CN110414268B - Access control method, device, equipment and storage medium - Google Patents

Access control method, device, equipment and storage medium Download PDF

Info

Publication number
CN110414268B
CN110414268B CN201910666952.XA CN201910666952A CN110414268B CN 110414268 B CN110414268 B CN 110414268B CN 201910666952 A CN201910666952 A CN 201910666952A CN 110414268 B CN110414268 B CN 110414268B
Authority
CN
China
Prior art keywords
access
authority
role
block chain
resource request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910666952.XA
Other languages
Chinese (zh)
Other versions
CN110414268A (en
Inventor
吴皓丽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qidi Block Chain Technology Development Co ltd
Original Assignee
Beijing Qidi Block Chain Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qidi Block Chain Technology Development Co ltd filed Critical Beijing Qidi Block Chain Technology Development Co ltd
Priority to CN201910666952.XA priority Critical patent/CN110414268B/en
Publication of CN110414268A publication Critical patent/CN110414268A/en
Application granted granted Critical
Publication of CN110414268B publication Critical patent/CN110414268B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Abstract

The embodiment of the invention discloses an access control method, an access control device, access control equipment and a storage medium. The method comprises the following steps: identifying the authority of a resource request initiator according to the access authority information stored in the block chain; wherein the access right information includes: the association data of the user and the role and the association data between the role and the authority; and responding the resource request according to the permission identification result. The resource request initiator is verified according to the access authority information which is stored in the block chain and contains the associated data of the user and the role and the associated data between the role and the authority, so that the verification safety is improved, the problem that an illegal user illegally accesses or steals the resource due to tampering during centralized storage of the access authority information is solved, and the resource access safety is improved.

Description

Access control method, device, equipment and storage medium
Technical Field
The embodiments of the present invention relate to the field of block chain technologies, and in particular, to an access control method, apparatus, device, and storage medium.
Background
Role-Based Access Control (RBAC) is an effective Access Control method for implementing enterprise-oriented security policies. In the authority access control, roles are bound with resources accessible to a user, and the user is bound with the roles, so that the resources accessible to the user are determined, and the user obtains the authority of the roles by becoming members of proper roles, thereby simplifying the management of the authority.
However, the current role-based authority access control is centralized control, and configuration data among users, roles and resources are easy to be tampered, so that the security is poor.
Disclosure of Invention
Embodiments of the present invention provide an access control method, apparatus, device, and storage medium, so as to improve security of resource access and prevent access right information from being tampered.
In a first aspect, an embodiment of the present invention provides an access control method, where the method includes:
identifying the authority of a resource request initiator according to the access authority information stored in the block chain; wherein the access right information includes: the association data of the user and the role and the association data between the role and the authority;
and responding the resource request according to the permission identification result.
In a second aspect, an embodiment of the present invention provides an access control apparatus, including:
the authority identification module is used for identifying the authority of the resource request initiator according to the access authority information stored in the block chain; wherein the access right information includes: the association data of the user and the role and the association data between the role and the authority;
and the response module is used for responding to the resource request according to the authority identification result.
In a third aspect, an embodiment of the present invention further provides an apparatus, where the apparatus includes:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement an access control method as in any one of the embodiments of the invention.
In a fourth aspect, the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the access control method according to any one of the embodiments of the present invention.
In the embodiment of the invention, the authority of the resource request initiator is identified according to the access authority information stored in the block chain, and the access authority information comprises: and responding to the resource request according to the authority identification result by the associated data of the user and the role and the associated data between the role and the authority. According to the scheme, the access authority information containing the associated data among the users, the roles and the authorities is stored on the basis of the block chain, so that the access authority information has the advantages of high transparency, difficulty in tampering, strong public trust and the like; meanwhile, the authority of the resource request initiator is identified according to the access authority information stored in the block chain, so that the problem that an illegal user illegally accesses or steals the resource can be avoided, and the safety of resource access is improved.
Drawings
Fig. 1 is a flowchart of an access control method according to a first embodiment of the present invention;
fig. 2 is a flowchart of an access control method according to a second embodiment of the present invention;
fig. 3 is a schematic structural diagram of an access control apparatus in a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus in the fourth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of an access control method according to a first embodiment of the present invention. The access control method provided in this embodiment may be applicable to the case of performing authorization verification on a resource access initiator to control access to a resource, and the method may be specifically executed by an access control device, where the access control device may be implemented by software and/or hardware, and the access control device may be integrated in a computing device carrying a blockchain node, referring to fig. 1, where the method in the embodiment of the present invention specifically includes:
step 110, identifying the authority of the resource request initiator according to the access authority information stored in the block chain; wherein the access right information includes: association data for users and roles and association data between roles and permissions.
Wherein the resource request initiator may be a user account that initiates the resource request for access to the stored resource. The resource request may include account information and resource information of a resource request initiator, where the account information may be account information of a system for logging in and storing resources by the resource request initiator; the resource information may be related information of the resource that the resource request initiator needs to access, such as a resource name, a type, or an address.
In order to facilitate management of resources, in role-based access control, a role set can be established between a user set and a permission set, wherein each role corresponds to a set of corresponding permissions, and once a user is assigned with a proper role, the user has all the operation permissions of the role. Optionally, the association data between the user and the role and the association data between the role and the authority may be pre-established, and the access authority information includes the pre-established association data for recording the resource access authority corresponding to each user. The user may be an account capable of logging in the resource storage system, the role may be a role played by the user when accessing the resource storage system, such as an operator, an administrator, a resource viewer, and the like, and the authority may be a limitation and a range of access operations performed on the resource by the role.
Specifically, at present, the access right information is generally stored in a database, and the access right information is centrally stored in the database and is easily tampered by an illegal user, and once the associated data between the user and the role or between the role and the right in the access right information is tampered, the illegal user can obtain the right to access the resource. Therefore, in the embodiment of the invention, the access authority information is stored in the block chain and is synchronized in each block chain node, and the security of the access authority information can be ensured by decentralized storage, so that the access authority information is prevented from being tampered. According to the access resource information stored in the block chain, the authority of the resource request initiator is identified, so that the resource request initiator is determined to have the authority of accessing the resources, the security of resource access is improved, and the resources are prevented from being illegally stolen.
Optionally, identifying the authority of the resource request initiator according to the access authority information stored in the block chain may include: verifying the identity of the initiator according to the identification information of the initiator; if the verification is passed, determining the access role of the initiator according to the associated data of the user and the role stored in the block chain; and determining the access authority of the initiator according to the role and authority associated data stored in the block chain.
The identification information may be account information of the resource request initiator, or may also be identification information carried by the resource request initiator, such as an ID of the resource request initiator. Before determining the authority of the resource request initiator, the identity of the resource request initiator needs to be authenticated to judge whether the resource request initiator is a user having access authority to the stored resource. Exemplarily, the identification information of the resource request initiator is matched with the identification information of the user in the associated data of the user and the role stored in the block chain, and if the identification information of the resource request initiator is matched with the identification information of the user stored in the block chain, it indicates that the resource request initiator has the right to access the resource, and the resource request initiator is verified to be passed. After the identity authentication is passed, determining an access role corresponding to the resource request initiator according to the associated data of the user and the role stored in the block chain, and determining an access authority corresponding to the access role according to the associated data of the role and the authority stored in the block chain, namely the access authority corresponding to the resource request initiator.
And step 120, responding to the resource request according to the authority identification result.
The permission identification result may be a resource access permission corresponding to the resource request initiator. Specifically, after the resource access authority corresponding to the resource request initiator is determined according to the authority access information, the resource request of the requester is responded according to the resource access authority, so that the resource request initiator performs access and operation allowed by the authority on the resource stored in the system.
In this embodiment, the access right information may be stored in the blockchain in the form of an intelligent contract, or may be stored in the blockchain in the form of a common data format. Optionally, before identifying the authority of the resource request initiator according to the access authority information stored in the block chain, the method may further include: receiving an intelligent contract which is initiated by a resource management node and carries access authority information; and storing the intelligent contract carrying the access authority information in the block chain.
The resource management node may be a node in the blockchain network or may not be a node in the blockchain network. If the resource management node is a node in the block chain network, generating an intelligent contract according to the predetermined associated data of the user and the role and the associated data of the role and the authority, and transmitting the intelligent contract to the block chain network to request other nodes in the block chain network to synchronize the intelligent contract; if the local node is a current block chain generating node, after receiving an intelligent contract which is initiated by the resource management node and carries access authority information, the intelligent contract carrying the access authority information can be stored in the current block, and then the current block can be sent to other nodes so that the other nodes can verify and store the intelligent contract; if the local node is not the current block chain generating node, the block which is sent by the current block generating node and comprises the intelligent contract which is initiated by the resource management node and carries the access authority information can be received and stored.
If the resource management node is not a node in the block chain network, the resource management node can generate an intelligent contract according to the access authority information, and then the intelligent contract can be sent to the block chain network through an interaction interface (such as a client interface) provided by the block chain node, so that the local node can acquire and store the intelligent contract which is initiated by the source management node and carries the access authority information from the block chain network.
According to the technical scheme of the embodiment of the invention, the authority of the resource request initiator is identified according to the access authority information stored in the block chain, wherein the access authority information comprises: and responding to the resource request according to the authority identification result by the associated data of the user and the role and the associated data between the role and the authority. According to the scheme, the access authority information containing at least one group of associated data among users, roles and authorities is stored on the basis of the block chain, so that the access authority information has the advantages of high transparency, difficulty in tampering, strong public trust and the like; meanwhile, the authority of the resource request initiator is identified according to the access authority information stored in the block chain, so that the problem that an illegal user illegally accesses or steals the resource can be avoided, and the safety of resource access is improved.
Example two
Fig. 2 is a flowchart of an access control method in the second embodiment of the present invention. The present embodiment is optimized based on the above embodiments, and details that are not described in detail in the present embodiment are described in the above embodiments. Referring to fig. 2, the access control method provided in this embodiment may include:
step 210, receiving an intelligent contract initiated by a resource management node; the intelligent contract comprises a hash value obtained by calculating the access authority information by adopting a hash algorithm.
The hash algorithm is an algorithm that can convert an input of an arbitrary length into an output of a fixed length by a hash algorithm, and may be, for example, an MD4(Message Digest 4) algorithm, an MD5 algorithm, or an SHA series algorithm. In the embodiment of the invention, the hash algorithm is firstly adopted to calculate the access permission information and convert the access permission information into the hash value with fixed character length, so that the hash value corresponding to each access permission information is input into the intelligent contract, the space occupied by each access permission information is only the size of one hash value, and the occupied storage space is reduced.
Step 220, the intelligent contract is stored in the blockchain.
Specifically, the intelligent contract containing the hash value corresponding to the access authority information is stored in the block chain and is synchronized to each block chain node, so that decentralized storage is realized, and the security of access authority information storage is improved.
And step 230, calling the intelligent contract, and calculating a hash value in the intelligent contract by adopting a hash algorithm to obtain the access authority information.
Specifically, after receiving the resource request of the resource request initiator, the local node needs to determine the access right of the resource request initiator according to the access right information, so that the intelligent contract stored in the block chain can be called to determine the right of the resource request initiator according to the access right information included in the intelligent contract. Because the access authority information is not directly stored in the intelligent contract, but the hash value corresponding to the access authority information is stored in the intelligent contract, the hash value in the intelligent contract is operated by adopting a hash algorithm, so that the access authority information corresponding to each hash value is obtained, and the access authority of the resource request initiator is determined according to the access authority information.
And 240, identifying the authority of the resource request initiator according to the access authority information.
And step 250, responding to the resource request according to the authority identification result.
According to the technical scheme of the embodiment of the invention, the resource management node adopts the Hash algorithm to calculate the access authority information to obtain the Hash value, and the intelligent contract is initiated according to the Hash value, so that the space occupied by each access authority information is only the size of one Hash value, and the storage space occupied by the access authority information is reduced. The intelligent contracts are stored in the block chains and are synchronized to each block chain node, so that decentralized storage is realized, and the safety of access authority information storage is improved. And calling an intelligent contract, and calculating a hash value in the intelligent contract by adopting a hash algorithm to obtain access authority information, so that the access request of the resource request initiator is determined according to the access authority information, and the resource request initiator can access the resource conveniently.
EXAMPLE III
Fig. 3 is a schematic structural diagram of an access control apparatus according to a third embodiment of the present invention. The device is suitable for performing authority verification on the resource access initiator to control the access of the resource access initiator to the resource, can be implemented by software and/or hardware, and can be integrated in a computing device carrying a blockchain node. Referring to fig. 3, the apparatus specifically includes:
the permission identification module 310 is configured to identify a permission of the resource request initiator according to the access permission information stored in the block chain; wherein the access right information includes: the association data of the user and the role and the association data between the role and the authority;
and a response module 320, configured to respond to the resource request according to the permission identification result.
Optionally, the authority identifying module 310 includes:
the verification unit is used for verifying the identity of the initiator according to the identification information of the initiator;
and the access authority determining unit is used for determining the access authority of the initiator according to the role and authority associated data stored in the block chain.
Optionally, the apparatus may further include:
the receiving module is used for receiving an intelligent contract which is initiated by the resource management node and carries the access authority information before the authority of the resource request initiator is identified according to the access authority information stored in the block chain;
and the storage module is used for storing the intelligent contract carrying the access authority information in the block chain.
Optionally, the apparatus may further include:
the intelligent contract receiving module is used for receiving an intelligent contract initiated by the resource management node before the authority of the resource request initiator is identified according to the access authority information stored in the block chain; the intelligent contract comprises a hash value obtained by calculating the access authority information by adopting a hash algorithm;
and the intelligent contract storage module is used for storing the intelligent contracts in the block chain.
Optionally, the authority identifying module 310 includes:
the calling unit is used for calling the intelligent contract and calculating a hash value in the intelligent contract by adopting a hash algorithm to obtain access authority information;
and the identification unit is used for identifying the authority of the resource request initiator according to the access authority information.
According to the technical scheme of the embodiment of the invention, the authority of the resource request initiator is identified according to the access authority information stored in the block chain, wherein the access authority information comprises: and responding to the resource request according to the authority identification result by the associated data of the user and the role and the associated data between the role and the authority. According to the scheme, the access authority information containing at least one group of associated data among users, roles and authorities is stored on the basis of the block chain, so that the access authority information has the advantages of high transparency, difficulty in tampering, strong public trust and the like; meanwhile, the authority of the resource request initiator is identified according to the access authority information stored in the block chain, so that the problem that an illegal user illegally accesses or steals the resource can be avoided, and the safety of resource access is improved.
Example four
Fig. 4 is a schematic structural diagram of an apparatus according to a fourth embodiment of the present invention. FIG. 4 illustrates a block diagram of an exemplary device 412 suitable for use in implementing embodiments of the present invention. The device 412 shown in fig. 4 is only an example and should not impose any limitation on the functionality or scope of use of embodiments of the present invention. Alternatively, the device 412 may typically be a computing device carrying a blockchain node.
As shown in FIG. 4, device 412 is in the form of a general purpose computing device. The components of device 412 may include, but are not limited to: one or more processors or processors 416, a memory 428, and a bus 418 that couples the various system components including the memory 428 and the processors 416.
Bus 418 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. By way of example, such architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, micro-channel architecture (MAC) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Device 412 typically includes a variety of computer system readable storage media. These storage media may be any available storage media that can be accessed by device 412 and includes both volatile and nonvolatile storage media, removable and non-removable storage media.
Memory 428 may include computer system readable storage media in the form of volatile memory, such as Random Access Memory (RAM)430 and/or cache memory 432. The device 412 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 434 may be used to read from and write to non-removable, nonvolatile magnetic storage media (not shown in FIG. 4, commonly referred to as a "hard drive"). Although not shown in FIG. 4, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical storage medium) may be provided. In these cases, each drive may be connected to bus 418 by one or more data storage media interfaces. Memory 428 can include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
A program/utility 440 having a set (at least one) of program modules 442 may be stored, for instance, in memory 428, such program modules 462 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 462 generally perform the functions and/or methodologies of the described embodiments of the invention.
The device 412 may also communicate with one or more external devices 414 (e.g., keyboard, pointing device, display 426, etc.), with one or more devices that enable a user to interact with the device 412, and/or with any devices (e.g., network card, modem, etc.) that enable the device 412 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 422. Also, the device 412 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) through the network adapter 420. As shown, network adapter 420 communicates with the other modules of device 412 over bus 418. It should be appreciated that although not shown in FIG. 4, other hardware and/or software modules may be used in conjunction with device 412, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processor 416 executes various functional applications and data processing by executing at least one of other programs of the plurality of programs stored in the memory 428, for example, to implement an access control method provided by an embodiment of the present invention, including:
identifying the authority of a resource request initiator according to the access authority information stored in the block chain; wherein the access right information includes: the association data of the user and the role and the association data between the role and the authority; and responding to the resource request according to the authority identification result.
EXAMPLE five
An embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform an access control method:
identifying the authority of a resource request initiator according to the access authority information stored in the block chain; wherein the access right information includes: the association data of the user and the role and the association data between the role and the authority;
and responding to the resource request according to the authority identification result.
Computer storage media for embodiments of the present invention can take the form of any combination of one or more computer-readable storage media. The computer readable storage medium may be a computer readable signal storage medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the invention, the computer readable storage medium may be any tangible storage medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal storage medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal storage medium may also be any computer readable storage medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable storage medium may be transmitted using any appropriate storage medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or device. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (7)

1. An access control method, comprising:
identifying the authority of a resource request initiator according to the access authority information stored in the block chain; wherein the access right information includes: the association data of the user and the role and the association data between the role and the authority;
responding the resource request according to the authority identification result;
wherein the content of the first and second substances,
before identifying the authority of the resource request initiator according to the access authority information stored in the block chain, the method further comprises the following steps:
receiving an intelligent contract which is initiated by a resource management node and carries the access authority information;
and storing the intelligent contract carrying the access authority information in a block chain.
2. The method of claim 1, wherein identifying the authority of the resource request initiator according to the access authority information stored in the blockchain comprises:
verifying the identity of the initiator according to the identification information of the initiator;
if the verification is passed, determining the access role of the initiator according to the associated data of the user and the role stored in the block chain;
and determining the access authority of the initiator according to the associated data of the roles and the authorities stored in the block chain.
3. The method of claim 1, wherein before identifying the authority of the resource request initiator according to the access authority information stored in the blockchain, the method further comprises:
receiving an intelligent contract initiated by a resource management node; the intelligent contract comprises a hash value obtained by calculating the access authority information by adopting a hash algorithm;
storing the intelligent contract in a blockchain.
4. An access control apparatus, characterized in that the apparatus comprises:
the authority identification module is used for identifying the authority of the resource request initiator according to the access authority information stored in the block chain; wherein the access right information includes: the association data of the user and the role and the association data between the role and the authority;
the response module is used for responding to the resource request according to the authority identification result;
the device further comprises:
the receiving module is used for receiving an intelligent contract which is initiated by the resource management node and carries the access authority information;
and the storage module is used for storing the intelligent contract carrying the access authority information in a block chain.
5. The apparatus of claim 4, wherein the permission identification module comprises:
the verification unit is used for verifying the identity of the initiator according to the identification information of the initiator;
and the access authority determining unit is used for determining the access authority of the initiator according to the role and authority associated data stored in the block chain.
6. An electronic device, characterized in that the electronic device comprises:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement an access control method as recited in any one of claims 1-3.
7. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out an access control method according to any one of claims 1-3.
CN201910666952.XA 2019-07-23 2019-07-23 Access control method, device, equipment and storage medium Active CN110414268B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910666952.XA CN110414268B (en) 2019-07-23 2019-07-23 Access control method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910666952.XA CN110414268B (en) 2019-07-23 2019-07-23 Access control method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110414268A CN110414268A (en) 2019-11-05
CN110414268B true CN110414268B (en) 2022-05-10

Family

ID=68362613

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910666952.XA Active CN110414268B (en) 2019-07-23 2019-07-23 Access control method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110414268B (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111310233A (en) * 2020-03-24 2020-06-19 腾讯科技(深圳)有限公司 Application interface display method, device, equipment and storage medium
CN113452650B (en) * 2020-03-24 2023-04-07 钉钉控股(开曼)有限公司 Access control method, device, equipment and storage medium
CN111597584B (en) * 2020-05-26 2023-12-19 牛津(海南)区块链研究院有限公司 Privacy protection and data sharing method, device and equipment based on blockchain
CN111597585B (en) * 2020-05-26 2023-08-11 牛津(海南)区块链研究院有限公司 Privacy protection method, system and related components of blockchain data
CN111625866B (en) * 2020-05-28 2024-04-19 广东浪潮大数据研究有限公司 Authority management method, system, equipment and storage medium
CN111797374B (en) * 2020-07-21 2023-06-06 浙江同善人工智能技术有限公司 Supply chain access control system and method based on public chain intelligent contract
CN112118224B (en) * 2020-08-12 2021-07-23 北京大学 Trusted mechanism authority management method and system for big data block chain
CN112347435A (en) * 2020-09-27 2021-02-09 北京淇瑀信息科技有限公司 Computer-aided resource delivery management method and platform based on data permission
CN112215609B (en) * 2020-11-05 2021-09-21 深圳市瀚兰区块链地产有限公司 House property user identity authentication method and device based on super account book and electronic equipment
CN112632575A (en) * 2020-12-22 2021-04-09 平安普惠企业管理有限公司 Authority management method and device of business system, computer equipment and storage medium
CN112541640A (en) * 2020-12-22 2021-03-23 平安银行股份有限公司 Resource authority management method and device, electronic equipment and computer storage medium
CN113612754A (en) * 2021-07-28 2021-11-05 中国科学院深圳先进技术研究院 Cross-domain access method and system based on block chain
CN115102770A (en) * 2022-06-24 2022-09-23 平安普惠企业管理有限公司 Resource access method, device and equipment based on user permission and storage medium
CN115277242A (en) * 2022-08-04 2022-11-01 北京智融云河科技有限公司 Access control method and device for digital object
CN116684207B (en) * 2023-08-03 2023-10-20 杭州字节方舟科技有限公司 Method, device, equipment and medium for processing monitoring data based on blockchain

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105488431A (en) * 2015-11-30 2016-04-13 布比(北京)网络技术有限公司 Authority management method and device for block chain system
US20180225008A1 (en) * 2015-07-09 2018-08-09 Sensoriant, Inc. Method and System for Creating Adaptive User Interfaces Using User Provided and Controlled Data
CN108632268A (en) * 2018-04-28 2018-10-09 腾讯科技(深圳)有限公司 The method for authenticating and device, storage medium, electronic device that block chain accesses
CN108768988A (en) * 2018-05-17 2018-11-06 深圳前海微众银行股份有限公司 Block chain access control method, equipment and computer readable storage medium
CN109391612A (en) * 2018-08-17 2019-02-26 杭州微链区块链科技有限公司 A kind of identification confirmation system and method based on block chain
CN109714348A (en) * 2018-12-29 2019-05-03 百度在线网络技术(北京)有限公司 Permission processing method, device, equipment and the medium realized based on block chain
CN110032865A (en) * 2019-03-28 2019-07-19 腾讯科技(深圳)有限公司 A kind of right management method, device and storage medium

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104751256B (en) * 2013-12-25 2018-03-30 技嘉科技股份有限公司 The method and system of message structure
CN108737348A (en) * 2017-04-21 2018-11-02 中国科学院信息工程研究所 A kind of internet of things equipment access control method of the intelligent contract based on block chain
CN107103252A (en) * 2017-04-27 2017-08-29 电子科技大学 Data access control method based on block chain
CN107480555B (en) * 2017-08-01 2020-03-13 中国联合网络通信集团有限公司 Database access authority control method and device based on block chain
US10528551B2 (en) * 2017-09-29 2020-01-07 Oracle International Corporation System and method for providing a representational state transfer proxy service for a blockchain cloud service
CN108023894B (en) * 2017-12-18 2020-09-11 苏州优千网络科技有限公司 Visa information system based on block chain and processing method thereof
WO2019125081A1 (en) * 2017-12-21 2019-06-27 문인식 System for granting one-time access rights using blockchain

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180225008A1 (en) * 2015-07-09 2018-08-09 Sensoriant, Inc. Method and System for Creating Adaptive User Interfaces Using User Provided and Controlled Data
CN105488431A (en) * 2015-11-30 2016-04-13 布比(北京)网络技术有限公司 Authority management method and device for block chain system
CN108632268A (en) * 2018-04-28 2018-10-09 腾讯科技(深圳)有限公司 The method for authenticating and device, storage medium, electronic device that block chain accesses
CN108768988A (en) * 2018-05-17 2018-11-06 深圳前海微众银行股份有限公司 Block chain access control method, equipment and computer readable storage medium
CN109391612A (en) * 2018-08-17 2019-02-26 杭州微链区块链科技有限公司 A kind of identification confirmation system and method based on block chain
CN109714348A (en) * 2018-12-29 2019-05-03 百度在线网络技术(北京)有限公司 Permission processing method, device, equipment and the medium realized based on block chain
CN110032865A (en) * 2019-03-28 2019-07-19 腾讯科技(深圳)有限公司 A kind of right management method, device and storage medium

Also Published As

Publication number Publication date
CN110414268A (en) 2019-11-05

Similar Documents

Publication Publication Date Title
CN110414268B (en) Access control method, device, equipment and storage medium
CN108810006B (en) Resource access method, device, equipment and storage medium
US11645408B2 (en) Controlling access to datasets described in a cryptographically signed record
CN108923908B (en) Authorization processing method, device, equipment and storage medium
US10614233B2 (en) Managing access to documents with a file monitor
US11347876B2 (en) Access control
US10956614B2 (en) Expendable access control
US20160371495A1 (en) Controlled access to data in a sandboxed environment
CN109657492B (en) Database management method, medium, and electronic device
CN108289098B (en) Authority management method and device of distributed file system, server and medium
WO2017124960A1 (en) Method and device for application program to access interface, and method and device for application program to request authorization
CN111291339B (en) Method, device, equipment and storage medium for processing blockchain data
CN110555293A (en) Method, apparatus, electronic device and computer readable medium for protecting data
WO2014209416A1 (en) Process authentication and resource permissions
US10958687B2 (en) Generating false data for suspicious users
CN112307515A (en) Database-based data processing method and device, electronic equipment and medium
CN113918999B (en) Method and device for establishing safe ferry channel, network disk and storage medium
CN110070360B (en) Transaction request processing method, device, equipment and storage medium
CN109325360B (en) Information management method and device
US10158623B2 (en) Data theft deterrence
CN109522683A (en) Software source tracing method, system, computer equipment and storage medium
CN109635558B (en) Access control method, device and system
CN112016336B (en) Method, device, equipment and storage medium for detecting copy card
US20220100822A1 (en) Software access through heterogeneous encryption
CN116760639B (en) Data security isolation and sharing framework implementation method for multiple tenants

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant