CN116070262A - Access control method and device for digital person data, electronic equipment and storage medium - Google Patents
Access control method and device for digital person data, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN116070262A CN116070262A CN202211634988.8A CN202211634988A CN116070262A CN 116070262 A CN116070262 A CN 116070262A CN 202211634988 A CN202211634988 A CN 202211634988A CN 116070262 A CN116070262 A CN 116070262A
- Authority
- CN
- China
- Prior art keywords
- client
- target
- digital person
- application program
- identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method, a device, electronic equipment and a storage medium for controlling access to digital personal data, wherein the method comprises the following steps: presetting a plurality of application program interfaces, and acquiring an information acquisition request sent by a client, wherein the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier; judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier; if the client side has the right to call the first target application program interface, judging whether the client side has the right to access a first target digital person corresponding to the target digital person identifier according to the target digital person identifier; if the client side has the right to access the first target digital person, the first target digital person and/or the information of the first target digital person is returned to the client side through the first target application program interface, so that the access efficiency and the security of the digital person data are improved.
Description
Technical Field
The present invention relates to the field of computer technology, and more particularly, to a method and apparatus for controlling access to digital personal data, an electronic device, and a storage medium.
Background
Digital people are products of information science and life science fusion, and the method of information science is utilized to carry out virtual simulation on the forms and functions of human bodies at different levels. The development of virtual digital people enters a rapid growth stage, and can be applied to a plurality of different scenes with digital people requirements, such as game industry, live broadcast scenes and the like.
In the prior art, in some scenes related to access to digital personal data, due to the lack of a corresponding access control policy, a certain security risk exists in the process of transferring the digital personal data, and in addition, when the digital personal data is matched in different application scenes, the digital personal data is often required to be processed through different clients, so that the data access efficiency is low.
Therefore, how to improve the access efficiency and security of digital personal data is a technical problem to be solved at present.
It should be noted that the information disclosed in the above background section is only for enhancing understanding of the background of the present disclosure and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The embodiment of the application provides a method, a device, electronic equipment and a storage medium for controlling access of digital personal data, which are used for improving the access efficiency and the security of the digital personal data.
In a first aspect, there is provided a method for controlling access to digital personal data, a plurality of application program interfaces being preset, the method comprising: acquiring an information acquisition request sent by a client, wherein the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier; judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier; if the client side has the right to call the first target application program interface, judging whether the client side has the right to access a first target digital person corresponding to the target digital person identifier according to the target digital person identifier; and if the client side has the right to access the first target digital person, returning the first target digital person and/or the information of the first target digital person to the client side through the first target application program interface.
In a second aspect, there is provided an access control device for digital personal data, a plurality of application program interfaces being preset, the device comprising: the system comprises an acquisition module, a storage module and a storage module, wherein the acquisition module is used for acquiring an information acquisition request sent by a client, and the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier; the first judging module is used for judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier; the second judging module is used for judging whether the client is authorized to access the first target digital person corresponding to the target digital person identifier according to the target digital person identifier if the client is authorized to call the first target application program interface; and the return module is used for returning the first target digital person and/or the information of the first target digital person to the client through the first target application program interface if the client has the right to access the first target digital person.
In a third aspect, there is provided an electronic device comprising: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform the access control method of digital person data of the first aspect via execution of the executable instructions.
In a fourth aspect, a computer readable storage medium is provided, on which a computer program is stored, which computer program, when being executed by a processor, implements the method for controlling access to digital personal data according to the first aspect.
By applying the technical scheme, a plurality of application program interfaces are preset, and an information acquisition request sent by a client is acquired, wherein the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier; judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier; if the client side has the right to call the first target application program interface, judging whether the client side has the right to access a first target digital person corresponding to the target digital person identifier according to the target digital person identifier; and if the client side has the right to access the first target digital person, returning the first target digital person and/or the information of the first target digital person to the client side through the first target application program interface, so that the access efficiency and the security of the digital person data are improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly introduced below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic flow chart of a method for controlling access to digital personal data according to an embodiment of the present invention;
fig. 2 is a flow chart of a method for controlling access to digital personal data according to another embodiment of the present invention;
fig. 3 is a schematic structural diagram of a digital personal data access control device according to an embodiment of the present invention;
fig. 4 shows a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
It is noted that other embodiments of the present application will be readily apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the application pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It is to be understood that the present application is not limited to the precise construction set forth herein below and shown in the drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
It should be noted that the following application scenario is only shown for the convenience of understanding the spirit and principles of the present application, and embodiments of the present application are not limited in any way in this respect. Rather, embodiments of the present application may be applied to any scenario where applicable.
The embodiment of the application provides a method for controlling access to digital personal data, which presets a plurality of application program interfaces, as shown in fig. 1, and comprises the following steps:
Step S101, an information acquisition request sent by a client is acquired, wherein the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier.
In this embodiment, a plurality of application program interfaces are preset, each application program interface corresponds to a different digital person service, and the digital person service may include creating a digital person, editing a digital person, accessing a digital person, and the like, each application program interface has a unique identifier, and the client can perform a corresponding digital person service only through different application program interfaces.
When a client needs to access a digital person, an information acquisition request is sent, wherein the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier, the application program interface identifier is an identifier of an application program interface capable of providing a service for accessing the digital person, the client identifier is an identifier of the client sending the information acquisition request, and the target digital person identifier is an identifier of the digital person which the client wants to access. The forms of the application program interface identifier, the client identifier and the target digital person identifier are preset, and can be any form or combination of a plurality of forms including letters, numbers and special characters.
Step S102, judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier.
In this embodiment, different clients have different client rights, and the application program interfaces accessible by the different client rights are different, for example, the application program interfaces include an interface a, an interface B, an interface C, and an interface D, the client a has the rights a, the client B has the rights B, the client a having the rights a can access the interface a, the interface C, and the interface D, and the client B having the rights B can access the interface a and the interface C. The application program interface identifier corresponds to the first target application program interface, corresponding client permission can be determined according to the client identifier, and whether the client is authorized to call the first target application program interface can be judged according to the client permission.
In some embodiments of the present application, the determining, according to the client permission corresponding to the client identifier, whether the client has authority to call the first target application program interface corresponding to the application program interface identifier includes:
judging whether the level of the client permission is not lower than a preset permission level;
If yes, determining that the client is authorized to call the first target application program interface;
if not, determining that the client does not have the right to call the first target application program interface, and returning prompt information for refusing access to the client.
In this embodiment, the first target application program interface corresponds to a preset permission level, if the level of the client permission is not lower than the preset permission level, it is indicated that the client is entitled to call the first target application program interface, otherwise, it is indicated that the level of the client permission is insufficient, the client is not entitled to call the first target application program interface, and a prompt message for refusing to access is returned to the client, so that it is ensured that the client not lower than the preset permission level can call the first target application program interface, and safety is improved.
Optionally, a corresponding relation table of the first target application program interface and different client identifications may be pre-established, the corresponding relation table is queried according to the client identifications, if the client identifications exist in the corresponding relation table, it is determined that the client has authority to call the first target application program interface, if the client identifications do not exist, it is determined that the client does not have authority to call the first target application program interface, and prompt information for refusing access is returned to the client.
Step S103, if the client is authorized to call the first target application program interface, judging whether the client is authorized to access the first target digital person corresponding to the target digital person identifier according to the target digital person identifier.
In this embodiment, the first target application program interface includes a plurality of different digital persons, each having a unique identifier. If the client side has the right to call the first target application program interface, judging whether the client side has the right to access the first target digital person corresponding to the target digital person identification according to the target digital person identification.
In some embodiments of the present application, the determining, according to the target digital person identifier, whether the client has access to a first target digital person corresponding to the target digital person identifier includes:
judging whether the first target digital person is set to allow access;
if yes, determining that the client is authorized to access the first target digital person;
if not, determining that the client side does not have access to the first target digital person, and returning prompt information that the first target digital person is not allowed to access to the client side.
In this embodiment, a plurality of different digital persons under the first target application program interface are set to be allowed to access, some are set to be not allowed to access, if the first target digital person is set to be allowed to access, the client side has access to the first target digital person, otherwise, the client side does not have access to the first target digital person, and a prompt message that the first target digital person is not allowed to access is returned to the client side, so that the client side is ensured to access only the digital person set to be allowed to access, and the security is improved.
Optionally, different access authority levels can be set for different digital persons under the first target application program interface, and if the authority level of the client is matched with the access authority level of the first target digital person, the client is determined to have authority to access the first target digital person; if the level of the client permission is not matched with the access permission level of the first target digital person, determining that the client is not authorized to access the first target digital person, and returning prompt information that the first target digital person is not allowed to access to the client.
In some embodiments, before determining from the target digital person identifier whether the client has access to a first target digital person corresponding to the target digital person identifier, the method further comprises:
and if the first target digital person does not exist under the first target application program interface, returning prompt information that the digital person does not exist to the client.
In this embodiment, the target digital person identifier in the information acquisition request may have an error, so that the target digital person corresponding to the target digital person identifier does not exist under the first target application program interface, and therefore, if the first target digital person does not exist under the first target application program interface, a prompt message that the digital person does not exist is returned to the client, thereby ensuring reliability in the process of accessing the digital person.
Step S104, if the client has access to the first target digital person, returning the first target digital person and/or the information of the first target digital person to the client through the first target application program interface.
In this embodiment, if the client has access to the first target digital person, the first target digital person is called and the first target digital person and/or information of the first target digital person is returned to the client through the first target application program interface, where the information of the first target digital person may include description information of the first target digital person, such as name, gender, scene where the first target digital person is located, and the like, and may further include creation time of the first target digital person, creation person, each edit record, edit person corresponding to each edit record, and the like, and may further include interactable manner or interaction function of the first target digital person, and the like.
In some embodiments of the present application, after returning the first target digital person and/or the information of the first target digital person to the client through the first target application program interface, the method further comprises:
receiving an interaction request sent by the client;
and generating interactive behaviors of the first target digital person according to the interactive request.
In this embodiment, the interactive behavior includes knowledge text, and/or speech, and/or parsable mouth-shape animation, and/or skeletal animation. For example, if the interactive request is a text or voice that needs to be replied to by the first target digital person, after receiving the interactive request, the first target digital person replies, and the replied information may include knowledge text, voice, resolvable mouth animation, skeleton animation, and other behaviors. For another example, if the interaction request is a piece of voice data, voice recognition is performed on the voice data to obtain voice content; then invoking a Unity engine to receive voice content through a voice interface, and matching the action variable condition of the first target digital person according to the voice content; and calling the Unity engine to drive the first target digital person to execute corresponding actions according to the matched action variable conditions. The voice interface provided by the third-party voice platform is integrated into the Unity engine, after voice content is recognized by the third-party voice platform, the recognized voice content is matched with action variable conditions, and after the matching is successful, the first target digital person is driven to execute corresponding actions. The motion variable condition has a matching relationship with the voice content, for example, after the recognized voice content is "running", the first target digital person is driven to "run" according to the preset "running" variable condition. Therefore, the user can interact with the digital person through the client, and the access efficiency and the user experience are improved.
In some embodiments of the present application, after returning the first target digital person and/or the information of the first target digital person to the client through the first target application program interface, the method further comprises:
and receiving an export instruction of the client, and exporting the first target digital person according to the export instruction.
In this embodiment, the user may click the export button at the client point to cause the client to issue an export instruction, where the format of the exported first target digital person may be a different format, such as video, picture, etc. If the first target digital person being exported is a video, the definition of the video may also be selected, either to export a complete video slice or to export a preview sample of the video. Before export, the size of the video or the picture can be displayed or different video or picture capacity options can be provided, and the user can be prompted whether the exported first target digital person is encrypted or not during export, so that the user can export the first target digital person according to the needs, and the user experience is improved.
By applying the technical scheme, a plurality of application program interfaces are preset, and an information acquisition request sent by a client is acquired, wherein the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier; judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier; if the client side has the right to call the first target application program interface, judging whether the client side has the right to access a first target digital person corresponding to the target digital person identifier according to the target digital person identifier; and if the client side has the right to access the first target digital person, returning the first target digital person and/or the information of the first target digital person to the client side through the first target application program interface, so that the access efficiency and the security of the digital person data are improved.
The embodiment of the application also provides a method for controlling access to digital personal data, before executing step S101, as shown in fig. 2, further comprising the following steps:
step S201, obtaining an interface access request sent by the client, where the interface access request includes a target interface identifier and the client identifier.
In this embodiment, when the client needs to create a digital person or edit a digital person, an interface access request needs to be sent first to access an application program interface for creating the digital person or access an application program interface for editing the digital person, where the interface access request includes a target interface identifier and a client identifier. The target interface identifier corresponds to a second target application program interface including an interface for creating a digital person or an interface for editing a digital person, and the client identifier corresponds to a client.
Step S202, if the interface access request meets the preset authentication rule, step S203 is executed, otherwise step S204 is executed.
In this embodiment, the interface access request is authenticated by a preset authentication rule. The preset authentication rules include, but are not limited to, authentication rules based on appkeys and appsecrets, which the client can only authenticate by providing the correct appkeys and appsecrets. The authentication process can be executed by a server or can be executed by a special authentication server, and the server can determine an authentication result according to a message returned by the authentication server.
Step S203, determining a processing priority of the interface access request according to the client identifier, and accessing the client to a second target application program interface corresponding to the target interface identifier based on the processing priority.
In this embodiment, if the interface access request meets the preset authentication rule, it is indicated that the client may access the second target application program interface corresponding to the target interface identifier. Different client identifiers correspond to different processing priorities, the processing priority of the client is determined according to the client identifiers, and the client is accessed to a second target application program interface according to the processing priority. For example, if there is an interface access request sent by both the client a and the client B, the processing priority of the client a is higher than that of the client B, and then the client a is accessed to the second target application program interface first, and then the client B is accessed to the second target application program interface.
In some embodiments of the present application, before determining whether the interface access request meets a preset authentication rule, the method further includes:
and if the number of the clients accessing the second target application program interface reaches the preset maximum number, intercepting the interface access request and sending prompt information for retrying later to the clients.
In this embodiment, when the number of clients accessing the second target application program interface reaches the preset maximum number, it is indicated that the second target application program interface has reached the maximum load, and the data processing efficiency of the second target application program interface is ensured by intercepting the interface access request.
In some embodiments of the present application, if the second target application program interface is an interface for creating a digital person, after the client is accessed to the second target application program interface corresponding to the target interface identifier based on the processing priority, the method further includes:
receiving a digital person creation instruction sent by the client, and creating a new digital person based on the digital person creation instruction;
and returning the new digital person to the client through the second target application program interface.
In this embodiment, if the second target application program interface is an interface for creating a digital person, after the client is accessed to the second target application program interface, a new digital person may be created according to a digital person creation instruction sent by the client. The digital person creation instruction may be a single instruction or a set of instructions, and after the creation of the new digital person is completed, the new digital person is returned to the client through the second target application program interface.
In some embodiments of the present application, the digital person creation instruction includes a photo, gender data, and a wind pattern data, and the creating a new digital person based on the digital person creation instruction includes:
judging whether the photo meets a preset condition or not;
if yes, creating the new digital person according to the photo, the gender data and the wind pattern data;
if not, prompting that the photo does not meet the requirements.
In this embodiment, the photo includes a target face, and a new digital person is created based on the target face. The sex data are used for specifying the sex of the digital person, the wind type data are used for specifying the wind type of the digital person, such as the wind type of reality, beauty, delicacy, lovely and the like, each wind type can be previewed through sample pictures, and a user can conveniently select according to the needs of the user. In order to match a digital person with a target face in a photo, a good visual effect is ensured, the photo needs to meet certain preset conditions, wherein the preset conditions can comprise a front face photo, the photo is uniform and sufficient in illumination, the expression is naturally relaxed, the photo belongs to a preset format (such as JPG or PNG format), and the size of the photo does not exceed a preset size (such as 10 MB); no one of the following can occur: deflection tilt, laughing, mouth opening, tooth leakage, facial shadows, and facial shadows, etc. And calling a preset face reconstruction model according to the photo, the sex data and the wind drawing type data to create a new digital person, wherein the preset face reconstruction model can be a 3DMM (3D Morphable Face Model, face 3D deformation statistical model) or a DECA (Detailed Expression Capture and Animation, detailed expression capturing and animation) model, so that the new digital person can be accurately and efficiently created.
In some embodiments of the present application, after creating a new digital person based on the digital person creation instruction, the method further comprises:
receiving the decoration data sent by the client;
and decorating the new digital person according to the decorating data.
In this embodiment, the dress data is data for rendering visual elements from skeletal data. The grooming data may comprise a grooming picture, a vertex grid and mapping data, wherein the mapping data is for mapping the grooming picture to the vertex grid and mapping vertices in the vertex grid to respective bones in the bone data. The decorative picture can be inlaid in a clamping groove included in the decorative data, the decorative picture is a texture picture and can be stored in a PNG (Portable Network Graphic Format ) format. A vertex grid is an area of a series of vertices. Mapping data maps the dress up picture onto the vertex grid, binds bones for the vertices in the vertex grid and gives weight, and the bone motion drives the corresponding vertices to move, so that the vertex motion changes the dress up picture. The digital person's hairstyle, color, complexion, clothing, pants, etc. information may be generated by the grooming data. The preset 3D rendering engine (such as Unity) can be called to render the decoration data to a new digital person for decoration, so that the digital person can be accurately and efficiently decorated, and the user experience is improved.
In some embodiments of the present application, if the second target application program interface is an interface for editing digital people, after the client is accessed to the second target application program interface corresponding to the target interface identifier based on the processing priority, the method further includes:
receiving a digital person editing instruction sent by the client, and editing a second target digital person corresponding to the digital person editing instruction based on the digital person editing instruction;
and returning the edited second target digital person or animation comprising the target digital person to the client through the second target application program interface.
In this embodiment, if the second target application program interface is an interface for editing a digital person, the corresponding second target digital person may be edited by a digital person editing instruction sent by the client. The digital person editing instruction comprises editing parameters, wherein the editing parameters comprise at least one of editing scene, action, article, subtitle, dubbing, text, material, filter, music, transition and lens.
The scene is a scene where a digital person is located, and editing parameters of the scene can be used for setting different scenes, adjusting the position of the scene, the angle between the scene and the person, the size of the scene and the like; editing parameters of the actions can enable the digital person to execute corresponding actions, such as lecture broadcasting, daily interaction, POSE of standing or sitting posture, social expression, emotion expression, impulse performance, sports and the like; the item may be a digital person carrying or an item in the surrounding environment; the subtitles may be text corresponding to dubbing; dubbing can be automatic synthesis from TTS (Text To Speech) or sound and music recorded by a user; the text may be text other than subtitles; the materials can be preset pictures or video information, and also can be content uploaded by a user, and editing parameters of the materials can adjust the positions of the materials, the arrangement modes of the materials, the proportion sizes, the transparency and the like; the filter may be a presented shooting effect; the music may be presented background music; the transition may be to have the digital person enter a different scene; the lens is a setting parameter of the virtual camera, such as a lens position, a lens angle, a lens switching parameter, and the like.
After the second target digital person is edited, the edited second target digital person or animation comprising the target digital person is returned to the client through the second target application program interface, so that the accurate and efficient editing of the digital person is realized.
In some embodiments of the present application, before receiving the digital person editing instruction sent by the client, the method further includes:
and displaying an editing interface capable of editing the second target digital person through the second target application program interface.
In this embodiment, an editing interface capable of editing the second target digital person is displayed through the second target application program interface, so that a user can conveniently edit the second target digital person in the editing interface.
The editing interface comprises a plurality of view controls, each view control corresponds to a corresponding transaction, such as action, expression, voice, background, text and the like, and if a certain view control cannot be matched with other view controls correctly, a user can adjust the position of the view control. The user can select the appointed view control by clicking, double clicking, multiple clicking, clicking according to a certain frequency or the like, and a position adjustment instruction is input, wherein the position adjustment instruction can drag the appointed view control to a target position on a corresponding control track, and can automatically move the appointed view control to the target position after clicking the target position on the corresponding control track, so that the position of the appointed view control on the control track can be changed according to the position adjustment instruction, the user can conveniently adjust the appointed view control at any time, and user experience is improved.
For example, if the subtitle and the dubbing cannot be properly matched, and the situation that the subtitle is not synchronous occurs, the user can send a position adjustment instruction to the subtitle view control corresponding to the subtitle, and adjust the position of the subtitle view control in the corresponding control track according to the position adjustment instruction; or if the dubbing and the mouth shape or the action of the second target digital person cannot be matched correctly, and the situation that the sound and the picture are not synchronous occurs, the user can send a position adjustment instruction to the dubbing view control corresponding to the dubbing, and the position of the dubbing view control in the corresponding control track is adjusted according to the position adjustment instruction; or when entering a certain scene, the appointed object in the scene should appear but not appear or not appear, the user can send out a position adjustment instruction to the object view control corresponding to the appointed object, and the position of the object view control in the corresponding control track is adjusted according to the position adjustment instruction, so that the appointed object appears correctly in the scene.
Step S204, returning prompt information of refusing access to the client.
In this embodiment, if the interface access request does not meet the preset authentication rule, it is determined that the interface access request is an illegal access request, and a prompt message for rejecting access is returned to the client.
By applying the technical scheme, the interface access request sent by the client is obtained, the interface access request comprises a target interface identifier and the client identifier, and whether the interface access request meets a preset authentication rule is judged; if yes, determining the processing priority of the interface access request according to the client identifier, and accessing the client to a second target application program interface corresponding to the target interface identifier based on the processing priority; if not, returning prompt information of refusing access to the client; the second target application program interface comprises an interface for creating a digital person or an interface for editing the digital person, and the interface access request is authenticated based on a preset authentication rule, so that the access efficiency and the security of the digital person data are improved.
The embodiment of the application also provides a device for controlling access to digital personal data, as shown in fig. 3, a plurality of application program interfaces are preset, and the device comprises:
the acquiring module 301 is configured to acquire an information acquisition request sent by a client, where the information acquisition request includes an application program interface identifier, a client identifier, and a target digital person identifier;
A first determining module 302, configured to determine, according to a client permission corresponding to the client identifier, whether the client is authorized to invoke a first target application program interface corresponding to the application program interface identifier;
a second judging module 303, configured to judge, if the client has authority to call the first target application program interface, whether the client has authority to access a first target digital person corresponding to the target digital person identifier according to the target digital person identifier;
and the return module 304 is configured to return the first target digital person and/or information of the first target digital person to the client through the first target application program interface if the client has access to the first target digital person.
In a specific application scenario, the first determining module 302 is specifically configured to:
judging whether the level of the client permission is not lower than a preset permission level;
if yes, determining that the client is authorized to call the first target application program interface;
if not, determining that the client does not have the right to call the first target application program interface, and returning prompt information for refusing access to the client.
In a specific application scenario, the second determining module 303 is specifically configured to:
Judging whether the first target digital person is set to allow access;
if yes, determining that the client is authorized to access the first target digital person;
if not, determining that the client side does not have access to the first target digital person, and returning prompt information that the first target digital person is not allowed to access to the client side.
In a specific application scenario, the device further includes an access module, configured to:
acquiring an interface access request sent by the client, wherein the interface access request comprises a target interface identifier and the client identifier;
judging whether the interface access request meets a preset authentication rule or not;
if yes, determining the processing priority of the interface access request according to the client identifier, and accessing the client to a second target application program interface corresponding to the target interface identifier based on the processing priority;
if not, returning prompt information of refusing access to the client;
wherein the second target application program interface comprises an interface for creating a digital person or an interface for editing a digital person.
In a specific application scenario, the apparatus further includes a creation module configured to:
Receiving a digital person creation instruction sent by the client, and creating a new digital person based on the digital person creation instruction;
and returning the new digital person to the client through the second target application program interface.
In a specific application scenario, the device further includes an editing module, configured to:
receiving a digital person editing instruction sent by the client, and editing a second target digital person corresponding to the digital person editing instruction based on the digital person editing instruction;
and returning the edited second target digital person or animation comprising the target digital person to the client through the second target application program interface.
In a specific application scenario, the editing module is further configured to:
and displaying an editing interface capable of editing the second target digital person through the second target application program interface.
By applying the above technical solution, a plurality of application program interfaces are preset, and the access control device for digital personal data includes: the system comprises an acquisition module, a storage module and a storage module, wherein the acquisition module is used for acquiring an information acquisition request sent by a client, and the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier; the first judging module is used for judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier; the second judging module is used for judging whether the client is authorized to access the first target digital person corresponding to the target digital person identifier according to the target digital person identifier if the client is authorized to call the first target application program interface; and the return module is used for returning the first target digital person and/or the information of the first target digital person to the client through the first target application program interface if the client has the right to access the first target digital person, so that the access efficiency and the security of the digital person data are improved.
The embodiment of the invention also provides an electronic device, as shown in fig. 4, which comprises a processor 401, a communication interface 402, a memory 403 and a communication bus 404, wherein the processor 401, the communication interface 402 and the memory 403 complete communication with each other through the communication bus 404,
a memory 403 for storing executable instructions of the processor;
a processor 401 configured to execute via execution of the executable instructions:
acquiring an information acquisition request sent by a client, wherein the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier;
judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier;
if the client side has the right to call the first target application program interface, judging whether the client side has the right to access a first target digital person corresponding to the target digital person identifier according to the target digital person identifier;
and if the client side has the right to access the first target digital person, returning the first target digital person and/or the information of the first target digital person to the client side through the first target application program interface.
The communication bus may be a PCI (Peripheral Component Interconnect, peripheral component interconnect standard) bus, or an EISA (Extended Industry Standard Architecture ) bus, or the like. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.
The communication interface is used for communication between the terminal and other devices.
The memory may include RAM (Random Access Memory ) or may include non-volatile memory, such as at least one disk memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a CPU (Central Processing Unit ), NP (Network Processor, network processor), etc.; but also DSP (Digital Signal Processing, digital signal processor), ASIC (Application Specific Integrated Circuit ), FPGA (Field-Programmable Gate Array, field programmable gate array) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components.
In yet another embodiment of the present invention, there is also provided a computer-readable storage medium having stored therein a computer program which, when executed by a processor, implements the method of access control of digital personal data as described above.
In yet another embodiment of the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform the method of access control of digital personal data as described above.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present invention, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, digital subscriber line), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid state disk), etc.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments.
The foregoing description is only of the preferred embodiments of the present invention and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention are included in the protection scope of the present invention.
Claims (10)
1. A method for controlling access to digital personal data, wherein a plurality of application program interfaces are preset, the method comprising:
acquiring an information acquisition request sent by a client, wherein the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier;
judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier;
if the client side has the right to call the first target application program interface, judging whether the client side has the right to access a first target digital person corresponding to the target digital person identifier according to the target digital person identifier;
and if the client side has the right to access the first target digital person, returning the first target digital person and/or the information of the first target digital person to the client side through the first target application program interface.
2. The method of claim 1, wherein the determining whether the client is entitled to invoke the first target application program interface corresponding to the application program interface identifier according to the client permission corresponding to the client identifier comprises:
Judging whether the level of the client permission is not lower than a preset permission level;
if yes, determining that the client is authorized to call the first target application program interface;
if not, determining that the client does not have the right to call the first target application program interface, and returning prompt information for refusing access to the client.
3. The method of claim 1, wherein the determining, based on the target digital person identifier, whether the client is authorized to access the first target digital person corresponding to the target digital person identifier comprises:
judging whether the first target digital person is set to allow access;
if yes, determining that the client is authorized to access the first target digital person;
if not, determining that the client side does not have access to the first target digital person, and returning prompt information that the first target digital person is not allowed to access to the client side.
4. The method of claim 1, wherein prior to obtaining the information acquisition request sent by the client, the method further comprises:
acquiring an interface access request sent by the client, wherein the interface access request comprises a target interface identifier and the client identifier;
Judging whether the interface access request meets a preset authentication rule or not;
if yes, determining the processing priority of the interface access request according to the client identifier, and accessing the client to a second target application program interface corresponding to the target interface identifier based on the processing priority;
if not, returning prompt information of refusing access to the client;
wherein the second target application program interface comprises an interface for creating a digital person or an interface for editing a digital person.
5. The method of claim 4, wherein if the second target application program interface is an interface for creating a digital person, after accessing the client to the second target application program interface corresponding to the target interface identification based on the processing priority, the method further comprises:
receiving a digital person creation instruction sent by the client, and creating a new digital person based on the digital person creation instruction;
and returning the new digital person to the client through the second target application program interface.
6. The method of claim 4, wherein if the second target application program interface is an interface for editing digital people, after accessing the client to the second target application program interface corresponding to the target interface identification based on the processing priority, the method further comprises:
Receiving a digital person editing instruction sent by the client, and editing a second target digital person corresponding to the digital person editing instruction based on the digital person editing instruction;
and returning the edited second target digital person or animation comprising the target digital person to the client through the second target application program interface.
7. The method of claim 6, wherein prior to receiving the digital person editing instructions sent by the client, the method further comprises:
and displaying an editing interface capable of editing the second target digital person through the second target application program interface.
8. An access control device for digital personal data, characterized by presetting a plurality of application program interfaces, the device comprising:
the system comprises an acquisition module, a storage module and a storage module, wherein the acquisition module is used for acquiring an information acquisition request sent by a client, and the information acquisition request comprises an application program interface identifier, a client identifier and a target digital person identifier;
the first judging module is used for judging whether the client is authorized to call a first target application program interface corresponding to the application program interface identifier according to the client authority corresponding to the client identifier;
The second judging module is used for judging whether the client is authorized to access the first target digital person corresponding to the target digital person identifier according to the target digital person identifier if the client is authorized to call the first target application program interface;
and the return module is used for returning the first target digital person and/or the information of the first target digital person to the client through the first target application program interface if the client has the right to access the first target digital person.
9. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the access control method of digital personal data of any one of claims 1 to 7 via execution of the executable instructions.
10. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the access control method of digital personal data according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211634988.8A CN116070262A (en) | 2022-12-19 | 2022-12-19 | Access control method and device for digital person data, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211634988.8A CN116070262A (en) | 2022-12-19 | 2022-12-19 | Access control method and device for digital person data, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116070262A true CN116070262A (en) | 2023-05-05 |
Family
ID=86172522
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211634988.8A Pending CN116070262A (en) | 2022-12-19 | 2022-12-19 | Access control method and device for digital person data, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116070262A (en) |
-
2022
- 2022-12-19 CN CN202211634988.8A patent/CN116070262A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11861936B2 (en) | Face reenactment | |
| US10127945B2 (en) | Visualization of image themes based on image content | |
| EP4013034A1 (en) | Image capturing method and apparatus, and computer device and storage medium | |
| CN107257338B (en) | media data processing method, device and storage medium | |
| CN116601675A (en) | Virtual garment fitting | |
| CN114930399A (en) | Image generation using surface-based neurosynthesis | |
| EP2992613A1 (en) | Method and system for providing personal emoticons | |
| CN108960889B (en) | Method and device for controlling voice speaking room progress in virtual three-dimensional space of house | |
| CN106303354B (en) | Face special effect recommendation method and electronic equipment | |
| CN109948093B (en) | Expression picture generation method and device and electronic equipment | |
| JP6111738B2 (en) | Image management system, management server, management server processing method, and control program | |
| WO2018050021A1 (en) | Virtual reality scene adjustment method and apparatus, and storage medium | |
| CN111163323A (en) | Online video creation system and method | |
| CN108600632A (en) | It takes pictures reminding method, intelligent glasses and computer readable storage medium | |
| CN108846878A (en) | Face textures generation method, device, readable storage medium storing program for executing and mobile terminal | |
| WO2021098151A1 (en) | Special effect video synthesis method and apparatus, computer device, and storage medium | |
| CN114638232A (en) | Method and device for converting text into video, electronic equipment and storage medium | |
| CN110110412A (en) | House type full trim simulation shows method and display systems based on BIM technology | |
| US20220217430A1 (en) | Systems and methods for generating new content segments based on object name identification | |
| JP2004005265A (en) | Image composing method, device and system | |
| CN116457821A (en) | Object re-illumination using neural networks | |
| US20230326161A1 (en) | Data processing method and apparatus, electronic device, computer-readable storage medium, and computer program product | |
| CN116070262A (en) | Access control method and device for digital person data, electronic equipment and storage medium | |
| CN112734657B (en) | Cloud group photo method and device based on artificial intelligence and three-dimensional model and storage medium | |
| CN115393484A (en) | Method and device for generating virtual image animation, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |