CN101859352A - Method, system, application software and platform software for controlling authority - Google Patents
Method, system, application software and platform software for controlling authority Download PDFInfo
- Publication number
- CN101859352A CN101859352A CN200910081959A CN200910081959A CN101859352A CN 101859352 A CN101859352 A CN 101859352A CN 200910081959 A CN200910081959 A CN 200910081959A CN 200910081959 A CN200910081959 A CN 200910081959A CN 101859352 A CN101859352 A CN 101859352A
- Authority
- CN
- China
- Prior art keywords
- application software
- authority
- software
- data
- platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000012423 maintenance Methods 0.000 claims description 5
- 238000007726 management method Methods 0.000 description 6
- 238000012217 deletion Methods 0.000 description 5
- 230000037430 deletion Effects 0.000 description 5
- 230000002452 interceptive effect Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the invention provides a method, system, application software and platform software for controlling authority so as to realize the control and management of the platform software on the authority depending on involvement of the application software. The authority controlling method provided by the embodiment of the invention is applied for a system, wherein the system comprises the application software and the platform software; and the application software accesses data stored in the platform software side through the platform software. The authority controlling method comprises the following steps: the authority data for recording the application software authority are stored in the platform software side, wherein the application software permission is a permission of operating the data stored in the platform software side; when an operation related to the application software authority to the data is carried out, the application software requests information of the authority data to the platform software; and the application software participates in the control of the operation according to the information of the authority data provided by the platform software.
Description
Technical field
The present invention relates to the safe access control technology, particularly a kind of authority control method, system, application software and platform software.
Technical background
At present, platform software can only be managed and control its realization and need not to depend on the authority that application software participates in, and promptly can only manage and control its realization and depend on the authority that platform software participates in.The authority that in the present invention its realization is depended on the platform software participation abbreviates the platform software authority as.In this case, when application software was logined with the role, platform software was controlled the operation of application software according to role's permissions data.Here, role's permissions data records the platform software authority that the role has.Generally, platform software can be a document file library system.
Here the realization of authority is meant and allows the role to carry out and the corresponding operation of this authority that the refusal role does not carry out and the corresponding operation of this authority when the role does not have this authority when the role has this authority.When the realization of certain authority needed the participation of application software, this authority was called the authority that depends on the application software participation, abbreviates the application software authority in the present invention as.Such as the reading and writing authority, its realization is controlled by platform software, promptly when the role has the authority of reading or writing, platform software allows to carry out read or write with the application software of this role's login, when the role did not have the authority of reading or writing, the platform software refusal was carried out read or write with the application software of this role's login.But such as taking passages authority, it is the read right that provides based on platform software, after but can further controlling application software and reading document data, whether can take passages document data.Because how platform software for application software provides the machine readable text file data, is specifically read as for application software, platform software is uncontrollable, and the participation of application software need be arranged.Promptly need judge whether its current role who lands has the extracts authority, and control the operation of application software according to corresponding authority by application software.Therefore, take passages authority and promptly belong to the application software authority.
Print right for another example, its realization is controlled by platform software.But print right for a kind of more refinement, it is the print right that provides based on platform software, but can further control application software and how to print,, can also control continuous number of times of printing of application software or the like as maximum numbers of pages of the disposable printing of control application software.Because how platform software for application software provides maximum print right, specifically prints as for application software, platform software is powerless equally, and the control of the print right of promptly this more refinement needs the participation of application software.Therefore, the print right of this more refinement also belongs to the application software authority.
Because as seen, current platform software can't effectively be controlled some application software authority.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of authority control method, system, application software and platform software, with the control and the management of implementation platform software to application software authority.
In order to achieve the above object, a kind of authority control method that the embodiment of the invention provides is applied to a system, wherein, described system comprises application software and platform software, and wherein, application software visits the data that leave described platform software side in by platform software; Described method comprises:
Leave the permissions data of record application software authority in the platform software side, wherein said application software authority is carried out operation permission for the data that described platform software side is deposited;
When desire was carried out the operation relevant with the application software authority to described data, described application software was to the information of the described permissions data of described platform software request;
The information of the permissions data that provides according to described platform software, described application software participates in the control to described operation.
In order to achieve the above object, a kind of authority control system that the embodiment of the invention provides comprises:
Application software is used for visiting the data that leave described platform software side in by platform software;
Described platform software is used for the instruction according to described application software, and the data of described platform software side are provided for described application software;
Wherein,
Described application software is further used for leaving the permissions data of record application software authority in the platform software side, and wherein the application software authority is carried out operation permission for the data that described platform software side is deposited; And, be further used for when desire is carried out the operation relevant with the application software authority to described data, to the information of the described permissions data of described platform software request; And the information of the permissions data that provides according to described platform software participates in the control to described operation;
Described platform software is further used for the instruction according to described application software, the permissions data of put application software authority; And, be further used for instruction according to described application software, the information of permissions data is provided to described application software.
In order to achieve the above object, a kind of application software of providing of the embodiment of the invention comprises:
First module, when being used for desire the platform software side data being carried out the operation relevant with the application software authority, to the authority information of platform software request record application software authority, wherein said platform software side deposit will record application software authority permissions data;
Second module, the permissions data that is used for arriving to the platform software request according to first module participates in the control to the operation of platform software side data.
In order to achieve the above object, a kind of platform software of providing of the embodiment of the invention comprises:
First module is used for the instruction according to application software, the permissions data of put application software authority;
Second module is used for the instruction according to application software, and the information of permissions data is provided to application software.
The authority control method, system, application software and the platform software that provide by the embodiment of the invention, the permissions data that application software will record the application software authority leaves the platform software side in, when application software is carried out the operation relevant with the application software authority to data, application software arrives first platform software and goes to inquire about it and whether have the corresponding application software authority, after platform software offered application software with corresponding authority information, application software could participate in the control of this operation according to the information of this permissions data.In this way, just realized that platform software is to using the control and the management of software authority.
In addition, leave the platform software side in, data and associated authority information are stored together, also can greatly improve the security of data permission control by the permissions data that will record the application software authority.
Moreover, because the security that generally platform software had is integrated into the permissions data that records the application software authority under the management of platform software far above application side, make that the degree of safety of permissions data itself is higher.
Description of drawings
Fig. 1 is the structural representation of authority control system in the embodiment of the invention.
Fig. 2 is the process flow diagram of authority control method in the embodiment of the invention.
Fig. 3 is the structural representation that is used for the application software of control of authority in the embodiment of the invention.
Fig. 4 is the structural representation that is used for the platform software of control of authority in the embodiment of the invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with accompanying drawing.
In the authority control method that the embodiment of the invention provides, the permissions data of record application software authority leaves the platform software side in, and wherein the application software authority is carried out operation permission for the data that the platform software side is deposited; When the data of the platform software side being deposited when the application software desire are carried out the operation relevant with the application software authority, platform software offers application software with the information of described permissions data, and the information of the permissions data that application software provides according to platform software participates in the control to the data operation.
Fig. 1 is the structural representation of authority control system in the embodiment of the invention.As shown in Figure 1, this authority control system comprises application software 101 and platform software 102, treats that wherein service data 103 is positioned at the platform software side.Wherein application software 101 by platform software 102 visit leave platform software 102 sides in treat service data 103, platform software 102 is treated service data 103 according to the instruction of application software 101 for application software 101 provides.In case application software 101 has access to by platform software 102 and treats service data 103, then the operation of 101 pairs of data 103 of application software need not through platform software 102.The extracts operation of carrying out as 101 pairs of data of application software 103 just need not through platform software 102.
Specifically, comprise the application software authority that at least one role has in the permissions data of record application software authority, when application software 101 and desire carry out operating accordingly with the application software authority to data 103, application software 101 is to the information of platform software 102 request permissions data, platform software 102 provides the information of permissions data for application software 101, the information of the permissions data that application software 101 provides according to platform software 102, judge whether current login role has the application software authority of carrying out this operation, if current login role does not have the corresponding application software authority, then application software 101 can not be carried out corresponding operation to data 103.
It will be appreciated by those skilled in the art that, the application software that the permissions data of record application software authority is left in the platform software side and the permissions data control that provides to platform software request permissions data message and according to platform software also can be different application software to the application software of data operation, even both are inequality under normal conditions.
The permissions data that will write down the application software authority such as application software A leaves the platform software side in, suppose to record in this permissions data role A, B, the application software authority information that C had, work as application software B so with role A login platform software, and desire is carried out A when operation to the data of platform software side, application software B is at first to platform software request permissions data, the permissions data that application software B can platform software provides judges whether role B has and A operation corresponding application software authority, if role B has the corresponding application software authority, then application software B can carry out the A operation to the data of platform software side, otherwise application software B can not carry out the A operation to the data of platform software side.
Further, application software 101 or platform software 102 can also be safeguarded permissions data.
When platform software 102 does not understand the concrete implication of permissions data, finish maintenance to permissions data by application software 101.Specifically, platform software 102 is for after application software 101 provides permissions data, application software 101 can be to the permissions data maintenance of making amendment, as deletion or increase role, merge, delete or increase application software authority, revise application permission that the role had or the like, yet more amended permissions data is left in platform software 102 sides to upgrade original permissions data.
When platform software 102 was understood the concrete implication of permissions data, platform software 102 can be safeguarded according to the content of permissions data on one's own initiative, such as the merging of carrying out the application software authority and deletion.Also can the content of permissions data be safeguarded, as deleting or increasing role, deletion or increase application software authority, modification application permission that the role had or the like according to the instruction of application software 101.
The merging of application software authority and deletion are described in detail in the back extended meeting, just repeat no more here.
When platform software was document file library system, the data of platform software side can be unstructured datas such as document data, and when platform software was audio-visual system, the data of platform software side can be the video display audio data.
Fig. 2 is the process flow diagram of right management method in the embodiment of the invention.As shown in Figure 2, the right management method that the embodiment of the invention provides is applied to the described Rights Management System of Fig. 1, specifically comprises:
Step 201: the permissions data that will write down the application software authority leaves the platform software side in.The permissions data that wherein writes down the application software authority comprises the application software authority that at least one role has, and this application software authority is carried out operation permission for the data that the platform software side is deposited.
Specifically, can set the application software authority that at least one role has according to user's demand.The permissions data of record application software authority can leave in the document data.
In embodiments of the present invention, the permissions data of record application software authority can be stored together with the permissions data that records the platform software authority, also can separate storage.
Step 202: when desire is carried out the operation relevant with the application software authority to the platform software side data, application software is to the information of platform software request permissions data, and the information of the permissions data that provides according to platform software participates in the control to the operation of platform software side data.
When application software is logined the platform software desire data of platform software side is operated with the role, platform software offers application software with the information of permissions data, application software judges according to the information of the permissions data that platform software provides whether this current login role has and operation corresponding application software authority, if current login role has and operation corresponding application software authority, application software just can be operated the data of platform software side so, otherwise application software can not be operated the data of platform software side.
In embodiments of the present invention, the file layout of permissions data can be the role and the application software authority table of comparisons.Promptly can represent different roles whether to have corresponding application software authority with the content in the table of comparisons.
In embodiments of the present invention, the content in the table of comparisons can be a zone bit, such as numerical value or character string.Such as zone bit can be numeral 1 or 0, represents that with numeral 1 role has corresponding application software authority; Represent that with numeral 0 role does not have corresponding application software authority.
In another embodiment of the present invention, content in the table of comparisons can also be to carry out the needed information of application software limiting operation, as key (can be private key or the PKI in the asymmetric key, also can be symmetric key, can also be password) and the encrypt data encrypted.Carrying out the needed information of application software limiting operation can also be the information of other type, as the case may be can be different, here do not give unnecessary details one by one.When application software was logined desire the data of platform software example are carried out the application software limiting operation with the role like this, application software need correctly provide this application software limiting operation required information, just is allowed to carry out corresponding operation.
Such as, if the content in a certain cell is a key information in the table of comparisons, show that then the role of this cell correspondence has corresponding application software authority.If the content on the table of comparisons in a certain cell does not comprise the needed information of application software limiting operation of carrying out, for example be NULL, sky or other value (any information except that carrying out the needed information of application software limiting operation), show that then the role of this cell correspondence does not have corresponding application software authority.
Represent whether the role has among the embodiment of application software authority, and the security of system can only depend on the code safety of application software utilizing zone bit.But utilizing the needed information of execution application software limiting operation to represent whether the role has among the embodiment of application software authority, simple code intrusion no longer can break the security of ring control of authority.This be because application software only get access to with the corresponding required information of execution application software limiting operation of current login role, application software just is allowed to carry out corresponding operation, so this control of authority is difficult to walk around platform software.Usually therefore the security of platform software makes that far above the security of application software the method for the required information of storage execution application software limiting operation has higher security in permissions data.In this case, even the code of application software is explorative code, also can not influence the security of control of authority.
Such as for the print right of above-mentioned more refinement, when utilizing zone bit to represent whether the role has the application software authority, the permissions data that application software searching platform software provides, whether the role who judges current login has this print right, when current login role has this print right, the control printer prints.But the assailant can allow application software directly skip the step whether current login of checking role has print right by revising application software, and directly by printer prints, in this case, system just can not control the operation of application software effectively.But utilizing the needed information representation role of execution application software limiting operation whether to have under the situation of application software authority, have only application software to get access to current login role from the permissions data that platform software provides and carry out the needed information of printing, printer could be carried out printing.Therefore not learning under the situation of carrying out the required information of printing, can't walk around platform software and carry out printing.Obviously, so just can obtain higher security.
Application software judges according to the information of the permissions data that platform software provides whether this current login role has and the process of operation corresponding application software authority can be: application software travels through permissions data one by one, find and current login role and the corresponding cell of this operating right, judge by the content in this cell whether current login role has this operating right.As long as have a role to have this operating right among the current login role, allow to carry out this operation; Otherwise refuse the execution of this operation.
Table 1 is the table of comparisons file layout of permissions data.As shown in table 1, this table of comparisons has the capable n row of m, and wherein row are represented the role, and total n role shown in the n tabulation; Row is represented the application software authority, and the m line display has m kind application software authority.Whether the capable j column unit of i lattice content representation role j has application software authority i.Here hypothesis represents that with 1 the role has the application software authority, represents that with 0 the role does not have the application software authority.Suppose application software with role 1 and role's 2 logins, so as known from Table 1, application software can be carried out and authority 1, authority 2 and the corresponding operation of authority m.
Table 1
Application software judges according to the information of the permissions data that platform software provides whether current login role has and the process of operation corresponding application software authority can also be: the permissions data that application software provides according to platform software, obtain the sub-table of comparisons of current login role and all application software authorities, travel through each cell corresponding, judge according to the content in each cell whether current login role has this operating right with this operating right.As long as have a role to have this operating right among the current login role, then application software is allowed to carry out this operation.Such as, suppose application software with role 1, role 2 ..., role k login, then table 2 is the current login role that obtains and the sub-table of comparisons of all authorities from table 1; If the operating right that will inquire about at present of hypothesis is an authority 3 again, then only need search the content in the cell corresponding with authority 3.
Table 2
Certainly, application software judges according to the information of the permissions data that platform software provides whether current login role has and the process of operation corresponding application software authority can also be: the permissions data that application software provides according to platform software, obtain the sub-table of comparisons of all roles and this operating right, in this sub-table of comparisons, travel through and pairing each cell of current login role one by one, judge according to the content in each cell whether current login role has this operating right.
Application software judges according to the information of the permissions data that platform software provides whether current login role has and the process of operation corresponding application software authority can also be: the permissions data that application software provides according to platform software, obtain the sub-table of comparisons of current login role and this operating right, travel through each cell in this table of comparisons, judge according to the content in each cell whether current login role has this operating right.
Though more than four kinds of lookup methods be that zone bit is the example explanation with cell content in the table of comparisons, those skilled in the art are readily appreciated that, for carrying out the situation of application software limiting operation information needed, these four kinds of lookup methods also are same being suitable for for the content in the table of comparisons.
Above-mentioned all to describe in all supposition systems all be irrelevant and separate between each application software authority, and in practice, have overlapping between some application software authority or relation of inclusion is arranged, this moment merges by the application software authority and deletion can further be optimized permissions data.Illustrate the method that the application software authority merges below.
If have relation of inclusion between certain two authority a, b, if authority a is promptly arranged, then authority b must be arranged, can think that so authority a is that wherein authority c is the supplementary set of authority b in authority a by authority b and another implicit authority c merging and next.In permissions data, rights of using c replaces authority a, allows the role who had authority a originally have authority b and authority c now simultaneously simultaneously.
Suppose that original application software authority comprises access limit, increased a write permission now again, just need this moment so to revise permissions data, replace access limit, allow the role who has access limit originally have write permission and read right now simultaneously simultaneously with read right.
If there is the relation of overlapping between certain two authority a, b, if authority a is promptly arranged, the authority that then has part ownership b, can think that so authority a is made of authority ab and authority c, and authority b is made of authority ab and authority d, wherein authority ab is the common factor of authority a and authority b, and authority c is the supplementary set of authority ab in authority a, and authority d is the supplementary set of authority ab in authority b.In permissions data, replacing authority a and authority b is authority ab, authority c and authority d, and specifically can be increases authority ab, replaces authority a with authority c, replaces authority b with authority d.Allow the role who had authority a originally have authority ab and authority c now simultaneously simultaneously, and allow the role who has authority b originally have authority ab and authority d now simultaneously.
Comprise access limit such as the original application software authority of hypothesis, having increased by one now again writes/print right, just need to revise permissions data so this moment, replace access limit and write/print right with read right, write permission and print right, allow the role who had access limit originally have write permission and read right now simultaneously simultaneously, allow have originally write/role of print right has write permission and print right now simultaneously.
Comprise and overlapping relation if having, can repeatedly use above-mentioned disassemble technique more than existing between two authorities.
Fig. 3 is the structural representation that is used for the application software of control of authority in the embodiment of the invention.As shown in Figure 3, the application software that provides of the embodiment of the invention comprises permissions data acquisition module 301 and operational module 302.
Permissions data acquisition module 301 is used for desire when the platform software side data is carried out the operation relevant with the application software authority, to the authority information of platform software request record application software authority, wherein said platform software side is deposited the permissions data with record application software authority.
The permissions data that operational module 302 is used for arriving to the platform software request according to permissions data acquisition module 301 participates in the control to the operation of platform software side data.
Application software can further include the permissions data interactive module, is used for leaving the permissions data of record application software authority in the platform software side.
Application software further can also comprise the permissions data maintenance module, be used to safeguard the permissions data of permissions data acquisition module 301 acquisitions, and the permissions data after will safeguarding by the permissions data interactive module stores the platform software side into, to upgrade the permissions data of platform software side.
It will be understood by those skilled in the art that in some cases some application software can only have the function of permissions data interactive module.
Fig. 4 is the structural representation that is used for the platform software of control of authority in the embodiment of the invention.As shown in Figure 4, this platform software comprises:
Permissions data memory module 401 is used for the instruction according to application software, the permissions data of put application software authority;
Permissions data interactive module 402 is used for the instruction according to application software, and the information of permissions data is provided to application software.
Platform software further can also comprise the permissions data maintenance module, is used for when described platform software is understood the concrete implication of described permissions data, safeguards the permissions data that is stored in the permissions data memory module 401.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement etc., all should be included within protection scope of the present invention.
Claims (19)
1. an authority control method is applied to a system, and wherein, described system comprises application software and platform software, and wherein, application software visits the data that leave described platform software side in by platform software; It is characterized in that described method comprises:
Leave the permissions data of record application software authority in the platform software side, wherein said application software authority is carried out operation permission for the data that described platform software side is deposited;
When desire was carried out the operation relevant with the application software authority to described data, described application software was to the information of the described permissions data of described platform software request;
The information of the permissions data that provides according to described platform software, described application software participates in the control to described operation.
2. method according to claim 1 is characterized in that, the permissions data of described record application software authority comprises the application software authority that at least one role has;
The information of the described permissions data that provides according to described platform software participates in the control of described operation is comprised:
Judge according to described permissions data whether current login role has and described operation corresponding application software authority;
If current login role has and described operation corresponding application software authority, then can operate described data, otherwise, can not operate described data.
3. method according to claim 1 is characterized in that, further comprises: permissions data is safeguarded.
4. method according to claim 3 is characterized in that, when described platform software does not understand the concrete implication of permissions data, finishes maintenance to permissions data by application software.
5. method according to claim 3 is characterized in that, when described platform software was understood the concrete implication of permissions data, described platform software was safeguarded the content of permissions data on one's own initiative or according to the instruction of application software.
6. method according to claim 2 is characterized in that, indicates a role whether to have an application software authority by designator.
7. method according to claim 2 is characterized in that, by carrying out the application software authority that the needed information of the corresponding operation of an application software authority indicates a role to be had.
8. method according to claim 7, it is characterized in that, from the permissions data that described platform software provides, obtain the corresponding required information of the described operation of execution with current login role, according to the information that the described operation of the execution of obtaining is required described data are operated, if do not have the corresponding required information of the described operation of execution in the permissions data that described platform software provides, can not operate to described data with current login role.
9. according to claim 7 or 8 described methods, it is characterized in that the required information of the described execution corresponding operation of one application software authority comprises: key or with other data of secret key encryption.
10. according to the arbitrary described method of claim 1 to 8, it is characterized in that the file layout of described permissions data is the table of comparisons for role and application software authority.
11. according to the arbitrary described method of claim 1 to 8, it is characterized in that the application software that the permissions data of record application software authority is left in the platform software side is different application software with the application software of the described operation of permissions data information Control that provides to platform software request permissions data message and according to platform software.
12., it is characterized in that described platform software is a document file library system according to the arbitrary described method of claim 1 to 8, the data that described platform software side is deposited are document data.
13. an authority control system comprises:
Application software is used for visiting the data that leave described platform software side in by platform software;
Described platform software is used for the instruction according to described application software, and the data of described platform software side are provided for described application software;
It is characterized in that,
Described application software is further used for leaving the permissions data of record application software authority in the platform software side, and wherein the application software authority is carried out operation permission for the data that described platform software side is deposited; And, be further used for when desire is carried out the operation relevant with the application software authority to described data, to the information of the described permissions data of described platform software request; And the information of the permissions data that provides according to described platform software participates in the control to described operation;
Described platform software is further used for the instruction according to described application software, the permissions data of put application software authority; And, be further used for instruction according to described application software, the information of permissions data is provided to described application software.
14. system according to claim 13 is characterized in that, described application software or described platform software are further used for described permissions data is safeguarded.
15. an application software is characterized in that, comprising:
First module, when being used for desire the platform software side data being carried out the operation relevant with the application software authority, to the authority information of platform software request record application software authority, wherein said platform software side deposit will record application software authority permissions data;
Second module, the permissions data that is used for arriving to the platform software request according to first module participates in the control to the operation of platform software side data.
16. application software according to claim 15 is characterized in that, further comprises:
Three module is used for leaving the permissions data of record application software authority in the platform software side.
17. application software according to claim 16 is characterized in that, further comprises:
Four module is used to safeguard the permissions data that first module obtains, and the permissions data after will safeguarding by three module stores the platform software side into, with the permissions data of renewal platform software side.
18. a platform software is characterized in that, comprising:
First module is used for the instruction according to application software, the permissions data of put application software authority;
Second module is used for the instruction according to application software, and the information of permissions data is provided to application software.
19. platform software as claimed in claim 18 is characterized in that, further comprises:
Three module is used for when described platform software is understood the concrete implication of described permissions data, safeguards the permissions data that is stored in described first module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910081959A CN101859352A (en) | 2009-04-09 | 2009-04-09 | Method, system, application software and platform software for controlling authority |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910081959A CN101859352A (en) | 2009-04-09 | 2009-04-09 | Method, system, application software and platform software for controlling authority |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101859352A true CN101859352A (en) | 2010-10-13 |
Family
ID=42945257
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910081959A Pending CN101859352A (en) | 2009-04-09 | 2009-04-09 | Method, system, application software and platform software for controlling authority |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101859352A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102096785A (en) * | 2011-02-24 | 2011-06-15 | 北京书生国际信息技术有限公司 | Authority control method and device |
| CN102467642A (en) * | 2010-11-17 | 2012-05-23 | 北大方正集团有限公司 | Permission control method and device for application software |
| WO2013075419A1 (en) * | 2011-11-24 | 2013-05-30 | 中兴通讯股份有限公司 | Method for managing right to use of function, and mobile terminal |
| CN104516783A (en) * | 2013-09-27 | 2015-04-15 | 华为终端有限公司 | Authority control method and device |
| CN108280361A (en) * | 2017-01-05 | 2018-07-13 | 珠海金山办公软件有限公司 | A kind of authority classification management method and device |
-
2009
- 2009-04-09 CN CN200910081959A patent/CN101859352A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102467642A (en) * | 2010-11-17 | 2012-05-23 | 北大方正集团有限公司 | Permission control method and device for application software |
| CN102467642B (en) * | 2010-11-17 | 2015-02-25 | 北大方正集团有限公司 | Permission control method and device for application software |
| CN102096785A (en) * | 2011-02-24 | 2011-06-15 | 北京书生国际信息技术有限公司 | Authority control method and device |
| WO2013075419A1 (en) * | 2011-11-24 | 2013-05-30 | 中兴通讯股份有限公司 | Method for managing right to use of function, and mobile terminal |
| CN104516783A (en) * | 2013-09-27 | 2015-04-15 | 华为终端有限公司 | Authority control method and device |
| CN108280361A (en) * | 2017-01-05 | 2018-07-13 | 珠海金山办公软件有限公司 | A kind of authority classification management method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107403106B (en) | Database fine-grained access control method based on terminal user | |
| US10289456B2 (en) | Software bot conflict-resolution service agent | |
| CN101938497B (en) | Multistage security file structure as well as file access control and secret key management user terminal, service terminal, system and method thereof | |
| US8161527B2 (en) | Security Enhanced Data Platform | |
| CN102821096B (en) | Distributed storage system and file sharing method thereof | |
| CN101729550A (en) | Digital content safeguard system based on transparent encryption and decryption method thereof | |
| CN1585325B (en) | Zoned based security administration for data items | |
| CN201682524U (en) | Document transfer authority control system based on document filtering driver | |
| US7325129B1 (en) | Method for altering encryption status in a relational database in a continuous process | |
| US20060236104A1 (en) | Method and apparatus for encrypting and decrypting data in a database table | |
| CN113961535A (en) | Data trusted storage sharing system and method based on block chain | |
| CN103679050A (en) | Security management method for enterprise-level electronic documents | |
| CN102307185A (en) | Data isolation method used in storage cloud | |
| JP4735331B2 (en) | Information processing apparatus and information processing system using virtual machine, and access control method | |
| CN102546664A (en) | User and authority management method and system for distributed file system | |
| CN102257483A (en) | Managing access to an address range in a storage device | |
| CN101859352A (en) | Method, system, application software and platform software for controlling authority | |
| CN105027498A (en) | A method, system and device for securely storing data files at a remote location by splitting and reassembling said files | |
| CN102708326A (en) | Protection method for confidential files | |
| CN103098071A (en) | Providing differential access to a digital document | |
| WO2013013581A1 (en) | Document right management method, apparatus and system | |
| CN104239812A (en) | Local area network data safety protection method and system | |
| WO2015034176A1 (en) | Integrated document management system | |
| CN106161654A (en) | A kind of cloud educational system | |
| WO2018040450A1 (en) | Method for dynamically configuring document access right |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: BEIJING SURSEN ELECTRONIC TECHNOLOGY CO., LTD. BEI |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100089 5/F, NORTHERN REAL ESTATE BUILDING, NO.81, ZIZHUYUAN ROAD, HAIDIAN DISTRICT, BEIJING TO: 100191 ROOM 408, TAIXING BUILDING, NO.11, HUAYUAN EAST ROAD, HAIDIAN DISTRICT, BEIJING |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20101027 Address after: 100191, Room 408, Taixing building, 11 Garden East Road, Beijing, Haidian District Applicant after: Beijing Suresense International Information Technology Co., Ltd. Co-applicant after: Beijing Sursen Electronic Technology Co., Ltd. Co-applicant after: Beijing Sursen Network Technology Co., Ltd. Co-applicant after: Beijing Sursen Digital Library Software Technology Co., Ltd. Address before: North real estate building 81 No. 100089 Beijing Haidian District Zizhuyuan Road 5 layer Applicant before: Beijing Suresense International Information Technology Co., Ltd. |
|
| ASS | Succession or assignment of patent right |
Owner name: TIANJIN SHUSHENG INVESTMENT CO., LTD. Free format text: FORMER OWNER: BEIJING SURESENSE INTERNATIONAL INFORMATION TECHNOLOGY CO., LTD. Effective date: 20120509 Free format text: FORMER OWNER: BEIJING SURSEN ELECTRONIC CO., LTD. BEIJING SURSEN NETWORK TECHNOLOGY CO., LTD. BEIJING SURSEN DIGITAL LIBRARY SOFTWARE TECHNOLOGY CO., LTD. Effective date: 20120509 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100191 HAIDIAN, BEIJING TO: 300308 HEBEI, TIANJIN |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20120509 Address after: 300308, two floor, building 9, airport business park, 80 Ring Road North, Tianjin Airport Economic Zone Applicant after: Tianjin Shusheng Investment Co., Ltd. Address before: 100191, Room 408, Taixing building, 11 Garden East Road, Beijing, Haidian District Applicant before: Beijing Suresense International Information Technology Co., Ltd. Co-applicant before: Beijing Sursen Electronic Technology Co., Ltd. Co-applicant before: Beijing Sursen Network Technology Co., Ltd. Co-applicant before: Beijing Sursen Digital Library Software Technology Co., Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20101013 |