CN114896634A - Data authority control method and system of enterprise report platform - Google Patents
Data authority control method and system of enterprise report platform Download PDFInfo
- Publication number
- CN114896634A CN114896634A CN202210831901.XA CN202210831901A CN114896634A CN 114896634 A CN114896634 A CN 114896634A CN 202210831901 A CN202210831901 A CN 202210831901A CN 114896634 A CN114896634 A CN 114896634A
- Authority
- CN
- China
- Prior art keywords
- user
- information
- authority
- enterprise
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Social Psychology (AREA)
- Bioethics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to the technical field of authority management, and particularly discloses a data authority control method and a data authority control system for an enterprise report platform, wherein the method comprises the steps of receiving a registration request sent by a user and generating filing information; receiving an access request input by a user, generating a verification problem according to the filing information, and determining the reference authority of the user based on the verification problem; receiving an interactive instruction input by a user, acquiring the requirement authority of the interactive instruction, comparing the requirement authority with the reference authority, and executing an interactive action according to a comparison result; and recording the operation information of the user in real time, and correcting the reference authority in real time according to the operation information. The invention generates the verification problem according to the record information of the enterprise, carries out authority verification on the user through the verification problem, acquires the operation habit of the user in real time on the basis, and adjusts the authority of the user according to the operation habit.
Description
Technical Field
The invention relates to the technical field of authority management, in particular to a data authority control method and a data authority control system of an enterprise report platform.
Background
The enterprise report is very important for a company, and the manufacturing process of the enterprise report needs extremely strong professional knowledge and is relatively complicated; for a large company, a team can be specially constructed to complete the production of enterprise reports, a server can be constructed, and the safety is very high.
However, most of the authority verification processes of the existing enterprise report service platforms adopt a traditional account number-password type verification mode, and the mode has enough safety for some apps, but has slightly insufficient safety for important data such as enterprise reports.
Disclosure of Invention
The invention aims to provide a data authority control method and a data authority control system of an enterprise report platform, which aim to solve the problems in the background technology.
In order to achieve the purpose, the invention provides the following technical scheme:
a data authority control method of an enterprise report platform comprises the following steps:
receiving a registration request containing an enterprise file sent by a user, and generating filing information according to the enterprise file;
receiving an access request input by a user, generating a verification problem according to the filing information, and determining the reference authority of the user based on the verification problem;
receiving an interactive instruction input by a user, acquiring the requirement authority of the interactive instruction, comparing the requirement authority with the reference authority, and executing an interactive action according to a comparison result; the interactive instruction at least comprises a downloading instruction;
and recording the operation information of the user in real time, and correcting the reference authority in real time according to the operation information.
As a further scheme of the invention: the step of receiving a registration request containing an enterprise file sent by a user and generating filing information according to the enterprise file comprises the following steps:
receiving a registration request containing an enterprise tag sent by a user, and sending a preset enterprise information acquisition template to the user; the enterprise information acquisition template comprises an area mark;
acquiring an enterprise file based on the enterprise information acquisition template, and identifying the content of a corresponding area in the enterprise file based on the area mark to obtain primary screening information;
and sending the primary screening information to a user, receiving feedback information of the user, and correcting the primary screening information according to the feedback information to obtain record information.
As a further scheme of the invention: the step of receiving an access request input by a user, generating a verification problem according to the filing information, and determining the reference authority of the user based on the verification problem comprises the following steps:
receiving an access request input by a user, and acquiring the access time of the user;
calculating the relative position of the access time in a time period, and extracting corresponding content from the record information according to the relative position to obtain a question stem; wherein the relative position is a percentage;
randomly replacing the content of a preset proportion in the question stem according to a preset information frame to obtain a verification problem;
and sending the verification problem to a user, receiving feedback content of the user, calculating the coincidence rate of the feedback content and the question stem, and determining the reference authority of the user according to the coincidence rate.
As a further scheme of the invention: the steps of receiving an interactive instruction input by a user, acquiring the requirement authority of the interactive instruction, comparing the requirement authority with the reference authority, and executing interactive action according to the comparison result comprise:
receiving an interactive instruction input by a user, and inquiring the required authority of the downloading instruction in a preset authority library when the interactive instruction is the downloading instruction;
comparing the reference authority with the required authority, and positioning downloaded content in a preset data storage library according to a downloading instruction when the reference authority reaches the required authority;
converting the downloaded content into text data, extracting a characteristic segment in the text data, generating an encryption key according to the characteristic segment and encrypting the downloaded content;
and sending the encrypted download content to the user.
As a further scheme of the invention: the steps of converting the downloaded content into text data, extracting a characteristic segment in the text data, generating an encryption key according to the characteristic segment and encrypting the downloaded content include:
converting the downloaded content into text data, and calculating the data volume of the text data;
reading the access time of a user, inputting the access time into a trained frequency determination model to obtain a sampling frequency, and determining a reading node containing a mark number according to the sampling frequency and the data volume;
intercepting a text to be detected in the text data by taking the reading node as an endpoint; the label of the text to be detected is the same as that of the corresponding reading node;
acquiring keywords in a text to be detected, and generating a keyword group with a label to be detected as an index as a characteristic segment;
and inputting the characteristic segment into a trained transcoding model to obtain an encryption key and encrypting the downloaded content.
As a further scheme of the invention: the step of recording the operation information of the user in real time and correcting the reference authority in real time according to the operation information comprises the following steps:
recording operation information of a user in real time, traversing a preset reference operation table according to the operation information, and generating an operation characteristic table of the user according to a traversal result;
reading historical operation data of a user, and calculating an abnormal value of the operation characteristic table according to the historical operation data; the historical operation data is a set of all operation characteristic tables of the user in a preset time range;
and correcting the reference authority in real time according to the abnormal value.
As a further scheme of the invention: the step of recording the operation information of the user in real time, traversing a preset reference operation table according to the operation information, and generating an operation characteristic table of the user according to the traversal result comprises the following steps:
recording the operation type containing time information of a user in real time;
judging whether the operation type is a reference operation or not based on a preset reference operation table, and generating a user operation table within a preset time range according to the operation type containing time information when the operation type is the reference operation;
calculating the repeated characteristics of each operation type and the sequence characteristics of the operation types according to the user operation table; wherein the repetitive features are digital signal images, and the independent variable in the digital signal images is time information; the order feature is an array whose index is an order determined by time information and whose value is a value determined by the type of operation.
The technical scheme of the invention also provides a data authority control system of an enterprise report platform, which is used for realizing the data authority control method of the enterprise report platform, and the system comprises the following steps:
the system comprises a filing information generation module, a file registration module and a file registration module, wherein the filing information generation module is used for receiving a registration request containing enterprise files sent by a user and generating filing information according to the enterprise files;
the authority determining module is used for receiving an access request input by a user, generating a verification problem according to the filing information, and determining the reference authority of the user based on the verification problem;
the interaction module is used for receiving an interaction instruction input by a user, acquiring the requirement authority of the interaction instruction, comparing the requirement authority with the reference authority, and executing an interaction action according to a comparison result; the interactive instruction at least comprises a downloading instruction;
and the permission correction module is used for recording the operation information of the user in real time and correcting the reference permission in real time according to the operation information.
As a further scheme of the invention: the filing information generation module comprises:
the template sending unit is used for receiving a registration request containing an enterprise tag sent by a user and sending a preset enterprise information acquisition template to the user; the enterprise information acquisition template comprises an area mark;
the template application unit is used for acquiring an enterprise file based on the enterprise information acquisition template, and identifying the content of a corresponding area in the enterprise file based on the area mark to obtain primary screening information;
and the interactive processing unit is used for sending the primary screening information to a user, receiving feedback information of the user, and correcting the primary screening information according to the feedback information to obtain the record information.
As a further scheme of the invention: the permission determination module includes:
the time acquisition unit is used for receiving an access request input by a user and acquiring the access time of the user;
the question stem generating unit is used for calculating the relative position of the access time in a time period, and extracting corresponding content from the record information according to the relative position to obtain a question stem; wherein the relative position is a percentage;
the data replacement unit is used for randomly replacing the content of a preset proportion in the question stem according to a preset information frame to obtain a verification problem;
and the feedback determining unit is used for sending the verification problem to a user, receiving feedback content of the user, calculating the coincidence rate of the feedback content and the question stem, and determining the reference authority of the user according to the coincidence rate.
Compared with the prior art, the invention has the beneficial effects that: the invention generates the verification problem according to the record information of the enterprise, carries out authority verification on the user through the verification problem, acquires the operation habit of the user in real time on the basis, and adjusts the authority of the user according to the operation habit.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention.
