CN104410640A - Authority control method and system for acquiring information under distributed type cooperative environment - Google Patents
Authority control method and system for acquiring information under distributed type cooperative environment Download PDFInfo
- Publication number
- CN104410640A CN104410640A CN201410722053.4A CN201410722053A CN104410640A CN 104410640 A CN104410640 A CN 104410640A CN 201410722053 A CN201410722053 A CN 201410722053A CN 104410640 A CN104410640 A CN 104410640A
- Authority
- CN
- China
- Prior art keywords
- user
- signal
- authority
- equipment
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention relates to an authority control method and an authority control system for acquiring information under a distributed type cooperative environment. The method comprises the steps: a management center receives registering requests of equipment, a user and a signal, sets an ID number, a login password and an authority, and returns the ID number and the login password; the management center receives and calibrates login information of the equipment and/or the signal, changes variable attribute information after the login information is calibrated and returns authority information; the management center receives the login information of the user, and if the authority of the user is greater than or equal to the authority of the equipment, the management center judges that the user logs in a system successfully, changes variable attribute description information of the user and returns authority information of the user, and if the management center judges that the user fails in login, the management center returns an insufficient authority; the management center sets a filtering rule according to the authorities of the equipment and the signal and returns a signal list which can be checked by the user logging in the system successfully to the equipment where the user exists according to the filtering rule. According to the authority control method and the authority control system, the security and controllability challenge caused by information intercommunication in application of a distributed type multi-service multi-player cooperative system in a control room can be effectively solved.
Description
Technical field
The present invention relates to distributed system, more specifically, relate to a kind of authority control method and system of acquisition of information under distributed cooperation environment.
Background technology
Along with the development of network technology and the lifting of speed, synergistic application under distributed environment widely uses network technology for information acquisition, can transmit and obtain text, multimedia and various forms of computer export signal (being referred to as information here) whenever and wherever possible, and can interconnect in the plurality of devices of multi-person synergy easily, by information sharing with realize many people alternately and work collaborative.
Control room is a typical multiple-person cooperative work environment, mainly comprises for the high-resolution splicing wall display system (VW:Video Wall) of information centralized displaying, various signal source and various signal access device.Control room generally has multiple operation system and runs simultaneously, multiple business department uses simultaneously, sometimes also need to access oracle temporarily or by information sharing to outside, as by the Signal aspects of mobile device (dull and stereotyped, mobile phone) on spelling wall, or the interactive digital whiteboard screen (the IDB:Interactive Digital Board) specification signal of spelling on wall being shown to meeting room is upper and on the display terminal of participant.These demands are flexible and changeable often, and priority assignation and restriction are only carried out to user in control room in prior art, from information security and controlled angle, traditional control room security strategy is difficult to meet this temporarily changeable information interconnection and intercommunication demand, often need to do a lot of settings and configuration in advance, waste time and energy.
Summary of the invention
The present invention for overcoming at least one defect (deficiency) described in above-mentioned prior art, the authority control method of the controlled acquisition of information under distributed cooperation environment that ensures information safety while providing a kind of guarantee to carry out interconnecting of signal flexibly on various access device.
The present invention ensures information safety while also providing a kind of guarantee to carry out interconnecting of signal flexibly on various access device the authority control system of controlled acquisition of information under distributed cooperation environment.
For solving the problems of the technologies described above, technical scheme of the present invention is as follows:
An authority control method for acquisition of information under distributed cooperation environment, comprising:
The registration request of administrative center's receiving equipment, user or signal, arranges No. ID, login password and authority return No. ID and login password;
Administrative center receives and the log-on message of Authentication devices and/or signal, is verified the variable attribute information of this equipment of rear change and/or signal and returning right limit information;
Administrative center receives the log-on message that user uses the equipment logined successfully to send, if user right is more than or equal to equipment authority, judge that this user logs in successfully, change the variable attribute descriptor of user and return user right information, otherwise judge this login failed for user, return insufficient permission information;
Administrative center, according to the authority size setting filtering rule of equipment and signal, the equipment used to the user of Successful login returns all signal lists that this user can check according to filtering rule.
Method of the present invention adopts authority centralized distribution and control, administrative center distributes the overall situation unique No. ID and login password to sending the equipment of registration request, user and signal, and the authority of equipment, user and signal can be set separately, and No. ID and login password are returned to equipment corresponding to registration request or user or signal, only have registered equipment, signal and user in control room display and can use, improve the fail safe of control room information interaction; Secondly, in distributed collaboration process, equipment and user log in and need to verify, and whether have permission login according to authority information automatic decision equipment and user and whether automatic decision user and equipment have and obtain the authority of signal, this mode, by realizing controlled to the information interaction of authority to equipment, user of equipment, user and signal, effectively can solve safety and controlled challenge that in control room, in the application of distributed multi-service multi-person synergy system, information interconnection and intercommunication brings.
Under distributed cooperation environment, an authority control system for acquisition of information, comprises administrative center, and described administrative center comprises:
Registration request processing module, for the registration request of receiving equipment, user or signal, arranges unique No. ID, login password and Permission Levels return No. ID and login password;
Equipment and signal login module, for receiving the log-on message with Authentication devices and/or signal, be verified the variable attribute information of this equipment of rear change and/or signal and returning right limit information;
User log-in block, for receiving the log-on message that user uses the equipment logined successfully to send, if user right is more than or equal to equipment authority, judge that this user logins successfully, change the variable attribute descriptor of user and return user right information, otherwise judge this login failed for user, return insufficient permission information;
Signal list acquisition module, for according to the authority size of equipment and signal setting filtering rule, the equipment used to the user of Successful login returns all signal lists that this user can check according to filtering rule.
System of the present invention adopts authority centralized distribution and control, the registration request processing module of administrative center distributes the overall situation unique No. ID and login password to sending the equipment of registration request, user and signal, and the authority of equipment, user and signal can be set separately, and No. ID and login password are returned to equipment corresponding to registration request or user or signal, only have registered equipment, signal and user in control room display and can use, improve the fail safe of control room information interaction, secondly, in distributed collaboration process, device logs module and user log-in block are verified log-on message in equipment and process of user login, and whether have permission login according to authority information automatic decision equipment and user and utilize signal list acquisition module automatic decision user and equipment whether to have the authority obtaining signal, this system is passed through equipment, the authority of user and signal is come equipment, the information interaction of user realizes controlled, effectively can solve safety and controlled challenge that in control room, in the application of distributed multi-service multi-person synergy system, information interconnection and intercommunication brings.
Accompanying drawing explanation
Fig. 1 is the flow chart of the authority control method specific embodiment of a kind of acquisition of information under distributed cooperation environment of the present invention.
Fig. 2 is the process chart registered in the authority control method of a kind of acquisition of information under distributed cooperation environment of the present invention.
Fig. 3 is a kind of control room Organization Chart under distributed cooperation environment during the authority control method embody rule of acquisition of information of the present invention.
Fig. 4 is signal login authentication flow chart in the authority control method of a kind of acquisition of information under distributed cooperation environment of the present invention.
Fig. 5 is equipment and user login validation flow chart in the authority control method of a kind of acquisition of information under distributed cooperation environment of the present invention.
Fig. 6 is that in the authority control method of a kind of acquisition of information under distributed cooperation environment of the present invention, signal list obtains flow chart.
Fig. 7 is signal authority change flow figure in the authority control method of a kind of acquisition of information under distributed cooperation environment of the present invention.
Fig. 8 is equipment authority change flow figure in the authority control method of a kind of acquisition of information under distributed cooperation environment of the present invention.
Fig. 9 is user right change flow figure in the authority control method of a kind of acquisition of information under distributed cooperation environment of the present invention.
Figure 10 is the Organization Chart of the authority control system of a kind of acquisition of information under distributed cooperation environment of the present invention.
Embodiment
Accompanying drawing, only for exemplary illustration, can not be interpreted as the restriction to this patent;
In order to better the present embodiment is described, some parts of accompanying drawing have omission, zoom in or out, and do not represent the size of actual product;
To those skilled in the art, in accompanying drawing, some known features and explanation thereof may be omitted is understandable.
In describing the invention, it is to be appreciated that term " first ", " second " only for describing object, and can not be interpreted as the quantity of instruction or hint relative importance or implicit indicated technical characteristic.Thus, one or more these features can be expressed or impliedly be comprised to the feature of " first ", " second " of restriction.In describing the invention, except as otherwise noted, the implication of " multiple " is two or more.
In describing the invention, it should be noted that, unless otherwise clearly defined and limited, term " installation ", " connection " should be interpreted broadly, and such as, can be fixedly connected with, also can be removably connect, or connect integratedly; Can be mechanical connection, also can be electrical connection; Can be directly be connected, also can be indirectly connected by intermediary, the connection of two element internals can be said.For the ordinary skill in the art, concrete condition above-mentioned term can be understood at concrete meaning of the present invention.
Below in conjunction with drawings and Examples, technical scheme of the present invention is described further.
Embodiment 1
As shown in Figure 1, be the flow chart of the authority control method specific embodiment of a kind of acquisition of information under distributed cooperation environment of the present invention.See Fig. 1, the present invention a kind of under distributed cooperation environment the control of authority new method of acquisition of information possess and comprise the steps:
S101. the registration request of administrative center's receiving equipment, user or signal, arranges No. ID, login password and authority return No. ID and login password;
S102. administrative center receives and the log-on message of Authentication devices and/or signal, is verified the variable attribute information of this equipment of rear change and/or signal and returning right limit information;
S103. administrative center receives the log-on message that user uses the equipment logined successfully to send, if user right is more than or equal to equipment authority, judge that this user logins successfully, change the variable attribute descriptor of user and return user right information, otherwise judge this login failed for user, return insufficient permission information;
S104. administrative center is according to the authority size setting filtering rule of equipment and signal, the equipment used to the user of Successful login returns all signal lists that this user can check according to filtering rule.
Based on such scheme, the administrative center of this specific embodiment receives the registration request from equipment, user or signal, equipment, user or signal No. ID, login password and authority is generated according to registration request, and return No. ID and login password to equipment, user or signal, so that follow-up login uses, in login process, administrative center receives and Authentication devices, the log-on message of signal and user also the equipment judging whether to allow to log in and whether allow signal to use user in conjunction with authority shows, in the process, utilize registration process can prevent illegal device registration, user or signal enter into system, and utilize equipment, the authority of user and signal judges whether user uses equipment and signal whether to allow the equipment that is shown to and user, interconnecting of information in the distributed multi-service multi-person synergy system in control room is made to obtain the control of fail safe, by the controllability that Trinitarian control of authority guarantee information is mutual, effectively can solve safety and controlled challenge that in control room, in the application of distributed multi-service multi-person synergy system, information interconnection and intercommunication brings.
In specific implementation process, as shown in Figure 2, administrative center is utilized to carry out registration management to equipment, signal and user in step S101, equipment, signal and user send a request for registration to administrative center, administrative center receives registration request and generates the relevant information of equipment, user and signal, if succeeded in registration, information is saved in the local data base of administrative center, and return No. ID and login password to equipment, user or signal, if registration failure, administrative center can by returning miscue annunciator, user or signal login failure.In a particular application, in control room, equipment, signal and user need to register in administrative center, after registration, equipment, signal and user correspond to the overall situation unique No. ID and login password, administrative center's also individually signalization authority, equipment authority and user right, only has registered equipment, signal and user side in control room display and can use.As shown in Figure 3, for the system architecture diagram under the distributed cooperation environment in control room in embody rule of the present invention, equipment can be spell wall display system, IDB display system, PC, mobile terminal etc., and during embody rule, administrative center inside is by local data library management log-on message.
As shown in Figures 4 and 5, carry out equipment and/or signal login authentication in step s 102, No. ID that returns when equipment and/or signal are upon actuation by registering signs in administrative center automatically with login password, administrative center verifies login according to No. ID and login password, after being verified, the variable attribute information of administrative center to equipment and/or signal is changed and returns corresponding authority information to equipment, signal.Equipment and signal acquisition authority information can be saved in this locality.Wherein, variable attribute information includes but not limited to state information and IP address, and state information comprises the states such as online and not online.
As shown in Figure 5, in the user login validation process of step S103, user needs to log on the equipment being successfully logged onto administrative center, the log-on message of user is sent by this equipment, as No. ID and login password, after administrative center receives log-on message, this equipment authority that user right and user use is judged, if user right is more than or equal to equipment authority, judge that this user can use this equipment, administrative center upgrades the variable attribute descriptor of user simultaneously, as the IP address that user logs in, and return user right information, otherwise user right is less than equipment authority then judges that this user can not use this equipment, login failure, prompting insufficient permission.
As shown in Figure 6, in specific implementation process, step S104 verifies acquisition signal.After user logins successfully, the equipment permission build user current signal list checked that administrative center uses according to user is carry out according to the filtering rule preset during concrete generation.Filtering rule can be, but not limited to:
If signal authority is higher than equipment authority, user can not check this signal on beaching accommodation, if signal authority is equal to or less than equipment authority, then user can check this signal on equipment.
Administrative center returns according to filtering rule all signal lists that this user can check, user can select arbitrary signal according to signal list and initiate request of data directly to signal.
Signal in user selection signal list initiates to connect directly to signal, request msg; After successful connection, signal sends data to the equipment that user uses and shows, and the data that the equipment Received signal strength that user uses sends also show in this locality.In the process without the need to through administrative center, simplification, the high-speeding of information interaction when the mutual safety of guarantee information, can be realized.
In specific implementation process, administrative center can change the authority of equipment, user and signal, when after administrative center's change equipment authority, user right or signal authority, administrative center can sending permission update notification, now equipment, user and signal can be presence also can be not presence.Under presence, namely under logging status, administrative center's change is in the equipment of logging status, user or signal authority, and to corresponding device, user or signal sending permission update notification, particularly as Figure 7-9:
Keeper is in administrative center's change signal authority, signal can receive authority notice of change, the signal authority credentials that this locality is preserved is revised as currency, to originally having permission, administrative center can check that all users of this signal send signal authority update notification simultaneously, if the signal authority after adjustment is more than or equal to the equipment authority of active user, then signal is deleted from checking signal list, if the authority after adjustment is less than the equipment authority of active user, then signal is added to and can check signal list.
Keeper is in administrative center's change equipment authority, and equipment can receive authority notice of change, if the equipment authority after change improves, be greater than active user's authority, then active user can not re-use this equipment, and user is forced to nullify.If equipment authority improves, still be less than or equal to active user's authority, then active user can use this equipment, but the signal that can check can increase, the signal checked newly-increased because equipment authority improves is sent to equipment by administrative center, and renewal can check signal list.If the equipment authority after change reduces, then the signal can checked can reduce, and in the automatic erasure signal list of meeting, authority is higher than the signal of equipment authority.
Keeper changes user right in administrative center, user can receive authority notice of change, if the user right after change improves, then user can continue to use this equipment, if the user right after change is reduced to be less than current device authority, then user can not continue to use this equipment, and user is forced to nullify.
In specific implementation process, when signal, equipment and user are no longer allowed to use in control room, administrative center can logoff signal, equipment and user.
In the method for the invention, utilize the control of authority of administrative center to signal, equipment and user effectively to solve safety and controlled challenge that in control room, in the application of distributed multi-service multi-person synergy system, information interconnection and intercommunication brings.And the management of utilization to Permission Levels, the present invention can carry out flexible deployment to the equipment in control room, user and signal, and support that display devices many arbitrarily, signal and user use in control room, system can expand as required.In addition, method of the present invention can flexible configuration, administrative center can need to change any authority at any time according to application, during authority change, equipment, signal and user do not need again to log in, the renewal of authority can be carried out by direct-on-line, easy to use, and the signal list can be able to checked according to the change real-time update user of authority, at any time ensure that specified permission user can only see its authorized information seen.
Embodiment 2
On the basis of embodiment 1, the present invention also provides a kind of authority control system of acquisition of information under distributed cooperation environment.See Figure 10, the authority control system of a kind of acquisition of information under distributed cooperation environment of the present invention specifically comprises administrative center 201, and the equipment in administrative center and control room, signal and user can connect and carry out information interaction; Described administrative center 201 comprises:
Registration request processing module 2011, for the registration request of receiving equipment, user or signal, arranges No. ID, login password and authority return No. ID and login password;
Equipment and signal login module 2012, for receiving the log-on message with validation signal and/or equipment, be verified the variable attribute information of this equipment of rear change and/or signal and the authority information of Returning equipment;
User log-in block 2013, for receiving the log-on message that user uses the equipment logined successfully to send, if user right is more than or equal to equipment authority, judge that this user logins successfully, change the variable attribute descriptor of user and return user right information, otherwise judge this login failed for user, return insufficient permission information;
Signal list acquisition module 2014, for according to the authority size of equipment and signal setting filtering rule, the equipment used to the user of Successful login returns all signal lists that this user can check according to filtering rule.
Based on such scheme, the registration request processing module 2011 of this specific embodiment receives the registration request from equipment, user or signal, equipment, user or signal No. ID, login password and authority is generated according to registration request, and return No. ID and login password to equipment, user or signal, so that follow-up login uses, in login process, registration request processing module 2011 receives and Authentication devices, the log-on message of signal and user also the equipment judging whether to allow to log in and whether allow signal to use user in conjunction with authority shows, in the process, utilize registration process can prevent illegal device registration, user or signal enter into system, and utilize equipment, the authority of user and signal judges whether user uses equipment and signal whether to allow the equipment that is shown to and user, interconnecting of information in the distributed multi-service multi-person synergy system in control room is made to obtain the control of fail safe, by the controllability that Trinitarian control of authority guarantee information is mutual, effectively can solve safety and controlled challenge that in control room, in the application of distributed multi-service multi-person synergy system, information interconnection and intercommunication brings.
In specific implementation process, utilize registration request processing module 2011 pairs of equipment, signal and user carry out registration management, equipment, signal and user send a request for registration to the registration request processing module 2011 of administrative center, registration request processing module 2011 receives registration request and generates equipment, the relevant information of user and signal, if succeeded in registration, information is saved in local data base, and to equipment, user or signal return No. ID and login password, if registration failure, registration request processing module 2011 can by returning miscue annunciator, user or signal login failure.In a particular application, in control room, equipment, signal and user need to register in the registration request processing module 2011 of administrative center, after registration, equipment, signal and user correspond to the overall situation unique No. ID and login password, administrative center's also individually signalization authority, equipment authority and user right, only has registered equipment, signal and user side in control room display and can use.
In specific implementation process, equipment and signal login module 2012 carry out equipment and/or signal login authentication, No. ID that returns when equipment and/or signal are upon actuation by registering signs in equipment and the signal login module 2012 of administrative center automatically with login password, equipment and signal login module 2012 are verified login according to No. ID and login password, after being verified, the variable attribute information of equipment and signal login module 2012 pairs of equipment and/or signal is changed and is returned corresponding authority information to equipment, signal.Equipment and signal acquisition authority information can be saved in this locality.Wherein, variable attribute information includes but not limited to state information and IP address, and state information comprises the states such as online and not online.
In specific implementation process, in user log-in block 2013 pairs of user login validation processes, user needs to log on the equipment being successfully logged onto administrative center, the log-on message of user is sent by this equipment, as No. ID and login password, after the user log-in block 2013 of administrative center receives log-on message, this equipment authority that user right and user use is judged, if user right is more than or equal to equipment authority, judge that this user can use this equipment, user log-in block 2013 upgrades the variable attribute descriptor of user simultaneously, as the IP address that user logs in, and return user right information, otherwise user right is less than equipment authority then judges that this user can not use this equipment, login failure, prompting insufficient permission.
State in realization in scheme, user log-in block 2013 and equipment and signal login module 2012 can unite two into one, by function i ntegration to the enterprising row relax of same module.
In specific implementation process, signal list acquisition module 2014 verifies acquisition signal.After user logins successfully, the current signal list checked of equipment permission build user that the signal list acquisition module 2014 of administrative center uses according to user, concrete is carry out according to the filtering rule preset when generating.Filtering rule can be, but not limited to:
If signal authority is higher than equipment authority, user can not check this signal on beaching accommodation, if signal authority is equal to or less than equipment authority, then user can check this signal on equipment.
Signal list acquisition module 2014 returns according to filtering rule all signal lists that this user can check, user can select arbitrary signal according to signal list and initiate request of data directly to signal.
Signal in user selection signal list initiates to connect directly to signal, request msg; After successful connection, signal sends data to the equipment that user uses and shows, and the data that the equipment Received signal strength that user uses sends also show in this locality.In the process without the need to through administrative center, simplification, the high-speeding of information interaction when the mutual safety of guarantee information, can be realized.
In specific implementation process, administrative center can change the authority of equipment, user and signal, when after administrative center's change equipment authority, user right or signal authority, administrative center can sending permission update notification, now equipment, user and signal can be presence also can be not presence.Under presence, namely under logging status, administrative center's change is in the equipment of logging status, user or signal authority, and to corresponding device, user or signal sending permission update notification, registration request process mould 2011 can be utilized particularly.For the object being in logging status, the change of registration request process mould 2011 is in the equipment of logging status, user or signal authority, and to corresponding device, user or signal sending permission update notification, particularly:
Registration request process mould 2011 changes signal authority, signal can receive authority notice of change, the signal authority credentials that this locality is preserved is revised as currency, to originally having permission, the registration request process mould 2011 of administrative center can check that all users of this signal send signal authority update notification simultaneously, now the signal list update module of administrative center judges whether the authority of this signal is less than or equal to the authority of equipment after registration request process mould 2011 changes signal authority, if then this signal is increased in the signal list that user can check, otherwise this signal is deleted from the signal list that user can check.
Keeper changes equipment authority at the registration request process mould 2011 of administrative center, equipment can receive authority notice of change, if the equipment authority after change improves, be greater than active user's authority, then active user can not re-use this equipment, now whether the cancellation module of administrative center the authority of judgment device can be greater than the authority of the user using this equipment after registration request processing module change equipment authority, if the login of then this user of kick out.If equipment authority improves, still active user's authority is less than or equal to, then active user can use this equipment, but the signal that can check can increase, now the signal list update module of administrative center judges that after registration request process mould 2011 changes the authority of equipment the authority of this equipment is whether higher than the authority of signal, if then this signal is increased in the signal list that user can check, otherwise is deleted from the signal list that user can check by this signal.
Keeper changes user right at the registration request process mould 2011 of administrative center, and user can receive authority notice of change; Now whether the cancellation module of administrative center the authority of judgment device can be greater than the authority of user using this equipment after registration request processing module 2011 changes user right, if the login of then this user of kick out.If the user right after change improves, then user can continue to use this equipment, if the user right after change is reduced to be less than current device authority, then user can not continue to use this equipment, and user is forced to nullify.
In specific implementation process, when signal, equipment and user are no longer allowed to use in control room, the registration request process mould 2011 of administrative center can logoff signal, equipment and user.
In the system of the present invention, utilize the control of authority of the modules of administrative center to signal, equipment and user effectively to solve safety and controlled challenge that in control room, in the application of distributed multi-service multi-person synergy system, information interconnection and intercommunication brings.And the management of utilization to Permission Levels, the present invention can carry out flexible deployment to the equipment in control room, user and signal, and support that display devices many arbitrarily, signal and user use in control room, system can expand as required.In addition, method of the present invention can flexible configuration, administrative center can need to change any authority at any time according to application, during authority change, equipment, signal and user do not need again to log in, the renewal of authority can be carried out by direct-on-line, easy to use, and the signal list can be able to checked according to the change real-time update user of authority, at any time ensure that specified permission user can only see its authorized information seen.
The corresponding same or analogous parts of same or analogous label;
Describe in accompanying drawing position relationship for only for exemplary illustration, the restriction to this patent can not be interpreted as;
Obviously, the above embodiment of the present invention is only for example of the present invention is clearly described, and is not the restriction to embodiments of the present invention.For those of ordinary skill in the field, can also make other changes in different forms on the basis of the above description.Here exhaustive without the need to also giving all execution modes.All any amendments done within the spirit and principles in the present invention, equivalent to replace and improvement etc., within the protection range that all should be included in the claims in the present invention.
Claims (9)
1. the authority control method of acquisition of information under distributed cooperation environment, is characterized in that, comprising:
The registration request of administrative center's receiving equipment, user or signal, arranges No. ID, login password and authority return No. ID and login password;
Administrative center receives and the log-on message of Authentication devices and/or signal, is verified the variable attribute information of this equipment of rear change and/or signal and returning right limit information;
Administrative center receives the log-on message that user uses the equipment logined successfully to send, if user right is more than or equal to equipment authority, judge that this user logins successfully, change the variable attribute descriptor of user and return user right information, otherwise judge this user's failure, return insufficient permission information;
Administrative center, according to the authority size setting filtering rule of equipment and signal, the equipment used to the user of Successful login returns all signal lists that this user can check according to filtering rule.
2. the authority control method of acquisition of information under distributed cooperation environment according to claim 1, is characterized in that, described method also comprises:
Administrative center's change is in the equipment of logging status, user or signal authority, and to corresponding device, user or signal sending permission update notification.
3. the authority control method of acquisition of information under distributed cooperation environment according to claim 2, is characterized in that, described method also comprises:
After administrative center change user or equipment authority, also whether the authority of judgment device is greater than the authority of the user using this equipment, if the login of then this user of kick out.
4. the authority control method of acquisition of information under distributed cooperation environment according to claim 2, is characterized in that, described method also comprises:
Also judge after the authority of administrative center's change signal or equipment that the authority of this equipment is whether higher than the authority of signal, if then this signal is increased in the signal list that user can check, otherwise this signal is deleted from the signal list that user can check.
5. the authority control method of acquisition of information under distributed cooperation environment according to any one of claim 1-4, is characterized in that,
Signal in user selection signal list after logining successfully also initiates to connect directly to signal;
The data that the equipment Received signal strength that user uses sends also show in this locality.
6. the authority control system of acquisition of information under distributed cooperation environment, it is characterized in that, comprise administrative center, described administrative center comprises:
Registration request processing module, for the registration request of receiving equipment, user or signal, arranges No. ID, login password and authority return No. ID and login password;
Equipment and signal login module, for receiving the log-on message with Authentication devices and/or signal, be verified the variable attribute information of this equipment of rear change and/or signal and returning right limit information;
User log-in block, for receiving the log-on message that user uses the equipment logined successfully to send, if user right is more than or equal to equipment authority, judge that this user logins successfully, change the variable attribute descriptor of user and return user right information, otherwise judge this user's failure, return insufficient permission information;
Signal list acquisition module, for according to the authority size of equipment and signal setting filtering rule, the equipment used to the user of Successful login returns all signal lists that this user can check according to filtering rule.
7. the authority control system of acquisition of information under distributed cooperation environment according to claim 6, it is characterized in that, registration request processing module also for change be in logging status equipment, user or signal authority, and to corresponding device, user or signal sending permission update notification.
8. the authority control system of acquisition of information under distributed cooperation environment according to claim 7, it is characterized in that, administrative center also comprises:
Whether cancellation module, be greater than the authority of the user using this equipment for the authority of judgment device after registration request processing module change user or equipment authority, if the login of then this user of kick out.
9. the authority control system of acquisition of information under distributed cooperation environment according to claim 7, it is characterized in that, administrative center also comprises:
Signal list update module, for judging that the authority of this equipment is whether higher than the authority of signal after the authority of registration request processing module change signal or equipment, if then this signal is increased in the signal list that user can check, otherwise is deleted from the signal list that user can check by this signal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410722053.4A CN104410640B (en) | 2014-12-03 | 2014-12-03 | A kind of authority control method and system of the acquisition of information under distributed cooperation environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410722053.4A CN104410640B (en) | 2014-12-03 | 2014-12-03 | A kind of authority control method and system of the acquisition of information under distributed cooperation environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104410640A true CN104410640A (en) | 2015-03-11 |
| CN104410640B CN104410640B (en) | 2019-04-16 |
Family
ID=52648238
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410722053.4A Expired - Fee Related CN104410640B (en) | 2014-12-03 | 2014-12-03 | A kind of authority control method and system of the acquisition of information under distributed cooperation environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104410640B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108156111A (en) * | 2016-12-02 | 2018-06-12 | 北大方正集团有限公司 | The treating method and apparatus of network service permission |
| CN111125684A (en) * | 2019-12-16 | 2020-05-08 | 南京国电南自轨道交通工程有限公司 | Multi-control room permission handover method for SCADA system control center |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030061216A1 (en) * | 2001-03-27 | 2003-03-27 | Fred Moses | System and method for managing objects and resources with access rights embedded in nodes within a hierarchical tree structure |
| CN1481112A (en) * | 2002-09-12 | 2004-03-10 | 联想(北京)有限公司 | Service renting and authorizing method for realizing resource sharing in household network |
| CN101056343A (en) * | 2007-06-19 | 2007-10-17 | 华为技术有限公司 | Method and call terminal for multiple users to use the same call terminal |
| CN101110702A (en) * | 2007-08-14 | 2008-01-23 | 中兴通讯股份有限公司 | Method for command line interface authority classification and system thereof |
| US20090177741A1 (en) * | 2006-09-15 | 2009-07-09 | Huawei Technologies Co., Ltd. | Method, system and device for subscribing to a service |
| CN102148867A (en) * | 2011-02-09 | 2011-08-10 | 杭州华三通信技术有限公司 | Method and device for accessing page based on user permission |
| US20120317621A1 (en) * | 2011-06-09 | 2012-12-13 | Canon Kabushiki Kaisha | Cloud system, license management method for cloud service |
| CN103986734A (en) * | 2014-06-05 | 2014-08-13 | 东信和平科技股份有限公司 | Authentication management method and authentication management system applicable to high-security service system |
-
2014
- 2014-12-03 CN CN201410722053.4A patent/CN104410640B/en not_active Expired - Fee Related
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030061216A1 (en) * | 2001-03-27 | 2003-03-27 | Fred Moses | System and method for managing objects and resources with access rights embedded in nodes within a hierarchical tree structure |
| CN1481112A (en) * | 2002-09-12 | 2004-03-10 | 联想(北京)有限公司 | Service renting and authorizing method for realizing resource sharing in household network |
| US20090177741A1 (en) * | 2006-09-15 | 2009-07-09 | Huawei Technologies Co., Ltd. | Method, system and device for subscribing to a service |
| CN101056343A (en) * | 2007-06-19 | 2007-10-17 | 华为技术有限公司 | Method and call terminal for multiple users to use the same call terminal |
| CN101110702A (en) * | 2007-08-14 | 2008-01-23 | 中兴通讯股份有限公司 | Method for command line interface authority classification and system thereof |
| CN102148867A (en) * | 2011-02-09 | 2011-08-10 | 杭州华三通信技术有限公司 | Method and device for accessing page based on user permission |
| US20120317621A1 (en) * | 2011-06-09 | 2012-12-13 | Canon Kabushiki Kaisha | Cloud system, license management method for cloud service |
| CN103986734A (en) * | 2014-06-05 | 2014-08-13 | 东信和平科技股份有限公司 | Authentication management method and authentication management system applicable to high-security service system |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108156111A (en) * | 2016-12-02 | 2018-06-12 | 北大方正集团有限公司 | The treating method and apparatus of network service permission |
| CN108156111B (en) * | 2016-12-02 | 2021-12-03 | 北大方正集团有限公司 | Method and device for processing network service authority |
| CN111125684A (en) * | 2019-12-16 | 2020-05-08 | 南京国电南自轨道交通工程有限公司 | Multi-control room permission handover method for SCADA system control center |
| CN111125684B (en) * | 2019-12-16 | 2024-01-30 | 南京国电南自轨道交通工程有限公司 | Multi-control-room authority handing-over method for SCADA (supervisory control and data acquisition) system control center |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104410640B (en) | 2019-04-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2658207B1 (en) | Authorization method and terminal device | |
| KR102040755B1 (en) | Method and system for processing voice communication, electronic device and storage medium | |
| CN103595759B (en) | Desktop presentation method based on high in the clouds | |
| CN101730094B (en) | Method for accessing terminal equipment to service platform of security system and transmitting information | |
| EP2408140B1 (en) | Method, control point, apparatus and communication system for configuring access right | |
| CN102916946B (en) | Connection control method and system | |
| CN105530224A (en) | Method and device for terminal authentication | |
| CN105471897A (en) | Embedded device cloud service access method and system | |
| CN105431816A (en) | Synchronizing device association data among computing devices | |
| CN101610502A (en) | Based on the method that moves the different business systems mobile information integration of using door | |
| CN105827598A (en) | Method and system for strengthening WiFi security of access router | |
| CN102571446A (en) | Method, device and system for upgrading network device | |
| CN102984045A (en) | Access method of Virtual Private Network and Virtual Private Network client | |
| CN113890767A (en) | Network access method, device, equipment and storage medium | |
| KR20130111807A (en) | System for remote monitoring of programmable logic controller using mobile device | |
| CN103188332A (en) | Remote desktop access control management method, equipment and system | |
| CN104038501A (en) | Cluster management system and cluster management method for display terminal | |
| CN111885080A (en) | Login service architecture, server and client | |
| CN104901757A (en) | Mobile terminal control method and system for IP (Internet Protocol) network broadcast | |
| CN104410640A (en) | Authority control method and system for acquiring information under distributed type cooperative environment | |
| CN102164099A (en) | Webpage-based group information interaction realization method and system | |
| CN102137045A (en) | Method and system for implementing group information interaction on community platform | |
| CN105681737A (en) | Examination-room-based mobile command platform and monitoring method thereof | |
| CN104092826A (en) | Method and device for sharing personal information on terminal | |
| US10764268B2 (en) | Security controller (SC) restoration method and apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190416 Termination date: 20211203 |