CN112487450A - File server access grading method - Google Patents
File server access grading method Download PDFInfo
- Publication number
- CN112487450A CN112487450A CN202011378726.0A CN202011378726A CN112487450A CN 112487450 A CN112487450 A CN 112487450A CN 202011378726 A CN202011378726 A CN 202011378726A CN 112487450 A CN112487450 A CN 112487450A
- Authority
- CN
- China
- Prior art keywords
- file
- file server
- appid
- access
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000013475 authorization Methods 0.000 claims abstract description 36
- 150000003839 salts Chemical class 0.000 claims abstract description 33
- 230000003203 everyday effect Effects 0.000 claims description 8
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Power Engineering (AREA)
- Computing Systems (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention provides a file server access grading method, which comprises the following steps: the application app grades the access authority of the file, forms a file access authority table by utilizing the authority grade and the unique identification Fi of the file, when the client requests the file server, judging whether the ip of the client is in an ip white list or a black list, judging whether the file has the access right of the file by using a label checking mode at a level 3 and a level 1, making an access request to a file server, acquiring a request parameter set { MD5es, t, Fi, appId }, obtaining values of appId, Salt and secreteKey in a file access permission table through Fi, comparing MD5 encrypted results with a first target MD5es and a second target MD5fes, obtaining a temporary token through a 0-level system authorization interface by using the APP, caching a k-v pair, receiving a request parameter set { Fi, token } by a file server, comparing cached k-v, and obtaining a 0-level system authorization interface; the embodiment of the invention improves the security of file access.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a file server access grading method.
Background
With the development of the internet, the prevalence of micro service architecture and the continuous improvement of the requirements for user experience, the management of static resources such as files and pictures of a plurality of companies gradually tends to centralized management. The centralized management of the pictures is performed by establishing a file service system, but the centralized management of the files also has the following problem of how to ensure the security of file access.
Summary of the invention
In order to overcome the defects of the prior art, the invention provides a file server access grading method for solving the technical problem of low file access security.
The technical scheme adopted by the invention for solving the technical problems is as follows: a file server access grading method is provided, which comprises the following steps:
s1: the application app grades the access authority of the file, and a file access authority table is formed by utilizing the authority grade and the unique identification Fi of the file;
s2: when a client requests a file server, judging whether the ip of the client is in an ip white list or a black list;
s3: level 3 and level 1 judge whether the file has the access right by using a label checking mode;
s4: constructing a request parameter set { MD5es, t, Fi, appId }, and making an access request for the file server;
s5: the file server obtains a request parameter set { MD5es, t, Fi, appId }, and obtains values of appId, Salt and secretKey in a file access permission table through Fi;
s6: the MD5 encrypts the result and compares the first target MD5es with the second target MD5 fes;
s7: the application app acquires a temporary token through a 0-level system authorization interface and caches k-v pairs;
s8: constructing a request parameter set { Fi, token }, receiving the request parameter set { Fi, token }, and comparing cached k-v by the file server;
s9: a level 0 system authorization interface.
Specifically, by determining whether the ip of the client is in the ip white list or the ip black list, the steps include:
when the ip of the client is in the blacklist, access is denied, and 'file does not exist' is returned;
when the ip of the client is not in the blacklist and is not in the white list, returning that the file does not exist.
Specifically, level 3 and level 1 will use a label check method to determine whether there is an access right to the file, and the steps include:
the file server generates a salt value S at regular time and randomly, and the application app acquires the latest salt value S from the file server at regular time;
when the application app accesses files, calculating a character string Es to be encrypted as appId + k + S + t + Fi, wherein k is a secret key secreteKey, S is a Salt value Salt, t is a current timestamp, and Fi is a file id needing to be accessed.
Preferably, after calculating the string Es to be encrypted as appId + k + S + t + Fi, the step further includes:
the character string to be encrypted is encrypted by the MD5 to obtain a first target character string MD5Es ═ MD5 (Es).
Specifically, the file server obtains a request parameter set { MD5es, t, Fi, appId }, and obtains values of appId, Salt, and secretKey in a file access permission table through Fi, where the steps include:
and the character string FEs to be encrypted is appId + secretKey + Salt + t + Fi, wherein secretKey and Salt are both obtained from the file access permission table, and t is a time stamp and is sent by the application app.
Preferably, after obtaining the string to be encrypted FEs ═ appId + secretKey + Salt + t + Fi, the steps further include:
the MD5 encrypts the character string to be encrypted, and a second target character string MD5FEs is MD5 (FEs).
Specifically, the MD5 encryption result is compared between the first target MD5es and the second target MD5fes, and the steps include:
when the MD5 encryption result is that the first target MD5es and the second target MD5fes are equal, returning a file;
when the MD5 encryption result is that the first target MD5es and the second target MD5fes are not equal, then the hint file does not exist.
Specifically, the file server receives a request parameter set { Fi, token }, and compares cached k-v, and the steps include:
returning the file when the token values are the same;
and when the token values are different, prompting that the file does not exist.
Specifically, the step of the 0-level system authorization interface comprises the following steps:
the 0-level system authorization interface randomly generates a new RAS public key and private key pair pubK and priK every day;
an App is applied to generate an AES algorithm through a time stamp t to generate an AES key;
the method comprises the steps that a character string As to be encrypted is appId + password + t, and then a key is generated by using a first-step AES algorithm to be encrypted to R;
the AES key generated by 1 is encrypted using the public key of the RSA algorithm to obtain rKey RSA (aesKey, pubK).
Preferably, after encrypting the AES key generated by 1 using the public key of the RSA algorithm to obtain rKey RSA (aesKey, pubK), the steps further include:
constructing a request parameter set { appId, rKey, R, t }, and requesting an authorization interface;
after receiving the appId, the authorization interface acquires pub-key and nPassword through an authorization information table, and decrypts the rKey by using the pub-key to obtain an AES key;
carrying out AES decryption on the R by using an AES key to obtain an original character string AS;
background splicing nAs ═ appId + nPassword + t, and comparing with AS;
if the two are the same, authorization is carried out, and if the two are not the same, authorization is not carried out.
The invention has the beneficial effects that: the method comprises the steps that an application app grades access rights of files, a file access right table is formed by using a right level and a unique file identifier Fi, when a client requests a file server, whether the ip of the client is in an ip white list or a black list or not is judged, whether the ip of the client has the access rights of the files or not is judged by using a signature checking mode through the level 3 and the level 1, a request parameter set { MD5es, t, Fi and appId } is constructed, an access request is made to the file server, the file server obtains the request parameter set { MD5es, t, Fi and appId }, values of appId, Salt and secretekey are obtained in the file access right table through Fi, the MD5 encryption result is compared with a first target MD5es and a second target MD5fes, the application app obtains a temporary token through a 0-level system authorization interface, caches k-v pairs, constructs the request parameter set { Fi, token }, the file server receives the request parameter set { Fi, token }, the cached k-v is compared, and the interface is authorized by a 0-level system, so that the security of file access is improved.
Drawings
Fig. 1 is a flowchart illustrating a file server access ranking method.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The following detailed description of specific implementations of the present invention is provided in conjunction with specific embodiments:
the first embodiment is as follows:
fig. 1 shows an implementation flow of a file server access ranking method provided in an embodiment of the present invention, and for convenience of description, only the parts related to the embodiment of the present invention are shown, which are detailed as follows:
in step S101, the application app grades the access authority of the file, and a file access authority table is formed by utilizing the authority grade and the unique identifier Fi of the file;
in step S102, levels 0, 1 and 2 are controlled by IP black and white lists, and when a client requests a file server, the client determines whether the IP of the client is in the IP white list or the black list;
when the ip of the client is in the blacklist, access is denied, and 'file does not exist' is returned;
when the ip of the client is not in the blacklist and is not in the white list, returning that the file does not exist.
In step S103, level 3 and level 1 will use the way of signature verification to determine whether there is access right to the file;
specifically, the file server randomly generates a salt value S every day, and the application app acquires the latest salt value S from the file server every day;
when the application app accesses files, calculating a character string Es to be encrypted as appId + k + S + t + Fi;
where k is the key secretekey, S is the Salt value Salt, t is the current timestamp, and Fi is the file id to be accessed.
The character string to be encrypted is encrypted by the MD5 to obtain a first target character string MD5Es ═ MD5 (Es).
In step S104, a request parameter set { MD5es, t, Fi, appId } is constructed, and an access request is made to the file server;
in step S105, the file server obtains a request parameter set { MD5es, t, Fi, appId }, and obtains values of appId, Salt, and secretKey in the file access permission table through Fi;
and the character string FEs to be encrypted is appId + secretKey + Salt + t + Fi, wherein secretKey and Salt are both obtained from the file access permission table, and t is a time stamp and is sent by the application app.
The MD5 encrypts the character string to be encrypted, and a second target character string MD5FEs is MD5 (FEs).
In step S106, the MD5 encryption results the first target MD5es and the second target MD5fes are compared;
specifically, when the MD5 encryption results that the first target MD5es and the second target MD5fes are equal, the file is returned;
when the MD5 encryption result is that the first target MD5es and the second target MD5fes are not equal, the prompt file does not exist;
in step S107, the application app obtains a temporary token through the level 0 system authorization interface, caches the k-v pair,
in step S108, constructing a request parameter set { Fi, token }, receiving the request parameter set { Fi, token }, and comparing cached k-v by the file server;
returning the file when the token values are the same;
and when the token values are different, prompting that the file does not exist.
In step S109, the level 0 system authorization interface
Specifically, the level 0 system authorization interface randomly generates new RAS public and private key pairs pubK and priK every day
An AES algorithm is generated by applying App through time stamp t to generate an AES key
And generating a key by using a first-step AES algorithm to encrypt the character string As ═ appId + password + t to be encrypted to R
Encrypting the AES key generated by 1 with the public key of RSA algorithm to obtain rKey RSA (aesKey, pubK)
And constructing a request parameter set { appId, rKey, R, t }, and requesting an authorization interface.
And after receiving the appId, the authorization interface acquires pub-key and nPassword through an authorization information table, decrypts the rKey by using the pub-key to obtain an AES key, and then carries out AES decryption on the R by using the AES key to acquire an original character string AS. The background splice nAs appId + nPassword + t is compared with AS, if the same, authorized, and if not, not authorized.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the above embodiments may be implemented by relevant hardware instructed by a program, and the program may be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc.
Example two:
for convenience of description, another specific flow of the file server access ranking method provided in the second embodiment of the present invention is detailed as follows:
s1, the application app grades the access authority of the file, and a file access authority table is formed by utilizing the authority grade and the unique identification Fi of the file;
the table structure is as follows:
if the application apps need to access the 0-level file, the 0-level authorization interface needs to be accessed, and each application app has a corresponding authorization information table;
the watch structure is as follows
And S2, levels 0, 1 and 2 are all controlled by an IP black and white list, and when the client requests the file server, the IP of the client is judged whether to be in the IP white list or the IP black list. If the file is in the blacklist, the access is refused, and the file is returned to be not existed. If not in the blacklist, but not in the whitelist at the same time, the file does not exist. File access is only possible for ip that is not on the black list, but is on the white list.
S3, level 3 and level 1 use the mode of label checking to judge whether the file has the access right.
The file server randomly generates a salt value S every day, and the application app acquires the latest S from the file server every day.
When the application app accesses files, calculating the character string Es to be encrypted as appId + k + S + t + Fi.
Where k is the key secretekey, S is the Salt value Salt, t is the current timestamp, and Fi is the file id to be accessed.
And the character string to be encrypted is encrypted by the MD5 to obtain a character string MD5Es ═ MD5 (Es).
S4, constructing a request parameter set { MD5es, t, Fi, appId }, and making an access request to the file server.
S5, after obtaining the request parameter set { MD5es, t, Fi, appId }, the file server obtains values of appId, Salt and secretKey in the file access permission table through Fi, and then calculates according to the process of S3:
and the character string FEs to be encrypted is appId + secretKey + Salt + t + Fi, wherein secretKey and Salt are both obtained from the file access permission table, and t is a timestamp and is sent by the application app.
The character string to be encrypted is encrypted by MD5, and the character string MD5FEs is MD5 (FEs).
S6, comparing the MD5 encryption results MD5es and MD5fes of S3 and S5, if the results are equal, returning the file, and if the results are not equal, prompting that the file does not exist.
S7, for the level 0, a two-stage access mode is adopted, the application app obtains a temporary token through a level 0 system authorization interface, produces a k-v pair to be stored in a cache, the effective time is 1 minute, then a request parameter set { Fi, token } is constructed, after the file server receives the request, the cached k-v pair is compared, if the tokens are the same, the file is returned, and otherwise, the file is prompted to be absent.
S8, procedure of the 0-level system authorization interface:
the level 0 system authorization interface randomly generates new RAS public key and private key pairs pubK and priK every day
An AES algorithm is generated by applying App through time stamp t to generate an AES key
And generating a key by using a first-step AES algorithm to encrypt the character string As ═ appId + password + t to be encrypted to R
Encrypting the AES key generated by 1 with the public key of RSA algorithm to obtain rKey RSA (aesKey, pubK)
And constructing a request parameter set { appId, rKey, R, t }, and requesting an authorization interface.
After receiving the appId, the authorization interface acquires pub-key and nPassword through an authorization information table, decrypts the rKey by using pub-key to obtain an AES key, and then carries out AES decryption on R by taking the AES key to acquire an original character string AS. The background splice nAs appId + nPassword + t is compared with AS, if the same, authorization is given, and if not, no authorization is given.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the embodiments described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation.
Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention. The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A file server access ranking method is characterized by comprising the following steps:
s1: the application app grades the access authority of the file, and a file access authority table is formed by utilizing the authority grade and the unique identification Fi of the file;
s2: when a client requests a file server, judging whether the ip of the client is in an ip white list or a black list;
s3: level 3 and level 1 judge whether the file has the access right by using a label checking mode;
s4: constructing a request parameter set { MD5es, t, Fi, appId }, and making an access request for the file server;
s5: the file server obtains a request parameter set { MD5es, t, Fi, appId }, and obtains values of appId, Salt and secretKey in a file access permission table through Fi;
s6: the MD5 encrypts the result and compares the first target MD5es with the second target MD5 fes;
s7: the application app acquires a temporary token through a 0-level system authorization interface and caches k-v pairs;
s8: constructing a request parameter set { Fi, token }, receiving the request parameter set { Fi, token }, and comparing cached k-v by the file server;
s9: a level 0 system authorization interface.
2. The method of claim 1, wherein the step of determining whether the ip of the client is in an ip white list or a black list comprises:
when the ip of the client is in the blacklist, access is denied, and 'file does not exist' is returned;
when the ip of the client is not in the blacklist and is not in the white list, returning that the file does not exist.
3. The file server access classification method according to claim 2, wherein level 3 and level 1 use a signature check to determine whether the file has access right, and the method comprises the following steps:
the file server generates a salt value S at regular time and randomly, and the application app acquires the latest salt value S from the file server at regular time;
when the application app accesses files, calculating a character string Es to be encrypted as appId + k + S + t + Fi, wherein k is a secret key secreteKey, S is a Salt value Salt, t is a current timestamp, and Fi is a file id needing to be accessed.
4. The file server access ranking method according to claim 3, wherein after calculating the string Es to be encrypted as appId + k + S + t + Fi, the steps further include:
the character string to be encrypted is encrypted by the MD5 to obtain a first target character string MD5Es ═ MD5 (Es).
5. The file server access classification method according to claim 4, wherein the file server obtains the request parameter set { MD5es, t, Fi, appId }, and obtains values of appId, Salt, and secretKey in the file access permission table through Fi, and the steps include:
and the character string FEs to be encrypted is appId + secretKey + Salt + t + Fi, wherein secretKey and Salt are both obtained from the file access permission table, and t is a time stamp and is sent by the application app.
6. The file server access ranking method of claim 5, wherein after obtaining the string to be encrypted, FEs ═ appId + secretKey + Salt + t + Fi, the steps further comprise:
the MD5 encrypts the character string to be encrypted, and a second target character string MD5FEs is MD5 (FEs).
7. The file server access ranking method of claim 6 wherein the MD5 encryption results in a comparison of a first target MD5es and a second target MD5fes, said steps comprising:
when the MD5 encryption result is that the first target MD5es and the second target MD5fes are equal, returning a file;
when the MD5 encryption result is that the first target MD5es and the second target MD5fes are not equal, then the hint file does not exist.
8. The file server access ranking method of claim 7 wherein the file server receives the request parameter set { Fi, token }, and compares the cached k-v, the steps comprising:
returning the file when the token values are the same;
and when the token values are different, prompting that the file does not exist.
9. The file server access ranking method of claim 8 wherein a level 0 system authorizes an interface, the steps comprising:
the 0-level system authorization interface randomly generates a new RAS public key and private key pair pubK and priK every day;
an App is applied to generate an AES algorithm through a time stamp t to generate an AES key;
the method comprises the steps that a character string As to be encrypted is appId + password + t, and then a key is generated by using a first-step AES algorithm to be encrypted to R;
the AES key generated by 1 is encrypted using the public key of the RSA algorithm to obtain rKey RSA (aesKey, pubK).
10. The file server access ranking method according to claim 9, wherein after encrypting AES key generated by 1 with public key of RSA algorithm to obtain rKey RSA (aesKey, pubK), the steps further include:
constructing a request parameter set { appId, rKey, R, t }, and requesting an authorization interface;
after receiving the appId, the authorization interface acquires pub-key and nPassword through an authorization information table, and decrypts the rKey by using the pub-key to obtain an AES key;
carrying out AES decryption on the R by using an AES key to obtain an original character string AS;
background splicing nAs ═ appId + nPassword + t, and comparing with AS;
if the two are the same, authorization is carried out, and if the two are not the same, authorization is not carried out.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011378726.0A CN112487450A (en) | 2020-11-30 | 2020-11-30 | File server access grading method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011378726.0A CN112487450A (en) | 2020-11-30 | 2020-11-30 | File server access grading method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112487450A true CN112487450A (en) | 2021-03-12 |
Family
ID=74937828
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011378726.0A Pending CN112487450A (en) | 2020-11-30 | 2020-11-30 | File server access grading method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112487450A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113051611A (en) * | 2021-03-15 | 2021-06-29 | 上海商汤智能科技有限公司 | Authority control method of online file and related product |
| CN113806777A (en) * | 2021-09-18 | 2021-12-17 | 深圳须弥云图空间科技有限公司 | File access realization method and device, storage medium and electronic equipment |
| CN114257583A (en) * | 2021-12-22 | 2022-03-29 | 贵州东彩供应链科技有限公司 | Safe downloading method for solving JWT authorization |
| CN114611137A (en) * | 2022-03-01 | 2022-06-10 | 北京航星永志科技有限公司 | Data access method, data access device and electronic equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582275A (en) * | 2008-05-16 | 2009-11-18 | 索尼株式会社 | Information processing apparatus, information recording medium, information processing method, and information processing program |
| CN107463838A (en) * | 2017-08-14 | 2017-12-12 | 广州大学 | Method for safety monitoring, device, system and storage medium based on SGX |
| CN111541547A (en) * | 2020-04-24 | 2020-08-14 | 上海简苏网络科技有限公司 | Federation chain architecture providing multi-tier data privacy |
-
2020
- 2020-11-30 CN CN202011378726.0A patent/CN112487450A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582275A (en) * | 2008-05-16 | 2009-11-18 | 索尼株式会社 | Information processing apparatus, information recording medium, information processing method, and information processing program |
| CN107463838A (en) * | 2017-08-14 | 2017-12-12 | 广州大学 | Method for safety monitoring, device, system and storage medium based on SGX |
| CN111541547A (en) * | 2020-04-24 | 2020-08-14 | 上海简苏网络科技有限公司 | Federation chain architecture providing multi-tier data privacy |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113051611A (en) * | 2021-03-15 | 2021-06-29 | 上海商汤智能科技有限公司 | Authority control method of online file and related product |
| CN113051611B (en) * | 2021-03-15 | 2022-04-29 | 上海商汤智能科技有限公司 | Authority control method of online file and related product |
| CN113806777A (en) * | 2021-09-18 | 2021-12-17 | 深圳须弥云图空间科技有限公司 | File access realization method and device, storage medium and electronic equipment |
| CN114257583A (en) * | 2021-12-22 | 2022-03-29 | 贵州东彩供应链科技有限公司 | Safe downloading method for solving JWT authorization |
| CN114611137A (en) * | 2022-03-01 | 2022-06-10 | 北京航星永志科技有限公司 | Data access method, data access device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109787988B (en) | Identity strengthening authentication and authorization method and device | |
| US8196186B2 (en) | Security architecture for peer-to-peer storage system | |
| JP6810334B2 (en) | Profile data distribution control device, profile data distribution control method, and profile data distribution control program | |
| CN108123795B (en) | Quantum key chip issuing method, application method, issuing platform and system | |
| CN112487450A (en) | File server access grading method | |
| CN106559408B (en) | SDN authentication method based on trust management | |
| CN111708991A (en) | Service authorization method, service authorization device, computer equipment and storage medium | |
| CN112187724B (en) | Access control method, device, gateway, client and security token service | |
| US20150271158A1 (en) | Rule-based Validity of Cryptographic Key Material | |
| US20180324158A1 (en) | Assuring external accessibility for devices on a network | |
| CN105103119A (en) | Data security service | |
| US20150271144A1 (en) | Rule-based Validity of Cryptographic Key Material | |
| US8977857B1 (en) | System and method for granting access to protected information on a remote server | |
| US11943345B2 (en) | Key management method and related device | |
| US11757877B1 (en) | Decentralized application authentication | |
| US20220417241A1 (en) | Methods, Systems, and Devices for Server Control of Client Authorization Proof of Possession | |
| CN112800392A (en) | Authorization method and device based on soft certificate and storage medium | |
| CN106992978B (en) | Network security management method and server | |
| CN108667800B (en) | Access authority authentication method and device | |
| CN111399980A (en) | Safety authentication method, device and system for container organizer | |
| CN113792345A (en) | Data access control method and device | |
| JPH05298174A (en) | Remote file access system | |
| CN110807210B (en) | Information processing method, platform, system and computer storage medium | |
| WO2022144024A1 (en) | Attribute-based encryption keys as key material for key-hash message authentication code user authentication and authorization | |
| CN116170164A (en) | Method, device, electronic equipment and storage medium for requesting scheduling |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |