and described debug machine, also comprise:
Described cloud management platform is closed this locality volume of described debug machine, and to prevent after described control gateway is opened, described debug machine downloads to described local volume by the source code of the described application program to be measured of obtaining.
In conjunction with the second embodiment of the embodiment of the present invention third aspect, in the third embodiment of the embodiment of the present invention third aspect, described method also comprises:
After debugging finishes, described cloud management platform is closed the control gateway between described source code volume and described debug machine, removes the buffer memory of described debug machine, recovers this locality volume of described debug machine;
Described debug machine stops enabling described security management and control strategy.
The third aspect in conjunction with the embodiment of the present invention, or the first embodiment of the third aspect, or the second embodiment of the third aspect, or the third embodiment of the third aspect, in the 4th kind of embodiment of the embodiment of the present invention third aspect, described security management and control strategy comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
The 4th kind of embodiment in conjunction with the embodiment of the present invention third aspect, in the 5th kind of embodiment of the embodiment of the present invention third aspect, described security management and control policy deployment is on the communication line between the described thin terminal corresponding with described debug machine by commissioning equipment, or be deployed on virtual machine monitor, or be deployed on the network of communicating by letter between described debug machine and described thin terminal.
Embodiment of the present invention fourth aspect provides another kind of debug system, and described debug system comprises debug machine, cloud management platform, and described debug machine is the virtual machine in cloud computing system;
Described debug machine comprises:
Debugging application unit, for sending debugging application to described cloud management platform;
Described cloud management platform comprises:
Receiving element, the described debugging application sending for receiving described debugging application unit;
Processing unit, for receiving at described receiving element after described debugging application, opens the control gateway between source code volume and described debug machine;
Described debug machine also comprises:
Source code acquiring unit, for obtaining the source code of application program to be measured from described source code volume by described control gateway;
Debugging unit, for the source code of the described application program to be measured obtained according to described source code acquiring unit, debugs described application program to be measured;
Security management and control unit, for enable security management and control strategy when described debugging unit is debugged described application program to be measured, described security management and control strategy is downloaded the source code of described application program to be measured for preventing from described debug machine by commissioning equipment.
In conjunction with the fourth aspect of the embodiment of the present invention, in the first embodiment of embodiment of the present invention fourth aspect, described debug machine also comprises:
Download unit, before sending debugging application in described debugging application unit to described cloud management platform, by the loading of executed file of described application program to be measured to described by commissioning equipment.
In conjunction with the fourth aspect of the embodiment of the present invention, in the second embodiment of embodiment of the present invention fourth aspect, described processing unit also for:
Before the control gateway of opening between described source code volume and described debug machine, close this locality volume of described debug machine, to prevent after described control gateway is opened, described debug machine downloads to described local volume by the source code of the described application program to be measured of obtaining.
In conjunction with the second embodiment of embodiment of the present invention fourth aspect, in the third embodiment of embodiment of the present invention fourth aspect, described processing unit also for:
After debugging finishes, close the control gateway between described source code volume and described debug machine, remove the buffer memory of described debug machine, recover this locality volume of described debug machine;
Described security management and control unit also for:
At described processing unit, close the control gateway between described source code volume and described debug machine, remove the buffer memory of described debug machine, after recovering this locality volume of described debug machine, stop enabling described security management and control strategy.
Fourth aspect in conjunction with the embodiment of the present invention, or the first embodiment of fourth aspect, or the second embodiment of fourth aspect, or the third embodiment of fourth aspect, in the 4th kind of embodiment of embodiment of the present invention fourth aspect, described security management and control strategy comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
The 4th kind of embodiment in conjunction with the fourth aspect of the embodiment of the present invention, in the 5th kind of embodiment of embodiment of the present invention fourth aspect, described security management and control policy deployment is on the communication line between the described thin terminal corresponding with described debug machine by commissioning equipment, or be deployed on virtual machine monitor, or be deployed on the network of communicating by letter between described debug machine and described thin terminal.
As can be seen from the above technical solutions, the embodiment of the present invention has the following advantages:
In the embodiment of the present invention, debug machine sends debugging application to cloud management platform; Cloud management platform receives after debugging application, opens the control gateway between source code volume and debug machine; Debug machine obtains the source code of application program to be measured by controlling gateway from source code volume, by the source code of application program to be measured, debug machine is debugged application program to be measured, and when debugging, enable security management and control strategy, security management and control strategy is for preventing from being downloaded from debug machine by commissioning equipment the source code of application program to be measured.In the embodiment of the present invention, when application program to be measured not being debugged, the control gateway between debug machine and source code volume is closed, and there is no source code on debug machine, and debug machine also cannot obtain source code, therefore can not cause the leakage of source code; In the process of debugging, in the time of need to checking source code, debug machine can send debugging application to cloud management platform, the route of opening between source code volume and debug machine with request cloud management platform is controlled gateway, and now, debug machine can obtain source code from source code volume application program to be measured is debugged, but debug machine can be enabled security management and control strategy simultaneously, under the restriction of security management and control strategy, by commissioning equipment, cannot be obtained source code from debug machine, so just guaranteed the safety of source code.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
The embodiment of the present invention provides a kind of code debugging method and debug system, and the debug system of the embodiment of the present invention comprises client and server, and the embodiment of the present invention can guarantee the safety of source code.
Refer to Fig. 1, Fig. 1 shows embodiment of code debugging method of the present invention, and the present embodiment method comprises:
101, CD writers is obtained the executable file of application program to be measured, by the loading of executed file of application program to be measured to by commissioning equipment;
In the present embodiment, the executable file of the application program to be measured after compiling can be placed on the server of appointment, from this server downloading data, all need to carry out security inspection, the data that inspection is passed through could be transmitted, and CD writers can be downloaded from this server the executable file of application program to be measured; Or the executable file of the application program to be measured that can compiling be generated by compiler server is sent on a file server automatically, and CD writers can be obtained from this document transmission server the executable file of application program to be measured.
CD writers is obtained after the executable file of application program to be measured, by the loading of executed file of application program to be measured to by commissioning equipment.In the present embodiment, by commissioning equipment, can be the mobile terminals such as mobile phone, panel computer, can be also other equipment or device.
102, debug machine is to being debugged by the application program to be measured on commissioning equipment, and enables security management and control strategy when debugging.
In the present embodiment, preserve the source code of application program to be measured on debug machine, debug machine is the virtual machine in cloud computing system.By commissioning equipment, can by the mode that USB connects or COM is direct-connected, be connected in the thin terminal that debug machine is corresponding.
When CD writers is by after the loading of executed file of application program to be measured is on by commissioning equipment, debug machine is to being sent debug command by commissioning equipment, with to being debugged by the application program to be measured on commissioning equipment, and when debugging, enable security management and control strategy, the effect of security management and control strategy is to prevent from by commissioning equipment, from debug machine, being downloaded the source code of application program to be measured in the process of debugging.
Security management and control strategy in the present embodiment comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
For security management and control strategy one: because the executable file of application program to be measured is downloaded to by commissioning equipment by CD writers, the source code that has application program to be measured on debug machine, in order to guarantee the safety of source code, in when debugging except debug command, on debug machine, should there is not again large file transfer to arrive by commissioning equipment, so can set in advance length threshold according to the length of debug command, security management and control strategy can be set to can not transmit over the data message of preset length threshold value, like this in debug process, although there is source code to be transferred to by commissioning equipment, also be a very little part.
For security management and control strategy two: because the source code of application program to be measured is a larger data file, by all source codes be transferred to need to be longer by commissioning equipment time, and the transmission of debug command is interval, therefore, can need to be limited the transmission frequency of message according to debugging, security management and control strategy can be set to can not transmit over the data message of predeterminated frequency threshold value, in debug process, can greatly reduce the quantity of the source code that can be transferred to commissioning object like this.
For security management and control strategy three: all data messages that debug machine is issued are resolved, for example, if contain default inhibit command (push) in data message, forbid sending.
Above-mentioned security management and control strategy can be deployed in by the communication line (as USB) between the commissioning equipment thin terminal corresponding with debug machine, or it is upper to be deployed in virtual machine monitor VMM, or be deployed on the network of communicating by letter between debug machine and the thin terminal corresponding with it.
Above three kinds of security management and control strategies and dispositions method are only for illustrating, and conduct is not to final restriction of the present invention.
In the present embodiment, CD writers can be physical machine, can be also the virtual machine in cloud computing system, and when CD writers is the virtual machine in cloud computing system, CD writers can share a thin terminal with debug machine.
In the present embodiment, the debug process of program is separated with the process of loading of executed file, the executable file of application program to be measured is downloaded to by commissioning equipment by CD writers, in whole process, debug machine only need to be to being sent debug command by commissioning equipment, and debug machine can be enabled security management and control strategy when the application program debugging to be measured to by commissioning equipment, under the restriction of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot download the source code on debug machine, so just guarantee the safety of source code.
Introduce another embodiment of code debugging method of the present invention below, the code debugging method in this enforcement comprises:
201, debug machine sends debugging application to cloud management platform;
Debug machine in the present embodiment is the virtual machine in cloud computing system, when debug machine need to when being debugged by the application program to be measured on commissioning equipment, first send debugging application to cloud management platform.By commissioning equipment, can be the mobile terminals such as mobile phone, panel computer, can be also other equipment or device.
202, cloud management platform receives debugging application, opens the control gateway between source code volume and debug machine;
Cloud management platform receives after the debugging application of debug machine transmission, opens the control gateway between debug machine and source code volume, so that debug machine can obtain the source code of application program to be measured by controlling gateway from source code volume.
203, debug machine obtains the source code of application program to be measured from source code volume, by the debug source code machine of application program to be measured, application program to be measured is debugged, and enable security management and control strategy when debugging.
After controlling gateway unlatching, debug machine can obtain the source code of application program to be measured from source code volume, by the source code of application program to be measured, application program to be measured is debugged, and enable security management and control strategy when debugging.The object of enabling security management and control strategy is to prevent from by commissioning equipment, from debug machine, being downloaded the source code of application program to be measured in the process of debugging.
In the present embodiment, when application program to be measured not being debugged, the control gateway between debug machine and source code volume is closed, and itself does not have source code debug machine, and debug machine cannot obtain source code, also just source code cannot be revealed to by commissioning equipment; When needs are debugged application program to be measured, cloud management platform is opened the control gateway between source code volume and debug machine and this locality volume of debug machine is isolated, debug machine can obtain source code, but source code cannot be stored into local volume, and debug machine is opened security management and control strategy when debugging, under the effect of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot obtain source code from debug machine, so just guarantee the safety of source code.
For ease of understanding, with a specific embodiment, the code debugging method in embodiment is above described below, refer to Fig. 3, another embodiment of code debugging method of the present invention comprises:
301, debug machine, by the loading of executed file of application program to be measured to by commissioning equipment, sends debugging application to cloud management platform;
In the present embodiment, the executable file of compiled application program to be measured can be placed on the server of appointment, the server that debug machine can arrive appointment obtain the executable file of application program to be measured and by loading of executed file to by commissioning equipment, after download completes, debug machine sends debugging application to cloud management platform.Debug machine in the present embodiment is the virtual machine in cloud computing system.
302, cloud management platform receives debugging application, this locality volume of enable debugs machine, and open the control gateway between source code volume and debug machine;
Cloud management platform receives after debugging application, and first roll up this locality of enable debugs machine, to prevent that debug machine from downloading to the source code of the application program to be measured of being obtained described local volume in the time can obtaining the source code of application program to be measured.The method of this locality volume of enable debugs machine, such as: this locality of debug machine volume is unloaded, arranges this locality volume of fire wall disable access debug machine etc.
After this locality volume of enable debugs machine, cloud management platform is opened the control gateway between source code volume and debug machine, so that debug machine can obtain the source code of application program to be measured.
303, debug machine obtains the source code of application program to be measured from source code volume, by the source code of application program to be measured, application program to be measured is debugged, and enable security management and control strategy when debugging;
After controlling gateway unlatching, debug machine can obtain the source code of application program to be measured from source code volume, by the debug source code machine of application program to be measured, application program to be measured is debugged, and enable security management and control strategy when debugging.The object of enabling security management and control strategy is to prevent from by commissioning equipment, from debug machine, being downloaded the source code of application program to be measured in the process of debugging.
The security management and control strategy of the present embodiment can comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
Above-mentioned security management and control strategy can be deployed in by the communication line between the commissioning equipment thin terminal corresponding with debug machine, or it is upper to be deployed in virtual machine monitor VMM, or is deployed on the network of communicating by letter between debug machine and thin terminal.
304, after debugging finishes, cloud management platform is closed the control gateway between source code volume and debug machine, removes the buffer memory of debug machine, recovers this locality volume of debug machine;
After debugging finishes, debug machine can send prompting message to cloud management platform to be finished to inform the debugging of cloud management platform, or cloud management platform can preset debugging cycle, after a debugging cycle finishes or while receiving debugging end prompting message, cloud management platform is closed the control gateway between source code volume and debug machine, remove the buffer memory of debug machine simultaneously, the object of removing buffer memory is to prevent after the local roll recovery of debug machine, debug machine is stored in local volume by the source code of storing in buffer memory, cause the leakage of source code, after removing the buffer memory of debug machine, cloud management platform is recovered this locality volume of debug machine.
305, debug machine stops enabling security management and control strategy.
Because of on debug machine without source code, and debug machine also cannot obtain source code from source code volume, so now can not cause the leakage of source code, debug machine stops enabling security management and control strategy, debug machine returns to can be to by the state of any information of commissioning device loads.
In the present embodiment, when application program to be measured not being debugged, the control gateway between debug machine and source code volume is closed, and itself does not have source code debug machine, and cannot obtain source code yet, also just source code cannot be revealed to by commissioning equipment; When needs are debugged application program to be measured, cloud management platform is opened the control gateway between source code volume and debug machine and this locality volume of debug machine is isolated, debug machine can obtain source code, but source code cannot be stored into local volume, and debug machine is opened security management and control strategy when debugging, under the effect of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot obtain source code from debug machine; After debugging finishes, cloud management platform can be removed the buffer memory of debug machine, and like this after debugging finishes, the buffer memory of debug machine and local volume be all without source code, and debug machine also cannot obtain source code, has fully guaranteed the safety of source code.
The debug system below embodiment of the present invention being provided is described, and 400 1 embodiment of debug system of the present invention comprise: CD writers 410 and debug machine 420.
Wherein CD writers 410 comprises:
Acquiring unit 4101, for obtaining the executable file of application program to be measured;
Download unit 4102, for by the loading of executed file of application program to be measured to by commissioning equipment;
Debug machine 420 comprises:
Debugging unit 4201, for to being debugged by the application program to be measured on commissioning equipment;
Security management and control unit 4202, for enable security management and control strategy when 4201 pairs of application programs to be measured of debugging unit are debugged, security management and control strategy is for preventing from being downloaded from debug machine by commissioning equipment the source code of application program to be measured.
For ease of understanding, with a practical application scene, each unit in CD writers in the present embodiment 410 and the interactive mode between each unit in debug machine 420 are described below:
In the present embodiment, the executable file of compiled application program to be measured can be placed on given server, from this server downloading data, need to carry out security inspection, the data that inspection is passed through could be transmitted, and acquiring unit 4101 can be downloaded from this server the executable file of application program to be measured; Or the executable file of the application program to be measured that can compiling be generated by compiler server is sent on a file server automatically, and acquiring unit 4101 can obtain from this document transmission server the executable file of application program to be measured.
At acquiring unit 4101, obtain after the executable file of application program to be measured, download unit 4102 by the loading of executed file of application program to be measured to by commissioning equipment (not shown).In the present embodiment, by commissioning equipment, can be the mobile terminals such as mobile phone, panel computer, can be also other equipment or device.
In the present embodiment, preserve the source code of application program to be measured on debug machine 420, debug machine 420 is the virtual machines in cloud computing system.By commissioning equipment, can by the mode that USB connects or COM is direct-connected, be connected in the thin terminal of debug machine 420 correspondences.
At the download unit 4102 of CD writers 410 by after the loading of executed file of application program to be measured is on by commissioning equipment, 4201 pairs of the debugging units of debug machine 420 are debugged by the application program to be measured on commissioning equipment, and security management and control strategy is enabled in security management and control unit 4202 when 4201 pairs of application programs to be measured of debugging unit are debugged.The effect of security management and control strategy is to prevent from by commissioning equipment, from debug machine 420, being downloaded the source code of application program to be measured in the process of debugging.
Security management and control strategy in the present embodiment comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
Above-mentioned security management and control strategy can be deployed in by the communication line (as USB) between the commissioning equipment thin terminal corresponding with debug machine 420, or it is upper to be deployed in virtual machine monitor VMM, or is deployed on the network of communicating by letter between debug machine 420 and thin terminal corresponding to it.
Above three kinds of security management and control strategies and dispositions method are only for illustrating, and conduct is not to final restriction of the present invention.
In the present embodiment, CD writers 410 can be physical machine, can be also the virtual machine in cloud computing system, and when CD writers 410 is the virtual machine in cloud computing system, CD writers 410 can share a thin terminal with debug machine 420.
In the present embodiment, the debug process of program is separated with the process of loading of executed file, the executable file of application program to be measured is downloaded to by commissioning equipment by CD writers, in whole process, debug machine only need to be to being sent debug command by commissioning equipment, and debug machine can be enabled security management and control strategy when the application program debugging to be measured to by commissioning equipment, under the restriction of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot download the source code on debug machine, so just guarantee the safety of source code.
Introduce another embodiment of debug system of the present invention below, the debug system 500 of this enforcement comprises: debug machine 510 and cloud management platform 520.
Wherein, debug machine 510 comprises:
Debugging application unit 5101, for sending debugging application to cloud management platform 520;
Source code acquiring unit 5102, for obtaining the source code of application program to be measured from source code volume;
Debugging unit 5103, for the source code of the application program to be measured obtained according to source code acquiring unit 5102, debugs application program to be measured;
Security management and control unit 5104, for enable security management and control strategy when 5103 pairs of application programs to be measured of debugging unit are debugged, security management and control strategy is for preventing from being downloaded from debug machine by commissioning equipment the source code of application program to be measured;
Cloud management platform 520 comprises:
Receiving element 5201, the debugging application sending for receiving debugging application unit 5101;
Processing unit 5202, for receiving at receiving element 5201 after debugging application, opens the control gateway between source code volume and debug machine 510;
Debug machine 510 in the present embodiment is the virtual machines in cloud computing system, when debug machine need to when be debugged by the application program to be measured on commissioning equipment, first be debugged application unit 5101 and send debugging application to cloud management platform 520.By commissioning equipment, can be the mobile terminals such as mobile phone, panel computer, can be also other equipment or device.
The processing unit 5202 of cloud management platform 520 receives after debugging application at receiving element 5201, opens the control gateway between source code volume and debug machine 510, so that debug machine 510 can obtain the source code of application program to be measured.
The source code acquiring unit 5102 of debug machine 510 obtains the source code of application program to be measured from source code volume, debugging unit 5103 is debugged application program to be measured by the source code of application program to be measured, and security management and control strategy is enabled in security management and control unit 5104 when 5103 pairs of application program debugging to be measured of debugging unit.The object of enabling security management and control strategy is to prevent from by commissioning equipment, from debug machine, being downloaded the source code of application program to be measured in the process of debugging.
In the present embodiment, when application program to be measured not being debugged, the control gateway between debug machine and source code volume is closed, and itself does not have source code debug machine, and debug machine cannot obtain source code, also just source code cannot be revealed to by commissioning equipment; When needs are debugged application program to be measured, cloud management platform is opened the control gateway between source code volume and debug machine and this locality volume of debug machine is isolated, debug machine can obtain source code, but source code cannot be stored into local volume, and debug machine is opened security management and control strategy when debugging, under the effect of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot obtain source code from debug machine, so just guarantee the safety of source code.
For ease of understanding, with a specific embodiment, above-mentioned debug system 500 is described below, refer to Fig. 6, the debug system 600 in the present embodiment comprises: debug machine 610 and cloud management platform 620.
Wherein, debug machine 610 comprises:
Download unit 6101, for by the loading of executed file of application program to be measured to by commissioning equipment;
Debugging application unit 6102, for sending debugging application to cloud management platform 620;
Source code acquiring unit 6103, for obtaining the source code of application program to be measured from source code volume;
Debugging unit 6104, for the source code of the application program to be measured obtained according to source code acquiring unit 6103, debugs application program to be measured;
Security management and control unit 6105, for enable security management and control strategy when 6104 pairs of application programs to be measured of debugging unit are debugged, security management and control strategy is downloaded the source code of application program to be measured for preventing from debug machine 610 by commissioning equipment;
Cloud management platform 620 comprises:
Receiving element 6201, the debugging application sending for receiving debugging application unit 6102;
Processing unit 6202, for receiving at receiving element 6201 after debugging application, this locality volume of enable debugs machine 610, opens the control gateway between source code volume and debug machine 610.
For ease of understanding, with a practical application scene, each unit in debug machine in the present embodiment 610 and the interactive mode between each unit in cloud management platform 620 are described below:
In the present embodiment, the executable file of compiled application program to be measured can be placed on the server of appointment, the server that the download unit 6101 of debug machine 610 can arrive appointment obtain the executable file of application program to be measured and by loading of executed file to by commissioning equipment, after download completes, debugging application unit 6102 sends debugging application to cloud management platform 620.Debug machine 610 in the present embodiment is the virtual machines in cloud computing system.
The processing unit 6202 of cloud management platform 620 receives after debugging application at receiving element 6201, first roll up this locality of enable debugs machine 610, to prevent that debug machine 610 from downloading to the source code being obtained described local volume in the time can obtaining the source code of application program to be measured, then open the control gateway between source code volume and debug machine 610, so that debug machine 610 can obtain the source code of application program to be measured.
After controlling gateway unlatching, the source code acquiring unit 6103 of debug machine 610 obtains the source code of application program to be measured from source code volume, debugging unit 6104 is debugged application program to be measured by the source code of application program to be measured, and security management and control strategy is enabled in security management and control unit 6105 when 6104 pairs of application program debugging to be measured of debugging unit.The object of enabling security management and control strategy is to prevent from by commissioning equipment, from debug machine 610, being downloaded the source code of application program to be measured in the process of debugging.
The security management and control strategy of the present embodiment can comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
Above-mentioned security management and control strategy can be deployed in by the communication line between the commissioning equipment thin terminal corresponding with debug machine 610, or it is upper to be deployed in virtual machine monitor VMM, or is deployed on the network of communicating by letter between debug machine 610 and the thin terminal corresponding with it.
After debugging finishes, debug machine 610 can send prompting message to cloud management platform 620 to be finished to inform the debugging of cloud management platform, or cloud management platform 620 can preset debugging cycle, after a debugging cycle finishes or when receiving debugging that debug machine 610 sends and finishing prompting message, the processing unit 6202 of cloud management platform 620 is closed the control gateway between source code volume and debug machine 610, remove the buffer memory of debug machine 610 simultaneously, the object of removing buffer memory is to prevent after the local roll recovery of debug machine 610, debug machine 610 is stored in local volume by the source code of storing in buffer memory, cause the leakage of source code, after removing the buffer memory of debug machine 610, processing unit 6202 recovers this locality volume of debug machine 610.
Because of on debug machine 610 without source code, and debug machine 610 also cannot obtain source code from source code volume, so now debug machine 610 can not cause the leakage of source code, security management and control unit 6105 stops enabling security management and control strategy, and debug machine 610 returns to can be to by the state of any information of commissioning device loads.
In the present embodiment, when application program to be measured not being debugged, the control gateway between debug machine and source code volume is closed, and itself does not have source code debug machine, and cannot obtain source code yet, also just source code cannot be revealed to by commissioning equipment; When needs are debugged application program to be measured, cloud management platform is opened the control gateway between source code volume and debug machine and this locality volume of debug machine is isolated, debug machine can obtain source code, but source code cannot be stored into local volume, and debug machine is opened security management and control strategy when debugging, under the effect of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot obtain source code from debug machine; After debugging finishes, cloud management platform can be removed the buffer memory of debug machine, and like this after debugging finishes, the buffer memory of debug machine and local volume be all without source code, and debug machine also cannot obtain source code, has fully guaranteed the safety of source code.
Further introduce the debug system in the embodiment of the present invention below, refer to Fig. 7, the debug system 700 in the present embodiment comprises: CD writers 710 and debug machine 720.
CD writers 710 comprises: first processor 7101 and for the first memory 7102 of memory buffers code.
Wherein, first processor 7101 is carried out following flow process:
Obtain the executable file of application program to be measured;
By the loading of executed file of application program to be measured to by commissioning equipment.
Debug machine 720 comprises the second processor 7201 and for the second memory 7202 of memory buffers code.
Wherein, the second processor 7201 is carried out following flow process:
To being debugged and enable security management and control strategy by the application program to be measured on commissioning equipment, security management and control strategy is for preventing from being downloaded from debug machine by commissioning equipment the source code of application program to be measured.
Above-mentioned security management and control strategy can comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, and the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
These security management and control strategies can be deployed in by the communication line between the commissioning equipment thin terminal corresponding with debug machine, or are deployed on virtual machine monitor, or are deployed on the network of communicating by letter between debug machine and thin terminal.
In the present embodiment, by first processor, obtained the executable file of application program to be measured, and by the loading of executed file of application program to be measured to by commissioning equipment, then the second processor is to being debugged by the application program to be measured on commissioning equipment, and when debugging, enable security management and control strategy, security management and control strategy is for preventing from being downloaded from debug machine by commissioning equipment the source code of application program to be measured.In the present embodiment, the executable file of application program to be measured is downloaded to by commissioning equipment by first processor, in whole debug process, the second processor only need to be to being sent debug command by commissioning equipment, and the second processor can be enabled security management and control strategy when the application program debugging to be measured to by commissioning equipment, under the restriction of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot download the source code on debug machine, so just guarantee the safety of source code.
Further introduce the debug system in the embodiment of the present invention below, refer to Fig. 8, the debug system 800 in the present embodiment comprises: cloud management platform 810 and debug machine 820.
Cloud management platform 810 comprises receiver 8101 and the 3rd processor 8102, wherein:
The debugging application that receiver 8101 sends for receiving debug machine 820;
The 3rd processor 8102, for receiving at receiver 8101 after debugging application, is opened the control gateway between source code volume and debug machine 820.
Debug machine comprises transmitter 8201 and four-processor 8202, wherein:
Transmitter 8201 is for sending debugging application to cloud management platform 810;
Four-processor 8202 is for obtaining the source code of application program to be measured from source code volume, according to source code, application program to be measured is debugged, and when debugging, enable security management and control strategy, security management and control strategy is downloaded the source code of application program to be measured for preventing from debug machine 820 by commissioning equipment.
Wherein, four-processor 8202 also for, before transmitter 8201 sends debugging application to cloud management platform 810, by the loading of executed file of application program to be measured to by commissioning equipment.
The 3rd processor 8102 is before the control gateway of opening between source code volume and debug machine 820, also for, this locality volume of enable debugs machine, to prevent that debug machine 820 downloads to local volume by the source code of the application program to be measured of obtaining after controlling gateway and opening.
After debugging finishes, the 3rd processor 8102 cuts out the control gateway between source code volume and described debug machine 820, removes the buffer memory of debug machine 820, recovers this locality volume of debug machine 820, and four-processor 8202 is also for stopping enabling security management and control strategy.
Wherein, above-mentioned security management and control strategy can comprise following one of at least: the data message that surpasses preset length threshold value can not pass through, the data message that transmitted frequency surpasses predeterminated frequency threshold value can not pass through, and the data message that contains default inhibit command can not pass through.
Above-mentioned security management and control policy deployment, on the communication line between the thin terminal corresponding with debug machine 820 by commissioning equipment, or is deployed on virtual machine monitor, or is deployed on the network of communicating by letter between debug machine 820 and thin terminal.
In the present embodiment, when application program to be measured not being debugged, the control gateway between debug machine and source code volume is closed, and itself does not have source code debug machine, and cannot obtain source code yet, therefore, also just source code cannot be revealed to by commissioning equipment; When needs are debugged application program to be measured, the 3rd processor is by this locality volume isolation of debug machine, open the control gateway between source code volume and debug machine, four-processor can be obtained source code, but source code cannot be stored into local volume, and four-processor can be opened security management and control strategy when debugging, under the effect of security management and control strategy, by commissioning equipment, can be obtained the debug command that debug machine sends, but cannot obtain source code from debug machine; After debugging finishes, the 3rd processor can be removed the buffer memory of debug machine, and like this after debugging finishes, the buffer memory of debug machine and local volume be all without source code, and debug machine also cannot obtain source code, has fully guaranteed the safety of source code.
It should be noted that in addition, device embodiment described above is only schematic, the wherein said unit as separating component explanation can or can not be also physically to separate, the parts that show as unit can be or can not be also physical locations, can be positioned at a place, or also can be distributed in a plurality of network element.Can select according to the actual needs some or all of unit wherein to realize the object of the present embodiment scheme.In addition, in device embodiment accompanying drawing provided by the invention, the annexation between unit represents to have communication connection between them, specifically can be implemented as one or more communication bus or signal wire.Those of ordinary skills, in the situation that not paying creative work, are appreciated that and implement.
Through the above description of the embodiments, those skilled in the art can be well understood to the mode that the present invention can add essential common hardware by software and realize, and can certainly comprise that special IC, dedicated cpu, private memory, special-purpose components and parts etc. realize by specialized hardware.Generally, all functions being completed by computer program can realize with corresponding hardware at an easy rate, and the particular hardware structure that is used for realizing same function can be also diversified, such as mimic channel, digital circuit or special circuit etc.But software program realization is better embodiment under more susceptible for the purpose of the present invention condition.Understanding based on such, the part that technical scheme of the present invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product is stored in the storage medium can read, as the floppy disk of computing machine, USB flash disk, portable hard drive, ROM (read-only memory) (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc., comprise that some instructions are with so that a computer equipment (can be personal computer, server, or the network equipment etc.) method described in each embodiment of execution the present invention.
A kind of yard of adjustment method and the debug system that above the embodiment of the present invention are provided are described in detail, for one of ordinary skill in the art, thought according to the embodiment of the present invention, all will change in specific embodiments and applications, therefore, this description should not be construed as limitation of the present invention.