阅读说明：本技术 一种电力营销多渠道客户服务系统 (Electric power marketing multi-channel customer service system ) 是由 涂莹 万泉 李玮 袁葆 欧阳红 于喻 周春 王佳佳 曲艺 阮栩翔 于 2019-11-05 设计创作，主要内容包括：本发明提供了一种电力营销多渠道客户服务系统,包括共享服务中心、安全服务组件；所述共享服务中心部署在信息内网环境中；所述安全服务组件包括互联网与信息外网之间的防火墙以及信息外网与信息内网之间的安全隔离设备；所述安全服务组件,用于实现信息内网与信息外网之间的信息穿透和文件穿透。保证了电力营销多渠道客户服务系统的网络穿透安全性。(The invention provides a power marketing multi-channel customer service system, which comprises a shared service center and a safety service component, wherein the shared service center is connected with the safety service component; the shared service center is deployed in an information intranet environment; the safety service component comprises a firewall between the Internet and an information outer network and safety isolation equipment between the information outer network and an information inner network; and the safety service assembly is used for realizing information penetration and file penetration between the information internal network and the information external network. The network penetration safety of the power marketing multi-channel customer service system is ensured.)

1. A power marketing multi-channel customer service system is characterized by comprising a shared service center and a safety service component;

the shared service center is deployed in an information intranet environment;

the safety service component comprises a firewall between the Internet and an information outer network and safety isolation equipment between the information outer network and an information inner network;

and the safety service assembly is used for realizing information penetration and file penetration between the information internal network and the information external network.

2. The system of claim 1, further comprising an application server and a request queue in an extranet;

the application server is used for storing the file to be penetrated;

and the request queue is used for receiving the file to be penetrated sent by the application server and asynchronously controlling the transmission of the file to be penetrated.

3. The system according to claim 2, wherein the application server is further configured to perform an audit on the file to be perforated and send the file to be perforated, which is approved by the audit, to the request queue.

4. The system of claim 1, wherein the shared service center is deployed in a server cluster in a primary machine room and a server cluster in a standby machine room, and the number of the standby machine rooms is one or more than one.

5. The system of claim 4, wherein the shared service center further comprises a management platform, and the management platform is configured to perform load balancing control and fault control on the primary machine room and the standby machine room of the shared service center.

6. The system according to claim 5, wherein the management platform performs fault control on the shared service center, specifically: when detecting that the shared service center has component-level faults, controlling the components which normally work to provide services; when detecting that the shared service center has a machine room level fault, controlling a machine room which does not have the fault to provide service; and when detecting that the shared service center has inter-room network faults, closing the inlet flow of the standby machine room and controlling the main machine room to provide services.

7. The system of claim 1, wherein the shared service center comprises a master database and at least one slave database;

the master database is used for performing write operation;

and the slave database is used for reading.

8. The system of claim 7, wherein the shared service center further comprises caching and messaging middleware;

the cache is updated synchronously with the data in the slave database;

the message middleware is used for receiving asynchronous write operations to the master database and sending the asynchronous write operations to the master database in a single thread mode.

9. The system of claim 1, wherein the shared service center is further configured to detect access traffic in real time and control the access traffic when the access traffic is greater than a preset control traffic threshold.

Technical Field

The invention relates to the technical field of network security, in particular to a power marketing multi-channel customer service system.

Background

Along with the continuous deepening of the concept of 'internet + marketing service', the traditional electric power marketing system no longer meets the complex user requirements, the traditional marketing system is single in design mode, service channels are limited, and the system safety design is simpler.

The power marketing customer service system based on multiple channels is more convenient and efficient due to the fact that the power marketing customer service system can be compatible with multiple service modes, and has better competitiveness. However, the power marketing multi-channel customer service system needs to effectively support the use of 4.3 hundred million users in the whole network at any time and any place, without interruption and with high efficiency, the reliability and availability requirements of the system are high, and how to ensure the high efficiency and safety of the system becomes a technical problem to be solved urgently in the field.

Disclosure of Invention

In view of this, the invention provides a power marketing multi-channel customer service system, which ensures that the system is efficient, safe and available.

In order to achieve the above purpose, the invention provides the following specific technical scheme:

a power marketing multi-channel customer service system comprises a shared service center and a safety service component;

the shared service center is deployed in an information intranet environment;

the safety service component comprises a firewall between the Internet and an information outer network and safety isolation equipment between the information outer network and an information inner network;

and the safety service assembly is used for realizing information penetration and file penetration between the information internal network and the information external network.

Optionally, the system further includes an application server and a request queue in the extranet;

the application server is used for storing the file to be penetrated;

and the request queue is used for receiving the file to be penetrated sent by the application server and asynchronously controlling the transmission of the file to be penetrated.

Optionally, the application server is further configured to audit the file to be penetrated, and send the file to be penetrated that is approved to the request queue.

Optionally, the shared service center is deployed in a server cluster in the main machine room and a server cluster in the standby machine room in a peer-to-peer manner, where the number of the standby machine rooms is one or more than one.

Optionally, the shared service center further includes a management platform, where the management platform is configured to perform load balancing control and fault control on the main machine room and the standby machine room of the shared service center.

Optionally, the management platform performs fault control on the shared service center, specifically: when detecting that the shared service center has component-level faults, controlling the components which normally work to provide services; when detecting that the shared service center has a machine room level fault, controlling a machine room which does not have the fault to provide service; and when detecting that the shared service center has inter-room network faults, closing the inlet flow of the standby machine room and controlling the main machine room to provide services.

Optionally, the shared service center includes a master database and at least one slave database;

the master database is used for performing write operation;

and the slave database is used for reading.

Optionally, the shared service center further includes a cache and a message middleware;

the cache is updated synchronously with the data in the slave database;

the message middleware is used for receiving asynchronous write operations to the master database and sending the asynchronous write operations to the master database in a single thread mode.

Optionally, the shared service center is further configured to detect an access flow in real time, and control the access flow when the access flow is greater than a preset control flow threshold.

Compared with the prior art, the invention has the following beneficial effects:

the invention discloses an electric power marketing multi-channel customer service system, which comprises a safety service component and a sharing service center arranged in an information intranet environment, wherein the safety service component comprises a firewall between the Internet and an information extranet and safety isolation equipment between the information extranet and the information intranet, the network safety between the Internet and the information extranet is ensured through the firewall, the information penetration safety and the file penetration safety between the information intranet and the information extranet are ensured through the safety isolation equipment, and the network safety and the system stability of the electric power marketing multi-channel customer service system are further ensured.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.

Fig. 1 is a schematic structural diagram of a power marketing multi-channel customer service system according to an embodiment of the present invention;

fig. 2 is a schematic structural diagram of another power marketing multi-channel customer service system according to an embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The embodiment discloses a power marketing multi-channel customer service system which is deployed on a cloud server cluster, such as a national grid cloud. Referring to FIG. 1, the system includes a shared service center and a secure services component.

The shared service center is deployed in an information intranet environment of the power marketing multi-channel customer service system, bears all service requests of billions of users to the system inside and outside the system for a core service unit of the power marketing multi-channel customer service system, and the operational stability and reliability of the shared service center directly determine the availability of the whole system.

In order to ensure the security of communication between the shared service center and the information extranet and between the information extranet and the internet, the power marketing multi-channel customer service system in the embodiment includes a security service component, and the security service component includes a firewall between the internet and the information extranet and a security isolation device between the information extranet and the information intranet.

And a firewall between the internet and the information extranet ensures the network security between the internet and the information extranet.

The safety isolation equipment can be a network gate, has the capability of stretching out and drawing back simultaneously with the cloud server cluster, can automatically adjust the processing capacity consistent with the cloud server cluster, meets the requirements of service penetration access performance and bandwidth, can increase or reduce the number of deployment according to the service volume, and ensures the safety of information penetration and file penetration between the information intranet and the information extranet.

For file penetration, the security isolation device ensures the penetration capability and integrity of the file by adopting technologies such as compression processing, file verification, asynchronous transmission and the like.

Preferably, referring to fig. 2, the power marketing multi-channel customer service system disclosed in this embodiment further includes an application server and a request queue in the extranet, so as to solve the problem of file penetration of a single security isolation device in a business scenario that requires a large number of files to penetrate the intranet.

Specifically, the file to be penetrated is stored in the ground of the application server in the information extranet, then the request queue receives the file to be penetrated sent by the application server, the transmission of the file to be penetrated is asynchronously controlled, and the concurrence number of penetrating requests is effectively controlled.

The application server is also used for auditing the files to be penetrated, the auditing method is preset, the application server sends the files to be penetrated which are approved to be penetrated to the request queue, namely, the application server is additionally provided with an external network auditing link, and the external network auditing link enters an internal network submitting link after the external network auditing link is passed, so that the number of the files to be penetrated is effectively controlled.

It should be noted that, if a single security isolation device cannot meet the file transmission requirement, a security isolation device may be added to form a cluster to meet the transmission requirement, at this time, request queues corresponding to the security isolation devices one to one are set in the information extranet, the to-be-transmitted files in the application server are respectively sent to a plurality of request queues, and then are asynchronously transmitted to the corresponding security isolation devices by the request queues.

Since the shared service center is a core service unit of the power marketing multi-channel customer service system, in order to ensure high reliability of the service of the shared service center, the shared service center in this embodiment adopts a same-city dual-activity mode, and the shared service center is deployed in a server cluster in a main machine room and a server cluster in a standby machine room in a peer-to-peer manner, where the number of the standby machine rooms is one or more than one.

The shared service center also comprises a management platform, and the management platform is used for carrying out load balance control and fault control on the servers in the main machine room and the standby machine room.

The management platform performs load balancing control on the servers in the main machine room and the standby machine room based on a preset load balancing control strategy according to the load condition of each server in the main machine room and the standby machine room.

The management platform can control and process faults of component faults, network faults, split brain faults (machine room network faults), machine room power failure, machine room network failure and the like. Specifically, when detecting that a component-level fault exists in the shared service center, the management platform controls a normally working component to provide service; when detecting that the shared service center has a machine room level fault, controlling a machine room which does not have the fault to provide service; and when detecting that the shared service center has inter-room network faults, closing the inlet flow of the standby machine room and controlling the main machine room to provide services.

A master database and at least one slave database are deployed in the server cluster in the main machine room and the server cluster in the standby machine room, the master database is used for performing write operations such as add, delete and change operations, and the slave database is used for performing read operations.

The main database and the slave database adopt a database-dividing and table-dividing strategy, the shared service center uses the user ID to perform hash operation once, and then the hash operation is routed to different databases and tables, or the shared service center directly performs database-dividing and table-dividing according to province (city) companies according to the attribution, so that the number of records of a single table is reduced, the time required by data query is reduced, the number of links of the single database is reduced, the response speed of the database is improved, and the throughput of the database is improved.

In order to improve the efficiency of accessing the database, the shared service center in this embodiment further includes a cache and a message middleware, where the cache is updated synchronously with the data in the slave database, and when a read request is received, the slave database is not accessed directly, but the cache is accessed to release the read pressure of the database, so as to improve the access efficiency of the database, and the data in the database is read and written into the cache only when there is no data corresponding to the read request in the cache.

In the operation of updating the database, the message middleware receives asynchronous write operation on the main database and sends the asynchronous write operation to the main database in a single thread mode, and the write pressure of the database is reduced.

The power marketing multi-channel customer service system is subject to great uncertainty of users, business functions and use frequency, so that the power marketing multi-channel customer service system is required to have strong expandability and elasticity, and high concurrent access risk and disaster recovery risk in a special period.

In order to achieve the above object, the shared service center in this embodiment is further configured to detect an access flow in real time, and when the access flow is greater than a preset control flow threshold, control the access flow so that the access flow does not exceed the preset control flow threshold.

The shared service center is also used for carrying out capacity expansion control and capacity reduction control, namely, carrying out capacity expansion processing on the message consumers of the message middleware when the access flow exceeds the upper limit of a preset control flow threshold, and carrying out capacity reduction processing on the message consumers of the message middleware when the access flow is less than the lower limit of the preset control flow.

Therefore, the electric power marketing multi-channel customer service system disclosed in the embodiment guarantees the network security between the internet and the information extranet through the firewall and guarantees the security of information penetration and file penetration between the information intranet and the information extranet through the security isolation device on the basis that the security service component comprises the firewall between the internet and the information extranet and the security isolation device between the information extranet and the information intranet; the stability of the shared service center is ensured by adopting a same-city dual-activity mode for the shared service center and carrying out load balance control and fault control on servers in a main machine room and a standby machine room through a management platform; by adopting the read-write separation and database-dividing and table-dividing strategies for the database, the access efficiency of the database is improved, and the access performance of the shared service center is further improved.

The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.

It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.

The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.