CN108171390A - A kind of secrecy department devices account informationization dynamic management system - Google Patents
A kind of secrecy department devices account informationization dynamic management system Download PDFInfo
- Publication number
- CN108171390A CN108171390A CN201611115902.5A CN201611115902A CN108171390A CN 108171390 A CN108171390 A CN 108171390A CN 201611115902 A CN201611115902 A CN 201611115902A CN 108171390 A CN108171390 A CN 108171390A
- Authority
- CN
- China
- Prior art keywords
- account
- information
- role
- user
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Strategic Management (AREA)
- Entrepreneurship & Innovation (AREA)
- Economics (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Game Theory and Decision Science (AREA)
- Development Economics (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Educational Administration (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Marketing (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to a kind of secrecy department devices account informationization dynamic management systems, are connected including system application server with user terminal by the network equipment, carry out communications access.The present invention allows every concerning security matters personnel in the daily course of work by information-based means, can efficiently and hommization be responsible for the equipment account management of oneself, it is handled via the mode that level is audited with confirming account alteration, final dynamic formation total account information accurate in real time, and all operation informations can trace, can safer accurate and real-time dynamic response go out the equipment account information of current concerning security matters department.So as to be effectively facilitated the standardization of concerning security matters department account management work and procedure, and increase substantially the efficiency and level of account scientific management.
Description
Technical field
The present invention relates to equipment account informationization dynamic management domain, specifically a kind of secrecy department devices account letter
Breathization dynamic management system.
Background technology
For secret unit or department, equipment account can substantially be divided into concerning security matters account and non-two major class of concerning security matters account, wherein
Concerning security matters account mainly includes:Relating computer account, concerning security matters notebook account, confidential media account, concerning security matters peripheral equipment account,
Board account etc. among concerning security matters, the non-concerning security matters account of department may include:Non- close intermediate board account, non-close working computer account,
Non- close online computer, non-close medium account, non-close peripheral equipment account etc., even if the unit that concerning security matters personnel are less, concerning security matters
Account is also rather numerous and diverse, and still more concerning security matters mechanism is larger, and the numerous unit of personnel is related to all concerning security matters and non-classified information
The account information accurate in detail such as number, level of confidentiality, person liable, location status of equipment, management difficulty and complexity higher, always
Total account of unit and department can be caused to divide account, department divides account and the accuracy of practical real information and goodness of fit consistency
It is not high.The equipment account of current major part unit is all using the management method for periodically concentrating collect statistics, time-consuming and laborious and remittance
The accuracy of total account later can die down over time and gradually again, always can not real-time display and reflection current time account
The accurate picture of information, the account management level of department are urgently effectively solved and are improved with management method.
Invention content
In view of the deficiencies of the prior art, the present invention provides a kind of secrecy department devices account informationization dynamic management system,
The account management level for solving secrecy department is relatively low, can not real-time display and reflection current time account information accurate picture
Problem.
Present invention technical solution used for the above purpose is:
Department devices account informationization dynamic management system, is set including system application server and user terminal by network
Standby connection, carries out communications access.
Server includes authentication access control module 101, account information inquiry module 102, account information change mould
Block 103, new account model customization module 104, workflow auditing module 105, subscriber information management module 106, audit group personnel
Management module 107, log information enquiry module 108, system background data base 109 and account entry rank management module 110;
Authentication access control module 101 for judging the identity information of user terminal access, limits user account
Access rights;
Account information inquiry module 102, for feeding back corresponding equipment account information under the user account to user terminal,
And provide the inquiry of all affiliated account information under different accounts;
Account information changes module 103, and the platform in equipment account under corresponding role-security is changed for different user role
Account information;
New account template formulates module 104, for carrying out self-defined account template under system manager's permission;
Workflow auditing module 105, for when hierarchy of users role apply change be more than the account entry rank when, by phase
The hierarchy of users role of permission or higher permission is answered to be audited.
Subscriber information management module 106, for carrying out subscriber identity information audit typing to user by account administrator, together
Hierarchy of users role belonging to Shi Dingyi user;
Audit group personal management module 107 corresponds to account levels of entries for distributing different user level role it
The power of examination and approval and range;And relatively low hierarchy of users role and special account information processing are audited;Relatively low is according to different
Hierarchy of users from high to low for, such as:Lowest hierarchical level is general user, relatively a height of custodian and group leader, then a height of room again
Account administrator.
Log information enquiry module 108, for recording the log information of user terminal operations behavior, and in system manager
It is inquired under permission;
Database system 109 is run in system application server, for storing account information, user right letter
Breath and user terminal operations user behaviors log;
Account entry rank management module 110, for the corresponding entry rank of difference entry in account to be configured.
Account template includes:
Device category account title is defined, increases the entry class title in equipment account, defines belonging to each entry class
Account levels of entries, configuration starts change and reminds window, and the reminded contents text information of self-defined window.
Subscriber identity information is stated to include:Address name information, IP address information, group information, security information;
The hierarchy of users role includes:Generic End-User level role, custodian's hierarchy of users role, group leader user
Level role, room account administrator's level role and chief of the office hierarchy of users role.
Terminal includes several user computer terminals.
Its affiliated level role is inquired and/or less than affiliated level Role Users group by account information inquiry module 102
The account information of group.
Module 103 is changed by account information and changes its affiliated level role and/or less than affiliated level Role Users
Account information;
For user after account information is changed, workflow auditing module (105) is selected above its affiliated account entry rank
Level role examines change, completes the change of account information.
Account information changes or account information is changed in approval process, if the entry rank of the account information has been turned on becoming
Window is more reminded, change user will be reminded to point out information accordingly.
The invention has the advantages that and advantage:
Clearly defining responsibilities positioning of the present invention, every concerning security matters personnel are allowed in the daily course of work by information-based means, can
It is efficient and hommization to be responsible for the equipment account management of oneself, it is handled via the mode that level is audited with confirming that account changes feelings
Condition, final dynamic formation total account information accurate in real time, and all operation informations can trace, it can be safer accurate and dynamic in real time
State reflects the equipment account information of current concerning security matters department, so as to be effectively facilitated the rule of concerning security matters department account management work
Generalized and procedure, and increase substantially the efficiency and level of account scientific management.
Description of the drawings
Fig. 1 is the system construction drawing of the present invention.
Specific embodiment
The present invention is described in further detail with reference to the accompanying drawings and embodiments.
The present invention is by a system application server and user terminal, the network equipment connection communication through security work Intranet
It accesses, which is used to receive the access request of each end user computer, and according to equipment account manager
Method decision sends respective feedback information data.
The system application server A includes authentication access control module, account information inquiry module, account information
Change module, new account model customization module, workflow auditing module, subscriber information management module, audit group personal management mould
Block, account entry rank management module, log information enquiry module, database system, account information, workflow remind mould
Block, user right information and operation behavior daily record.
Certification access control module, for judging the identity information of user terminal access, limiting user account can only be at it
Login system in the end user computer being responsible for.
Information inquiry module can inquire not for equipment account information corresponding under the feedback user terminal user account
With all affiliated account information under account.
Information change module is used to that different user role to be supported to change the account letter under corresponding role-security in equipment account
Breath.
Account entry rank management module, for the corresponding entry rank of difference entry in account to be configured;Entry rank 1 is right
Generic End-User level role is answered, entry rank 2 corresponds to custodian's hierarchy of users role and group leader hierarchy of users role, entry
3 respective chamber/chambers account administrator's level role of rank and chief of the office hierarchy of users role.
New account template formulates module and refers to carry out customized account template under system manager's permission, including definition
New device category account title, the entry class title in equipment account of increasing define account item belonging to each entry class
Whether mesh grade starts change prompting window and reminded contents information configuration etc..
When workflow auditing module is used to change the account entry of higher level compared with bottom hierarchy of users role, need it is corresponding or
Higher hierarchy of users role audit pass through or audit not by approval process.
Subscriber information management module refers to carry out user by account administrator identity information audit typing, including user's surname
Name information, IP address information, group information, security information etc.;The hierarchy of users role belonging to user is defined simultaneously, is such as included general
Logical terminal user's level role, custodian's hierarchy of users role, group leader's hierarchy of users role, room account administrator's level angle
Color and chief of the office hierarchy of users role etc..
Audit group personal management module refers to the different user level role to being divided via subscriber information management module, right
It distributes the power of examination and approval of corresponding account levels of entries and range and the audit to the relatively low hierarchy of users role power of examination and approval
Process and the review process to special account information processing.
Log information enquiry module refers to can only be by all additions, change, examination & approval for being inquired under system manager's permission etc.
Terminal operation flow log information;The log information can not be deleted, and inquiry and part is supported to export.
Database system refers to run in system application server A, storage account information, user right information and
The database of operation behavior daily record.
Account information refers to be stored in the equipment account information of all kinds in database system.
User right information refers to be stored in all different levels Role Users classifications in database system and its
Corresponding account entry examination & approval grade and corresponding user account information.
Operation behavior daily record refers to be stored in the terminal operations streams such as all additions in system background data, change, examination & approval
Journey log information.
Terminal user can log in the end user computer of he or she by the user account that it has been authorized.
Different level Role Users can inquire he or she or it is responsible for the affiliated lower-level Role Users group of audit
All account information of group, such as:Ordinary terminal level Role Users can inquire all account information that its people is responsible for;Group
Long and custodian's level Role Users can also inquire all accounts letter in its this group in addition to it can inquire its people's account information
Breath;Room account administrator and chief of the office's level Role Users can also inquire full room institute in addition to it can inquire its people's account information
There is account information.
He or she can be changed without level Role Users or it is responsible for the affiliated lower-level user account entry of audit
Information can not change the corresponding higher levels of entries account information of its hierarchy of users role, such as:Ordinary terminal level role uses
Family can change corresponding account levels of entries information in the responsible account of its people institute;Group leader and custodian's level Role Users remove
It changes outside its corresponding account levels of entries information, also changes the account letter of relatively low account levels of entries in its review scope
Breath.
After changing account information without level Role Users, last layer grade Role Users or higher in its affiliated group are needed
The examination & approval of level Role Users can actually change the completion of account information, as ordinary terminal level Role Users can change account
It is needed to correspond to the group leader of last layer grade role or custodian's examination & approval or the room account administrator by more high-level role after information
Account can be actually changed after being examined with chief of the office;Wherein, not needing to examination & approval for highest level user change account can be complete
Into the practical change of account, change process can accomplish look into and can trace via operation behavior daily record.
During the change of account information, window is reminded as the levels of entries of the account information has been turned on change, is become reminding
More user points out information accordingly, such as active user's notice is reminded to change this account entry information needs which kind of is fulfiled in advance
Wastepaper with characters written or printed on it examination and approval procedures etc..
In account information change approval process, window is reminded as the levels of entries of the account information has been turned on change, will be carried
The examination & approval user that wakes up points out information accordingly.Such as remind current examination & approval user that should first check that applicant changes this account entry letter
Breath should fulfil which kind of wastepaper with characters written or printed on it examination and approval procedures etc. in advance.
He or she or its affiliated lower-level Role Users group range can be selectively exported without level Role Users
Interior all or part of account information.
The alternative batch of highest level Role Users imports the account classification information of other text formattings.
Claims (9)
1. a kind of secrecy department devices account informationization dynamic management system, which is characterized in that including system application server and
User terminal is connected by the network equipment, carries out communications access.
2. secrecy department devices account informationization dynamic management system according to claim 1, it is characterised in that:It is described to answer
Include authentication access control module (101), account information inquiry module (102), account information change module with server
(103), new account model customization module (104), workflow auditing module (105), subscriber information management module (106), audit
Group personal management module (107), log information enquiry module (108), system background data base (109) and account entry rank management
Module (110);
Authentication access control module (101) for judging the identity information of user terminal access, limits the visit of user account
Ask permission;
Account information inquiry module (102), for feeding back corresponding equipment account information under the user account to user terminal, and
The inquiry of all affiliated account information under different accounts is provided;
Account information change module (103) changes the account in equipment account under corresponding role-security for different user role
Information;
New account template formulates module (104), for carrying out self-defined account template under system manager's permission;
Workflow auditing module (105), for when hierarchy of users role apply change be more than the account entry rank when, by corresponding
The hierarchy of users role of permission or higher permission is audited.
Subscriber information management module (106), for carrying out subscriber identity information audit typing to user by account administrator, simultaneously
Define the hierarchy of users role belonging to user;
Audit group personal management module (107) is examined for distributing different user level role its correspondence account levels of entries
Criticize permission and range;And relatively low hierarchy of users role and special account information processing are audited;
Log information enquiry module (108) for recording the log information of user terminal operations behavior, and is weighed in system manager
It is inquired under limit;
Database system (109), runs in system application server, for storing account information, user right information
With user terminal operations user behaviors log;
Account entry rank management module (110), for the corresponding entry rank of difference entry in account to be configured.
3. secrecy department devices account informationization dynamic management system according to claim 2, it is characterised in that:It is described from
Account template is defined to include:
Device category account title is defined, increases the entry class title in equipment account, defines the platform belonging to each entry class
Account levels of entries, configuration start change and remind window, and the reminded contents text information of self-defined window.
4. secrecy department devices account informationization dynamic management system according to claim 2, it is characterised in that:
The subscriber identity information includes:Address name information, IP address information, group information, security information;
The hierarchy of users role includes:Generic End-User level role, custodian's hierarchy of users role, group leader's hierarchy of users
Role, room account administrator's level role and chief of the office hierarchy of users role.
5. secrecy department devices account informationization dynamic management system according to claim 1, it is characterised in that:The use
Family terminal includes several user computer terminals.
6. secrecy department devices account informationization dynamic management system according to claim 2, it is characterised in that:User can
To inquire its affiliated level role and/or less than affiliated level Role Users group by account information inquiry module (102)
Account information.
7. secrecy department devices account informationization dynamic management system according to claim 1, it is characterised in that:User can
Its affiliated level role and/or the account less than affiliated level Role Users are changed to change module (103) by account information
Information;
For user after account information is changed, workflow auditing module (105) is selected above the level of its affiliated account entry rank
Role examines change, completes the change of account information.
8. secrecy department devices account informationization dynamic management system according to claim 7, it is characterised in that:Account is believed
It, will if the entry rank of the account information has been turned on change and reminds window in breath change or account information change approval process
Change user is reminded to point out information accordingly.
9. the secrecy department devices account informationization dynamic management system stated according to claim 2, it is characterised in that:It is described relatively low
Hierarchy of users role be according to different user level from high to low, low-level is comparably relatively low hierarchy of users role with high-level.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611115902.5A CN108171390A (en) | 2016-12-07 | 2016-12-07 | A kind of secrecy department devices account informationization dynamic management system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611115902.5A CN108171390A (en) | 2016-12-07 | 2016-12-07 | A kind of secrecy department devices account informationization dynamic management system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108171390A true CN108171390A (en) | 2018-06-15 |
Family
ID=62526184
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611115902.5A Pending CN108171390A (en) | 2016-12-07 | 2016-12-07 | A kind of secrecy department devices account informationization dynamic management system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108171390A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112560797A (en) * | 2020-12-30 | 2021-03-26 | 国网四川省电力公司泸州供电公司 | Substation equipment standing book administers auxiliary system |
CN115146297A (en) * | 2022-09-02 | 2022-10-04 | 江苏荣泽信息科技股份有限公司 | Authority management method and device for enterprise-level account |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102521704A (en) * | 2011-07-12 | 2012-06-27 | 武汉华工安鼎信息技术有限责任公司 | RFID-based confidential carrier intelligent monitoring system and monitoring method of the same |
CA2879735A1 (en) * | 2012-07-25 | 2014-01-30 | Financial Services/Information Sharing & Analysis Center | Method and system for secure authentication and information sharing and analysis |
CN104392293A (en) * | 2014-10-08 | 2015-03-04 | 西安电子工程研究所 | Confidentiality computer machine account management system |
-
2016
- 2016-12-07 CN CN201611115902.5A patent/CN108171390A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102521704A (en) * | 2011-07-12 | 2012-06-27 | 武汉华工安鼎信息技术有限责任公司 | RFID-based confidential carrier intelligent monitoring system and monitoring method of the same |
CA2879735A1 (en) * | 2012-07-25 | 2014-01-30 | Financial Services/Information Sharing & Analysis Center | Method and system for secure authentication and information sharing and analysis |
CN104392293A (en) * | 2014-10-08 | 2015-03-04 | 西安电子工程研究所 | Confidentiality computer machine account management system |
Non-Patent Citations (2)
Title |
---|
刘佳音: ""涉密人员及载体的安全保密管理信息系统的设计与实现"", 《中国优秀硕士学位论文全文库信息科技辑》 * |
吴凌霄: ""军工单位保密管理系统的开发与使用"", 《保密科学技术》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112560797A (en) * | 2020-12-30 | 2021-03-26 | 国网四川省电力公司泸州供电公司 | Substation equipment standing book administers auxiliary system |
CN115146297A (en) * | 2022-09-02 | 2022-10-04 | 江苏荣泽信息科技股份有限公司 | Authority management method and device for enterprise-level account |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10754932B2 (en) | Centralized consent management | |
CN112364377B (en) | Data classification grading safety protection system suitable for power industry | |
Berlack | Software configuration management | |
US20200089895A1 (en) | Proof of ticket consensus processing on a confidential blockchain network | |
CN101256605B (en) | Enterprise entitlement framework | |
EP1826703B1 (en) | An access control system, a rule engine adaptor, a rule-based enforcement platform and a method for performing access control | |
CN103745304A (en) | Digitalized archival data management method | |
US20120240194A1 (en) | Systems and Methods for Controlling Access to Electronic Data | |
US11669571B2 (en) | Predicted data use obligation match using data differentiators | |
US11755768B2 (en) | Methods, apparatuses, and systems for data rights tracking | |
CN109102199A (en) | laboratory information management system | |
US11238408B2 (en) | Interactive electronic employee feedback systems and methods | |
CN103507450A (en) | Method and system for managing seal | |
CN102402658A (en) | Classified printing control method based on virtual printing, intelligent card and information system | |
CN107633342A (en) | A kind of legal advice management system and its management method | |
CN111198878A (en) | Basic information investigation system and method | |
CN112150122A (en) | Agile network resource positioning and decision-making system | |
CN112035438A (en) | Government affair big data platform system | |
CN1744638B (en) | Advertising issueing system and method for issueing advertising | |
CN108171390A (en) | A kind of secrecy department devices account informationization dynamic management system | |
CN202736110U (en) | Stamp management system | |
US20060032912A1 (en) | Contact information management system and method | |
Chiu et al. | Privacy and access control issues in financial enterprise content management | |
Yu et al. | A university fixed asset database information management system based on internet of things | |
EP3480821B1 (en) | Clinical trial support network data security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180615 |
|
RJ01 | Rejection of invention patent application after publication |