CN109872128A - The identity management system and method for complex relationship can be handled - Google Patents
The identity management system and method for complex relationship can be handled Download PDFInfo
- Publication number
- CN109872128A CN109872128A CN201910103406.5A CN201910103406A CN109872128A CN 109872128 A CN109872128 A CN 109872128A CN 201910103406 A CN201910103406 A CN 201910103406A CN 109872128 A CN109872128 A CN 109872128A
- Authority
- CN
- China
- Prior art keywords
- identity
- vertex
- user
- data
- operational order
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention provides a kind of identity management system and method that can handle complex relationship.The system includes that identity management module is used to receive and parse through Identity Management operational order, and sends corresponding identity data operational order to identity data management module;Identity data management module is used to resolve to identity data operational order the operational order of chart database, operation diagram database update identity data;Chart database is used to construct identity data model and storage identity data with graph data structure.The identity management system for handling complex relationship of the invention and method use the identity data model based on graph data structure, can handle the Various Complex relationship that can not be handled in existing identity management system, the managerial ability of enterprise-level identity management system is substantially improved.Meanwhile part identity data are converted on demand by tree/list structured data by the sub- view generation module of run mode identity, it can also be provided and used to other information system, improve data service efficiency.
Description
Technical field
The present invention relates to identity management systems and method that one kind can handle complex relationship, and in particular to a kind of to utilize figure number
The identity management system and method for identity data model are rebuild according to structure.
Background technique
Enterprise-level identity management system provides unified user identity management for enterprise, including from user's registration, transfer-position,
A series of information department managements of leaving office generation, user property management, the distribution of information system account number, certification factor management, permission
Management, account number closing, tactical management etc..Identity management system essence in data plane be exactly to organization, user identity,
The management of the objects such as information system account number, resource, service, data and object relationship.Skill is stored used by identity data
Art, data structure, identity data model directly determine identity management system to the processing capacity of complex relationship scene.
Identity data illustraton of model as shown in Figure 1, existing identity management system, such as Oracle IDM, IBM Tivoli
TIM etc., the memory technology of use are directory service, such as LDAP (Light Directory Access Protocol, Lightweight
Directory Access Protocol), Active Directory (Active Directory) etc., data structure is tree-like directory knot
Structure.With the utilization of the new technologies such as the continuous development of IT application in enterprises and cloud, big data, the identity based on Directory tree structure
Data model is no longer satisfied the demand of enterprise informatization evolution.Under complicated Identity Management scene, due to resource category
The combination of numerous and data is numerous, and the existing management mode with role authorization is since permission combination is too many and can not dynamically adjust in time
It is whole, the demand of this complex scene can not be coped with.Can user access some application, the combination of certain cloud resource, certain data not
It is that a role can determine, needs dynamically according to user property, the attribute of the department of user attaching and higher level department, use
The relationship (for example whether there is commission) and accessed resource, service, number of user group attribute, user and other users belonging to family
According to attribute carry out comprehensive descision could determine.Realize this dynamic access control based on various dimensions affiliated partner attribute, it is first
First necessarily require that the data of identity store and data structure can express complicated object relationship and being capable of support target spirit
Attribute management living.
Due to using Directory tree structure, a node can only be associated with unique father node, can only express the prior art
Simple subordinate relation, be beyond expression complex relationship.Such as: the more attaching relations of 1. personnel, two companies of the user A under group
It holds a post simultaneously, in X company tenure general manager, in Y company tenure Chief Financial Officer;2. account number shares relationship, user A and user B are
It is the administrator of system Q, they need to be used in conjunction with the admin account number in system Q;3. account number clientage, user's A future one
Week will go on business, and need the account number a by oneself in system P that user B is temporarily entrusted to use;4. complicated O&M pipe in cloud platform
Reason relationship, user A are the operation management persons of cloud platform, and user A is distributed to M, N Liang Ge O&M group, M group can manage vm001,
Tri- virtual machines of vm002, vm003, N group are a timesharing teams and groups, and A can manage db001, db002 in daily 14:00-22:00 point
Two databases.
Additionally due to the limitation of memory technology, object will increase/delete the Schema (number that attribute all has to change LDAP
According to the set of library object), this change is very inflexible, and in the LDAP for having stored mass data, change executes the time
Length, performance consumption are big, will affect the use of current operating system.In view of the above-mentioned problems in the prior art, it is badly in need of one kind
The identity management system and method for complex relationship can be handled.
Summary of the invention
In order to overcome drawbacks described above, the present invention provides a kind of identity management system and method that can handle complex relationship, energy
Enough management have the identity data of complex relationship.
One aspect of the present invention provides a kind of identity management system that can handle complex relationship, comprising: identity management module, body
Part data management module, chart database, wherein the identity management module is used to receive and parse through Identity Management operational order,
And corresponding identity data operational order is sent to the identity data management module;The identity data management module is used for will
Identity data operational order resolves to the operational order of the chart database, operates the chart database and updates identity data;Institute
Chart database is stated for constructing identity data model and storage identity data with graph data structure.
According to an embodiment of the present invention, the Identity Management operational order includes creating identity, user's tune for user
Hilllock is that user distributes information system account right, assigns the user to an O&M group, is user's distribution cloud resource access right
Limit.
According to an embodiment of the present invention, the Identity Management operational order format includes JSON or XML.
According to an embodiment of the present invention, the graph data structure includes vertex and side, and described vertex representation one kind is right
As type, an object or one group of adeditive attribute, the side indicates the relationship between two vertex.
According to an embodiment of the present invention, the vertex include Identity Provider, user type, user object identity,
Post, mechanism, user group, ISP, resource type, resource, service type, service, action type, operation, is moved department
State permission, static rights, account number, shared account number, commission account number.
According to an embodiment of the present invention, the side includes that user object identity-instantiation-user type, identity mention
Donor-offer-user object identity, mechanism-ownership-mechanism, department-ownership-mechanism, post-ownership-department, user object
Identity-tenure-post, account number-ownership-ISP, user object identity-possess-and account number, user object identity-share-
Shared account number, user object identity-commission-commission account number, commission account number-entrust to-user, commission account number-representative-account number,
User object identity-be endowed-attribute tags.
According to an embodiment of the present invention, the operational order of the chart database includes to the vertex or the side
Increasing, delete, change, looking into operation.
According to an embodiment of the present invention, the storage form of the identity data include Neo4J, JanusGraph,
Apache TinkerPop, Arangodb, OrientDB or HugeGraph.
According to an embodiment of the present invention, further include the sub- view generation module of run mode identity, be used for the figure number
Figure inquiry instruction is issued according to library and inquires the identity data, and the data structure of the identity data is converted to other systems to need
The data structure wanted.
According to an embodiment of the present invention, the course of work of the sub- view generation module of the run mode identity includes: a.
The equivalent properties for generating visitor, carry out figure traversal since account number vertex, obtain assign the account number tag attributes vertex,
The user subject identity vertex for possessing the account number, assigns user subject identity at the Identity Provider vertex for providing user identity
Tag attributes vertex, user tenure post vertex, post ownership department vertex, department ownership higher level department vertex,
Add up the attribute on the above vertex, generates the equivalent properties of account number in the sub- view of run mode identity;B. the equivalent category of interviewee is generated
Property, figure traversal is carried out since operating vertex, obtains the service vertex that the operation vertex uses, and is assigned on the service vertex
Attribute tags vertex, service access resource vertex, provide resource ISP vertex, the category on the above vertex of adding up
Property, generate the equivalent properties operated in the sub- view of run mode identity;C. the equivalent strategy for generating access control, from the behaviour
Start to carry out figure traversal as vertex, obtain the dynamic rights vertex on the operation vertex, obtains dynamic on the service vertex
State permission vertex obtains the dynamic rights vertex on the resource vertex, the access control policy recorded in the above vertex of adding up,
Generate the equivalent strategy in the sub- view of run mode identity.
Another aspect of the present invention also provides a kind of identity management method that can handle complex relationship, comprising the following steps: connects
Identity Management operational order is received, the Identity Management operational order is resolved into identity data operational order;By the identity number
The operational order of chart database is resolved to according to operational order;The operational order operation diagram database update figure knot of the chart database
Structure identity data.
The identity management system for handling complex relationship of the invention and method use the identity number based on graph data structure
According to model, the Various Complex relationship that can not be handled in existing identity management system can be handled, enterprise-level Identity Management is substantially improved
The managerial ability of system.Meanwhile part identity data are converted on demand by tree/table by the sub- view generation module of run mode identity
Structured data can also be provided and use to other information system, improves data service efficiency.
Detailed description of the invention
Fig. 1 is identity data illustraton of model of the existing identity management system based on Directory tree structure;
Fig. 2 is the identity management system schematic diagram that the present invention can handle complex relationship;
Fig. 3 is the example one of graph data structure processing complex relationship of the present invention;
Fig. 4 is the example one of graph data structure processing complex relationship of the present invention;
Fig. 5 is the example one of graph data structure processing complex relationship of the present invention;
Fig. 6 is the course of work schematic diagram of the sub- view generation module of run mode identity of the present invention;
Fig. 7 is the identity management method block diagram that the present invention can handle complex relationship.
Specific embodiment
It elaborates With reference to embodiment to the present invention.
The identity management system and method for handling complex relationship of the invention, changes the storage in identity management system
Technology and data structure are substituted former directory service memory technology using chart database memory technology, are substituted using graph data structure
Former Directory tree structure.
Existing identity management system stores identity data using directory service, and Directory tree structure can only express single ownership and close
System, a node can only belong to unique father node, can only describe simple attaching relation, and be beyond expression complex relationship.Figure number
Theoretical originating from Euler diagram according to library, chart database is with " figure " this data structure storage and inquiry data.Graph data structure is by pushing up
Point and Bian Zucheng, two any vertex can be associated by side in figure.The advantage of chart database can describe complexity
Object relationship can quickly traverse other vertex associated with it from a vertex by side by figure inquiry, since storage is tied
The characteristics of structure, the traversal performance on side will be significantly larger than other types database in chart database, and the vertex in chart database
Attribute can not be influenced with dynamic expansion by available data.These advantages of chart database are very suitable for the complicated identity of processing
Data storage.
The present invention also provides the conversion modules of the sub- view of run mode identity, when operation to meet various scenes and system
Use demand.Since current major applications can not directly use diagram data, in order to by the identity number in chart database
It is used according to other information system is supplied to, needs to be converted to part identity data by the sub- view conversion module of run mode identity
The data structure that the other informations system such as tree/table is able to use, use demand when meeting the operation of various scenes and system with this.
Fig. 2 is the identity management system schematic diagram that the present invention can handle complex relationship.As shown in Fig. 2, of the invention locates
The identity management system for managing complex relationship includes: identity management module 101, identity data management module 103, chart database 105.
Identity management module 101 is for receiving and parsing through Identity Management operational order, and to identity data management module 103
Send corresponding identity data operational order.Identity management module 101 receives Systems Operator and is issued by man-machine interactive interface
Identity Management operational order, or by other information system call identity management system interface to identity management system send out
Identity Management operational order is resolved to identity data operational order and is sent to identity data by the Identity Management operational order sent
Management module 103.Identity Management operational order can be business operating instructions, including but not limited to create identity, user for user
Transfer-position is that user distributes information system account right, assigns the user to an O&M group, is user's distribution cloud resource access
Permission etc..Identity Management operational order format includes but is not limited to JSON, XML.JSON(Java Script Object
Notation) be a kind of lightweight data interchange format, it be based on ECMAScript (European Computer association formulate js rule
Model) a subset, data are stored and indicated using the text formatting for being totally independent of programming language, succinctly and clearly layer
Secondary structure makes JSON become ideal data interchange language, is easy to people and reads and write, while being also easy to machine parsing and life
At, and effectively promote network transmission efficiency.XML is extensible markup language (subset of standard generalized markup language), is one
The simple data of kind store language, describe data using a series of simple labels, and these labels can use convenient mode
It establishes, although extensible markup language the space occupied occupies more spaces, extensible markup language than binary data
Say it is extremely simple be easy to grasp and use.
Identity data management module 103 is used to resolve to identity data operational order the operational order of chart database 105,
It operates chart database 105 and updates identity data.After identity data management module 103 receives identity data operational order, by identity
Data manipulation instruction resolves to the operational order of chart database 105, and calling figure database interface updates identity data.
Chart database 105 is used to construct identity data model and storage identity data with graph data structure.Pass of the invention
Key is to construct identity data model using graph data structure, to achieve the effect that handle description relationship.Graph data structure includes top
Point and side, vertex include but is not limited to: a kind of object type, an object or one group of adeditive attribute, and a line indicates two
Relationship between vertex.Vertex includes but is not limited to: Identity Provider, user type, user object identity, post, department, machine
Structure, user group, ISP, resource type, resource, service type, service, action type, operation, dynamic rights, static state
Permission, account number, shared account number, commission account number etc..While including but is not limited to: user object identity-instantiation-user type, body
Part supplier-offer-user object identity, mechanism-ownership-mechanism, department-ownership-mechanism, post-ownership-department, user
Object identity-tenure-post, account number-ownership-ISP, user object identity-possess-account number, user object identity-
It shares-shares account number, user object identity-commission-commission account number, commission account number-and entrust to-user, commission account number-representative-
Account number, user object identity-be endowed-attribute tags etc..The operational order of chart database includes but is not limited to in diagram data
The increasing on vertex and side such as deletes, changes, looking at the operation.
Chart database 105 includes being not limited to the storage form of identity data: Neo4J, JanusGraph, Apache
TinkerPop, Arangodb, OrientDB, HugeGraph etc., wherein Neo4j is a high performance, NOSQL figure number
According to library, structural data is stored on network rather than in table by it.Apache TinkerPop is under Apache foundation
A kind of open source, unrelated with supplier graphics calculations frame.Arangodb is a primary multimodal data library, is had concurrently
Key/value to, figure and document database.JanusGraph is the model based on attributed graph.OrientDB is to have both document database
Flexibility and graphic data base management link ability can profound extension document-graph data base management system.
What HugeGraph system was supported is attributed graph, i.e., the key data stored in figure is the vertex with attribute and the side with attribute.
It is 3 examples using graph data structure processing complex relationship of the invention below.
Fig. 3 is the example one of graph data structure processing complex relationship of the present invention.As shown in figure 3, processing identity belongs to pass more
System.User Li Si simultaneously under a large enterprise two companies tenure, branch company 1 Finance Department hold a post Chief Financial Officer,
In the tenure general manager of branch company 2." mechanism " and " department " vertex represents the tissue of company in figure, between " mechanism " and " department " vertex
" ownership " Bian Daibiao organization between hierarchical relationship, " user subject identity " vertex represents user Li Si, " post " top
Point represents work position of the user Li Si in mechanism and department, and two " tenure " Bian Daibiao Li Sis for connecting two posies are dividing
1 Finance Department, company tenure Chief Financial Officer, in the tenure general manager of branch company 2.
Fig. 4 is the example two of graph data structure processing complex relationship of the present invention.As shown in figure 4, processing account number clientage.
The financial system account number that he possesses temporarily is entrusted to Zhang San by user Li Si, and bailout period is arranged and is limited to 3 days." service mentions in figure
Donor " vertex represents financial system, and " account number " vertex represents an account number lisi in financial system, two " user subject bodies
Part " vertex represents Li Si and Zhang San user, the side that possesses for connecting " user subject identity " and " account number " vertex represents Li Si and possesses
Account number lisi, commission account number " vertex represents account and is entrusted and entrusts condition, " commission " and " entrusting to " Bian Daibiao user Lee
Account number lisi is entrusted to user Zhang San by four.
Fig. 5 is the example three of graph data structure processing complex relationship of the present invention.As shown in figure 5, handling more people shares one
The relationship of account number.User Zhang San and Li Si share the account number of a financial system." ISP " vertex represents finance in figure
System, " account number " vertex represent an account number ACC in financial system, and " shared account number " vertex represents ACC account number by as altogether
Account number use is enjoyed, two " user subject identity " vertex represent Li Si and Zhang San user, two " shared " Bian Daibiao Li Sis and open
Three are sharing account number ACC.
The present invention uses the identity data model based on graph data structure, and can handle in existing identity management system can not locate
The Various Complex relationship of reason, greatly improves the managerial ability of enterprise-level identity management system.
According to another embodiment of the present invention, the identity management system that can handle complex relationship further includes run mode identity
View generation module 107 inquires identity data for issuing figure inquiry instruction to chart database 105, and by the number of identity data
The data structure of other systems needs is converted to according to structure.The sub- view generation module 107 of run mode identity passes through figure inquiry instruction
Identity data is obtained from chart database 105, and the identity data of graph structure is converted into the other informations system such as tree/table structure
These data are supplied to other information system and used by the data being able to use, when meeting various scenes and system operation
Use demand.
Concrete example illustrates the course of work of the sub- view generation module 107 of run mode identity below.Fig. 6 is operation of the present invention
The course of work schematic diagram of the sub- view generation module of state identity.As shown in fig. 6, firstly, generating the equivalent properties of visitor.From
Config_admin account number vertex starts to carry out figure traversal, obtains the tag attributes vertex for assigning account number, the use for possessing this account number
Family entity identities vertex, the tag attributes vertex for assigning user subject identity, is used the Identity Provider vertex for providing user identity
The higher level department vertex that the post vertex of family tenure, the department vertex of post ownership, department belong to.Pass through the above vertex of adding up
Attribute generates the equivalent properties of account number in the sub- view of run mode identity.
Secondly, generating the equivalent properties of interviewee.Figure traversal is carried out since operating vertex, obtains its service top used
Point services the resource vertex on the attribute tags vertex, service access that assign on vertex, provides the ISP vertex of resource.
By the attribute on the above vertex of adding up, the equivalent properties operated in the sub- view of run mode identity are generated.
Third generates the equivalent strategy of access control.Figure traversal is carried out since operating vertex, is obtained on operation vertex
Dynamic rights vertex obtains the dynamic rights vertex on service vertex, obtains the dynamic rights vertex on resource vertex.By tired
It is subject to the access control policy recorded in vertex, generates the equivalent strategy in the sub- view of run mode identity.
After the change of any vertex, it can quickly be calculated by figure traversal and in the sub- view of run mode identity need to update
Equivalent data guarantees the real-time and consistency of data in the sub- view of run mode identity.Table structure can be used directly in application program
The sub- viewdata of run mode identity, dynamically weighed by visitor's attribute, interviewee's attribute and access control policy
Limit judgement.Identity data is converted into tree/list structured data on demand by the sub- view generation module 107 of run mode identity, can be mentioned
It supplies other information system to use, improves data service efficiency.
Fig. 7 is the identity management method block diagram that the present invention can handle complex relationship.As shown in fig. 7, the present invention also provides
A kind of identity management method handling complex relationship, the specific steps are as follows:
Step 1: receiving Identity Management operational order, Identity Management operational order is resolved into identity data operational order.
Systems Operator can access identity management system by browser, send Identity Management operational order to identity management system, or
Person can call the interface of identity management system by other information system, send Identity Management operation to identity management system and refer to
It enables.
Step 2: identity data operational order is resolved to the operational order of chart database.Identity data management module 103
After receiving identity data operational order, identity data operational order is resolved to the operational order of chart database 105, and calling figure
Database interface updates identity data.
Step 3: the operational order operation diagram database update graph structure identity data of chart database.Chart database 105
Operational order includes but is not limited to the increasing on vertex in diagram data and side, the operation such as deletes, changes, looks into.
Present invention disclosed above preferred embodiment is only intended to help to illustrate the present invention.There is no detailed for preferred embodiment
All details are described, are not limited the invention to the specific embodiments described.Obviously, according to the content of this specification,
It can make many modifications and variations.These embodiments are chosen and specifically described to this specification, is in order to better explain the present invention
Principle and practical application, so that skilled artisan be enable to better understand and utilize the present invention.The present invention is only
It is limited by claims and its full scope and equivalent.
Claims (11)
1. the identity management system that one kind can handle complex relationship characterized by comprising identity management module, identity data
Management module, chart database, wherein
The identity management module is sent out for receiving and parsing through Identity Management operational order, and to the identity data management module
Send corresponding identity data operational order;
The identity data management module is used to resolve to identity data operational order the operational order of the chart database, behaviour
Make the chart database and updates identity data;
The chart database is used to construct identity data model and storage identity data with graph data structure.
2. system according to claim 1, which is characterized in that the Identity Management operational order includes creating body for user
Part, user's transfer-position are that user distributes information system account right, assigns the user to an O&M group, is user's distribution cloud
Resource access authority.
3. system according to claim 1 or 2, which is characterized in that the Identity Management operational order format includes JSON
Or XML.
4. system according to claim 1, which is characterized in that the graph data structure includes vertex and side, the vertex
Indicate a kind of object type, an object or one group of adeditive attribute, the side indicates the relationship between two vertex.
5. system according to claim 4, which is characterized in that the vertex includes Identity Provider, user type, user
Object identity, post, department, mechanism, user group, ISP, resource type, resource, service type, service, operation class
Type, operation, dynamic rights, static rights, account number, shared account number, commission account number.
6. system according to claim 5, which is characterized in that the side includes user object identity-instantiation-user class
Type, Identity Provider-offer-user object identity, mechanism-ownership-mechanism, department-ownership-mechanism, post-ownership-department,
User object identity-tenure-post, account number-ownership-ISP, user object identity-possess-account number, user object body
The shared account number of part-sharing-, user object identity-commission-commission account number, commission account number-entrust to-user, commission account number-generation
Table-account number, user object identity-is endowed-attribute tags.
7. system according to claim 6, which is characterized in that the operational order of the chart database includes to the vertex
Or the side increasing, delete, change, looking into operation.
8. system according to claim 1, which is characterized in that the storage form of the identity data include Neo4J,
JanusGraph, Apache TinkerPop, Arangodb, OrientDB or HugeGraph.
9. system according to claim 1, it is characterised in that further include the sub- view generation module of run mode identity, for
The chart database issues figure inquiry instruction and inquires the identity data, and the data structure of the identity data is converted to it
The data structure that his system needs.
10. system according to claim 9, which is characterized in that the work of the sub- view generation module of run mode identity
Process includes:
A. the equivalent properties for generating visitor, carry out figure traversal since account number vertex, obtain the label category for assigning the account number
Property vertex, possess the account number user subject identity vertex, user identity is provided Identity Provider vertex, to assign user real
The higher level department that the tag attributes vertex of body part, the post vertex of user's tenure, the department vertex of post ownership, department belong to
Vertex, the attribute on the above vertex of adding up generate the equivalent properties of account number in the sub- view of run mode identity;
Since the equivalent properties for b. generating interviewee, carry out figure traversal operating vertex, obtains the clothes that the operation vertex uses
Business vertex, the resource vertex for servicing the attribute tags vertex, service access that assign on vertex, the service for providing resource provide
Person vertex, the attribute on the above vertex of adding up generate the equivalent properties operated in the sub- view of run mode identity;
C. the equivalent strategy for generating access control, carries out figure traversal since the operation vertex, obtains on the operation vertex
Dynamic rights vertex, obtain it is described service vertex on dynamic rights vertex, obtain the dynamic rights on the resource vertex
Vertex, the access control policy recorded in the above vertex of adding up, generates the equivalent strategy in the sub- view of run mode identity.
11. the identity management method that one kind can handle complex relationship, which comprises the following steps:
Identity Management operational order is received, the Identity Management operational order is resolved into identity data operational order;
The identity data operational order is resolved to the operational order of chart database;
The operational order operation diagram database update graph structure identity data of the chart database.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910103406.5A CN109872128A (en) | 2019-02-01 | 2019-02-01 | The identity management system and method for complex relationship can be handled |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910103406.5A CN109872128A (en) | 2019-02-01 | 2019-02-01 | The identity management system and method for complex relationship can be handled |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109872128A true CN109872128A (en) | 2019-06-11 |
Family
ID=66918523
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910103406.5A Pending CN109872128A (en) | 2019-02-01 | 2019-02-01 | The identity management system and method for complex relationship can be handled |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109872128A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111966977A (en) * | 2020-08-18 | 2020-11-20 | 北京众图识人科技有限公司 | Resource management system of IAM platform |
| WO2021098275A1 (en) * | 2019-11-22 | 2021-05-27 | 支付宝(杭州)信息技术有限公司 | Smart graph computing-based privacy resource permission control method and apparatus, and device |
| CN111966977B (en) * | 2020-08-18 | 2024-05-31 | 北京众图识人科技有限公司 | Resource management system of IAM platform |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU2011256921A1 (en) * | 2010-12-31 | 2012-07-19 | Accenture Global Services Limited | Brand impact verification system |
| CN106227794A (en) * | 2016-07-20 | 2016-12-14 | 北京航空航天大学 | The storage method and apparatus of dynamic attribute data in temporal diagram data |
| CN108664375A (en) * | 2017-03-28 | 2018-10-16 | 瀚思安信(北京)软件技术有限公司 | Method for the abnormal behaviour for detecting computer network system user |
| CN108804910A (en) * | 2018-06-08 | 2018-11-13 | 知人科技有限公司 | account management system |
-
2019
- 2019-02-01 CN CN201910103406.5A patent/CN109872128A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU2011256921A1 (en) * | 2010-12-31 | 2012-07-19 | Accenture Global Services Limited | Brand impact verification system |
| CN106227794A (en) * | 2016-07-20 | 2016-12-14 | 北京航空航天大学 | The storage method and apparatus of dynamic attribute data in temporal diagram data |
| CN108664375A (en) * | 2017-03-28 | 2018-10-16 | 瀚思安信(北京)软件技术有限公司 | Method for the abnormal behaviour for detecting computer network system user |
| CN108804910A (en) * | 2018-06-08 | 2018-11-13 | 知人科技有限公司 | account management system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021098275A1 (en) * | 2019-11-22 | 2021-05-27 | 支付宝(杭州)信息技术有限公司 | Smart graph computing-based privacy resource permission control method and apparatus, and device |
| CN111966977A (en) * | 2020-08-18 | 2020-11-20 | 北京众图识人科技有限公司 | Resource management system of IAM platform |
| CN111966977B (en) * | 2020-08-18 | 2024-05-31 | 北京众图识人科技有限公司 | Resource management system of IAM platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2510466B1 (en) | Delegated and restricted asset-based permissions management for co-location facilities | |
| US9047462B2 (en) | Computer account management system and realizing method thereof | |
| CN110443010A (en) | One kind permission visual configuration control method, device, terminal and storage medium in information system | |
| CN105074702A (en) | Database system providing single-tenant and multi-tenant environments | |
| CN105809356A (en) | Information system resource management method based on application integrated cloud platform | |
| CN101945126A (en) | Forest resource heterogeneous data distributed management system | |
| CN107734066A (en) | A kind of data center's total management system services administering method | |
| CN111988173B (en) | Tenant management platform and tenant management method based on multi-layer father-son structure tenant | |
| CN104866976A (en) | Multi-tenant-oriented information managing system | |
| CN105809345A (en) | API (application programming interface) management and virtualization-based service oriented platform and control method | |
| CN103793457A (en) | System and method for managing memory usage by using usage analytics | |
| CN204926097U (en) | Memory system is kept apart to data | |
| CN109872128A (en) | The identity management system and method for complex relationship can be handled | |
| CN101582153A (en) | Method and system for managing power network resources | |
| KR20130049791A (en) | Platform system of e-government with open data integration system of cloud computing | |
| Hariguna | Prototype cloud computing for e-government in Indonesia | |
| CN204425403U (en) | A kind of power distribution automation framework | |
| Qin et al. | Construction of E-government data sharing framework based on big data technology | |
| CN102929605A (en) | Cloud-computing-based open interface of data mining system | |
| Wang | Decision Support System Model of Education Management Based on Cloud Storage Technology | |
| Hu et al. | A cloud oriented account service mechanism for SME SaaS ecosystem | |
| Guo et al. | Better realization of mobile cloud computing using mobile network computers | |
| CN108898303A (en) | Work micro-blog management method | |
| US20230176913A1 (en) | Cross-domain cabin computing system and method based on data resource distribution | |
| CN103679432A (en) | A VNMS system supporting a dynamic structured application platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190611 |
|
| RJ01 | Rejection of invention patent application after publication |