CN104881736A - Multi-Agent worksteam access control method based on improved role - Google Patents
Multi-Agent worksteam access control method based on improved role Download PDFInfo
- Publication number
- CN104881736A CN104881736A CN201510249821.3A CN201510249821A CN104881736A CN 104881736 A CN104881736 A CN 104881736A CN 201510249821 A CN201510249821 A CN 201510249821A CN 104881736 A CN104881736 A CN 104881736A
- Authority
- CN
- China
- Prior art keywords
- task
- role
- workflow
- agent
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a multi-Agent worksteam access control method based on an improved role and mainly solves a problem of workstream access authority control. The implementation steps includes: (1) constructing a four layer structural mode of user-role-task-authority, designing different types of Agents cooperating with each other for playing the workstream execution role; (2) configuring a four layer structural mode on a workstream system platform, wherein the configuration includes identity authorization, organization tree role management, task execution management and role-task-authority management; and (3) performing workstream access control according to the four-layer structural mode. According to the invention, the task is added between the role and the authority and the role can only have authority during a task performing process, so that minimum authority assignment in the workstream system is realized and dynamic adaptability of the workstream system is improved.
Description
Technical field
The invention belongs to Computer Applied Technology field, particularly a kind of multi-Agent workflow access control method, can be used for the Integrated Development of Workflow Management System.
Background technology
The seventies in last century, propose a kind of completely new concept-Agent, Agent in artificial intelligence field and refer to by perception environment, utilize its knowledge and ability, formulate the executable activating step having relation of interdependence, to realize final goal.Agent technology associates the multiple Computer Subjects such as artificial intelligence, distributed treatment, expert system, has autonomy, the essential characteristic such as social, reactive and spontaneous.
In recent years, Agent is applied in Workflow Management System the interest and great attention that cause Chinese scholars, this connected applications has shown good development prospect.Workflow refers to the decomposable flow process real business performed by the applicable computing machine that procedure definition is formed.The core of Workflow Management System is workflow engine, which control the whole service state of workflow.Agent is applied in Workflow Management System, utilize the characteristic of Agent, make the work such as task matching, scheduling of resource, coordinated management, tasks carrying that Agent is responsible in system, can support that related work Workflow Management System realizes intellectuality and the Agility of whole system well.In multi-Agent Workflow system, comprise polytype Agent: User interface Agent, task-resource graph, workflow engine Agent, monitoring Agent, resource management Agent, resource agents, control agents etc., by the normal operation of the collaborative system that ensures of executing the task between different Agent.
For the computer system method of operation of this procedure of workflow and robotization, focus on the safety problem considering whole system especially, WFMC WfMC workflow safe service is studied and its promulgate safe white paper in, provide the content comprising certification, mandate, access control, data encryption, audit, data integrity, safety management and undeniable eight aspects, to ensure the security of work flow operation.
Access control is premised on identification, controls resource scheduling request according to identity information, thus accomplishes the safeguard protection to Workflow system resource and service.
At present, the access control mechanisms comparing main flow has self contained navigation DAC, forced symmetric centralization MAC, access control based roles RBAC and task-based access control TBAC.
1) self contained navigation DAC
Using the owner of user as object, full powers manage the access authorization about object, and such user just independently can determine the object that other user accesses him in which way and has.As long as user have passed authentication, DAC just can distribute accessing operation according to the identity of user and access rights for it.These transfer of right, after having certain access rights, just can be given other main body by main body directly or indirectly.The independence of DAC can provide very large dirigibility for user, but this independence brings potential dangerous, and it makes Trojan Horse be delivered to another process by shared object from a process.
2) forced symmetric centralization MAC
Each subject and object is divided in a certain level of security, access control is implemented on the basis of level of security classification.The level of security of main body reflects the reliability of subject user, and namely subject user can not be leaked sensitive information to other users.The level of security of object reflects susceptibility and the confidentiality of object information, i.e. the harm size that will cause of information leakage.MAC performs security strategy by distributing security attribute to all users and resources constrained, is distributed unitedly and manage by keeper, and user can not change the security attribute of self and other master/objects.This control model makes the information flow in system become unidirectional irreversible, prevents information to flow to the object of low-security from the object of high safe level.But MAC can not provide good dirigibility to user, realize workload comparatively large, the demand for security of enterprise's complex environment cannot be met in Workflow Management System.
3) access control based roles RBAC
Divide role according to the responsibilities in membership credentials, and be the authority of role's granted access and operating resource, user passes through assigned role and obtains corresponding authority, thus achieves the logical separation of user and authority.In RBAC model, introduce the concept of " role " between user and authority, user can only obtain the access rights that distributed role has, but cannot obtain the access rights not available for this role.RBAC is because introduce this intermediary of role, the access rights of various role and setting role can be defined according to practical application request, user is also assigned to different roles simultaneously, and achieve the logical separation of user and access rights, user is no longer autonomous to the access of object.But in Workflow Management System, RBAC can not ensure that responsibility is separated, and supposes that a certain role can complete multi-mode operation, and the main body so completing multi-mode operation can be the main body belonging to this role, also can be the multiple main bodys belonging to this role, thus can not ensure that responsibility is separated; Least privilege constraint illusion, in RBAC, authority directly and role link together, after a user activates some roles, just have all authorities of this role.But in actual applications, this user does not allow to perform these tasks simultaneously, so the authority that user has is larger than authority required during actual executing the task, therefore do not reach real least privilege constraint.
4) task-based access control TBAC
Set up security model from the angle of task and realize security mechanism, the safety management of dynamic realtime is provided in the process of task process.Access rights combined with task, the execution of task is that user uses associated rights to access the process of object.In task implementation, authority has been consumed or at the end of task, user just has access rights no longer.And system decides the access rights of how to give main body according to the situation of host-guest, task status, and the access rights of object change, so be called active secure model along with the change of the context environmental of executing the task.But due to the complicacy of TBAC delegated strategy, the research of this model only rests on theory stage, is not suitable for the application of large enterprise, also do not formed so far maturation perfect realize framework.In addition, owing to not supporting the hierarchical relationship of role in TBAC, so effect is in actual applications unsatisfactory.
Above-mentioned several access control method all can not well be applied in Workflow Management System, because this system is the system centered by task, traditional access control method of above introduction is all difficult to the requirement reaching security of system access control.
Summary of the invention
The object of the invention is to propose a kind of multi-Agent workflow access control method based on improving role, by task matching authority, the Workflow Management System solving prior art operationally can not realize due multiple rights concerns because of a Ren Duo hilllock, namely user performs different tasks and then has different authorities in workflow, Workflow Management System independently, interactively can be executed the task, reduce the workload of user.
Technical scheme of the present invention is achieved in that
One. know-why
Basic thought of the present invention is: the operating right of tasks carrying no longer distributes to role, but gives task by concrete access rights, and role is by acquisition authority of executing the task, and user could rights of using when being assigned with concrete role and executing the task.So just can ensure that authority is only just used when tasks carrying, after tasks carrying completes, user and role no longer can objects in operating system.User, role, between task and authority, be the relation of multi-to-multi, and can change according to the real-time condition of work flow operation.
By designing dissimilar Agent, interactive cooperation between them is made to complete the execution of whole workflow.Wherein User interface Agent and task-resource graph are two crucial Agent.The execution of task needs task-resource graph, and User interface Agent, by the identification of user identity, replaces user to perform some nonessential operation.
In the present invention, main body is user and User interface Agent, and object is task and task-resource graph; Role is the bridge that act as relation between subject and object, and role and task is given by authority and being associated, and by the imparting of control task authority, role and task Agent is associated by Workflow Management System.Give different task by right assignment, task gives role right assignment, and the User interface Agent having this role obtains the operating right that this task node possesses, and the authority in Workflow system and user isolation can be opened like this, reach the demand of safe access control.
Two. technical scheme
According to above-mentioned principle, performing step of the present invention comprises as follows:
(1) on the basis of the user-role-authority three tiers model of Role-based access control model, introduce Agent collection, task-set, form with the four-layer structure pattern of user-role-task-authority, wherein:
Client layer, is made up of all users of access and operation element stream, the corresponding User interface Agent of each user;
Role's layer, by role construction required in workflow execution, each role is assigned to different users;
Task layer, the complementary task-set of being decomposed by Workflow system procedure definition is formed, and in this layer, task is assigned to role, and the execution of task is completed by task-resource graph;
Authority layer, be made up of the authority used required in workflow execution, the authority in this layer is assigned to different tasks, and role obtains authority by task, and after tasks carrying completes, role has authority no longer;
(2) in Workflow Management System, above-mentioned four-layer structure pattern is utilized to carry out access control to real work stream:
(2a) operational scheme of real business is converted into the workflow of applicable computer run;
(2b) workflow is resolved into the task-set that can be performed by Agent, determine the sequence relation performed between task;
(2c) according to task-set, the role that executes the task in workflow is determined and to task matching authority;
(2d) User interface Agent used by workflow, task-resource graph, resource management Agent and resource agents is determined respectively;
(2e) user starts work flow operation, after Workflow Management System carries out instantiation to task, and start relevant Agent, according to role determined in four-layer structure pattern and task, relation between task and authority, carry out the control of workflow access rights, carry out the sequential of flow process initiation, flow process registration, Row control and flow performing according to workflow successively.
The present invention compared with prior art tool has the following advantages:
1) present invention preserves the advantage of traditional RBAC model.RBAC model is centered by role, and can carry out empowerment management easily, the present invention also remains role, to facilitate the management to user.
2) in the present invention, authority no longer distributes to role, obtains authority by role to the execution of task, and by realizing the management of whole Workflow Management System authority to task and authority relation.In addition, user can not have authority after a successful log, only have perform specific tasks just can have authority, and tasks carrying complete after authority regain, improve the dynamic adaptable of Workflow Management System.
3) the present invention improves Role-based access control model, the concept of task is with the addition of between Role and privilege, really realize the distribution of least privilege in system, solve Role hierarchy simultaneously and divide the private permission problem brought, ensure that security and the high efficiency of Workflow Management System.
4) the present invention is by the design and implimentation of the differential access control method of Agent, set the interactive mode between different Agent and user, task, the correlation properties of Agent are utilized to realize the mutual of information, cooperated dissimilar task-set, improves the interactive performance of Workflow Management System.
Accompanying drawing explanation
Fig. 1 is realization flow schematic diagram of the present invention;
Fig. 2 is the four-layer structure pattern diagram in the present invention;
Fig. 3 is the sub-process figure configured in Workflow system in the present invention;
Fig. 4 is the Agent interactive relation figure in the present invention;
Fig. 5 is execution sequence chart of the present invention.
Embodiment
Describe the present invention below in conjunction with accompanying drawing.
Multi-Agent workflow access control method based on improving role of the present invention is adapted in working service flow process.Workflow is resolved into TU task unit, and in conjunction with Agent Theory, conduct interviews control in Workflow Management System.
With reference to Fig. 1, implementation step is:
Step 1, builds based on the four-layer structure pattern of user-role-task-authority.
With reference to Fig. 2, the present invention, based on Role-based access control model, adds Agent collection, task-set, task instances collection and task context, makes role no longer directly have authority, constitutes with user-role-task-authority four-layer structure pattern.Wherein:
Client layer, is made up of all users of access and operation element stream, the corresponding User interface Agent of each user;
Role's layer, by role construction required in workflow execution, each role is assigned to different users;
Task layer, the complementary task-set of being decomposed by Workflow system procedure definition is formed, and in this layer, task is assigned to role, and the execution of task is completed by task-resource graph;
Authority layer, be made up of the authority used required in workflow execution, the authority in this layer is assigned to different tasks.
Described user, refers to the external staff carrying out alternately with workflow, operate;
Described task, refers to and is decomposed by workflow and the complementary entity be performed formed;
Described authority, refer to that in workflow, object can be performed the set of actions of physical operation, different tasks has different authorities;
Described role, refers to the set with common identity user, and different roles performs different tasks; Role only has authority at the Shi Caineng that executes the task, and complete rear authority is regained.
Following relation is comprised in above-mentioned four-layer structure pattern:
User-role assignment relation URA, the i.e. relation of user and role, being that certain role is assigned to a user, is the relation of multi-to-multi;
User interface Agent role assigns relation UAA, the relation namely between role and User interface Agent, is certain role is assigned to a User interface Agent;
Task role assigns relation TRA, the i.e. relation of role and task, and being by certain task matching to certain role, is the relation of multi-to-multi;
Task right assigns relation TPA, the i.e. relation of task and authority, and being authorize this task by the authority needed in tasks carrying process, is the relation of multi-to-multi.Role obtains authority by task, and after tasks carrying completes, role has authority no longer, realizes constraint role being carried out to least privilege;
Task-resource graph-task instances mapping relations TAIP, the i.e. relation of task-resource graph and task instances are mapped in the different instances corresponding to it by a task-resource graph, is the mapping relations of one-to-many;
Task instances authority gives relations I PA, the relation of the authority namely obtained in task instances and its operation, and this relation determines according to task right appointment relation TPA and task-resource graph-task instances mapping relations TAIP.
Task instances role give relations I RA, i.e. the relation of relative role when task instances and its operation, and this relation assigns relation TRA and task-resource graph-task instances mapping relations TAIP to determine according to task role.
The access control right of task-resource graph describes collection TaAC, i.e. the operating right that has of task-resource graph.
When utilizing this four-layer structure pattern to realize user and system mutual, need to introduce dissimilar Agent, comprise User interface Agent collection and task-resource graph collection, and concentrate at task-resource graph corresponding constraint is added to task-resource graph.
Described User interface Agent collection, refers to the Agent of completing user and system interaction, by user and role association, with the built-in function replacing user to carry out system;
Described task-resource graph collection, refers to the Agent specifically executed the task, associates by task with authority, and carries out alternately with task instances.
Step 2, configure user-role-task-authority four-layer structure pattern in Workflow system development platform, with reference to Fig. 3: this step is specific as follows:
(2a) authentication: set up subscriber identity information database, after user logs in, the method for being mated with user's logon information by database information, realizes identity verification and the identification of user;
(2b) organization tree Role Management: represent user and role, corresponding relation between role and task with tree-shaped mapping relations figure, sets up the organization tree of relation between user and role, role and task, and is stored in user role database; Keeper, by setting this organization tree after authentication, is user and distributes role, is role assignments task;
(2c) tasks carrying management: according to authority information database, right assignment is carried out to task, set up task-resource graph collection, resource management Agent and resource agents, the concrete execution that the task-resource graph concentrated by task-resource graph is finished the work, in the process of implementation by resource management Agent, realize calling resource agents;
(2d) role-task-rights management: set up constraint set database, it comprises: user-role assignment AC, task-role assignment AC and task execution time retrain, verify these restriction relations before tasks carrying, the task of only meeting constraint can be performed.
Step 3, utilizes above-mentioned four-layer structure pattern to carry out the access control of real work stream.
3a) utilize Workflow Process Definition Tool software that the operational scheme of real business is converted into the workflow of applicable computer run;
3b) by 3a) workflow that obtains resolves into the task-set that can be performed by Agent, and according to workflow process definition, determines the sequence relation performed between task;
3c) according to step 3b) in task-set, determine the role that executes the task in workflow and to the task matching authority in system;
3e) according to step 3a) workflow, determine used User interface Agent, task-resource graph, resource management Agent and resource agents respectively, interactive relation between each Agent is: user sends a message by client end interface to User interface Agent, after User interface Agent receives this information, create and start control agents; Control agents building work stream engine Agent, workflow engine Agent finish the work stream startup and control, a workflow is by correspondence workflow engine Agent; Each task-resource graph is distributed in subtask in task list by workflow engine Agent, and dispatches according to the restriction relation between task; Task-resource graph can send resource request to resource management Agent, and resource management Agent calls resource agents according to resource request; After tasks carrying completes, its feedback information feeds back to User interface Agent by workflow engine Agent, as shown in Figure 4;
3g) user starts work flow operation, and Workflow Management System carries out instantiation to task, namely concrete to the task arrangement that will perform operating process; Afterwards, start relevant Agent, according to role determined in four-layer structure pattern and task, relation between task and authority, carry out the control of workflow access rights;
3h) Workflow Management System performs flow process sequential according to the order of task:
With reference to Fig. 5, flow process sequential comprises flow process initiation, flow process registration, Row control and flow performing four-stage successively, and the course of work in each stage is as follows:
Flow process mounting phase: create a workflow by Workflow Management System, after user's successful log system, starts User interface Agent; User triggers a message by client end interface, and this message is sent to this User interface Agent; User interface Agent creates after receiving this information and starts control agents, and sends the relevant information of this workflow to control agents, and this information comprises start-up parameter, process identification and flow process ID.
Flow process registration phase: control agents creates and starts a workflow engine Agent, and its name is called WfID, and control agents is registered in directory service DF simultaneously, after completing registration, DF sends and feeds back to control agents.
The Row control stage: control agents is after receiving the feedback information of DF, according to according to workflow engine title WfID search work stream engine Agent in DF, if there is this workflow engine Agent, it can be used as the executor of workflow, and initial parameter is set and starts workflow, then, by workflow engine Agent by the task matching in workflow to task-resource graph, and the cooperation between the execution of control task Agent and task-resource graph; Otherwise, do not perform workflow.
In the flow performing stage: task-resource graph calls resource in the execute phase, send request by task-resource graph to resource management Agent; Whether resource management Agent inquires about with or without such resource, if having, the resource agents to such resource sends information, and resource agents selects resource to process resource request according to actual conditions; If no, then task-resource graph is failed to such resource transfer.
Claims (9)
1., based on the multi-Agent workflow access control method improving role, comprise the steps:
(1) on the basis of the user-role-authority three tiers model of Role-based access control model, introduce Agent collection, task-set, form with the four-layer structure pattern of user-role-task-authority, wherein:
Client layer, is made up of all users of access and operation element stream, the corresponding User interface Agent of each user;
Role's layer, by role construction required in workflow execution, each role is assigned to different users;
Task layer, the complementary task-set of being decomposed by Workflow system procedure definition is formed, and in this layer, task is assigned to role, and the execution of task is completed by task-resource graph;
Authority layer, be made up of the authority used required in workflow execution, the authority in this layer is assigned to different tasks, and role obtains authority by task, and after tasks carrying completes, role has authority no longer;
(2) in Workflow Management System, above-mentioned four-layer structure pattern is utilized to carry out access control to real work stream:
(2a) operational scheme of real business is converted into the workflow of applicable computer run;
(2b) workflow is resolved into the task-set that can be performed by Agent, determine the sequence relation performed between task;
(2c) according to task-set, the role that executes the task in workflow is determined and to task matching authority;
(2d) User interface Agent used by workflow, task-resource graph, resource management Agent and resource agents is determined respectively;
(2e) user starts work flow operation, after Workflow Management System carries out instantiation to task, and start relevant Agent, according to role determined in four-layer structure pattern and task, relation between task and authority, carry out the control of workflow access rights, carry out the sequential of flow process initiation, flow process registration, Row control and flow performing according to workflow successively.
2. the multi-Agent workflow access control method based on improving role according to claim 1, is characterized in that:
Described user, refers to the external staff carrying out alternately with workflow, operate;
Described task, refers to and is decomposed by workflow and the complementary entity be performed formed;
Described authority, refer to that in workflow, object can be performed the set of actions of physical operation, different tasks has different authorities;
Described role, refers to the set with common identity user, and different roles performs different tasks; Role only has authority at the Shi Caineng that executes the task, and complete rear authority is regained.
3. the multi-Agent workflow access control method based on improving role according to claim 1, is characterized in that:
Described User interface Agent collection, refers to the Agent of completing user and system interaction, by user and role association, with the built-in function replacing user to carry out system;
Described task-resource graph collection, refers to the Agent specifically executed the task, associates by task with authority, and carries out alternately with task instances.
4. the multi-Agent workflow access control method based on improving role according to claim 1, it is characterized in that: the user-role-task-authority four-layer structure pattern in described step (1), be realize in Workflow system development platform, its step is as follows:
(1a) set up subscriber identity information database, the method for being mated with user's logon information by database information, realize identity verification and the identification of user;
(1b) user and role, corresponding relation between role and task is represented with tree-shaped mapping relations figure, set up the organization tree of relation between user and role, role and task, keeper is by setting this organization tree after authentication, being user and distributing role, is role assignments task;
(1c) according to authority information database, right assignment is carried out to task;
(1d) set up task-resource graph collection, resource management Agent and resource agents, the concrete execution of being finished the work by task-resource graph, and realize calling resource agents by resource management Agent in the process of implementation.
5. the multi-Agent workflow access control method based on improving role according to claim 1, is characterized in that: described carries out instantiation to task, referring to a specific operation process to executing the task arranged.
6. the multi-Agent workflow access control method based on improving role according to claim 1, flow process in wherein said step (2e) is initiated, be first create a workflow by Workflow Management System, after user's successful log, start User interface Agent; User sends message to User interface Agent again by client end interface, and User interface Agent creates after receiving this information and starts control agents, and sends the relevant information of this workflow to control agents, and this information comprises start-up parameter, process identification and flow process ID.
7. the multi-Agent workflow access control method based on improving role according to claim 1, flow process registration in wherein said step (2e), first created by control agents and start a workflow engine Agent, its name is called WfID, then registers in directory service DF; After having registered, sent by directory service DF and feed back to control agents.
8. the multi-Agent workflow access control method based on improving role according to claim 1, the Row control in wherein said step (2e), its realization is as follows:
First, by control agents after receiving the feedback information of DF, according to workflow engine title WfID search work stream engine Agent in directory service DF, if there is this workflow engine Agent, then it can be used as the executor of workflow, and initial parameter is set and starts workflow; Otherwise, do not perform workflow;
Then, by workflow engine Agent by the task matching in workflow to task-resource graph, and the cooperation between the execution of control task Agent and task-resource graph.
9. the multi-Agent workflow access control method based on improving role according to claim 1, flow performing in wherein said step (2e), to be sent to resource management Agent by task-resource graph to call resource request, whether resource management Agent inquires about with or without such resource: if having, resource agents then to such resource sends information, and resource agents selects resource to process resource request according to actual conditions; If no, then task-resource graph is failed to such resource transfer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510249821.3A CN104881736B (en) | 2015-05-15 | 2015-05-15 | Based on the multi-Agent workflow access control method for improving role |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510249821.3A CN104881736B (en) | 2015-05-15 | 2015-05-15 | Based on the multi-Agent workflow access control method for improving role |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104881736A true CN104881736A (en) | 2015-09-02 |
| CN104881736B CN104881736B (en) | 2018-11-30 |
Family
ID=53949223
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510249821.3A Active CN104881736B (en) | 2015-05-15 | 2015-05-15 | Based on the multi-Agent workflow access control method for improving role |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104881736B (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106803143A (en) * | 2016-11-29 | 2017-06-06 | 中电科华云信息技术有限公司 | The method that flow engine cloud service is provided based on workflow engine for cloud platform |
| CN106845790A (en) * | 2016-12-27 | 2017-06-13 | 合肥城市云数据中心股份有限公司 | A kind of local service system and its local service access method based on multi-Agent technology in single operation system |
| CN106940765A (en) * | 2017-02-15 | 2017-07-11 | 江苏大学 | A kind of access rights dynamic control method |
| CN106971289A (en) * | 2016-01-14 | 2017-07-21 | 北京仿真中心 | A kind of collaborative design method and cooperative system based on data-driven |
| CN107437164A (en) * | 2016-05-25 | 2017-12-05 | 北京京东尚科信息技术有限公司 | E-mail sending method and device based on workflow |
| CN107944845A (en) * | 2018-01-09 | 2018-04-20 | 上海创图网络科技股份有限公司 | A kind of method and device that group's management is carried out by cultural cloud platform |
| CN110472932A (en) * | 2019-07-26 | 2019-11-19 | 中广核工程有限公司 | It is a kind of to support configurable task method for tracking and managing and system |
| CN110826088A (en) * | 2019-11-13 | 2020-02-21 | 国网浙江省电力有限公司宁波供电公司 | Method for constructing access control model of T-RBACG |
| CN111159145A (en) * | 2019-12-06 | 2020-05-15 | 广西电网有限责任公司 | Management method and device for intelligent power knowledge base based on Agent technology |
| CN111435484A (en) * | 2019-01-14 | 2020-07-21 | 阿里巴巴集团控股有限公司 | Task cooperative processing method, device, equipment and system |
| CN111858000A (en) * | 2020-07-10 | 2020-10-30 | 广西农业职业技术学院 | Task decomposition and monitoring management system |
| CN112381454A (en) * | 2020-12-04 | 2021-02-19 | 中国科学院自动化研究所 | Role-based multi-agent task cooperative system |
| CN112734230A (en) * | 2021-01-08 | 2021-04-30 | 深圳市帧彩影视科技有限公司 | Control method and device for video post-production based on cloud platform and cloud platform |
| CN112738057A (en) * | 2020-12-24 | 2021-04-30 | 深圳市高德信通信股份有限公司 | Data exchange control method based on network control |
| CN115022020A (en) * | 2022-05-31 | 2022-09-06 | 上海申石软件有限公司 | Access control method and system based on multidimensional set calculation |
| CN115396477A (en) * | 2022-10-28 | 2022-11-25 | 深圳市马博士网络科技有限公司 | Remote office platform based on cloud collaboration |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1777181A (en) * | 2005-12-06 | 2006-05-24 | 南京邮电大学 | Access control decision-making device for grid computing environment |
| CN102495985A (en) * | 2011-12-13 | 2012-06-13 | 桂林电子科技大学 | Role access control method based on dynamic description logic |
| CN102663552A (en) * | 2012-04-06 | 2012-09-12 | 东华理工大学 | Dynamic workflow engine supporting online self-evolution |
-
2015
- 2015-05-15 CN CN201510249821.3A patent/CN104881736B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1777181A (en) * | 2005-12-06 | 2006-05-24 | 南京邮电大学 | Access control decision-making device for grid computing environment |
| CN102495985A (en) * | 2011-12-13 | 2012-06-13 | 桂林电子科技大学 | Role access control method based on dynamic description logic |
| CN102663552A (en) * | 2012-04-06 | 2012-09-12 | 东华理工大学 | Dynamic workflow engine supporting online self-evolution |
Non-Patent Citations (1)
| Title |
|---|
| 杜玉姣: ""多Agent工作流模型的研究与实现"", 《中国优秀硕士学位论文全文数据库(信息科技辑)》 * |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106971289A (en) * | 2016-01-14 | 2017-07-21 | 北京仿真中心 | A kind of collaborative design method and cooperative system based on data-driven |
| CN107437164A (en) * | 2016-05-25 | 2017-12-05 | 北京京东尚科信息技术有限公司 | E-mail sending method and device based on workflow |
| CN106803143A (en) * | 2016-11-29 | 2017-06-06 | 中电科华云信息技术有限公司 | The method that flow engine cloud service is provided based on workflow engine for cloud platform |
| CN106845790A (en) * | 2016-12-27 | 2017-06-13 | 合肥城市云数据中心股份有限公司 | A kind of local service system and its local service access method based on multi-Agent technology in single operation system |
| CN106940765A (en) * | 2017-02-15 | 2017-07-11 | 江苏大学 | A kind of access rights dynamic control method |
| CN107944845A (en) * | 2018-01-09 | 2018-04-20 | 上海创图网络科技股份有限公司 | A kind of method and device that group's management is carried out by cultural cloud platform |
| CN111435484B (en) * | 2019-01-14 | 2023-05-30 | 阿里巴巴集团控股有限公司 | Task cooperative processing method, device, equipment and system |
| CN111435484A (en) * | 2019-01-14 | 2020-07-21 | 阿里巴巴集团控股有限公司 | Task cooperative processing method, device, equipment and system |
| CN110472932A (en) * | 2019-07-26 | 2019-11-19 | 中广核工程有限公司 | It is a kind of to support configurable task method for tracking and managing and system |
| CN110826088A (en) * | 2019-11-13 | 2020-02-21 | 国网浙江省电力有限公司宁波供电公司 | Method for constructing access control model of T-RBACG |
| CN111159145A (en) * | 2019-12-06 | 2020-05-15 | 广西电网有限责任公司 | Management method and device for intelligent power knowledge base based on Agent technology |
| CN111858000A (en) * | 2020-07-10 | 2020-10-30 | 广西农业职业技术学院 | Task decomposition and monitoring management system |
| CN112381454A (en) * | 2020-12-04 | 2021-02-19 | 中国科学院自动化研究所 | Role-based multi-agent task cooperative system |
| CN112381454B (en) * | 2020-12-04 | 2023-10-31 | 中国科学院自动化研究所 | Role-based multi-agent task collaboration system |
| CN112738057A (en) * | 2020-12-24 | 2021-04-30 | 深圳市高德信通信股份有限公司 | Data exchange control method based on network control |
| CN112734230A (en) * | 2021-01-08 | 2021-04-30 | 深圳市帧彩影视科技有限公司 | Control method and device for video post-production based on cloud platform and cloud platform |
| CN115022020A (en) * | 2022-05-31 | 2022-09-06 | 上海申石软件有限公司 | Access control method and system based on multidimensional set calculation |
| CN115022020B (en) * | 2022-05-31 | 2024-04-16 | 上海申石软件有限公司 | Access control method and system based on multidimensional set calculation |
| CN115396477A (en) * | 2022-10-28 | 2022-11-25 | 深圳市马博士网络科技有限公司 | Remote office platform based on cloud collaboration |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104881736B (en) | 2018-11-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104881736A (en) | Multi-Agent worksteam access control method based on improved role | |
| CN109508962A (en) | The campus informatization framework of EDU cloud DaaS and cloud school one | |
| CN102495985B (en) | Role access control method based on dynamic description logic | |
| CN106506521A (en) | resource access control method and device | |
| CN111475831B (en) | Data access control method and system based on mimicry defense | |
| CN107003886A (en) | The management that application of the trustship directory service to catalogue is accessed | |
| EP3185507B1 (en) | Access control method and apparatus | |
| US20210174303A1 (en) | Approval workflow entrusting and re-entrusting methods | |
| CN106302483A (en) | Decentralized management method and system | |
| CN112835977A (en) | Database management method and system based on block chain | |
| WO2010028583A1 (en) | Method and apparatus for managing the authority in workflow component based on authority component | |
| CN113688376A (en) | Tenant authority control method for realizing container cloud platform based on CMDB system and RBAC model | |
| CN106933605A (en) | A kind of intelligent progress recognizing control method and system | |
| CN106529230A (en) | Role-based permission control mechanism | |
| CN105653962A (en) | Object-oriented user-role-resource permission model management method | |
| Jander et al. | Jadex WfMS: Distributed workflow management for private clouds | |
| Obelheiro et al. | Role-based access control for CORBA distributed object systems | |
| CN102223383B (en) | Method and device for controlling access | |
| Xie et al. | Cross-Chain-Based Trustworthy Node Identity Governance in Internet of Things | |
| CN110414213A (en) | A kind of method and device to rights management in operation management system based on keycloak | |
| US20200387627A1 (en) | Multi-user database system and method | |
| CN106060032B (en) | User data integration and reassignment method and system | |
| Aali et al. | Evaluation of interaction messages in trust model within collaborative system | |
| Su | Internet of Things privacy security protection access control Research | |
| Baina et al. | Access control for cooperative systems: A comparative analysis |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |