CN101141297A - Authority relation data generating and regulating method and management system - Google Patents
Authority relation data generating and regulating method and management system Download PDFInfo
- Publication number
- CN101141297A CN101141297A CNA2007101206726A CN200710120672A CN101141297A CN 101141297 A CN101141297 A CN 101141297A CN A2007101206726 A CNA2007101206726 A CN A2007101206726A CN 200710120672 A CN200710120672 A CN 200710120672A CN 101141297 A CN101141297 A CN 101141297A
- Authority
- CN
- China
- Prior art keywords
- group
- main
- command history
- sub level
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The utility model discloses a generation and regulation method and the supervising system thereof for the permission data. Each fixed level is added with several defined sub-levels to increase the flexibility of the permission classification, among which the order aggregation with higher main level comprises the orders from the lower order aggregation level hereof; the order aggregation with a higher sub-level comprises the orders from the lower order aggregation level hereof. The sub-level can be further added with the groups. The orders from the order aggregations subject to the same sub-level will not be overlapped, so as to increase the mutual excluded permission management. Also, the permission inheritance relationship cutting table can be arranged to realize the mutual exclusion between high-level and low-level permissions.
Description
Technical field
The present invention relates to the communications field, especially a kind of generation of authority relation data and method of adjustment and management system.
Background technology
User right is one of significant data of computer system, and the control to user access device is mainly finished in the management of user right.Particularly: device command is endowed Authorization Attributes, is endowed certain authority when the user lands, and this user can only carry out the order that is consistent with its authority, and the user just has been limited within limits the operation of equipment like this.
In the prior art, there is multiple scheme in the management of user right, for example:
The scheme one that has has 16 ranks, and in 16 ranks can dynamically be appointed as in the order of equipment, rank that also can designated user.Relation between 0 to 15 rank is ascending partial ordering relation, and certain other user of level can carry out low level or other all orders at the corresponding levels, but the order higher than own rank cannot be carried out.In the application of reality, general order is distributed in 16 ranks on 3 ranks of 0,1,15 defaultly.
The scheme that has is embodied as order can belong to a plurality of types, and type can comprise many orders, and each user is endowed type attribute when landing, can carry out in the type all the order, outside order can not carry out.
The scheme that also has is embodied as order is distributed on 4 ranks, and other of 4 level can dynamically be appointed as in the order of equipment, rank that can designated user.Relation between 1 to 4 rank is ascending partial ordering relation, and certain other user of level can carry out low level or other all orders at the corresponding levels, but the order higher than own rank cannot be carried out.
The basic group of authority models that realizes in Microsoft, several basic command set such as basic keeper (administrator), backup Operators (backup operators), visitor (Guests) have been defined, the new group of creating can comprise the one or more of these several command histories, the user belongs to certain group, realize user's permission grant, command history can not segment neatly, and this and PC order itself just seldom have relation, do not need more segmentation.Authority is inclusion relation and coordination between group.The control of authority based on certain resource has also been realized in Microsoft this locality, mainly be the decision of its PC application scenarios (individual monopolizes some resource and finishes a few thing on equipment, generally it doesn't matter with resource that other people monopolize; Have the function that other people are authorized simultaneously, but default to other unallied people's lacks of competence); And collaborative mutually finishing the work between general each resource of the network equipment generally is based on the command operation ability so authorize, and can limit the command execution that comprises some resource name by filter the control of resource access and finish.
In realizing process of the present invention, the inventor finds prior art, and there are the following problems at least:
1, the segmentation authority is dumb.Under the situation that number of levels is determined, for example, rank is divided into 15 grades, wherein 15 grades is highest, comprise whole command histories, and need Permission Levels this moment, the order that this authority comprises substantially is than lacking than 15 grades again more than 14 grades, at this kind situation, part order in 15 grades can only be joined in 14 grades, and like this operation change original 14 grades content, very inconvenient, and under the sealed mounted situation of original 14 grades content, just do not have the space of authority adjustment and segmentation authority.If number of levels allows increase and decrease, number of levels can be increased to 16 grades, at this moment, original 15 grades content is adjusted on 16 grades, reset 15 grades command history as required, but this mode, the order adjustment amount is very big, when especially segmenting in rudimentary other places.
2, the authority relation model is simple, safeguards complicated.For the authority models of command-levels, only safeguarded the authority inclusion relation between the rank, cause 2 other user rights of level do not have the stack become impossible.And based on the authority models of type definition because there is not inheritance, executable command history between the different user is difficult to support mutually, because increase the mandate of an order, need change two users' type definition, need safeguard the authority inclusion relation between 2 types artificially.And basic group of authority models of Microsoft can not be segmented authority neatly, has only the combination that comprises of several basic authorities, and can not will remove the function of some useless authorities in the group authority that comprise.
Summary of the invention
The purpose of the embodiment of the invention provides a kind of generation and method of adjustment and management system of authority relation data, to realize authority segmentation more flexibly.
For achieving the above object, the embodiment of the invention provides a kind of generation method of authority relation data, comprises the steps:
Be provided with that main is other, sub level is other and each inter-step priority relationship, it is other that its neutron level is not subordinated to main;
Command history is set, and each main is other and sub level is corresponding with a command history not respectively;
All orders are divided in other command history of each main, and wherein, the command history that main is not high comprises that all are than the order in the not low command history of its main;
With the order in other command history of main, be divided into sub level that this main do not comprise not in, wherein, the command history that sub level is not high comprises that all are than the order in the not low command history of its sub level.
The embodiment of the invention also provides a kind of method of adjustment of authority relation data, comprise: when needs carry out authority segmentation adjustment, determine to comprise the authority segmentation and adjust the not corresponding command history of main minimum in the rank of related complete order, adjust the other sub level that is comprised of this main and do not reach the not corresponding command history of sub level.
The embodiment of the invention also provides a kind of authority relation data management system, comprising:
The other logging modle of main is used to write down other priority relationship of main, and does not write down each main not and the corresponding relation of other command history of main;
The other command history memory module of main is connected with the other logging modle of described main, is used to store other command history of each main;
The other logging modle of sub level is connected with the other logging modle of described main, is used to write down corresponding other priority relationship of each sub level of each main, and write down each sub level not with main not and each sub level is other and the corresponding relation of other command history of sub level;
The other command history memory module of sub level is used to store other command history of each sub level.
As shown from the above technical solution, the embodiment of the invention by Xia further do not divide in main sub level do not make that the authority segmentation is more flexible.
Below by drawings and Examples, technical scheme of the present invention is described in further detail.
Description of drawings
Fig. 1 is the product process figure of the authority relation data of the embodiment of the invention one;
Fig. 2 is the management system schematic diagram of the authority relation data of the embodiment of the invention three.
Embodiment
Embodiments of the invention pass through fixedly to increase definition plurality of sub rank on the rank basis at each, thereby increase the flexibility of authority segmentation.Wherein, the command history that main is not high comprises that all are than the order in the not low command history of its main; When main was not identical, the command history that sub level is not high comprised that all are than the order in the not low command history of its sub level.Further can not descend the increase group at sub level, the order that is subordinated between the command history of same other group of sub level is not overlapping.
The rights management model can define in the following way:
The rank sign is defined as: main does not identify. and sub level does not identify; This rank sign is unique determines that a sub level is other.
Under the situation of further division group, can define in the following way:
The rank sign is defined as: main does not identify. and sub level does not identify. group id; Unique definite one group of this rank sign
In order better to carry out the division of command history, can set up authority inheritance reduction table, comprise first relational term and second relational term in the described authority inheritance reduction table, in described first relational term and second relational term, write group (specifically can come unique definite group) by writing the rank sign, the sub level of the group in described first relational term not or main be not higher than group in described second relational term, group in corresponding one or more second relational terms of group in each first relational term, the group in described first relational term can't carry out corresponding with it one or or a plurality of second relational term in the command history of group in order.
Further specify the authority relation model of the embodiment of the invention below by an instantiation, in order to simplify description, be example only with 3 other situations of main, each main Xia not divided 2 sub-ranks, each sub level Xia further not divided 2 groups, wherein level else just concerns (dominance relation) by the big minispread of numeral, and related order is 12 (a-1), table specific as follows:
Table one:
| Main is other | Sub level is other | Group |
| 3 (12 order a-1) | (3.2 12 order a-1) | (3.2.2 6 order a-f) |
| (3.2.1 6 order g-1) | ||
| (3.1 10 order a-j) | (3.1.2 6 order a-f) | |
| (3.1.1 4 order g-j) | ||
| 2 (9 order a-i) | (2.2 9 order a-i) | (2.2.2 6 order a-f) |
| (2.2.1 3 order g-i) | ||
| (2.1 7 order a-g) | (2.1.2 4 order a-d) | |
| (2.1.1 3 order e-g) | ||
| 1 (6 order a-f) | (1.2 6 order a-f) | (1.2.2 ordering a, c, d for 3) |
| (1.2.1 ordering b, e, f for 3) | ||
| (1.1 4 order a-d) | (1.1.2 2 orders a, b) | |
| (1.1.1 2 orders c, d) |
In above-mentioned list item, the content in the bracket is that main is other, sub level other or organizes the order that pairing command history comprises.
In the application of reality, other method for expressing of level should comprise that complete main is other, sub level not and group, the corresponding position of group is 0 o'clock, expression comprises other command history of whole sub level, for example: the command history of 3.2.0 correspondence is (a-1).
The main that rank is high command history other or that sub level is corresponding comprises the command history that the low main of rank is other or sub level is corresponding, and for example: the command history of group 3.1.0 correspondence comprises organizes 2.2.0, the command history of group 2.1.0 correspondence.The command history that is subordinated between other group of same sub level is not overlapping, and for example: the command history between 3.1.2 and the 3.1.1 is not overlapping.
Further, authority inheritance reduction table can be set, as shown in the table:
Table two
| First relational term | Second relational term |
| 3.1.2 | 1.1.2 |
| 3.1.1 | 1.1.1 |
The information that is comprised in the table two is: the order in the pairing command history of group 3.1.2 in the command history of removal group 1.1.2 correspondence, the order in the pairing command history of group 3.1.1 in the command history of removal group 1.1.1 correspondence.
After the appointed rank of certain user is 3.1.2, originally the command history that can carry out is (a-f), and because to have authority inheritance reduction table, its command history that can carry out be (c-f), by authority inheritance reduction table is set, can distribute authority more flexibly.
Equipment for networking, the Permission Levels of each equipment in the network generally be by the master server in network unified distribution or from master server, obtain (for example: the Permission Levels that authentication server is downloaded), and for certain concrete equipment, can't go the flexible allocation authority according to actual needs, at above-mentioned situation, can set up the mapping relations of outside Permission Levels and inner Permission Levels in each network equipment, the Permission Levels (being outside Permission Levels) that the master server in the network is distributed unitedly are mapped on the Permission Levels (being inner Permission Levels) of each network equipment self setting as required.
For example, the master server in the network can only distribute the Permission Levels of 1-15, and the rank that certain network equipment distributes is 4, by set up mapping relations in this equipment, external level 4 is mapped as inner rank 3.1.1.When the user demand of this equipment changes, revise these mapping relations again, rebulid and other mapping of internal level.
Embodiment one
Introduce the product process of authority relation data below, as shown in Figure 1, comprise the steps:
Above-mentioned steps 5 and step 6 are to be decided according to the actual requirements, promptly can only be provided with main not and sub level other, can only be provided with also that main is other, sub level not and group, be provided with perhaps that main is other, sub level other, group and authority inheritance reduction table.
In addition, be networking equipment if use application permission relation data equipment, the mapping relations of outside Permission Levels and inner Permission Levels can further be set, promptly the outside Permission Levels of apparatus for establishing with described main is other or sub level not or the mapping relations of organizing.
Embodiment two
After permissions data was set up, the data adjustment was carried out in variation that can be according to actual needs, introduces the flow process of the adjustment of authority relation data below, comprises the steps:
When needs carry out authority segmentation adjustment, determine to comprise the minimum corresponding command history of main of rank that related complete order is adjusted in the authority segmentation, adjust the other sub level that is comprised of this main and do not reach the corresponding command history of sub level.
Wherein, the other sub level that is comprised of this main of described adjustment does not reach the not corresponding command history of sub level and can be specially: the order that keeps original each other command history of sub level to be comprised is constant, set up the command history that comprises the related complete order of described authority segmentation adjustment, reset other height order of each sub level according to the inclusion relation between command history.
Can also comprise in above-mentioned adjustment process: the group that described sub level is not comprised reaches the operation that the order in the corresponding command history of each group is adjusted.This operation can be specially: increase or the minimizing group, repartition the corresponding command history of each group; Or the number of maintenance group is constant, repartitions the corresponding command history of each group.
In above-mentioned adjustment process, can also comprise: revise the operation that the authority inheritance is reduced table, comprise first relational term and second relational term in the described authority inheritance reduction table, in described first relational term and second relational term, write group, the sub level of the group in described first relational term not or main be not higher than group in described second relational term, group in corresponding one or more second relational terms of group in each first relational term, the group in described first relational term can't carry out corresponding with it one or or a plurality of second relational term in the command history of group in order.
For networked devices, can also comprise: revise the device external authority with described main is other or sub level not or the operation of the mapping relations between organizing.
Embodiment three
As shown in Figure 2, it is the authority relation data management system schematic diagram of the embodiment of the invention 3, comprising:
The other logging modle 1 of main is used to write down other priority relationship of main, and does not write down each main not and the corresponding relation of other command history of main;
The other command history memory module 2 of main is connected with the other logging modle of described main, is used to store other command history of each main;
The other logging modle 3 of sub level is connected with the other logging modle of described main, is used to write down corresponding other priority relationship of each sub level of each main, and does not write down each sub level not and the corresponding relation of other command history of sub level;
The other command history memory module 4 of sub level is used to store other command history of each sub level.
This system can further include:
Group command set memory module 6 is connected with described group record module, is used to store the command history of each group.
This system can further include:
The authority inheritance is reduced module 7, be connected with the other logging modle of described main and/or the other logging modle of sub level and/or group record module, be used to store authority inheritance reduction table, comprise first relational term and second relational term in the described authority inheritance reduction table, in described first relational term and second relational term, write group, the sub level of the group in described first relational term not or main be not higher than group in described second relational term, group in corresponding one or more second relational terms of group in each first relational term, the group in described first relational term can't be carried out the order in the command history of the group in one or more second relational terms corresponding with it.
This system can further include:
The permissions data model that provides based on the embodiment of the invention and the generation method of authority relation data and, method of adjustment, and authority relation data management system, it is convenient to make authority adjust, the authority segmentation is more flexible, the authority maintenance function is more powerful:
Other by introducing sub level, reduced the order adjustment amount when authority is adjusted, when authority is adjusted, can adopt the sub level that small number of commands is adjusted at same level to finish on not, and the order of majority need not be adjusted on the low level, perhaps increase the rank number, and whole rank order and command history are adjusted, reduced the quantity that order is adjusted.
Increase the mutually exclusive privilege management by the introducing group, making 2 user rights not have intersection becomes possibility, reduces table by introducing the authority relation succession, has realized the just mutual exclusion between the level-right;
By setting up mapping relations, flexibly with miscellaneous equipment digital right management scheme compatibility with outside Permission Levels.For example, when the Authorization Attributes of each manufacturer defines when incompatible, 15 grades of the scheme that has is highest, the scheme that has then 3 grades be highest level, when a server was used in common networking to subscriber authorisation, prior art just can't address the above problem, thereby cause level definition can not be the correct understanding simultaneously of 2 systems, and utilize the outside Permission Levels of the embodiment of the invention and the mapping mechanism of inner Permission Levels, just can address the above problem flexibly
It should be noted that at last: above embodiment is only in order to technical scheme of the present invention to be described but not limit it, although the present invention is had been described in detail with reference to preferred embodiment, those of ordinary skill in the art is to be understood that: it still can make amendment or be equal to replacement technical scheme of the present invention, and these modifications or be equal to replacement and also can not make amended technical scheme break away from the spirit and scope of technical solution of the present invention.
Claims (15)
1. the generation method of an authority relation data is characterized in that, comprising:
Be provided with that main is other, sub level is other and each inter-step priority relationship, it is other that its neutron level is not subordinated to main;
Command history is set, and each main is other and sub level is corresponding with a command history not respectively;
All orders are divided in other command history of each main, and wherein, the command history that main is not high comprises that all are than the order in the not low command history of its main;
With the order in other command history of main, be divided into sub level that this main do not comprise not in, wherein, the command history that sub level is not high comprises that all are than the order in the not low command history of its sub level.
2. method according to claim 1 is characterized in that, also comprises:
Group and the corresponding command history of group are set, the order in other command history of described sub level are divided in described group the command history, described group to be subordinated to described sub level other, and the order that is subordinated between the command history of same other group of sub level is not overlapping.
3. method according to claim 2 is characterized in that, also comprises:
Authority inheritance reduction table is set, comprise first relational term and second relational term in the described authority inheritance reduction table, in described first relational term and second relational term, write group, the sub level of the group in described first relational term not or main be not higher than group in described second relational term, group in corresponding one or more second relational terms of group in each first relational term, the group in described first relational term can't carry out corresponding with it one or or a plurality of second relational term in the command history of group in order.
4. according to claim 1 or 2 or 3 described methods, it is characterized in that, also comprise:
With the device external Permission Levels and described main is other or sub level not or set up upright mapping relations.
5. the method for adjustment of an authority relation data, it is characterized in that, when needs carry out authority segmentation adjustment, determine to comprise the authority segmentation and adjust the not corresponding command history of main minimum in the rank of related complete order, adjust the other sub level that is comprised of this main and do not reach the not corresponding command history of sub level.
6. method according to claim 5 is characterized in that, the other sub level that is comprised of this main of described adjustment does not reach the not corresponding command history of sub level, comprising:
Keep original other command history of each sub level constant, set up the command history that comprises the related complete order of described authority segmentation adjustment, reset other height order of each sub level according to the inclusion relation between command history.
7. according to claim 5 or 6 described methods, it is characterized in that, also comprise: group and the corresponding command history of each group that described sub level does not comprise are adjusted.
8. method according to claim 7 is characterized in that, the order that the described group that described sub level is not comprised reaches in the corresponding command history of each group is adjusted, and comprising:
Increase or the minimizing group, and repartition the corresponding command history of each group; Or the number of maintenance group is constant, and repartitions the corresponding command history of each group.
9. according to claim 5 or 6 described methods, it is characterized in that, also comprise: revise the authority inheritance and reduce table, comprise first relational term and second relational term in the described authority inheritance reduction table, in described first relational term and second relational term, write group, the sub level of the group in described first relational term not or main be not higher than group in described second relational term, group in corresponding one or more second relational terms of group in each first relational term, the group in described first relational term can't be carried out the order in the command history of the group in one or more second relational terms corresponding with it.
10. method according to claim 7 is characterized in that, also comprises: revise the operation that the authority inheritance is reduced table.
11. according to claim 5 or 6 described methods, it is characterized in that, also comprise: revise the device external authority with described main is other or sub level not or the operation of the mapping relations between organizing.
12. an authority relation data management system is characterized in that, comprising:
The other logging modle of main is used to write down other priority relationship of main, and does not write down each main not and the corresponding relation of other command history of main;
The other command history memory module of main is connected with the other logging modle of described main, is used to store other command history of each main;
The other logging modle of sub level is connected with the other logging modle of described main, is used to write down corresponding other priority relationship of each sub level of each main, and does not write down each sub level not and the corresponding relation of other command history of sub level;
The other command history memory module of sub level is used to store other command history of each sub level.
13. system according to claim 12 is characterized in that, also comprises:
The group record module is connected with the other logging modle of described sub level, is used to write down other corresponding group of each sub level;
Group command set memory module is connected with described group record module, is used to store the command history of each group.
14. system according to claim 13 is characterized in that, also comprises:
The authority inheritance is reduced module, be connected with the other logging modle of described main and/or the other logging modle of sub level and/or group record module, be used to store authority inheritance reduction table, comprise first relational term and second relational term in the described authority inheritance reduction table, in described first relational term and second relational term, write group, the sub level of the group in described first relational term not or main be not higher than group in described second relational term, group in corresponding one or more second relational terms of group in each first relational term, the group in described first relational term can't carry out corresponding with it one or or a plurality of second relational term in the command history of group in order.
15. according to claim 12,13 or 14 described systems, it is characterized in that, also comprise:
The mapping relations module is connected with the other logging modle of described main and/or the other logging modle of sub level and/or group record module, be used for the outside authority of recording equipment with described main is other or sub level not or the mapping relations between organizing.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2007101206726A CN100563176C (en) | 2007-08-23 | 2007-08-23 | A kind of generation of authority relation data and method of adjustment and management system |
| PCT/CN2008/071263 WO2009024037A1 (en) | 2007-08-23 | 2008-06-11 | Method for generating and adjusting authority limit relation data and managing system thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2007101206726A CN100563176C (en) | 2007-08-23 | 2007-08-23 | A kind of generation of authority relation data and method of adjustment and management system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101141297A true CN101141297A (en) | 2008-03-12 |
| CN100563176C CN100563176C (en) | 2009-11-25 |
Family
ID=39193062
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2007101206726A Expired - Fee Related CN100563176C (en) | 2007-08-23 | 2007-08-23 | A kind of generation of authority relation data and method of adjustment and management system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN100563176C (en) |
| WO (1) | WO2009024037A1 (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009024037A1 (en) * | 2007-08-23 | 2009-02-26 | Huawei Technologies Co., Ltd. | Method for generating and adjusting authority limit relation data and managing system thereof |
| CN101976314A (en) * | 2010-09-21 | 2011-02-16 | 用友软件股份有限公司 | Access control method and system |
| CN101834878B (en) * | 2010-01-29 | 2012-08-29 | 陈时军 | Multiuser system privilege management method and instant messaging system applying same |
| CN105516136A (en) * | 2015-12-08 | 2016-04-20 | 深圳市口袋网络科技有限公司 | Authority management method, device and system |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH1021196A (en) * | 1996-06-28 | 1998-01-23 | Toshiba Corp | Operator command control method |
| CN1395176A (en) * | 2001-07-06 | 2003-02-05 | 神达电脑股份有限公司 | Virtual library management system and method |
| CN100391160C (en) * | 2005-07-22 | 2008-05-28 | 上海华为技术有限公司 | Method for setting user's power in communication system |
| CN100563176C (en) * | 2007-08-23 | 2009-11-25 | 华为技术有限公司 | A kind of generation of authority relation data and method of adjustment and management system |
-
2007
- 2007-08-23 CN CNB2007101206726A patent/CN100563176C/en not_active Expired - Fee Related
-
2008
- 2008-06-11 WO PCT/CN2008/071263 patent/WO2009024037A1/en active Application Filing
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009024037A1 (en) * | 2007-08-23 | 2009-02-26 | Huawei Technologies Co., Ltd. | Method for generating and adjusting authority limit relation data and managing system thereof |
| CN101834878B (en) * | 2010-01-29 | 2012-08-29 | 陈时军 | Multiuser system privilege management method and instant messaging system applying same |
| CN101976314A (en) * | 2010-09-21 | 2011-02-16 | 用友软件股份有限公司 | Access control method and system |
| CN101976314B (en) * | 2010-09-21 | 2012-08-01 | 用友软件股份有限公司 | Access control method and system |
| CN105516136A (en) * | 2015-12-08 | 2016-04-20 | 深圳市口袋网络科技有限公司 | Authority management method, device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2009024037A1 (en) | 2009-02-26 |
| CN100563176C (en) | 2009-11-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102130966A (en) | System architecture for enterprise integrated information platform and method for implementing the same | |
| CN110443010A (en) | One kind permission visual configuration control method, device, terminal and storage medium in information system | |
| CN107967316A (en) | A kind of method of data synchronization, equipment and computer-readable recording medium | |
| CN106250782A (en) | A kind of data permission control method resolved based on SQL statement and device | |
| CN109981552B (en) | Authority distribution method and device | |
| CN101673358B (en) | Method and device for managing authority in workflow component based on authority component | |
| CN103049482B (en) | The implementation method that in a kind of distributed heterogeneous system, data fusion stores | |
| CN110363012B (en) | Method for configuring authority of authority resource, authority system and storage medium | |
| CN105184144A (en) | Multi-system privilege management method | |
| CN104639594A (en) | System and method for allocating physical resources and virtual resources | |
| CN102436473A (en) | Menu management device and menu management method | |
| CN110348183B (en) | RBAC-based rapidly configurable permission configuration system, method and storage medium | |
| CN108416230A (en) | A kind of data access method based on data isolation model | |
| CN102611699A (en) | Method and system for access control in cloud operation system | |
| CN101360123A (en) | Network system and management method thereof | |
| CN109286579A (en) | A kind of distribution method of user resources, device and computer readable storage medium | |
| CN100563176C (en) | A kind of generation of authority relation data and method of adjustment and management system | |
| CN105809021A (en) | Method and device for distributing user permissions | |
| CN104268022B (en) | The resource allocation methods and system of process in a kind of operating system | |
| CN107179946A (en) | A kind of multinode dispatching method of write operation SiteServer LBS | |
| CN103001793A (en) | Method and device for managing ACL (access control list) | |
| JP2020528600A (en) | How to approve field values for form fields via third party fields | |
| CN102201935B (en) | Access control method and device based on VIEW | |
| CN107992351A (en) | A kind of hardware resource distribution method and device, electronic equipment | |
| US9111114B1 (en) | Method of transforming database system privileges to object privileges |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20091125 Termination date: 20160823 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |