CN110909386A - Unified authorization access method and system for multiple data sources - Google Patents
Unified authorization access method and system for multiple data sources Download PDFInfo
- Publication number
- CN110909386A CN110909386A CN201911144833.4A CN201911144833A CN110909386A CN 110909386 A CN110909386 A CN 110909386A CN 201911144833 A CN201911144833 A CN 201911144833A CN 110909386 A CN110909386 A CN 110909386A
- Authority
- CN
- China
- Prior art keywords
- user
- query
- result set
- data sources
- metadata
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000013475 authorization Methods 0.000 title claims abstract description 24
- 238000000586 desensitisation Methods 0.000 claims abstract description 24
- 238000012795 verification Methods 0.000 claims abstract description 10
- 238000004590 computer program Methods 0.000 claims description 19
- 230000000977 initiatory effect Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 11
- 238000012545 processing Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000007429 general method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/242—Query formulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Computational Linguistics (AREA)
- Mathematical Physics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a unified authorization access method and a system for multiple data sources, which are used for collecting metadata information of the multiple data sources; when a user initiates an inquiry request, the authority of the user is verified, after the verification is passed, an inquiry statement is executed, a result set is summarized, desensitization is carried out on the result set according to a configured desensitization rule, and the desensitized inquiry result set is returned. The invention can support the unified authorization access control of various data sources.
Description
Technical Field
The invention relates to the technical field of big data security, in particular to a unified authorization access method and a system for multiple data sources.
Background
Some schemes for authorizing access to a data source already exist in the prior art schemes, but most of the technical schemes are for authorizing access to a single data source and cannot support uniform authorized access of multiple data sources.
Patent application publication No. CN 109525570A discloses a group-client-oriented data hierarchical security access control method, which comprises a distributed application program transceiving module, a data encryption and decryption processing module, a key negotiation module, a data concurrent processing module, a hierarchical access control module, a database connection module and a MySQL database module. The distributed application program transceiver module is responsible for monitoring cross-platform application program service requests; the data encryption and decryption processing module is responsible for data encryption and decryption and ensures the reliability of a data source; the key negotiation module is responsible for generating a session key; the data concurrent processing module is responsible for analyzing the service request data; the layered access control module is responsible for judging whether the user has the authority of accessing the layered data; the database connection module is responsible for establishing a database connection pool and improving the data reading and writing efficiency of the system; and the MySQL database module is responsible for modularly storing group client data. The method can provide a layered and extensible data access control method for group customers with different enterprise scales. The technical scheme also performs authorization access control on the data source, but the scheme cannot support uniform authorization access of various data sources, only performs authorization access control based on mysql, and even cannot support user concurrent query quantity control.
The application of patent application publication number CN 103870548A discloses an access control method for a spatial database, in which authorization of the spatial database is realized by adding access rules to an R + tree, the R + tree added with the access rules is searched according to an access request, after a spatial entity is obtained from the spatial database according to a search result, each pair of spatial entities is further cut according to the access request and the corresponding access rules, and the cut spatial entity is returned to a user. The access control method not only supports the authorization of the space entity, but also supports the authorization after the entity is split in a fine-grained manner, the access control rule can only cover a part of the space entity, and simultaneously combines the two queries of access rule judgment and space retrieval into one query, determines the result of user query in one query and returns corresponding information, thereby improving the authorization query efficiency and ensuring the response speed when accessing the space vector data with the authority limit. The technical scheme also performs authorized access control on the database, but the scheme cannot support uniform authorized access of various data sources, can only perform authorized access control on the spatial database based on an R + tree mode, and cannot support user concurrent query quantity control.
Disclosure of Invention
In view of this, the present invention provides a method and a system for unified authorization access for multiple data sources, which can support unified authorization access control for multiple data sources.
The invention is realized by adopting the following scheme: a method of uniform authorized access to multiple data sources, comprising the steps of:
collecting metadata information of various data sources;
when a user initiates an inquiry request, the authority of the user is verified, after the verification is passed, an inquiry statement is executed, a result set is summarized, desensitization is carried out on the result set according to a configured desensitization rule, and the desensitized inquiry result set is returned.
Furthermore, the number of concurrent queries of the user is configured, and the number of concurrent queries of the same user is limited.
Further, the collecting metadata information of the multiple data sources specifically includes: collecting metadata information of a registered data source at fixed time, judging whether a collecting plug-in of the current data source exists in the system or not, if so, collecting the metadata of the data source, if not, compiling the metadata collecting plug-in corresponding to the data source, loading the metadata collecting plug-in of the data source, and finishing the metadata information collection of the data source; and after the metadata is collected, the collected metadata information is displayed on a metadata authorization configuration page.
Further, when a user initiates a query request, the authority verification is performed on the user, after the verification is passed, a query statement is executed and a result set is collected, finally desensitization is performed on the result set according to a configured desensitization rule, and the query result set after desensitization is returned specifically includes the following steps:
step S1: after initiating a query request, the user carries out identity personal identification on the user;
step S2: judging whether the current query number of the user exceeds a preset query concurrency number of the same user, if so, enabling the current request of the user to be in a waiting state, otherwise, entering a step S3;
step S3: analyzing the query sentence sent by the user by grammar to obtain a grammar tree, and judging whether the user has the access authority of a corresponding table, if so, entering a step S4, otherwise, rejecting the request of the user;
step S4: judging whether the user has the access authority of the corresponding table field, if so, entering a step S5, otherwise, rejecting the request of the user;
step S5: and executing the query statement and summarizing the result set, desensitizing the result set according to the desensitization rule configured currently, and returning the desensitized query result set to the user.
Further, step S2 is specifically: and submitting query sentences sent by a user to a query queue matched with the user in real time, wherein the queue has the limit of preset sentence capacity, when the capacity in the queue reaches the upper limit, the submitted sentences enter a waiting stage, and when the queue is idle, the originally waiting sentences are re-executed so as to limit the number of query concurrency of the same user.
Further, the data sources include, but are not limited to mysql, oracle, NOSQL, mongodb, cassandra, kafka.
The present invention also provides a system for unified authorized access to multiple data sources comprising a memory, a processor and a computer program stored on said memory and capable of being executed by said processor, which computer program when executed by the processor implements the method steps as described above at tez.
The invention also provides a computer-readable storage medium having stored thereon a computer program capable of being executed by a processor, the computer program when executed by the processor implementing the method steps as described above.
Compared with the prior art, the invention has the following beneficial effects:
1. the invention supports the unified authorization access control of various data sources by acquiring the metadata information of various data sources and detecting whether a user has the query authority of a corresponding table and a field when receiving a query request.
2. The invention realizes the control of the number of the parallel queries of the users by configuring the number of the concurrent queries of the users and limiting the number of the concurrent queries of the same user.
3. The invention can also support desensitization of sensitive data, and by configuring the data desensitization rules of the metadata, after the query results are summarized, the data desensitization rules of the corresponding metadata are acted on the corresponding data of the corresponding result set, and the final query result set is returned, thereby completing the access authority control.
Drawings
FIG. 1 is a schematic diagram of the general method principle of an embodiment of the present invention.
Fig. 2 is a schematic diagram of a metadata collection process according to an embodiment of the present invention.
Fig. 3 is a flowchart of the right control according to the embodiment of the present invention.
FIG. 4 is a timing diagram of the privilege control according to the embodiment of the present invention.
Detailed Description
The invention is further explained below with reference to the drawings and the embodiments.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present application. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
As shown in fig. 1, the present embodiment provides a unified authorization access method for multiple data sources, including the following steps:
collecting metadata information of various data sources;
when a user initiates an inquiry request, the authority of the user is verified, after the verification is passed, an inquiry statement is executed, a result set is summarized, desensitization is carried out on the result set according to a configured desensitization rule, and the desensitized inquiry result set is returned.
In this embodiment, the number of concurrent queries of a user is configured, and the number of concurrent queries of the same user is limited.
As shown in fig. 2, in this embodiment, the collecting metadata information of multiple data sources specifically includes: collecting metadata information of a registered data source at fixed time, judging whether a collecting plug-in of the current data source exists in the system or not, if so, collecting the metadata of the data source, if not, compiling the metadata collecting plug-in corresponding to the data source, loading the metadata collecting plug-in of the data source, and finishing the metadata information collection of the data source; and after the metadata is collected, the collected metadata information is displayed on a metadata authorization configuration page.
In this embodiment, when a user initiates a query request, the method for performing authority verification on the user, executing a query statement after the verification is passed, summarizing a result set, desensitizing the result set according to a configured desensitization rule, and returning the desensitized query result set specifically includes the following steps:
step S1: after initiating a query request, the user carries out identity personal identification on the user;
step S2: judging whether the current query number of the user exceeds a preset query concurrency number of the same user, if so, enabling the current request of the user to be in a waiting state, otherwise, entering a step S3;
step S3: analyzing the query sentence sent by the user by grammar to obtain a grammar tree, and judging whether the user has the access authority of a corresponding table, if so, entering a step S4, otherwise, rejecting the request of the user;
step S4: judging whether the user has the access authority of the corresponding table field, if so, entering a step S5, otherwise, rejecting the request of the user;
step S5: and executing the query statement and summarizing the result set, desensitizing the result set according to the desensitization rule configured currently, and returning the desensitized query result set to the user.
In this embodiment, step S2 specifically includes: and submitting query sentences sent by a user to a query queue matched with the user in real time, wherein the queue has the limit of preset sentence capacity, when the capacity in the queue reaches the upper limit, the submitted sentences enter a waiting stage, and when the queue is idle, the originally waiting sentences are re-executed so as to limit the number of query concurrency of the same user.
In this embodiment, the data sources include, but are not limited to, mysql, oracle, NOSQL, mongodb, cassandra, kafka.
The present embodiment also provides a system for unified authorized access to multiple data sources, comprising a memory, a processor and a computer program stored on said memory and capable of being executed by said processor, which computer program, when executed by the processor, implements the method steps as described above.
The present embodiment also provides a computer-readable storage medium having stored thereon a computer program capable of being executed by a processor, the computer program when executed by the processor implementing the method steps as described above.
Preferably, as shown in fig. 3 and 4, in this embodiment, a user can select a corresponding user through a provided user page to set a query concurrency authority, a query statement sent by the user is submitted to a query queue matched with the user, the queue has a limit on statement capacity, when the capacity in the queue reaches an upper limit, the later submitted statement enters a waiting stage, and when the queue is idle, the originally waiting statement is re-executed, so that the query concurrency number of the same user is limited, and the concurrent query efficiency of different users is improved.
Meanwhile, the embodiment can set the metadata table access authority of the corresponding role of the user through the provided authorization configuration page, the query statement sent by the user is parsed to obtain the syntax tree, and the syntax tree is combined with the metadata table access authority of the authorization configuration to perform access control on the query table authority.
Meanwhile, the embodiment can set the access authority of the metadata table field of the corresponding role of the user by providing the authorization configuration page, the query statement sent by the user is parsed to obtain the syntax tree, and the syntax tree is combined with the access authority of the metadata table field of the authorization configuration to perform access control on the query table field authority.
Meanwhile, the embodiment can add table field desensitization rules through a set table detail page, and the data desensitization rules are configured according to corresponding table fields; when the query statement obtains the result set, a desensitization result set is generated according to the desensitization rule of the corresponding field, and the query result is returned, so that the sensitive data can be protected.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is directed to preferred embodiments of the present invention, other and further embodiments of the invention may be devised without departing from the basic scope thereof, and the scope thereof is determined by the claims that follow. However, any simple modification, equivalent change and modification of the above embodiments according to the technical essence of the present invention are within the protection scope of the technical solution of the present invention.
Claims (8)
1. A method for unified authorized access to multiple data sources, comprising the steps of:
collecting metadata information of various data sources;
when a user initiates an inquiry request, the authority of the user is verified, after the verification is passed, an inquiry statement is executed, a result set is summarized, desensitization is carried out on the result set according to a configured desensitization rule, and the desensitized inquiry result set is returned.
2. The method for unified authorized access to multiple data sources according to claim 1, further comprising the steps of: and configuring the concurrent query number of the users and limiting the query concurrent number of the same user.
3. The method according to claim 1, wherein the collecting metadata information of the multiple data sources specifically includes: collecting metadata information of a registered data source at fixed time, judging whether a collecting plug-in of the current data source exists in the system or not, if so, collecting the metadata of the data source, if not, compiling the metadata collecting plug-in corresponding to the data source, loading the metadata collecting plug-in of the data source, and finishing the metadata information collection of the data source; and after the metadata is collected, the collected metadata information is displayed on a metadata authorization configuration page.
4. The unified authorization access method for multiple data sources according to claim 2, wherein when a user initiates a query request, the user is subjected to authority verification, after the verification is passed, the query statement is executed and the result set is summarized, finally, desensitization is performed on the result set according to a configured desensitization rule, and returning the desensitized query result set specifically comprises the following steps:
step S1: after initiating a query request, the user carries out identity personal identification on the user;
step S2: judging whether the current query number of the user exceeds a preset query concurrency number of the same user, if so, enabling the current request of the user to be in a waiting state, otherwise, entering a step S3;
step S3: analyzing the query sentence sent by the user by grammar to obtain a grammar tree, and judging whether the user has the access authority of a corresponding table, if so, entering a step S4, otherwise, rejecting the request of the user;
step S4: judging whether the user has the access authority of the corresponding table field, if so, entering a step S5, otherwise, rejecting the request of the user;
step S5: and executing the query statement and summarizing the result set, desensitizing the result set according to the desensitization rule configured currently, and returning the desensitized query result set to the user.
5. The method according to claim 4, wherein the step S2 is specifically as follows: and submitting query sentences sent by a user to a query queue matched with the user in real time, wherein the queue has the limit of preset sentence capacity, when the capacity in the queue reaches the upper limit, the submitted sentences enter a waiting stage, and when the queue is idle, the originally waiting sentences are re-executed so as to limit the number of query concurrency of the same user.
6. The method of claim 1, wherein the data sources include, but are not limited to mysql, oracle, NOSQL, mongodb, cassandra, kafka.
7. A unified authorized access system for multiple data sources, comprising a memory, a processor and a computer program stored on said memory and executable by said processor, which computer program, when executed by the processor, implements the method steps according to any of claims 1-6.
8. A computer-readable storage medium, on which a computer program is stored which can be executed by a processor, which computer program, when being executed by the processor, carries out the method steps of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911144833.4A CN110909386A (en) | 2019-11-21 | 2019-11-21 | Unified authorization access method and system for multiple data sources |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911144833.4A CN110909386A (en) | 2019-11-21 | 2019-11-21 | Unified authorization access method and system for multiple data sources |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110909386A true CN110909386A (en) | 2020-03-24 |
Family
ID=69816813
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911144833.4A Pending CN110909386A (en) | 2019-11-21 | 2019-11-21 | Unified authorization access method and system for multiple data sources |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110909386A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112307129A (en) * | 2020-12-31 | 2021-02-02 | 成都四方伟业软件股份有限公司 | Control system constructed based on data sharing and control method thereof |
| CN113157902A (en) * | 2020-12-24 | 2021-07-23 | 中国能源建设股份有限公司 | Inquiry mode for completing information desensitization examination and approval by utilizing multiple information means |
| CN113239387A (en) * | 2021-06-18 | 2021-08-10 | 中国银行股份有限公司 | Data acquisition method and system |
| CN113434901A (en) * | 2021-06-30 | 2021-09-24 | 平安普惠企业管理有限公司 | Intelligent data query method and device, electronic equipment and storage medium |
| CN114706857A (en) * | 2022-04-22 | 2022-07-05 | 北京友友天宇系统技术有限公司 | Unified authentication/authorization method, equipment and storage medium for cross-multi-source heterogeneous storage system |
| CN116662373A (en) * | 2023-07-27 | 2023-08-29 | 天津神舟通用数据技术有限公司 | Data access control method, device, equipment and medium |
| CN113239387B (en) * | 2021-06-18 | 2024-05-24 | 中国银行股份有限公司 | Data acquisition method and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2372575A1 (en) * | 2010-03-26 | 2011-10-05 | British Telecommunications public limited company | Information retrieval with security rules |
| CN106599713A (en) * | 2016-11-11 | 2017-04-26 | 中国电子科技网络信息安全有限公司 | Database masking system and method based on big data |
| CN107491510A (en) * | 2017-08-03 | 2017-12-19 | 国网江苏省电力公司信息通信分公司 | One kind mixing heterogeneous data source unified query system and distributed enquiring method |
| CN109815283A (en) * | 2018-12-18 | 2019-05-28 | 中科曙光南京研究院有限公司 | A kind of heterogeneous data source visual inquiry method |
| CN110032575A (en) * | 2019-04-15 | 2019-07-19 | 网易(杭州)网络有限公司 | Data query method, apparatus, equipment and storage medium |
| CN110197083A (en) * | 2019-06-05 | 2019-09-03 | 深圳市优网科技有限公司 | Sensitive data desensitization system and processing method |
-
2019
- 2019-11-21 CN CN201911144833.4A patent/CN110909386A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2372575A1 (en) * | 2010-03-26 | 2011-10-05 | British Telecommunications public limited company | Information retrieval with security rules |
| CN106599713A (en) * | 2016-11-11 | 2017-04-26 | 中国电子科技网络信息安全有限公司 | Database masking system and method based on big data |
| CN107491510A (en) * | 2017-08-03 | 2017-12-19 | 国网江苏省电力公司信息通信分公司 | One kind mixing heterogeneous data source unified query system and distributed enquiring method |
| CN109815283A (en) * | 2018-12-18 | 2019-05-28 | 中科曙光南京研究院有限公司 | A kind of heterogeneous data source visual inquiry method |
| CN110032575A (en) * | 2019-04-15 | 2019-07-19 | 网易(杭州)网络有限公司 | Data query method, apparatus, equipment and storage medium |
| CN110197083A (en) * | 2019-06-05 | 2019-09-03 | 深圳市优网科技有限公司 | Sensitive data desensitization system and processing method |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113157902A (en) * | 2020-12-24 | 2021-07-23 | 中国能源建设股份有限公司 | Inquiry mode for completing information desensitization examination and approval by utilizing multiple information means |
| CN112307129A (en) * | 2020-12-31 | 2021-02-02 | 成都四方伟业软件股份有限公司 | Control system constructed based on data sharing and control method thereof |
| CN113239387A (en) * | 2021-06-18 | 2021-08-10 | 中国银行股份有限公司 | Data acquisition method and system |
| CN113239387B (en) * | 2021-06-18 | 2024-05-24 | 中国银行股份有限公司 | Data acquisition method and system |
| CN113434901A (en) * | 2021-06-30 | 2021-09-24 | 平安普惠企业管理有限公司 | Intelligent data query method and device, electronic equipment and storage medium |
| CN114706857A (en) * | 2022-04-22 | 2022-07-05 | 北京友友天宇系统技术有限公司 | Unified authentication/authorization method, equipment and storage medium for cross-multi-source heterogeneous storage system |
| CN116662373A (en) * | 2023-07-27 | 2023-08-29 | 天津神舟通用数据技术有限公司 | Data access control method, device, equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110909386A (en) | Unified authorization access method and system for multiple data sources | |
| Sun et al. | SigPID: significant permission identification for android malware detection | |
| EP3275115B1 (en) | Database server and client for query processing on encrypted data | |
| US7661141B2 (en) | Systems and methods that optimize row level database security | |
| US20170053135A1 (en) | Columnar Table Data Protection | |
| US20080104070A1 (en) | Pattern-based filtering of query input | |
| WO2014140941A1 (en) | Secure matching supporting fuzzy data | |
| US10528556B1 (en) | Database methodology for searching encrypted data records | |
| US20120284529A1 (en) | System and method for management of encrypted data | |
| WO2005019974A3 (en) | Secure protection method for access to protected resources in a processor | |
| KR20140048879A (en) | Secure data storage | |
| CN109471697A (en) | The method, apparatus and storage medium that system is called in a kind of monitoring virtual machine | |
| CN101140573B (en) | Method and system for realizing information searching | |
| WO2017087694A1 (en) | Dynamic attributes for searching | |
| CN110895537A (en) | Method and device for freely inquiring authority control | |
| US10049113B2 (en) | File scanning method and apparatus | |
| US10331894B2 (en) | Static program analysis in an object-relational mapping framework | |
| WO2014063595A1 (en) | Incorporating related searches by other users in a social network in a search request | |
| CN111090616A (en) | File management method, corresponding device, equipment and storage medium | |
| Ansong et al. | A comparative study of user data security and privacy in native and cross platform Android mobile banking applications | |
| US9922080B2 (en) | Query plan determination | |
| CN101814080A (en) | Method and device for realizing information search | |
| CN115827589A (en) | Authority verification method and device, electronic equipment and storage medium | |
| CN113282628A (en) | Big data platform access method and device, big data platform and electronic equipment | |
| Stephens et al. | ODM BLAST: Sequence Homology Search in the RDBMS. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200324 |
|
| RJ01 | Rejection of invention patent application after publication |