CN106067119A - Client relation management method based on privately owned cloud - Google Patents

Client relation management method based on privately owned cloud Download PDF

Info

Publication number
CN106067119A
CN106067119A CN201610395124.3A CN201610395124A CN106067119A CN 106067119 A CN106067119 A CN 106067119A CN 201610395124 A CN201610395124 A CN 201610395124A CN 106067119 A CN106067119 A CN 106067119A
Authority
CN
China
Prior art keywords
user
server
namenode
enterprise
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610395124.3A
Other languages
Chinese (zh)
Inventor
郭建锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Jingjie Technology Co Ltd
Original Assignee
Chengdu Jingjie Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Jingjie Technology Co Ltd filed Critical Chengdu Jingjie Technology Co Ltd
Priority to CN201610395124.3A priority Critical patent/CN106067119A/en
Publication of CN106067119A publication Critical patent/CN106067119A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Development Economics (AREA)
  • Accounting & Taxation (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Economics (AREA)
  • Finance (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a kind of client relation management method based on privately owned cloud, the method includes: corporate user registration PaaS privately owned cloud platform Customer Relation Management system, the ERM of storage in request reading system, system of users authority judges, determines whether that authorizing this user reads authority according to judged result.The present invention proposes a kind of client relation management method based on privately owned cloud, builds CRM system service under cloud platform, rents for enterprise is on-demand, reduces entreprise cost, and is ensured the safety of company information by user access control.

Description

Client relation management method based on privately owned cloud
Technical field
The present invention relates to cloud computing, particularly to a kind of client relation management method based on privately owned cloud.
Background technology
Corporate client management system bring facility to enterprise, centered by preferably managing customer, by client contact, Customer account management and Customer mining are that enterprise maintains and expands customer group.Using traditional deployment way, corporate client manages system Unite at the use but slower development of small business, reason be exactly system investments compared with big, the implementation cycle is very long and short-term yield not Substantially, this makes corporate client management system halt in the application of small business.In the face of market keen competition, small business is more Need to hold rapidly market trend, with greater need for constantly absorbing new customer group, but small business it is desirable that low input, Corporate client management system easy to use.And along with the rise of cloud computing, corporate client is managed system deployment to base Under cloud platform of increasing income, not only with resource substantial amounts of in integration networks, and can effectively reduce the cost of use of enterprise.Enterprise Industry can combine customer management module by the mode self of on-demand use, the most immediately obtains customer account management service.But It is that existing cloud platform can not comply fully with the requirement of corporate client management system identity checking, no matter what being selected when design Planting authentication model, the security configuration information of this system is the most fixed, and motility and adaptability have much room for improvement.
Summary of the invention
For solving the problem existing for above-mentioned prior art, the present invention proposes a kind of customer relationship pipe based on privately owned cloud Reason method, including:
Corporate user registration PaaS privately owned cloud platform Customer Relation Management system, enterprise's money of storage in request reading system Source, system of users authority judges, determines whether that authorizing this user reads authority according to judged result.
Preferably, described method farther includes:
It is enterprise and resource definition organizational structure attribute tags according to enterprise security demand and organizational structure thereof, in name byte Adding authentication model in point, enterprise customer, before access ERM, first passes through key server and namenode Carry out authentication, after being verified, following authentication logic judges whether to license to user: user and server exist Registering on key server, key server generates and distributes the shared private key K of key server and userkn, key takes Business device and the shared private key K of namenodekn;Set shared private key between authentication server and token server as Kat, user During login, the information package of system request token service and user identity is sent to authentication server;Authentication server receives please After asking, inquire about customer data base, generate one for user the most at random after checking user is legal and communicate with token server Private key Kut, then create an authorization signaling, this signaling includes user name, token server Service name, address of theenduser, when Front time, effective time and Kut, authorization signaling uses KatEncryption;Authentication server is by user's authorization signaling and KutWith user and The private key K of certificate serveruUser it is sent to after encryption;User, after receiving the message that authentication server sends back, deciphers To authorization signaling and Kut, the most legal user by the certification of token server, thus could obtain token server Authorization of service signaling;User holds authorization signaling the Service name K together with requestutEncryption is sent to token server, request Authorization signaling;After token server receives the service request that user sends, use KatDeciphering authorization signaling and Kut, then use KutDeciphering Obtaining user profile, and contrast with the user profile in authorization signaling, checking user is the most legal effectively, if legal, then For generating session private key K between user and namenodeun, and by user name, address of theenduser, Service name, effect duration, timestamp and KunIt is packaged into authorization signaling ST, and K will be usedknST and K of encryptionunUse KutEncryption replies to user;User receives token server Information, use KutDeciphering obtains the session private key K between user and namenodeun, and by oneself user name and address packing Become Au, then by ST with use KunThe Au of encryption is sent to namenode, asks certification;After namenode receives the information of user, Kkn Deciphering obtains user name, address of theenduser, Service name, the session private key K between effect duration and user and namenodeun, then use Kun Deciphering obtains user profile, then with from ST, obtain user profile contrast, carry out authentication;Have if identity is legal Effect, then generate and certificate for user, carry out authentication for user on namenode;After user has certificate, When user holds certain file that certificate request accesses in the privately owned cloud platform of PaaS, namenode first verifies that whether certificate is legal Effectively, thus judge that user identity is the most effective;If identity is legal effectively, then according to user name, address of theenduser and Service name are looked into Ask metadata, customer attribute information storehouse, and Resource Properties information bank, inquire customer attribute information, including the true surname of user Name, user owned enterprise, user affiliated function, and job titles, and Resource Properties information, including resource owned enterprise, Department, and affiliated authority, then inquire about whether this enterprise customer has corresponding access right to the resource being applied for access Limit.
The present invention compared to existing technology, has the advantage that
The present invention proposes a kind of client relation management method based on privately owned cloud, builds customer relationship pipe under cloud platform Reason system service, is rented for enterprise is on-demand, reduces entreprise cost, and ensured the peace of company information by user access control Quan Xing.
Accompanying drawing explanation
Fig. 1 is the flow chart of client relation management method based on privately owned cloud according to embodiments of the present invention.
Detailed description of the invention
Hereafter provide retouching in detail one or more embodiment of the present invention together with the accompanying drawing of the diagram principle of the invention State.Describe the present invention in conjunction with such embodiment, but the invention is not restricted to any embodiment.The scope of the present invention is only by right Claim limits, and the present invention contains many replacements, amendment and equivalent.Illustrate in the following description many details with Thorough understanding of the present invention is just provided.These details are provided for exemplary purposes, and without in these details Some or all details can also realize the present invention according to claims.
An aspect of of the present present invention provides a kind of client relation management method based on privately owned cloud.Fig. 1 is according to the present invention The client relation management method flow chart based on privately owned cloud of embodiment.
The present invention adds authentication in PaaS privately owned cloud platform corporate client management system, and user needs to use client The interface that can provide by calling cloud platform during management service uses, and the overall process of authentication includes:
User sends logging request to the privately owned cloud platform of PaaS, and logging request includes resource to be accessed, and to resource Access mode information;Cloud platform resolves the logging request that user sends, and obtains the information such as the ID of requesting party, Attribute certificate, so After by user profile and request mate with authentication policy;Matching result according to user profile with request with authentication policy is sentenced Disconnected whether permission logs in and accesses, and sends result to user.
Corporate client management system uses layering based on customer group Yu role to fetch strategy.Wherein define according to customer group The services set of this customer group customization and data access authority;Operating right according to the role definition user that user is subordinate to.Identity The entity that the service for checking credentials relates to includes enterprise, department, user, role, authority, resource, operation.Enterprise is by making after paying Managing system with corporate client, can there be multiple user in an enterprise.Each enterprise apply for service after all for service Operation be all supplied with this enterprises user use.Department be the classification to user, user and department be many-to-one pass System.There is multiple department in one enterprise.In user, management user is the use of the highest weight limit of service for business management and domestic consumer Family;Domestic consumer is directly to use service to carry out the user of business operation.Management user is the newly-built account of domestic consumer, including adding Add domestic consumer, add role, add authority, interpolation department, for role bindings authority, bind role for user, tie up for user Determine the sequence of operations such as authority.Domestic consumer obtains the privilege feature corresponding with its role, the authority limit of user's access service Make role and be individually for its binding authority within.User obtains privilege feature by role, and authority is assigned to by role User.One role can bind several authorities.Resource is protected object, comprises hardware, software and data.Operation It is the behavior set that resource can be carried out after accessing resource, comprises reading, write, delete, inquire about, edit these for resource Behavior.
Database table needs set up enterprise table, department table, Jiao Sebiao, Yong Hubiao, authority list, resource table, operation table, User role table, user right table, role-security table, user role authority select table.The authentication service of the present invention is embedding Entering in corporate client management system, need registering and logging system before using, after login, company manager can be to enterprise Internal user is managed, including adding user, inquiry user right, giving user role, imparting user right, newly-built angle Color, ascribed role authority, newly-built authority.First enterprise services with tenant's unit application for registration, it is thus achieved that a business administration The account of user, then business administration user logs in platform, and the domestic consumer for enterprise creates account and creates role, for commonly User distributes role, and then domestic consumer uses intra vires service.Set up the relation of user and role, pushed away by role Lead the access rights of user.
Role's table is specified higher level role's numbering, defines a role cultivating, thus extend and self-defined role cultivating.User Role-security selection table indicates presently described concrete request.By asking the level of title, it is mapped to concrete this request of process Process.And add the feature that additional information indicates that the request that current record describes is had.
Role-security is inherited and is referred in attribute structure, and a role can inherit all permissions of role in its subtree. The authority of each role comes to be inherited and the authority of current character uniqueness.Have only to join during role-security configures Put the authority of its uniqueness.The loose coupling of user and role can facilitate while occurrences in human life change, revises user place in enterprise Role category.Connected simultaneously because the relation of access rights and user is indirect by role, so using changing While the role of place, family, have modified the role authorization access rights that user is corresponding.
The role of the lowest class is obtained in the role's set inherit individual subscriber mandate.Role is organized into multiway tree knot Structure, uses the method for the nearest public ancestors of multiple role's nodes in role cultivating of finding, can disposably find all users' Minimum higher level, and operation result is all write caching.That improves individual's mandate inheritance realizes efficiency.Service end intercepts To user request URL time, through authority detect, if this user does not has authority to the operation of current request, then return refusal please The response contents asked.If scope check passes through, continue executing with the operation code that request is corresponding, return final result.
In the running of business, if there being third party user, the user being i.e. not belonging to this enterprise needs to participate under this enterprise Specifying resource operation, it is authorized by the mechanism that the manager of corresponding enterprise can use individual's mandate, refers to authorizing user Determine resource and specify the write operation authority of flow process simultaneously, configure whether this user has read right to other flow processs specifying resource. Read-write requests is separated by other operations to not having authority, has both ensured that this user participates in corporate operation, in turn ensure that industry The safety of business data.Give tacit consent to all and resource binding workflow and be satisfied by the permission inheritance relation of role, only at enterprise personnel During change, amendment personnel and the mapping relations of role;If user's request is extended more careful Control granularity, customization is opened Have only to increase the additional information of request when sending out.
System uses the system architecture of application multi-level, many.Be divided into four levels: application layer, service layer, writable layer with And accumulation layer.Application layer provides three kinds of service modes.Web applies the request sent directly in response to user, enterprise from browser Level user uses user to rent and services the mode of assembling and realizes the customization of corporate client management system application;Web service is passed through The interface that calling service layer provides realizes service call;The interface that development interface provides by calling service layer realizes customizable opening Send out.Realize load balancing between multiple Web Application Servers, application request is shunted, with the support that offer is concurrent to height. Service layer includes generic service, infrastructure service and three modules of business service.Wherein generic service provides log management, communication The interface of the general utility functionss such as management;Infrastructure service provides the basic functions such as user's management, authentication management, accounting management Interface;Business service provides the interface that customer account management, order management etc. are relevant to service logic.Each service module can be adopted With distributed deployment, it would however also be possible to employ different platform developments.Writable layer provides the data access interface in different pieces of information source, can To support distributed file system, the transparent access of distributed type assemblies data base.
PaaS privately owned cloud platform corporate client management system, by the form that all of function package is service, is provided only to enterprise The function that industry is most basic.Client can pass through the function required for customizing and assemble the form acquisition of service.Enterprise query owns Available service, and the open corresponding service of application as required.
Platform provides service-seeking interface, makes user find corresponding merit easily in corporate client management system component storehouse The assembly of energy.Small business's individual demand to the corporate client management privately owned cloud platform of system PaaS collected by platform.By enterprise The interface layer of industry software part, it is achieved the interface channel between enterprise software layer and corporate client management system software cloud computing resources, Specifically include standard agreement and the formulation of negotiation mechanism, different calculate the choosing of resource, rule of combination.Put down by the privately owned cloud of PaaS The cloud storage data-interface that platform provides, it is achieved the Data Migration of corporate client management system, manages system by corporate client and relates to Data information memory to cloud computing platform.
The present invention uses following auth method.Enterprise customer is made to close to PaaS privately owned cloud platform client in access storage When being the ERM in service system, judgement user right authorized by authentication logic.Ensure the enterprise in cloud Industry being effectively isolated property of resource can obtain again the controlled of necessity and share.
First, it is enterprise and resource definition organizational structure attribute mark according to the concrete demand for security of enterprise and organizational structure thereof Sign.User, after signing in system through authentication, when user's accessing resource, judges through security configuration information, Then determine whether to authorize corresponding authority.
To add authentication model in namenode, enterprise customer, before access ERM, first passes through close Key server and namenode carry out authentication, after being verified, judge whether to license in following authentication logic User.User registers on key server with server, and key server generates and distribute key server and user Shared private key Kkn, key server and the shared private key K of namenodekn.And set authentication server and token server it Between shared private key be Kat, when user logs in, the information package of system request token service and user identity is sent to checking clothes Business device.After authentication server receives request, inquire about customer data base, checking user legal after the most at random for user generate one and The private key K that token server communicatesut, then create an authorization signaling, this signaling include user name, token service Device Service name, address of theenduser, current time, effective time and Kut.Authorization signaling uses KatEncryption.Authentication server is by user Authorization signaling and KutWith the private key K of user and certificate serveruUser it is sent to after encryption.User sends out receiving authentication server After the message sent back to, decipher authorized signaling and Kut, due to authorization signaling KatEncryption, therefore user cannot see that mandate Content in signaling, this ensure that the most legal user by the certification of token server, thus could obtain token clothes The authorization of service signaling of business device.User holds authorization signaling the Service name K together with requestutEncryption is sent to token server, Request authorization signaling.After token server receives the service request that user sends, use KatDeciphering authorization signaling and Kut, then use Kut Deciphering obtains user profile, and contrasts with the user profile in authorization signaling, and checking user is the most legal effectively, if closing Method, then be generation session private key K between user and namenodeun, and by user name, address of theenduser, Service name, effect duration, time Between stamp and KunIt is packaged into authorization signaling ST, and K will be usedknST and K of encryptionunUse KutEncryption replies to user.User receives token The information of server, uses KutDeciphering obtains the session private key K between user and namenodeun, and by oneself user name and ground Location is packaged into Au, then by ST with use KunThe Au of encryption is sent to namenode, asks certification.Namenode receives the information of user After, KknDeciphering obtains user name, address of theenduser, Service name, the session private key K between effect duration and user and namenodeun, Use K againunDeciphering obtains user profile, then with from ST, obtain user profile contrast, carry out authentication.If identity is closed Method is effective, then generate and certificate for user, carry out authentication for user on namenode.User has certificate After, when user holds certain file that certificate request accesses in the privately owned cloud platform of PaaS, namenode first verifies that whether certificate is Legal effectively, thus judge that user identity is the most effective.If identity is legal effectively, then according to user name, address of theenduser and service Name query metadata, customer attribute information storehouse, and Resource Properties information bank, inquire customer attribute information, true including user Real name, user owned enterprise, user affiliated function, and job titles, and Resource Properties information (are looked forward to as belonging to resource Industry, department, and affiliated authority), then inquire about whether this enterprise customer has corresponding visit to the resource being applied for access Ask authority.
In sum, the present invention proposes a kind of client relation management method based on privately owned cloud, builds under cloud platform CRM system services, and rents for enterprise is on-demand, reduces entreprise cost, and ensures enterprise by user access control The safety of industry information.
Obviously, it should be appreciated by those skilled in the art, each module of the above-mentioned present invention or each step can be with general Calculating system realize, they can concentrate in single calculating system, or be distributed in multiple calculating system and formed Network on, alternatively, they can realize with the executable program code of calculating system, it is thus possible to by they store Performed by calculating system within the storage system.So, the present invention is not restricted to the combination of any specific hardware and software.
It should be appreciated that the above-mentioned detailed description of the invention of the present invention is used only for exemplary illustration or explains the present invention's Principle, and be not construed as limiting the invention.Therefore, that is done in the case of without departing from the spirit and scope of the present invention is any Amendment, equivalent, improvement etc., should be included within the scope of the present invention.Additionally, claims purport of the present invention Whole within containing the equivalents falling into scope and border or this scope and border change and repair Change example.

Claims (2)

1. a client relation management method based on privately owned cloud, it is characterised in that including:
Corporate user registration PaaS privately owned cloud platform Customer Relation Management system, the ERM of storage in request reading system, System of users authority judges, determines whether that authorizing this user reads authority according to judged result.
Method the most according to claim 1, it is characterised in that described method farther includes:
It is enterprise and resource definition organizational structure attribute tags according to enterprise security demand and organizational structure thereof, in namenode Adding authentication model, enterprise customer, before access ERM, first passes through key server and namenode is carried out Authentication, after being verified, judges whether to license to user: user and server are at key in following authentication logic Registering on server, key server generates and distributes the shared private key K of key server and userkn, key server Shared private key K with namenodekn;Set shared private key between authentication server and token server as Kat, user logs in Time, the information package of system request token service and user identity is sent to authentication server;After authentication server receives request, Inquiry customer data base, generates a private key communicated with token server for user after checking user is legal the most at random Kut, then creating an authorization signaling, this signaling includes user name, token server Service name, address of theenduser, time current Between, effective time and Kut, authorization signaling uses KatEncryption;Authentication server is by user's authorization signaling and KutWith user and certification The private key K of serveruUser it is sent to after encryption;User is after receiving the message that authentication server sends back, and deciphering is awarded Power signaling and Kut, the most legal user by the certification of token server, thus could obtain the clothes of token server Business authorization signaling;User holds authorization signaling the Service name K together with requestutEncryption is sent to token server, and request authorizes Signaling;After token server receives the service request that user sends, use KatDeciphering authorization signaling and Kut, then use KutDeciphering obtains User profile, and contrast with the user profile in authorization signaling, checking user is the most legal effectively, if legal, then for using Session private key K is generated between family and namenodeun, and by user name, address of theenduser, Service name, effect duration, timestamp and Kun It is packaged into authorization signaling ST, and K will be usedknST and K of encryptionunUse KutEncryption replies to user;User receives token server Information, uses KutDeciphering obtains the session private key K between user and namenodeun, and oneself user name and address are packaged into Au, then by ST with use KunThe Au of encryption is sent to namenode, asks certification;After namenode receives the information of user, KknSolve The close user name that obtains, address of theenduser, Service name, the session private key K between effect duration and user and namenodeun, then use KunSolve Close obtain user profile, then with from ST, obtain user profile contrast, carry out authentication;If identity is legal effectively, Then generate and certificate for user, on namenode, carry out authentication for user;After user has certificate, when with When certain file that certificate request accesses in the privately owned cloud platform of PaaS is held at family, namenode first verifies that whether certificate is legal to have Effect, thus judge that user identity is the most effective;If identity is legal effectively, then according to user name, address of theenduser and Service name inquiry Metadata, customer attribute information storehouse, and Resource Properties information bank, inquire customer attribute information, including user's Real Name, User owned enterprise, user affiliated function, and job titles, and Resource Properties information, including resource owned enterprise, portion Door, and affiliated authority, then inquire about whether this enterprise customer has corresponding access rights to the resource being applied for access.
CN201610395124.3A 2016-06-03 2016-06-03 Client relation management method based on privately owned cloud Pending CN106067119A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610395124.3A CN106067119A (en) 2016-06-03 2016-06-03 Client relation management method based on privately owned cloud

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610395124.3A CN106067119A (en) 2016-06-03 2016-06-03 Client relation management method based on privately owned cloud

Publications (1)

Publication Number Publication Date
CN106067119A true CN106067119A (en) 2016-11-02

Family

ID=57420487

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610395124.3A Pending CN106067119A (en) 2016-06-03 2016-06-03 Client relation management method based on privately owned cloud

Country Status (1)

Country Link
CN (1) CN106067119A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292511A (en) * 2017-06-20 2017-10-24 成都海地云信息技术有限公司 ERP method and system based on cloud computing and big data technology
CN108243040A (en) * 2016-12-23 2018-07-03 南京联成科技发展股份有限公司 A kind of authentication of cloud computing and the realization framework for accessing management security service
CN108320139A (en) * 2018-03-14 2018-07-24 吉志勇 Enterprise Internet-based and personal interactive system and its application process
CN111147572A (en) * 2019-12-24 2020-05-12 中国建设银行股份有限公司 Cloud customer service platform management system and method
CN111190738A (en) * 2019-12-31 2020-05-22 北京仁科互动网络技术有限公司 User mirroring method, device and system under multi-tenant system
CN112887228A (en) * 2019-11-29 2021-06-01 阿里巴巴集团控股有限公司 Cloud resource management method and device, electronic equipment and computer readable storage medium
CN113630260A (en) * 2021-10-12 2021-11-09 江苏荣泽信息科技股份有限公司 Organization identity encryption and decryption method
CN115134173A (en) * 2022-08-31 2022-09-30 中航信移动科技有限公司 Request response method for determining user authority
CN115801833A (en) * 2022-11-16 2023-03-14 浙江九州云信息科技有限公司 Enterprise-level public cloud resource management method and system
CN117874826A (en) * 2024-03-11 2024-04-12 成都数据集团股份有限公司 Database authority management system and method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571815A (en) * 2012-02-13 2012-07-11 浪潮集团山东通用软件有限公司 Method of integrated ERP (Enterprise Resource Planning) user authentication for e-procurement private cloud
CN104751077A (en) * 2015-04-21 2015-07-01 沈文策 Access control method and device
CN105450750A (en) * 2015-12-01 2016-03-30 成都汇合乾元科技有限公司 Secure interaction method for intelligent terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571815A (en) * 2012-02-13 2012-07-11 浪潮集团山东通用软件有限公司 Method of integrated ERP (Enterprise Resource Planning) user authentication for e-procurement private cloud
CN104751077A (en) * 2015-04-21 2015-07-01 沈文策 Access control method and device
CN105450750A (en) * 2015-12-01 2016-03-30 成都汇合乾元科技有限公司 Secure interaction method for intelligent terminal

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108243040A (en) * 2016-12-23 2018-07-03 南京联成科技发展股份有限公司 A kind of authentication of cloud computing and the realization framework for accessing management security service
CN107292511A (en) * 2017-06-20 2017-10-24 成都海地云信息技术有限公司 ERP method and system based on cloud computing and big data technology
CN108320139A (en) * 2018-03-14 2018-07-24 吉志勇 Enterprise Internet-based and personal interactive system and its application process
CN112887228A (en) * 2019-11-29 2021-06-01 阿里巴巴集团控股有限公司 Cloud resource management method and device, electronic equipment and computer readable storage medium
CN112887228B (en) * 2019-11-29 2024-02-02 阿里巴巴集团控股有限公司 Cloud resource management method and device, electronic equipment and computer readable storage medium
CN111147572B (en) * 2019-12-24 2022-04-15 中国建设银行股份有限公司 Cloud customer service platform management system and method
CN111147572A (en) * 2019-12-24 2020-05-12 中国建设银行股份有限公司 Cloud customer service platform management system and method
CN111190738A (en) * 2019-12-31 2020-05-22 北京仁科互动网络技术有限公司 User mirroring method, device and system under multi-tenant system
CN111190738B (en) * 2019-12-31 2023-09-08 北京仁科互动网络技术有限公司 User mirroring method, device and system under multi-tenant system
CN113630260B (en) * 2021-10-12 2022-01-14 江苏荣泽信息科技股份有限公司 Organization identity encryption and decryption method
CN113630260A (en) * 2021-10-12 2021-11-09 江苏荣泽信息科技股份有限公司 Organization identity encryption and decryption method
CN115134173A (en) * 2022-08-31 2022-09-30 中航信移动科技有限公司 Request response method for determining user authority
CN115134173B (en) * 2022-08-31 2022-11-04 中航信移动科技有限公司 Request response method for determining user permission
CN115801833A (en) * 2022-11-16 2023-03-14 浙江九州云信息科技有限公司 Enterprise-level public cloud resource management method and system
CN117874826A (en) * 2024-03-11 2024-04-12 成都数据集团股份有限公司 Database authority management system and method
CN117874826B (en) * 2024-03-11 2024-05-24 成都数据集团股份有限公司 Database authority management system and method

Similar Documents

Publication Publication Date Title
CN105871914B (en) CRM system access control method
CN106067119A (en) Client relation management method based on privately owned cloud
CN111914269B (en) Data security sharing method and system in blockchain and cloud storage environment
CN106096976A (en) Small business's client relation management method
Maesa et al. Blockchain based access control services
US9667654B2 (en) Policy directed security-centric model driven architecture to secure client and cloud hosted web service enabled processes
CN103701801B (en) Resource access control method
US9047462B2 (en) Computer account management system and realizing method thereof
CN101997876B (en) Attribute-based access control model and cross domain access method thereof
CN102307185B (en) Data isolation method used in storage cloud
US7673323B1 (en) System and method for maintaining security in a distributed computer network
CN111400676A (en) Service data processing method, device, equipment and medium based on sharing authority
CN108111629A (en) Application Programming Interface service unit and Application Programming Interface service system
AU2017320341A1 (en) Dynamic access control on blockchain
CN103347090B (en) A kind of software license management method based on enterprise network
CN106534199B (en) Distributed system certification and rights management platform under big data environment based on XACML and SAML
US20100299738A1 (en) Claims-based authorization at an identity provider
CN110197058A (en) Unified internal control method for managing security, system, medium and electronic equipment
US11888856B2 (en) Secure resource authorization for external identities using remote principal objects
CN102947797A (en) Online service access controls using scale out directory features
CN105516110A (en) Mobile equipment secure data transmission method
US11552956B2 (en) Secure resource authorization for external identities using remote principal objects
CN105450750A (en) Secure interaction method for intelligent terminal
Riad et al. AR-ABAC: a new attribute based access control model supporting attribute-rules for cloud computing
CN105262780A (en) Authority control method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20161102