CN112100641A - Multi-dimensional authorization method, system, equipment and storage medium - Google Patents
Multi-dimensional authorization method, system, equipment and storage medium Download PDFInfo
- Publication number
- CN112100641A CN112100641A CN202011235450.0A CN202011235450A CN112100641A CN 112100641 A CN112100641 A CN 112100641A CN 202011235450 A CN202011235450 A CN 202011235450A CN 112100641 A CN112100641 A CN 112100641A
- Authority
- CN
- China
- Prior art keywords
- authorization
- authority
- service
- management end
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of Web authority management, in particular to a multidimensional authorization method, a multidimensional authorization system, multidimensional authorization equipment and a multidimensional authorization storage medium, wherein the multidimensional authorization method comprises the steps of acquiring a service authority report request of a member end; determining the required service function authority, service data authority and service authorization authority according to the service authority reporting request; sending a first authorization application to a function authority management end according to the required service function authority, sending a second authorization application to a data authority management end according to the required service data authority, and sending a third authorization application to the authorization authority management end according to the required service authorization authority; and respectively authorizing the member end with corresponding service function authority and/or service data authority and/or service authorization authority according to the authorization results of the function authority management end, the data authority management end and the authorization authority management end. The invention can realize the discrete management of the authority and the diversification of the authorization role so as to adapt to the requirement of a service scene on the diversified authority management.
Description
Technical Field
The invention relates to the technical field of Web authority management, in particular to a multidimensional authorization method, a multidimensional authorization system, multidimensional authorization equipment and a storage medium.
Background
Web is a distributed graphic information system which is based on hypertext and HTTP, global, dynamic interactive and cross-platform, is a network service established on the Internet, provides a graphical and easily accessible visual interface for a browser to search and browse information on the Internet, and documents and hyperlinks organize information nodes on the Internet into a mutually-associated mesh structure. Web application management includes Web rights management.
The traditional Web authority control has some obvious defects in the authorization dimension link: firstly, the authorized role is single, and the administrator role with the authority is uniformly managed; secondly, the authorization mode is single, the configuration is carried out on an ACL list of the management page, and the account under the corresponding configured role has the configured authority; thirdly, the authority range is single, and the authority is a permanent authority once authorized until the administrator withdraws the corresponding role authority; fourthly, the data dimension is single, and data authority control is only carried out aiming at CRUD (newly added, inquired, changed and deleted) of the business function; and fifthly, the authorization system cannot be independent, and the authorization system cannot exist independently on the premise of account authentication.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides a multidimensional authorization method, a multidimensional authorization system, multidimensional authorization equipment and a storage medium, and when the multidimensional authorization method is applied, the discrete management of the authority and the diversification of authorization roles are realized so as to meet the requirement of a service scene on the diversified authority management.
In a first aspect, the present invention provides a multidimensional authorization method, including:
acquiring a service authority reporting request of a member terminal;
determining the required service function authority, service data authority and service authorization authority according to the service authority reporting request;
sending a first authorization application to a function authority management end according to the required service function authority, receiving an authorization result, sending a second authorization application to a data authority management end according to the required service data authority, receiving the authorization result, sending a third authorization application to the authorization authority management end according to the required service authorization authority, and receiving the authorization result;
and respectively authorizing the member end with corresponding service function authority and/or service data authority and/or service authorization authority according to the authorization results of the function authority management end, the data authority management end and the authorization authority management end.
Based on the invention content, through the multidimensional authorization element division of the service function authority, the service data authority and the service authorization authority, the multidimensional authorization and the independent management of the authority are realized, and through the independent authorization of the respective dimensions of the function authority management end, the data authority management end and the authorization authority management end, the independent management of the authority and the diversification of authorization roles are realized, so that the requirement of a service scene on the diversified authority management is met.
In one possible design, the method further includes:
obtaining authorization flow information to construct an authorization rule control chain, wherein the authorization rule control chain comprises an authorization flow chain and authorization nodes;
and according to the authorization rule control chain, carrying out authorization application according to the authorization flow chain, sending a first authorization application to the function authority management end at a corresponding authorization node, sending a second authorization application to the data authority management end, and sending a third authorization application to the authorization authority management end.
Based on the content of the invention, the authorization rules and the process management and control of the authorization rule control chain are used for realizing the ordered and standardized operation of the authorization process, and the human process intervention is refused until the authorization is finished.
In one possible design, the authorization result includes an authorization manner, and the authorization manner includes any combination of time authorization, time interval authorization, designated region authorization, and designated device authorization.
Based on the content of the invention, the multidimensional authorization process can limit authorization modes, such as specifying corresponding use times, time-efficient intervals, designated regions, designated equipment and the like of authorization authorities, and gets rid of the configuration of an ACL list of a management page after traditional account authentication, and the account under the corresponding configured role is a single authorization mode with configured authorities, so that authorization is more flexible.
In one possible design, the method further includes: and under the condition that the authorization mode is not limited, the authorization of the corresponding service function authority and/or service data authority and/or service authorization authority of the member end is recovered.
Based on the invention content, the granted corresponding authority can be recovered outside the authorization mode limiting condition, and the safety standard of authority management is ensured.
In one possible design, the service permission reporting request includes organization architecture information, required service function range information, and required service data range information of a member, and determining the required service function permission, the service data permission, and the service authorization permission according to the service permission reporting request includes: and determining the required service function authority according to the required service function range information, determining the required service data authority according to the required service function range information, and determining the required service authorization authority according to the organization architecture information of the members.
In one possible design, the method further includes: and constructing a three-dimensional model database to store the organization structure information, the required service function range information and the required service data range information of the members in three-dimensional data.
Based on the invention content, the three-dimensional model database strengthens the expansion capability of two-dimensional data in a three-dimensional data storage mode, can access corresponding information in a general mode, can support information expansion of more dimensions, and meets multi-dimensional data control.
In one possible design, after authorizing the corresponding service function right and/or service data right and/or service authorization right to the member terminal, the method further includes:
recording an authorization result;
and performing authorization risk assessment according to an authorization result.
Based on the content of the invention, corresponding record storage can be carried out on the authorization result, and then corresponding authorization result tracing is carried out to complete authorization risk assessment, so that authorization risk control is facilitated.
In a second aspect, the present invention provides a multi-dimensional authorization system, comprising:
the acquisition unit is used for acquiring a service authority reporting request of a member terminal;
the determining unit is used for determining the required service function authority, the service data authority and the service authorization authority according to the service authority reporting request;
the application unit is used for sending a first authorization application to the function authority management terminal according to the required service function authority, receiving an authorization result, sending a second authorization application to the data authority management terminal according to the required service data authority, receiving the authorization result, sending a third authorization application to the authorization authority management terminal according to the required service authorization authority, and receiving the authorization result;
and the authorization unit is used for respectively authorizing the member end according to the authorization results of the functional authority management end, the data authority management end and the authorization authority management end, and performing corresponding service functional authority and/or service data authority and/or service authorization authority.
In one possible design, the system further includes a first construction unit, where the first construction unit is configured to obtain authorization flow information to construct an authorization rule control chain, where the authorization rule control chain includes an authorization flow chain and an authorization node; the application unit carries out authorization application according to the authorization rule control chain and the authorization flow chain, sends a first authorization application to the function authority management end at the corresponding authorization node, sends a second authorization application to the data authority management end, and sends a third authorization application to the authorization authority management end.
In a third aspect, the present invention provides a computer apparatus comprising:
a memory to store instructions;
a processor configured to read the instructions stored in the memory and execute the method of any of the first aspects according to the instructions.
In a fourth aspect, the present invention provides a computer-readable storage medium having stored thereon instructions which, when run on a computer, cause the computer to perform the method of any of the first aspects described above.
In a fifth aspect, the present invention provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of any of the first aspects above.
The invention has the beneficial effects that:
the invention realizes multi-dimensional grant and independent management of the authority through multi-dimensional authorization element division of the service function authority, the service data authority and the service authorization authority, and realizes independent management of the authority and diversification of authorization roles through independent authorization of respective dimensions of the function authority management terminal, the data authority management terminal and the authorization authority management terminal so as to adapt to the requirement of a service scene on diversified authority management.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic flow diagram of the process of the present invention;
FIG. 2 is a schematic diagram of the system of the present invention;
FIG. 3 is a schematic diagram of a computer device according to the present invention.
Detailed Description
The invention is further described with reference to the following figures and specific embodiments. It should be noted that the description of the embodiments is provided to help understanding of the present invention, but the present invention is not limited thereto. Specific structural and functional details disclosed herein are merely illustrative of example embodiments of the invention. This invention may, however, be embodied in many alternate forms and should not be construed as limited to the embodiments set forth herein.
It should be understood that the terms first, second, etc. are used merely for distinguishing between descriptions and are not intended to indicate or imply relative importance. Although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first element could be termed a second element, and, similarly, a second element could be termed a first element, without departing from the scope of example embodiments of the present invention.
It should be understood that the term "and/or" herein is merely one type of association relationship that describes an associated object, meaning that three relationships may exist, e.g., a and/or B may mean: a exists alone, B exists alone, and A and B exist at the same time, and the term "/and" is used herein to describe another association object relationship, which means that two relationships may exist, for example, A/and B, may mean: a alone, and both a and B alone, and further, the character "/" in this document generally means that the former and latter associated objects are in an "or" relationship.
It is to be understood that in the description of the present invention, the terms "upper", "vertical", "inside", "outside", and the like, refer to an orientation or positional relationship that is conventionally used for placing the product of the present invention, or that is conventionally understood by those skilled in the art, and are used merely for convenience in describing and simplifying the description, and do not indicate or imply that the device or element referred to must have a particular orientation, be constructed in a particular orientation, and be operated, and therefore should not be considered as limiting the present invention.
It will be understood that when an element is referred to as being "connected," "connected," or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may be present. In contrast, when an element is referred to as being "directly adjacent" or "directly coupled" to another element, there are no intervening elements present. Other words used to describe the relationship between elements should be interpreted in a similar manner (e.g., "between … …" versus "directly between … …", "adjacent" versus "directly adjacent", etc.).
In the description of the present invention, it should also be noted that, unless otherwise explicitly specified or limited, the terms "disposed," "mounted," and "connected" are to be construed broadly, e.g., as meaning fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments of the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises," "comprising," "includes," and/or "including," when used herein, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, numbers, steps, operations, elements, components, and/or groups thereof.
It should also be noted that, in some alternative implementations, the functions/acts noted may occur out of the order noted in the figures. For example, two figures shown in succession may, in fact, be executed substantially concurrently, or the figures may sometimes be executed in the reverse order, depending upon the functionality/acts involved.
In the following description, specific details are provided to facilitate a thorough understanding of example embodiments. However, it will be understood by those of ordinary skill in the art that the example embodiments may be practiced without these specific details. For example, systems may be shown in block diagrams in order not to obscure the examples in unnecessary detail. In other instances, well-known processes, structures and techniques may be shown without unnecessary detail in order to avoid obscuring example embodiments.
Example 1:
the present embodiment provides a multidimensional authorization method, as shown in fig. 1, including the following steps:
s101, acquiring a service authority reporting request of a member terminal.
The service authority reporting request comprises organization architecture information, required service function range information and required service data range information of the members. And a three-dimensional model database can be constructed to store the organization architecture information, the required service function range information and the required service data range information of the members in three-dimensional data.
And S102, determining the required service function authority, the service data authority and the service authorization authority according to the service authority reporting request.
When the method is implemented specifically, the required service function authority is determined according to the required service function range information, the required service data authority is determined according to the required service function range information, and the required service authorization authority is determined according to the organization structure information of the members.
S103, sending a first authorization application to a function authority management end according to the required service function authority, receiving an authorization result, sending a second authorization application to a data authority management end according to the required service data authority, receiving the authorization result, sending a third authorization application to the authorization authority management end according to the required service authorization authority, and receiving the authorization result.
During specific implementation, firstly acquiring authorization flow information to construct an authorization rule control chain, wherein the authorization rule control chain comprises an authorization flow chain and authorization nodes; and then, according to the authorization rule control chain, carrying out authorization application according to the authorization flow chain, sending a first authorization application to the function authority management end at a corresponding authorization node, sending a second authorization application to the data authority management end, and sending a third authorization application to the authorization authority management end.
The authorization result comprises an authorization mode, and the authorization mode comprises any combination of times authorization, time-efficiency interval authorization, designated region authorization and designated equipment authorization. And subsequently, under the condition that the authorization mode is not limited, the authorization of the corresponding service function authority and/or service data authority and/or service authorization authority of the member end can be recovered.
And S104, authorizing the corresponding service function authority and/or service data authority and/or service authorization authority to the member end respectively according to the authorization results of the function authority management end, the data authority management end and the authorization authority management end.
After the member terminal is authorized by the corresponding service function authority and/or service data authority and/or service authorization authority, the authorization result can be recorded, and authorization risk evaluation can be performed according to the authorization result.
Example 2:
the present embodiment provides a multidimensional authorization system, as shown in fig. 2, including:
the acquisition unit is used for acquiring a service authority reporting request of a member terminal;
the determining unit is used for determining the required service function authority, the service data authority and the service authorization authority according to the service authority reporting request;
the application unit is used for sending a first authorization application to the function authority management terminal according to the required service function authority, receiving an authorization result, sending a second authorization application to the data authority management terminal according to the required service data authority, receiving the authorization result, sending a third authorization application to the authorization authority management terminal according to the required service authorization authority, and receiving the authorization result;
and the authorization unit is used for respectively authorizing the member end according to the authorization results of the functional authority management end, the data authority management end and the authorization authority management end, and performing corresponding service functional authority and/or service data authority and/or service authorization authority.
In one possible design, the system further includes a first construction unit, where the first construction unit is configured to obtain authorization flow information to construct an authorization rule control chain, where the authorization rule control chain includes an authorization flow chain and an authorization node; the application unit carries out authorization application according to the authorization rule control chain and the authorization flow chain, sends a first authorization application to the function authority management end at the corresponding authorization node, sends a second authorization application to the data authority management end, and sends a third authorization application to the authorization authority management end.
In one possible design, the authorization result includes an authorization manner, and the authorization manner includes any combination of time authorization, time interval authorization, designated region authorization, and designated device authorization. The authorization unit is also used for recovering the authorization of the corresponding service function authority and/or service data authority and/or service authorization authority of the member end under the condition outside the authorization mode limiting condition.
In one possible design, the system further includes a second construction unit, where the second construction unit is configured to construct a three-dimensional model database to perform three-dimensional data storage on the organization architecture information, the required service function range information, and the required service data range information of the member.
In one possible design, the system further includes:
the recording unit is used for recording the authorization result;
and the evaluation unit is used for carrying out authorization risk evaluation according to the authorization result.
Example 3:
the present embodiment provides a computer device, as shown in fig. 3, including:
a memory to store instructions;
and the processor is used for reading the instruction stored in the memory and executing the multidimensional authorization method in the embodiment 1 according to the instruction.
The Memory may include, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Flash Memory (Flash Memory), a First In First Out (FIFO), a First In Last Out (FILO), and/or the like; the processor may include, but is not limited to, a single chip, an ARM processor, and the like.
Example 4:
the present embodiment provides a computer-readable storage medium having stored thereon instructions that, when executed on a computer, cause the computer to perform the multi-dimensional authorization method described in embodiment 1. The computer-readable storage medium refers to a carrier for storing data, and may include, but is not limited to, floppy disks, optical disks, hard disks, flash memories, flash disks and/or Memory sticks (Memory sticks), etc., and the computer may be a general-purpose computer, a special-purpose computer, a computer network, or other programmable devices.
Example 5:
the present embodiment provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the multi-dimensional authorization method described in embodiment 1. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable devices.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the embodiments of the method may be implemented by hardware related to program instructions, the program may be stored in a computer-readable storage medium, and when executed, the program performs the steps including the embodiments of the method, and the storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus, devices and computer program products of embodiments. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The present invention is not limited to the above-described alternative embodiments, and various other forms of products can be obtained by anyone in light of the present invention. The above detailed description should not be taken as limiting the scope of the invention, which is defined in the claims, and which the description is intended to be interpreted accordingly.
Claims (10)
1. A multi-dimensional authorization method, comprising:
acquiring a service authority reporting request of a member terminal;
determining the required service function authority, service data authority and service authorization authority according to the service authority reporting request;
sending a first authorization application to a function authority management end according to the required service function authority, receiving an authorization result, sending a second authorization application to a data authority management end according to the required service data authority, receiving the authorization result, sending a third authorization application to the authorization authority management end according to the required service authorization authority, and receiving the authorization result;
and respectively authorizing the member end with corresponding service function authority and/or service data authority and/or service authorization authority according to the authorization results of the function authority management end, the data authority management end and the authorization authority management end.
2. A multi-dimensional authorization method according to claim 1, characterized in that the method further comprises:
obtaining authorization flow information to construct an authorization rule control chain, wherein the authorization rule control chain comprises an authorization flow chain and authorization nodes;
and according to the authorization rule control chain, carrying out authorization application according to the authorization flow chain, sending a first authorization application to the function authority management end at a corresponding authorization node, sending a second authorization application to the data authority management end, and sending a third authorization application to the authorization authority management end.
3. The multidimensional authorization method according to claim 1, wherein the authorization result includes an authorization manner, and the authorization manner includes any combination of a number authorization, an aging interval authorization, a designated region authorization, and a designated device authorization.
4. A multi-dimensional authorization method according to claim 3, characterized in that the method further comprises: and under the condition that the authorization mode is not limited, the authorization of the corresponding service function authority and/or service data authority and/or service authorization authority of the member end is recovered.
5. The multidimensional authorization method according to claim 1, wherein the service permission report request includes organization structure information, required service function range information, and required service data range information of the member, and the determining of the required service function permission, the service data permission, and the service authorization permission according to the service permission report request includes: and determining the required service function authority according to the required service function range information, determining the required service data authority according to the required service function range information, and determining the required service authorization authority according to the organization architecture information of the members.
6. A multi-dimensional authorization method according to claim 5, characterized in that the method further comprises: and constructing a three-dimensional model database to store the organization structure information, the required service function range information and the required service data range information of the members in three-dimensional data.
7. The multidimensional authorization method according to claim 1, after authorizing the corresponding service function authority and/or service data authority and/or service authorization authority to the member terminal, the method further comprises:
recording an authorization result;
and performing authorization risk assessment according to an authorization result.
8. A multi-dimensional authorization system, comprising:
the acquisition unit is used for acquiring a service authority reporting request of a member terminal;
the determining unit is used for determining the required service function authority, the service data authority and the service authorization authority according to the service authority reporting request;
the application unit is used for sending a first authorization application to the function authority management terminal according to the required service function authority, receiving an authorization result, sending a second authorization application to the data authority management terminal according to the required service data authority, receiving the authorization result, sending a third authorization application to the authorization authority management terminal according to the required service authorization authority, and receiving the authorization result;
and the authorization unit is used for respectively authorizing the member end according to the authorization results of the functional authority management end, the data authority management end and the authorization authority management end, and performing corresponding service functional authority and/or service data authority and/or service authorization authority.
9. A computer device, comprising:
a memory to store instructions;
a processor for reading the instructions stored in the memory and executing the method according to the instructions as claimed in any one of claims 1 to 6.
10. A computer-readable storage medium having stored thereon instructions which, when executed on a computer, cause the computer to perform the method of any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011235450.0A CN112100641A (en) | 2020-11-09 | 2020-11-09 | Multi-dimensional authorization method, system, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011235450.0A CN112100641A (en) | 2020-11-09 | 2020-11-09 | Multi-dimensional authorization method, system, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112100641A true CN112100641A (en) | 2020-12-18 |
Family
ID=73785004
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011235450.0A Pending CN112100641A (en) | 2020-11-09 | 2020-11-09 | Multi-dimensional authorization method, system, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112100641A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113918963A (en) * | 2021-09-10 | 2022-01-11 | 广州博依特智能信息科技有限公司 | Authority authorization processing method and system based on business requirements |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040053654A1 (en) * | 2000-07-25 | 2004-03-18 | Hitoshi Kokumai | Secret information record medium, secret information protection method, secret information protective storing method, and system for reporting emergency such as theft or confinement when secret information is accessed |
| CN101247400A (en) * | 2008-03-03 | 2008-08-20 | 华为技术有限公司 | License control method and controller |
| CN101572630A (en) * | 2009-05-22 | 2009-11-04 | 中兴通讯股份有限公司 | Privilege management system and method based on objects |
| CN102831352A (en) * | 2012-09-11 | 2012-12-19 | 南京天溯自动化控制***有限公司 | Equipment authorization use method and equipment for method |
| CN103699849A (en) * | 2013-12-23 | 2014-04-02 | 国云科技股份有限公司 | Data access authorization protection method |
| CN104112085A (en) * | 2013-04-19 | 2014-10-22 | 阿里巴巴集团控股有限公司 | Data permission control method and device for application system clusters |
| CN105426770A (en) * | 2015-11-13 | 2016-03-23 | 广东网金控股股份有限公司 | Method and device for configuring permission management mechanism of multidimensional data |
| CN107426137A (en) * | 2016-05-24 | 2017-12-01 | 华迪计算机集团有限公司 | Right management method and system |
| CN107633184A (en) * | 2017-10-19 | 2018-01-26 | 上海砾阳软件有限公司 | A kind of database and method and apparatus for being used to manage user right |
| CN107679422A (en) * | 2017-10-25 | 2018-02-09 | 厦门市美亚柏科信息股份有限公司 | Role-security management method, terminal device and storage medium based on various dimensions |
| CN109784016A (en) * | 2018-12-29 | 2019-05-21 | 北京奇安信科技有限公司 | A kind of right management method, system, electronic equipment and medium |
| CN109886013A (en) * | 2019-01-17 | 2019-06-14 | 平安城市建设科技(深圳)有限公司 | Enterprise's authority control method, equipment, storage medium and device |
| CN110210207A (en) * | 2019-05-30 | 2019-09-06 | 中国联合网络通信集团有限公司 | Authorization method and equipment |
| CN110955882A (en) * | 2018-09-26 | 2020-04-03 | 北京国双科技有限公司 | User permission setting method and device |
| CN111159729A (en) * | 2019-12-13 | 2020-05-15 | 中移(杭州)信息技术有限公司 | Authority control method, device and storage medium |
| CN111191251A (en) * | 2018-11-14 | 2020-05-22 | 中移(杭州)信息技术有限公司 | Data authority control method, device and storage medium |
-
2020
- 2020-11-09 CN CN202011235450.0A patent/CN112100641A/en active Pending
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040053654A1 (en) * | 2000-07-25 | 2004-03-18 | Hitoshi Kokumai | Secret information record medium, secret information protection method, secret information protective storing method, and system for reporting emergency such as theft or confinement when secret information is accessed |
| CN101247400A (en) * | 2008-03-03 | 2008-08-20 | 华为技术有限公司 | License control method and controller |
| CN101572630A (en) * | 2009-05-22 | 2009-11-04 | 中兴通讯股份有限公司 | Privilege management system and method based on objects |
| CN102831352A (en) * | 2012-09-11 | 2012-12-19 | 南京天溯自动化控制***有限公司 | Equipment authorization use method and equipment for method |
| CN104112085A (en) * | 2013-04-19 | 2014-10-22 | 阿里巴巴集团控股有限公司 | Data permission control method and device for application system clusters |
| CN103699849A (en) * | 2013-12-23 | 2014-04-02 | 国云科技股份有限公司 | Data access authorization protection method |
| CN105426770A (en) * | 2015-11-13 | 2016-03-23 | 广东网金控股股份有限公司 | Method and device for configuring permission management mechanism of multidimensional data |
| CN107426137A (en) * | 2016-05-24 | 2017-12-01 | 华迪计算机集团有限公司 | Right management method and system |
| CN107633184A (en) * | 2017-10-19 | 2018-01-26 | 上海砾阳软件有限公司 | A kind of database and method and apparatus for being used to manage user right |
| CN107679422A (en) * | 2017-10-25 | 2018-02-09 | 厦门市美亚柏科信息股份有限公司 | Role-security management method, terminal device and storage medium based on various dimensions |
| CN110955882A (en) * | 2018-09-26 | 2020-04-03 | 北京国双科技有限公司 | User permission setting method and device |
| CN111191251A (en) * | 2018-11-14 | 2020-05-22 | 中移(杭州)信息技术有限公司 | Data authority control method, device and storage medium |
| CN109784016A (en) * | 2018-12-29 | 2019-05-21 | 北京奇安信科技有限公司 | A kind of right management method, system, electronic equipment and medium |
| CN109886013A (en) * | 2019-01-17 | 2019-06-14 | 平安城市建设科技(深圳)有限公司 | Enterprise's authority control method, equipment, storage medium and device |
| CN110210207A (en) * | 2019-05-30 | 2019-09-06 | 中国联合网络通信集团有限公司 | Authorization method and equipment |
| CN111159729A (en) * | 2019-12-13 | 2020-05-15 | 中移(杭州)信息技术有限公司 | Authority control method, device and storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113918963A (en) * | 2021-09-10 | 2022-01-11 | 广州博依特智能信息科技有限公司 | Authority authorization processing method and system based on business requirements |
| CN113918963B (en) * | 2021-09-10 | 2023-07-18 | 广州博依特智能信息科技有限公司 | Authority authorization processing method and system based on business requirements |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107770146B (en) | User data authority control method and device | |
| CN106201856A (en) | A kind of multi version performance test methods and device | |
| CN105684027A (en) | House resource verifying method and system for real estate network | |
| WO2018006721A1 (en) | Method and apparatus for storing log file | |
| CN104657435A (en) | Storage management method for application data and network management system | |
| CN106897211A (en) | For the localization method and system of obscuring script | |
| CN111737323B (en) | Information query method and device based on block chain and electronic equipment | |
| CN110941741A (en) | Path search processing method, device, server and storage medium for graph data | |
| CN105824827A (en) | File path storage and local file visiting method and apparatus | |
| CN112100641A (en) | Multi-dimensional authorization method, system, equipment and storage medium | |
| DE202021102320U1 (en) | System for implementing sub-database replication | |
| CN110990878B (en) | Construction method of private data derivative graph | |
| CN109582834B (en) | Data risk prediction method and device | |
| WO2016206395A1 (en) | Weekly report information processing method and device | |
| CN108038233B (en) | Method and device for collecting articles, electronic equipment and storage medium | |
| WO2016176919A1 (en) | Attendance checking method and attendance checking server | |
| CN104111821B (en) | The method, apparatus and system of a kind of data processing | |
| CN105706397A (en) | Method and system for sharing shared information based on micro-messages | |
| CN114021059A (en) | Method, system, device and storage medium for downloading off-line digital map | |
| CN109446060B (en) | Method for generating server side test case suite, terminal device and storage medium | |
| CN105659303A (en) | Smart city outdoor location management method and system | |
| CN112015825A (en) | Model registration method and device based on block chain and electronic equipment | |
| CN111125593A (en) | Block chain-based family tree information processing method and device and storage medium | |
| CN105225034A (en) | interaction processing method and device | |
| CN105450678A (en) | Information confirmation method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201218 |