Specific embodiment
Purpose, technical scheme and advantage to make the application are clearer, below in conjunction with the application specific embodiment and
Technical scheme is clearly and completely described in corresponding attached drawing.Obviously, described embodiment is only the application one
Section Example, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not doing
Go out all other embodiments obtained under the premise of creative work, shall fall in the protection scope of this application.
In order to facilitate the embodiment of the present application is understood, introduced first at this embodiment of the present application description in can introduce it is several will
Element.
Distributed data base:Finger is connected the multiple data storage cells physically disperseed using information autobahn
To form a unified database in logic.The basic thought of distributed data base is by the number in original centralized database
According to dispersion storage on multiple data memory nodes by network connection, to obtain the memory capacity of bigger and higher concurrent
Visit capacity.
In the management system of distributed data base, it may include the data base management system (Local of local field ground
DBMS, LDBMS) and global data library management system (Global DBMS, GDBMS).Wherein,
The major function of LDBMS is foundation and management local data bank, provides site autonomy ability, perform topical application and
The subquery of global query.
The major function of GDBMS is to provide distribution transparency, coordinates the execution of global things, coordinates each part DBMS with complete
Into global application, ensure the global coherency of database, perform con current control, realize that update synchronizes, global repair function is provided
Deng.
In each node of distributed data base, the node for disposing GDBMS can be described as host node, be for coordinating and managing
The node of distributed data base.It should be understood, of course, that other coordinated management distributed data bases can also be disposed on the primary node
Management system, title is not necessarily GDBMS, but the management system centainly has GDBMS coordinated management distributed data bases
The function of node.The management node being previously mentioned in this application, as host node.
Other nodes for disposing LDBMS of distributed data base can be described as from node.What is be previously mentioned in this application is non-
Management node, as from node.
Below in conjunction with attached drawing, the technical solution that each embodiment of the application provides is described in detail.
Fig. 1 is the method flow diagram of one embodiment Access and control strategy of database of the application.The method of Fig. 1 is by distributed number
It is performed according to the management node in library.It should be understood that the management node that the application is previously mentioned, refers both to the main section in distributed data base
Point is used to coordinate and manage the node of distributed data base.In distributed data base, the node other than management node is referred to as non-
Management node, the also slave node or branch node as in distributed data base.The method of Fig. 1 includes:
S110, the management node in distributed data base receive the data manipulation sentence of user.
It should be understood that in the embodiment of the present application, management node is the node for coordinating and managing the distributed data base, i.e.,
The host node of distributed data base.In other words, node of the management node to dispose GDBMS in the node of distributed data base.
It should be understood that in the embodiment of the present application, management node can also have other than having management function and perform data manipulation sentence pair
The data operation request and the function of execution result back answered;Certainly, management node, which can not also have, performs data manipulation language
The function of the corresponding data operation request of sentence, the embodiment of the present application are not limited herein.
It should be understood that in the embodiment of the present application, which can include data query sentence select sentences,
Or data manipulation statement such as insert sentences, update sentences, delete sentences etc..
S120, management node having permission in the node of the distributed data base perform the data manipulation sentence on node
Corresponding data operation request.
Wherein, having permission the user in the node that node is the distributed data base, to have the data manipulation sentence corresponding
The node of the access rights of data manipulation type.
It should be understood that in the embodiment of the present application, the user of distributed data base may include the access rights of node following
It is at least one:
The role of the user of the distributed data base is to the node middle finger fixed number of the distributed data base according to action type
Access rights;
The user of the distributed data base is to the node middle finger fixed number of the distributed data base according to the access right of action type
Limit.
For example, it is assumed that user A is authorized to the access rights of select types in node 1, then node 1 can perform user A's
Select sentences;In another example the role of user B is operational group, operational group is authorized to delete types and update classes in node 2
Type, then node 2 can perform the delete sentences of user B and update sentences.
It should be understood, of course, that the access rights of the embodiment of the present application interior joint only determine whether user has certain number
According to the access rights of action type, in a particular application, it is also necessary to which whether there is the visit of tables of data to be operated in view of user
Ask permission.
In the embodiment of the present application, by the table for carrying out data manipulation being needed to be distributed according to the data manipulation sentence of user
Data distribution request in formula database determines the node for needing to access, and then has data manipulation sentence correspondence in user
The access rights of data manipulation type have permission on node, perform the corresponding data operation request of data manipulation sentence,
So as to which user is avoided to perform data operation request in the node for not having access rights, reduce distribution to a certain extent
Influencing each other between the data access of different user in formula database.
It should be understood that in the embodiment of the present application, management node can also need the table operated to exist according to the data manipulation sentence
Data distribution situation in the distributed data base determines the node of the data there are the table.At this point, step S120 is implemented
For:
Data distribution of the table that the management node is operated according to data manipulation sentence needs in the distributed data base
Situation determines that there are at least one nodes of the data of the table in the node of the distributed data base;The management node at this extremely
Having permission in a few node performs the corresponding data operation request of data manipulation sentence on node.
Before the corresponding data operation request of data manipulation sentence is performed, it can need to operate according to the data manipulation sentence
Table data each node in distributed data base data distribution situation, determine with the table data node.
That is performing data manipulation type as inquiry (select) type, update (update) type or deleting (delete) class
During the data manipulation sentence of type, the node of the data there is no the table is may skip, effect is performed so as to improve data manipulation sentence
Rate.
For example, it is assumed that the data manipulation sentence is " select*from table1 ", it is table1 to need the table operated.It is false
If distributed data base shares totally 5 nodes of 1~node of node 5, wherein table1 has data in node 1, node 3 and node 5,
It then may skip node 2 and node 4 at this time, only need to consider to perform the data manipulation sentence on node 1, node 3 and node 5.When
So, it should be appreciated that in the embodiment of the present application, it is also necessary to determined according to user in the access rights of node 1, node 3 and node 5 be
It is no that the data manipulation sentence is performed on node 1, node 3 or node 5.
In the embodiment of the present application, pass through the number according to the table that operates of data manipulation sentence needs in distributed data base
The node of the table data is filtered out according to distribution situation, so as to avoid that inquiry (select) is performed on the node without the table data
Type, update (update) type or the data manipulation sentence for deleting (delete) type, hold so as to improve distributed data base
The efficiency of row data action statement.
Fig. 2 is the method flow diagram of the further embodiment Access and control strategy of database of the application.Optionally, as a reality
Example is applied, as shown in Fig. 2, step S120 is implemented as:Step S121 and step S122.
S121, management node is according to the data manipulation type and the user of the data manipulation sentence in the distributed data base
Node access rights, determine to have permission node in the node of the distributed data base.
Wherein, management node stores the access right of the user of the distributed data base to the node of the distributed data base
The information of limit.
S122, have permission node of the management node other than management node send the corresponding data behaviour of the data manipulation sentence
It asks, having permission node with request performs the data operation request.
It should be understood that in the embodiment of the present application, for inquiry (select) type, update (update) type or deletion
(delete) the data manipulation sentence of type, if the data in the table that management node is operated by data manipulation sentence needs are divided
Cloth situation determines in the node of the distributed data base that there are at least one node of the table data then management node only needs really
Node is had permission, and the node that has permission at least one node sends the data manipulation in fixed at least one node
The corresponding data operation request of sentence.
In the embodiment of the present application, access of the management node according to the user that store in management node on each node
Authority information, determines the node that has permission of user Internet access in the node of the distributed data base, and to management node with
Outer has permission node transmission data operation requests, so as to the access rights according to the node stored in management node, really
Surely the node of execution data operation request is needed, and user is avoided to perform data manipulation in the node for not having access rights and is asked
It asks, reduces influencing each other between the data access of different user to a certain extent.
In addition, the method for the embodiment of the present application, additionally it is possible to improve the execution efficiency for performing data manipulation sentence.
Optionally, as another embodiment, step S120 is implemented as:Management node is sent out at least one node
The data operation request is given, the node that has permission at least one node to be asked to perform the data operation request, wherein, it should
Each node in the node of distributed data base stores the user of the distributed data base to the access rights of the node
Information.
It should be understood that if the node for receiving the data operation request has permission, directly perform, return performs knot
Fruit.For query statement, cancel statement and update sentence, the row record being related to is had existed in corresponding node;For inserting
Enter sentence, the node for receiving the data operation request has permission, then the data operation request is inserted into the node and is asked
The record of insertion.It should be understood that for being inserted into sentence, it will usually provide distribution rule of the data being inserted into each node.For example,
In the rule of ID card No., front two represents province, and when the beginning that the identity card of insertion records, two are 34, then it represents that should
Anhui is recorded as, meeting the identity card record of the rule will be put on the node of Anhui.It should be understood, of course, that the embodiment of the present application
The insertion rule being previously mentioned is only schematical, in practical application scenarios, it is understood that there may be more complicated insertion rule or
Person may not limit data distribution when being inserted into.
In the embodiment of the present application, when the access rights of user are stored in each node, management node is to the distribution
The node of database sends the data operation request, so as to which the node execution that has permission for asking the access rights with the user is somebody's turn to do
Data operation request can avoid the user for not having access rights from performing the data operation request, reduce to a certain extent
Influencing each other between the data access of different user.
Fig. 3 is the method flow diagram of the further embodiment Access and control strategy of database of the application.Optionally, as a reality
Example is applied, as shown in figure 3, after step S120, this method may also include step S130.
S130, management node determine lack of competence node of the data manipulation sentence in the node of the distributed data base
Implementing result is empty result set.
Wherein, lack of competence node is that the user does not have the data manipulation sentence pair in the node of the distributed data base
The node of the access rights of data manipulation type answered.
Fig. 4 is the method flow diagram of the further embodiment Access and control strategy of database of the application.Optionally, as a reality
Example is applied, as shown in figure 4, step S130 is implemented as:Step S131 and step S132.
S131, management node is according to the data manipulation type and the user of the data manipulation sentence in the distributed data base
Node in access rights, determine the lack of competence node in the node of the distributed data base.
Wherein, management node stores the access right of the user of the distributed data base to the node of the distributed data base
The information of limit.
S132, management node determine that the data manipulation sentence in the implementing result of lack of competence node is empty result set.
In the embodiment of the present application, management node is according to the information of the access rights that this node is stored in management node,
It determines that user does not have the lack of competence node of access rights, and directly determines execution of the data manipulation sentence in lack of competence node
As a result it is empty result set, so as to improve the execution efficiency of data manipulation sentence, and user is avoided not have access rights
Node performs data operation request, reduces influencing each other between the data access of different user to a certain extent.
Fig. 5 is the method flow diagram of the further embodiment Access and control strategy of database of the application.Optionally, as a reality
Example is applied, as shown in figure 5, step S130 is implemented as:Step 133 and step 134.
133, management node sends the corresponding data manipulation of data manipulation sentence to the node of the distributed data base please
It asks, which is performed with the node for asking the distributed data base, wherein, in the node of the distributed data base
Each node stores the information of the user of the distributed data base to the access rights of the node.
134, management node receives the empty result set of lack of competence node feeding back, and confirms the data manipulation sentence in lack of competence
The implementing result of node is empty result set.
In the embodiment of the present application, when the access rights of user are stored in each node, management node is to the distribution
The node of database sends the data operation request, so as to ask the lack of competence node of the access rights without the user direct
Empty result set is returned, the user for not having access rights can be avoided to perform the data operation request, reduced to a certain extent
Influencing each other between the data access of different user.
In the following, the method for the embodiment of the present application will be further described in conjunction with specific embodiments.
Fig. 6 is the interaction diagrams of one embodiment Access and control strategy of database method of the application.Implementation shown in Fig. 6
In example, management node is the host node of distributed data base, and it is the node that user has permission to have permission node, and lack of competence node is
User the node not having permission to access.In the embodiment of the present application, the data manipulation sentence of user performs in management node, pipe
Store access rights of the user to data manipulation type each in each node of distributed data base on reason node.The application
The method of embodiment is suitable for the data manipulation sentence of select types, delete types, Insert types and update types.
It should be understood that management node can have permission node or lack of competence node, this is not restricted for the embodiment of the present application.
The idiographic flow of Fig. 6 is as follows:
610, management node receives the data manipulation sentence of user.
It should be understood that when management node receives the data manipulation sentence of user, it can be by data manipulation statement translation into corresponding
Data operation request.
620, management node analyzes the data distribution situation of the data manipulation sentence table to be operated, and determines that there are the tables
Data at least one node.
Management node can determine the table to be operated, and analyze in the table by the syntax parsing to data action statement
Data distribution situation, so as to filter out, there are at least one nodes of the data of the table in the node of the distributed data base.
For example, it is assumed that the data manipulation sentence that user A needs perform is " select*from table1 ", need what is operated
Table is table1;And assume that distributed data base shares totally 5 nodes of 1~node of node 5, wherein, node 1 is management node,
Table1 has data in node 1, node 3 and node 5.Node 1 can filter out the node of the data there are table1 at this time, that is, save
Point 1, node 3 and node 5.
It should be understood, of course, that step 620 is optionally, management node can not perform step 620 and directly perform step 630
Method.
630, management node determines to have permission node and lack of competence node, and the implementing result of determining lack of competence node is sky
Result set.
In the embodiment of the present application, management node according to the user recorded in authority list each node access rights,
Can determine user have the right to perform the data manipulation sentence have permission node and user haves no right to perform the nothing of the data manipulation sentence
Permission node.
It should be understood that if management node performs step 620, management node can determine with data in act 630
Have permission node.
For lack of competence node, management node can determine that its implementing result is empty result set.
For having permission node, management node also needs to perform step 640.
For example, it is assumed that distributed data base includes 1~node of node 5, it is assumed that user A is authorized to node 1, node 2 and section
The access rights of select types in point 3.Then to have permission node, node 4 and node 5 are for node 1, node 2 and node 3 at this time
Lack of competence node.
At this point, management node can directly determine that the implementing result of node 4 and node 5 is empty result set.
640, management node is to having permission the corresponding data operation request of node transmission data action statement.
It should be understood that if management node is to have permission node, only need to perform data operation request and feedback result.
It should be understood that for the data manipulation sentence of select types, delete types and update types, management node needs
Data there are the table that will be other than management node have permission node transmission data operation requests, and each node that has permission is held
Capable data operation request generally can be identical.
Specifically, such as:
If management node (node 1) screening egress 1, node 3 and node 5 are the node there are table1 data, and
Determine that node 1, node 2 and node 3 to have permission node, determine that node 4 and node 5 are lack of competence node, then management node
Need the implementing result of node 1 and node 3;In addition, since node 1 is management node, management node is needed to node 3
Transmission data operation requests.
If management node is not filtered out, there are the nodes of table1 data, and only node 1, node 2 and node 3 is have
Permission node determines that node 4 and node 5 are lack of competence node, then management node needs node 1, node 2 and node 3 to perform knot
Fruit, management node are needed to 3 transmission data operation requests of node 2 and node.
It should be understood that for the data manipulation sentence of insert types, then need, according to predefined rule, to be grasped according to data
Make sentence and generate the corresponding data operation request of each node.
For example, it is assumed that the data to be inserted into are ID card information, wherein, each province is inserted into respectively corresponding to each province
Node.Assuming that the data to be inserted into include the information of Beijing (11), Anhui (35) and Fujian (35), then generation is needed for inserting
Enter the data operation request 1 of Beijing data, for the data operation request 2 of being inserted into Anhui data and for being inserted into Fujian data
Data operation request 3, wherein, data operation request 1, data operation request 2 and data operation request 3 are all inserted into for data please
It asks, is sent respectively to the corresponding node in Beijing, the corresponding node of the corresponding node in Anhui and Fujian.
650, it has permission node and performs data operation request.
660, have permission node feeding back implementing result.
The specific implementation of step 650 and step 660 can refer to the prior art, repeat no more.
Fig. 7 is the interaction diagrams of one embodiment Access and control strategy of database method of the application.Implementation shown in Fig. 7
In example, management node is the host node of distributed data base, and it is the node that user has permission to have permission node, and lack of competence node is
User the node not having permission to access.In the embodiment of the present application, the data manipulation sentence of user performs in management node, uses
The access rights of data manipulation type each in each node are stored in each node at family respectively.The side of the embodiment of the present application
Method is suitable for the data manipulation sentence of select types, delete types, Insert types and update types.It should be understood that pipe
It can have permission node or lack of competence node to manage node, and this is not restricted for the embodiment of the present application.
The idiographic flow of Fig. 7 is as follows:
710, management node receives the data manipulation sentence of user.
It should be understood that when management node receives the data manipulation sentence of user, it can be by data manipulation statement translation into corresponding
Data operation request.
720, management node analyzes the data distribution situation of the data manipulation sentence table to be operated, and determines that there are the tables
Data at least one node.
The specific implementation of step 710 and step 720 can refer to the step 710 and step 720 of Fig. 7, repeat no more.
730, the corresponding data operation request of management node transmission data action statement.
Management node is needed to there are the corresponding data operation request of node transmission data action statement of the data of the table,
It implements the step 640 that can refer to embodiment illustrated in fig. 6.
It should be understood, of course, that at this point, management node can determine that the implementing result of the node of the data there is no the table is tied to be empty
Fruit collects.
740, the node of distributed data base determines the access rights of user.
Each node of distributed data base determines whether user has the right to perform the data manipulation according to data operation request
Corresponding data manipulation type is asked, so as to can determine that the node has permission node or lack of competence node.
For lack of competence node, step 750 is performed;For having permission node, step 760 and step 770 are performed.
750, lack of competence node feeding back sky result set.
When the node for receiving the data operation request determines that user haves no right to access the corresponding data of the data operation request
During action type, i.e., when the node is lack of competence node, which need not perform the data operation request, directly to management node
Feedback air result set.
760, it has permission node and performs data operation request.
770, have permission node feeding back implementing result.
When the node for receiving the data operation request determines the corresponding data of user's Internet access data operation request
During action type, i.e., the node can perform data operation request and execution result back when having permission node, to have permission node,
Specific implementation can refer to the prior art, repeat no more.
Fig. 8 is the method flow diagram of another embodiment Access and control strategy of database of the application.The method of Fig. 8 is by non-management
Node performs.The node of distributed data base belonging to the non-management node of the embodiment of the present application includes management node and at least
One non-management node, management node are the node for coordinating and managing the distributed data base, and non-management node is saved for management
Node other than point.In specific application, management node is generally the host node of distributed data base, and non-management node is divides
The slave node of cloth database.The method of Fig. 8 includes:
S810, non-management node receive the data operation request that management node is sent according to the data manipulation sentence of user.
S820, non-management node determine that the user performs the access rights of the data operation request in non-management node.
S830, when non-management node determines that the user has the access right that the data operation request is performed in non-management node
In limited time, non-management node performs the data operation request, and the implementing result of the data operation request is returned to management node;Or
Person, when non-management node determines that the user does not have when non-management node performs the access rights of the data operation request, to
Management node returns to empty result set.
Wherein, non-management node stores the letter of the user of the distributed data base to the access rights of non-management node
Breath.
In the embodiment of the present application, non-management node according to the data operation request and user of management node in non-pipe
The permission of node is managed, data operation request is performed when having permission and returns to implementing result, is directly returned when not having permission
Receipt row is as a result, so as to avoid user from performing data operation request in the node for not having access rights, to a certain degree
On reduce influencing each other between the data access of different user.
In addition, the method for the embodiment of the present application, additionally it is possible to improve the execution efficiency for performing data manipulation sentence.
Optionally, the user of the distributed data base information of the access rights of the non-management node is included it is following at least
It is a kind of:
The role of the user of the distributed data base is to the non-management node middle finger fixed number according to the access rights of action type;
The user of the distributed data base is to the non-management node middle finger fixed number according to the access rights of action type.
The specific implementation of embodiment illustrated in fig. 8 can refer to embodiment illustrated in fig. 7 right of possession limit node, lack of competence node performs
Method, details are not described herein for the embodiment of the present application.
Fig. 9 shows the schematic configuration diagram of the electronic equipment of the exemplary embodiment according to the application.Please refer to Fig. 9,
In hardware view, which includes processor, internal bus, network interface, memory and nonvolatile memory, certainly
It is also possible that the required hardware of other business.Processor read from nonvolatile memory corresponding computer program to
It in memory and then runs, the device of user interface unlock is formed on logic level.Certainly, other than software realization mode,
Other realization methods, such as mode of logical device or software and hardware combining etc. is not precluded in the application, that is to say, that following
The executive agent of process flow is not limited to each logic unit or hardware or logical device.
Figure 10 is the structure diagram of the Access and control strategy of database device 1000 of the embodiment of the present application.0 is please referred to Fig.1,
In a kind of Software Implementation, Access and control strategy of database device 1000 is applied to the management node of distributed data base, database
Access control apparatus 1000 may include receiving unit 1010 and execution unit 1020, wherein,
The receiving unit 1010 receives the data manipulation sentence of user;
The execution unit 1020 having permission in the node of the distributed data base performs the data manipulation language on node
The corresponding data operation request of sentence, wherein, it has permission the user in the node that node is the distributed data base and has the data
The node of the access rights of the corresponding data manipulation type of action statement.
In the embodiment of the present application, has the data manipulation sentence pair in user by the data manipulation sentence according to user
The access rights of data manipulation type answered are had permission on node, and performing the corresponding data manipulation of data manipulation sentence please
It asks, so as to which user is avoided to perform data operation request in the node for not having access rights, reduces to a certain extent
Influencing each other between the data access of different user in distributed data base.
Optionally, the table operated as one embodiment, execution unit 1020 with specific reference to data manipulation sentence needs
Data distribution situation in the distributed data base is determined in the node of the distributed data base there are the data of the table extremely
A few node, and having permission at least one node performs the corresponding data manipulation of data manipulation sentence on node
Request.
As shown in Figure 10, Access and control strategy of database device 1000 may also include transmitting element 1020.
Optionally, as one embodiment, the execution unit 1020 is according to the data manipulation type of the data manipulation sentence
With access rights of the user in the node of the distributed data base, this for determining in the node of the distributed data base is had the right
Node is limited, wherein, which stores the access of the user of the distributed data base to the node of the distributed data base
The information of permission;The execution unit 1020 has permission node by this of the transmitting element 1030 other than the management node and sends
The corresponding data operation request of data manipulation sentence performs the data operation request so that this to be asked to have permission node;The execution
Unit 1020 also receives this by the receiving unit 1010 and has permission node and perform the execution knot fed back after the data operation request
Fruit.
Optionally, as another embodiment, the execution unit 1020 is by the transmitting element 1030 to the distribution number
The data operation request is sent according to the node in library, having permission that node performs with this for asking in the node of the distributed data base should
Data operation request;The execution unit 1020 also receives this by the receiving unit 1010 and has permission node and perform the data manipulation
The implementing result fed back after request, wherein, each node in the node of the distributed data base stores the distributed data
The user in library is to the information of the access rights of the node.
It should be understood that in the embodiment of the present application, the access rights of the node may include following at least one:
The role of the user of the distributed data base is to the node middle finger fixed number of the distributed data base according to action type
Access rights;
The user of the distributed data base is to the node middle finger fixed number of the distributed data base according to the access right of action type
Limit.
Optionally, as one embodiment, which also determines the data manipulation sentence in the distribution number
Implementing result according to the lack of competence node in the node in library is empty result set, wherein, which is the distributed data
The user does not have the node of the access rights of the corresponding data manipulation type of the data manipulation sentence in the node in library.
Further, in a kind of realization method of the present embodiment, which determines the data manipulation sentence
The implementing result of lack of competence node in the node of the distributed data base is that empty result set includes:The execution unit 1020
According to the data manipulation type of the data manipulation sentence and access rights of the user in the node of the distributed data base, determine
The lack of competence node in the node of the distributed data base, and determine execution of the data manipulation sentence in the lack of competence node
As a result it is empty result set, wherein, which stores section of the user to the distributed data base of the distributed data base
The information of the access rights of point.
Alternatively, further, in another realization method of the present embodiment, the execution unit 1020 is by the distribution
The node of formula database sends the corresponding data operation request of data manipulation sentence, and passes through the receiving unit 1010 reception and be somebody's turn to do
The empty result set that lack of competence node is not carried out the data operation request and directly feeds back, wherein, the node of the distributed data base
In each node store the information of the user of the distributed data base to the access rights of the node;The execution unit 1020
According to the empty result set of the lack of competence node feeding back, determine that the data manipulation sentence in the implementing result of the lack of competence node is sky
Result set.
Access and control strategy of database device 1000 can also carry out the method for Fig. 1-embodiment illustrated in fig. 4, and realize management node
In the function of Fig. 1-embodiment illustrated in fig. 7, details are not described herein for the embodiment of the present application.
Figure 11 is the structure diagram of the Access and control strategy of database device 1100 of the embodiment of the present application.1 is please referred to Fig.1,
In a kind of Software Implementation, Access and control strategy of database device 1100 is applied to the non-management node of distributed data base, data
Library access control apparatus 1100 may include receiving unit 1010 and execution unit 1020.It should be understood that in the embodiment of the present application, point
The node of cloth database includes management node and at least one non-management node, and management node is for coordinating and managing this point
The node of cloth database, non-management node are the node other than management node.Wherein,
The management node that the receiving unit 1110 is received in the distributed data base is sent out according to the data manipulation sentence of user
The data operation request sent;
The determination unit 1120 determines that the user performs the access rights of the data operation request in the non-management node;
When the determination unit 1120 determines that the user has the access that the data operation request is performed in the non-management node
During permission, which performs the data operation request, and passes through the transmitting element 1140 and returned to the management node
The implementing result of the data operation request;Alternatively,
When the determination unit 1120 determines that the user does not have the visit that the data operation request is performed in the non-management node
When asking permission, which returns to empty result set by the transmitting element 1140 to the management node;
Wherein, which stores the user of the distributed data base to the access rights of the non-management node
Information.
In the embodiment of the present application, non-management node according to the data operation request and user of management node in non-pipe
The permission of node is managed, data operation request is performed when having permission and returns to implementing result, is directly returned when not having permission
Receipt row is as a result, so as to avoid user from performing data operation request in the node for not having access rights, to a certain degree
On reduce influencing each other between the data access of different user.
Access and control strategy of database device 1100 can also carry out the method for Fig. 8, and realize the implementation shown in Fig. 8 of non-management node
Example and have permission node, lack of competence node embodiment shown in Fig. 7 function, details are not described herein for the embodiment of the present application.
Optionally, the user of the distributed data base includes following at least one to the information of the access rights of non-management node
Kind:
The role of the user of the distributed data base is to non-management node middle finger fixed number according to the access rights of action type;
The user of the distributed data base is to non-management node middle finger fixed number according to the access rights of action type.
The embodiment of the present application also discloses a kind of management node of distributed data base, the number including embodiment illustrated in fig. 10
According to library access control apparatus 1000.The embodiment of the present application also discloses a kind of non-management node of distributed data base, including figure
The Access and control strategy of database device 1100 of 11 illustrated embodiments.The embodiment of the present application also discloses a kind of distributed data base system
System, including above-mentioned management node and non-management node.
In the 1990s, the improvement of a technology can be distinguished clearly be on hardware improvement (for example,
Improvement to circuit structures such as diode, transistor, switches) or software on improvement (improvement for method flow).So
And with the development of technology, the improvement of current many method flows can be considered as directly improving for hardware circuit.
Designer nearly all obtains corresponding hardware circuit by the way that improved method flow is programmed into hardware circuit.Cause
This, it cannot be said that the improvement of a method flow cannot be realized with hardware entities module.For example, programmable logic device
(Programmable Logic Device, PLD) (such as field programmable gate array (Field Programmable Gate
Array, FPGA)) it is exactly such a integrated circuit, logic function determines device programming by user.By designer
Voluntarily programming a digital display circuit " integrated " on a piece of PLD, designs and make without asking chip maker
Dedicated IC chip.Moreover, nowadays, substitution manually makes IC chip, this programming is also used instead mostly " patrols
Volume compiler (logic compiler) " software realizes that software compiler used is similar when it writes with program development,
And the source code before compiling also write by handy specific programming language, this is referred to as hardware description language
(Hardware Description Language, HDL), and HDL is also not only a kind of, but there are many kind, such as ABEL
(Advanced Boolean Expression Language)、AHDL(Altera Hardware Description
Language)、Confluence、CUPL(Cornell University Programming Language)、HDCal、JHDL
(Java Hardware Description Language)、Lava、Lola、MyHDL、PALASM、RHDL(Ruby
Hardware Description Language) etc., VHDL (Very-High-Speed are most generally used at present
Integrated Circuit Hardware Description Language) and Verilog.Those skilled in the art also should
This understands, it is only necessary to method flow slightly programming in logic and is programmed into integrated circuit with above-mentioned several hardware description languages,
The hardware circuit for realizing the logical method flow can be readily available.
Controller can be implemented in any suitable manner, for example, controller can take such as microprocessor or processing
The computer of computer readable program code (such as software or firmware) that device and storage can be performed by (micro-) processor can
Read medium, logic gate, switch, application-specific integrated circuit (Application Specific Integrated Circuit,
ASIC), the form of programmable logic controller (PLC) and embedded microcontroller, the example of controller include but not limited to following microcontroller
Device:ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicone Labs C8051F320, are deposited
Memory controller is also implemented as a part for the control logic of memory.It is also known in the art that in addition to
Pure computer readable program code mode is realized other than controller, can be made completely by the way that method and step is carried out programming in logic
Controller is obtained in the form of logic gate, switch, application-specific integrated circuit, programmable logic controller (PLC) and embedded microcontroller etc. to come in fact
Existing identical function.Therefore this controller is considered a kind of hardware component, and various to being used to implement for including in it
The device of function can also be considered as the structure in hardware component.Or even, the device for being used to implement various functions can be regarded
For either the software module of implementation method can be the structure in hardware component again.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by having the function of certain product.A kind of typical realization equipment is computer.Specifically, computer for example may be used
Think personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
It is any in device, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device or these equipment
The combination of equipment.
For convenience of description, it is divided into various units during description apparatus above with function to describe respectively.Certainly, implementing this
The function of each unit is realized can in the same or multiple software and or hardware during application.
It should be understood by those skilled in the art that, embodiments herein can be provided as method, system or computer program
Product.Therefore, the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware can be used in the application
Apply the form of example.Moreover, the computer for wherein including computer usable program code in one or more can be used in the application
The computer program production that usable storage medium is implemented on (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.
The application is with reference to the flow according to the method for the embodiment of the present application, equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that it can be realized by computer program instructions every first-class in flowchart and/or the block diagram
The combination of flow and/or box in journey and/or box and flowchart and/or the block diagram.These computer programs can be provided
The processor of all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that the instruction performed by computer or the processor of other programmable data processing devices is generated for real
The device of function specified in present one flow of flow chart or one box of multiple flows and/or block diagram or multiple boxes.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that the instruction generation being stored in the computer-readable memory includes referring to
Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or
The function of being specified in multiple boxes.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted
Series of operation steps are performed on calculation machine or other programmable devices to generate computer implemented processing, so as in computer or
The instruction offer performed on other programmable devices is used to implement in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in a box or multiple boxes.
In a typical configuration, computing device includes one or more processors (CPU), input/output interface, net
Network interface and memory.
Memory may include computer-readable medium in volatile memory, random access memory (RAM) and/or
The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium
Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer-readable instruction, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase transition internal memory (PRAM), static RAM (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), fast flash memory bank or other memory techniques, CD-ROM read-only memory (CD-ROM),
Digital versatile disc (DVD) or other optical storages, magnetic tape cassette, the storage of tape magnetic rigid disk or other magnetic storage apparatus
Or any other non-transmission medium, available for storing the information that can be accessed by a computing device.It defines, calculates according to herein
Machine readable medium does not include temporary computer readable media (transitory media), such as data-signal and carrier wave of modulation.
It should also be noted that, term " comprising ", "comprising" or its any other variant are intended to nonexcludability
Comprising so that process, method, commodity or equipment including a series of elements are not only including those elements, but also wrap
Include other elements that are not explicitly listed or further include for this process, method, commodity or equipment it is intrinsic will
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that wanted including described
Also there are other identical elements in the process of element, method, commodity or equipment.
It will be understood by those skilled in the art that embodiments herein can be provided as method, system or computer program product.
Therefore, complete hardware embodiment, complete software embodiment or the embodiment in terms of combining software and hardware can be used in the application
Form.It is deposited moreover, the application can be used to can be used in one or more computers for wherein including computer usable program code
The shape of computer program product that storage media is implemented on (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
Formula.
The application can be described in the general context of computer executable instructions, such as program
Module.Usually, program module includes routines performing specific tasks or implementing specific abstract data types, program, object, group
Part, data structure etc..The application can also be put into practice in a distributed computing environment, in these distributed computing environment, by
Task is performed and connected remote processing devices by communication network.In a distributed computing environment, program module can be with
In the local and remote computer storage media including storage device.
Each embodiment in this specification is described by the way of progressive, identical similar portion between each embodiment
Point just to refer each other, and the highlights of each of the examples are difference from other examples.Especially for system reality
For applying example, since it is substantially similar to embodiment of the method, so description is fairly simple, related part is referring to embodiment of the method
Part explanation.
The foregoing is merely embodiments herein, are not limited to the application.For those skilled in the art
For, the application can have various modifications and variations.All any modifications made within spirit herein and principle are equal
Replace, improve etc., it should be included within the scope of claims hereof.