FIG. 1 is a flowchart of a data authority control method of an enterprise reporting platform.
Fig. 2 is a first sub-flow block diagram of a data authority control method of an enterprise reporting platform.
Fig. 3 is a second sub-flow block diagram of the data authority control method of the enterprise reporting platform.
Fig. 4 is a third sub-flow block diagram of a data authority control method of an enterprise reporting platform.
FIG. 5 is a fourth sub-flow diagram of a data authority control method of an enterprise reporting platform.
FIG. 6 is a block diagram of the structure of the data authority control system of the enterprise reporting platform.
Fig. 7 is a block diagram of a structure of a record information generation module in the data authority control system of the enterprise report platform.
Fig. 8 is a block diagram of a structure of an authority determination module in the data authority control system of the enterprise report platform.
Detailed Description
In order to make the technical problems, technical solutions and advantageous effects to be solved by the present invention more clearly apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Example 1
Fig. 1 is a flowchart of a data authority control method of an enterprise reporting platform, in an embodiment of the present invention, the data authority control method of the enterprise reporting platform includes steps S100 to S400:
step S100: receiving a registration request containing an enterprise file sent by a user, and generating filing information according to the enterprise file;
step S100 is a registration process, wherein the registration process needs to be recorded, and when an access request input by a user is received, authority verification is carried out on the user according to recorded information; the user refers to an enterprise worker;
step S200: receiving an access request input by a user, generating a verification problem according to the filing information, and determining the reference authority of the user based on the verification problem;
the technical scheme of the invention is different from the traditional scheme in that the authority verification process is not a traditional account number-password type verification mode, but a problem is generated randomly according to the record information, and the problem is simpler for enterprise staff and more difficult for other people; for example, the generated verification problem may be how many people a certain department has entered into work in a certain month, and the problem can be solved by a telephone for business staff, but can be obtained by some illegal method for external staff.
Step S300: receiving an interactive instruction input by a user, acquiring the requirement authority of the interactive instruction, comparing the requirement authority with the reference authority, and executing an interactive action according to a comparison result; the interactive instruction at least comprises a downloading instruction;
the interactive instructions of the user cover the report making process, such as the operations of inputting, deleting, replacing or adjusting; the technical scheme of the invention aims to improve the safety of the operation process, and does not limit the specific generation process of the enterprise report, and the generation process of the enterprise report is independently determined by workers and cannot be limited; the authority required by different operations is different, wherein the downloading instruction is a special instruction which represents that the staff wants to acquire the enterprise information, and therefore, the requirement authority is higher.
Step S400: recording the operation information of a user in real time, and correcting the reference authority in real time according to the operation information;
step S400 is an innovative point of the technical scheme of the invention, the permission judgment process of the user is in the whole process, the user does not simply pass the verification, the user can take great advantage of everything, the operation information is counted and identified, whether the habit of the worker changes or not can be judged, and if the habit changes greatly, the system considers that the user is operated by a new person, and the reference permission of the user can be correspondingly adjusted downwards.
It is worth mentioning that if the staff in the enterprise is adjusted, for example, the old staff leaves the office and changes the new staff, the enterprise manager can format the database storing the operation information, and as the new staff operates more and more, the system will restore the operation information of the new staff and determine the operation habit of the new staff.
Fig. 2 is a first sub-flow block diagram of a data authority control method of an enterprise reporting platform, where the step of receiving a registration request containing an enterprise file sent by a user and generating filing information according to the enterprise file includes steps S101 to S103:
step S101: receiving a registration request containing an enterprise tag sent by a user, and sending a preset enterprise information acquisition template to the user; the enterprise information acquisition template comprises an area mark;
step S102: acquiring an enterprise file based on the enterprise information acquisition template, and identifying the content of a corresponding area in the enterprise file based on the area mark to obtain primary screening information;
step S103: and sending the primary screening information to a user, receiving feedback information of the user, and correcting the primary screening information according to the feedback information to obtain record information.
Step S101 to step S103 describe the generation process of the filing information specifically, the principle is very simple, that is, the enterprise information is counted according to a preset template, for example, an enterprise name is filled in a certain cell, an enterprise number is filled in a certain cell, and the like, which is a relatively conventional data interaction technology; the area marks represent what type of data needs to be acquired in each cell; some simple identification of the obtained business documents, for example, if the user fills in a section in the number of business persons column, is obviously problematic, and therefore, further interaction with the user is required to perform data modification.
Fig. 3 is a second sub-flow block diagram of the data authority control method of the enterprise reporting platform, where the receiving of the access request input by the user and the generation of the verification problem according to the filing information are described, and the step of determining the reference authority of the user based on the verification problem includes steps S201 to S204:
step S201: receiving an access request input by a user, and acquiring the access time of the user;
step S202: calculating the relative position of the access time in a time period, and extracting corresponding content from the record information according to the relative position to obtain a question stem; wherein the relative position is a percentage;
step S203: randomly replacing the content of a preset proportion in the question stem according to a preset information frame to obtain a verification problem;
step S204: and sending the verification problem to a user, receiving feedback content of the user, calculating the coincidence rate of the feedback content and the question stem, and determining the reference authority of the user according to the coincidence rate.
Step S201 to step S204 describe specifically the generation process of the verification problem, first, the access time of the user is obtained, and the access time is an important parameter in the technical solution of the present invention; the access time is an access time in a time period, for example, the time period is one day, and the access time may be 15 minutes to 15 minutes, or may be specifically a second; then, calculating the proportion of 15 points 15 in one day, and taking 0 point as the starting time; according to the proportion, some contents can be positioned and extracted in the recorded information, and the contents are the question stems of the generated verification problems; finally, a verification problem can be obtained by hiding the contents in the question stem.
It should be noted that the ratio of hidden contents in the question stem needs to be within a certain range, if the ratio is too low, the security will be reduced, and if the ratio is too high, the difficulty will be too high; this percentage is typically around 10%. In addition, in the process of answering the questions by the user, the user does not need to have a full pair, and the full pair only represents that the user has the highest reference authority.
Fig. 4 is a third sub-flow block diagram of the data authority control method of the enterprise report platform, where the steps of receiving an interactive instruction input by a user, obtaining a requirement authority of the interactive instruction, comparing the requirement authority with the reference authority, and executing an interactive action according to a comparison result include steps S301 to S304:
step S301: receiving an interactive instruction input by a user, and inquiring the required authority of the downloading instruction in a preset authority library when the interactive instruction is the downloading instruction;
step S302: comparing the reference authority with the required authority, and positioning downloaded content in a preset data storage library according to a downloading instruction when the reference authority reaches the required authority;
step S303: converting the downloaded content into text data, extracting a characteristic segment in the text data, generating an encryption key according to the characteristic segment and encrypting the downloaded content;
step S304: and sending the encrypted download content to the user.
The above-mentioned content specifically describes the downloading process, the required authority of the downloading instruction is relatively high, if the user reference authority is sufficient, the downloading process can be performed, and in the downloading process, the downloaded content needs to be further encrypted.
Specifically, the steps of converting the downloaded content into text data, extracting a feature segment from the text data, generating an encryption key according to the feature segment, and encrypting the downloaded content include:
converting the downloaded content into text data, and calculating the data volume of the text data;
reading the access time of a user, inputting the access time into a trained frequency determination model to obtain a sampling frequency, and determining a reading node containing a mark number according to the sampling frequency and the data volume;
intercepting a text to be detected in the text data by taking the reading node as an endpoint; the label of the text to be detected is the same as that of the corresponding reading node;
acquiring keywords in a text to be detected, and generating a keyword group with a label to be detected as an index as a characteristic segment;
and inputting the characteristic segment into a trained transcoding model to obtain an encryption key and encrypting the downloaded content.
The above-mentioned content specifically describes the encryption process of the downloaded content, wherein the downloaded content is a completed enterprise report, which is table data, and the table data needs to be converted into text data before processing;
the method for encrypting the text data is to generate an encryption key, the encryption key is essentially related to the access time, a sampling frequency is determined according to the access time, then the text data is intercepted according to the sampling frequency, the intercepted text data is further extracted, the extracted content is connected, a characteristic segment can be obtained, and the encryption key can be obtained from the characteristic segment. The access time is data that the user can also obtain, and the user can also obtain an encryption key according to the access time to decrypt the encrypted download content.
It should be noted that the frequency determination model, the interception mode of the text to be detected, and the keyword extraction process can refer to the prior art, and there are many related contents in the prior art.
Fig. 5 is a fourth sub-flow block diagram of the data authority control method of the enterprise report platform, where the step of recording the operation information of the user in real time and correcting the reference authority in real time according to the operation information includes steps S401 to S403:
step S401: recording operation information of a user in real time, traversing a preset reference operation table according to the operation information, and generating an operation characteristic table of the user according to a traversal result;
step S402: reading historical operation data of a user, and calculating an abnormal value of the operation characteristic table according to the historical operation data; the historical operation data is a set of all operation characteristic tables of the user within a preset time range;
step S403: and correcting the reference authority in real time according to the abnormal value.
Step S401 to step S403 specifically describe the correction process of the reference authority, and the process is very simple, that is, the operation information of the user is obtained, the operation features are extracted, the operation features are recorded, and the historical operation data can be obtained; when a new operation characteristic is received, simple comparison is carried out, and whether the habit of the user changes or not can be judged. In colloquial terms, the operating characteristics represent the habits of the user.
It can be seen that the core of the above is an extraction process of operation features, specifically, the step of recording operation information of a user in real time, traversing a preset reference operation table according to the operation information, and generating an operation feature table of the user according to a traversal result includes:
recording the operation type containing time information of a user in real time;
judging whether the operation type is a reference operation or not based on a preset reference operation table, and generating a user operation table within a preset time range according to the operation type containing time information when the operation type is the reference operation;
calculating the repeated characteristics of each operation type and the sequence characteristics of the operation types according to the user operation table; wherein the repetitive features are digital signal images, and the independent variable in the digital signal images is time information; the order feature is an array whose index is an order determined by time information and whose value is a value determined by the type of operation.
The above provides a specific operation feature extraction scheme, which defines operation features as repetitive features and sequence features; for example, the user's operation is a copy, paste, and input that is repeated over a period of time, and in the process, some undo operations occur occasionally, which all belong to the reference operation; at this time, the obtained user operation table is:
TABLE 1 user action Table example
| Type of operation | Time of operation |
| Replication | 13:15:23 |
| Sticking | 13:15:27 |
| Input device | 13:15:32 |
| Revocation | 13:15:35 |
| …… | …… |
Counting the operation time of all the copying operations in the user operation table to obtain a digital signal image (a square wave image, and an operation is recorded as a high level), wherein the digital signal image is a repetitive characteristic; and assigning the copy operation to be 1, the paste operation to be 2, the input operation to be 3 and the undo operation to be 4, and then generating an array according to the operation type items in the user operation table, wherein subscripts of the array are sequences and values are assignment conditions corresponding to the operations.
The two operation characteristics can reflect the operation habits of the user; and recording the operation characteristics, performing simple comparison when new operation characteristics of the user are obtained, calculating the coincidence rate, and adjusting (mainly adjusting downwards) the reference authority according to the coincidence rate.
Example 2
Fig. 6 is a block diagram of a structure of a data authority control system of an enterprise reporting platform, in an embodiment of the present invention, the data authority control system of the enterprise reporting platform includes:
a filing information generating module 11, configured to receive a registration request containing an enterprise file sent by a user, and generate filing information according to the enterprise file;
the authority determining module 12 is configured to receive an access request input by a user, generate a verification problem according to the filing information, and determine a reference authority of the user based on the verification problem;
the interaction module 13 is configured to receive an interaction instruction input by a user, acquire a requirement permission of the interaction instruction, compare the requirement permission with the reference permission, and execute an interaction action according to a comparison result; the interactive instruction at least comprises a downloading instruction;
and the authority correction module 14 is used for recording the operation information of the user in real time and correcting the reference authority in real time according to the operation information.
Fig. 7 is a block diagram of a structure of a record information generating module 11 in a data authority control system of an enterprise report platform, where the record information generating module 11 includes:
the template sending unit 111 is configured to receive a registration request containing an enterprise tag sent by a user, and send a preset enterprise information acquisition template to the user; the enterprise information acquisition template comprises an area mark;
the template application unit 112 is configured to obtain an enterprise file based on the enterprise information obtaining template, and perform content identification on a corresponding area in the enterprise file based on the area tag to obtain preliminary screening information;
and the interaction processing unit 113 is configured to send the preliminary screening information to a user, receive feedback information of the user, and correct the preliminary screening information according to the feedback information to obtain docketing information.
Fig. 8 is a block diagram illustrating a structure of a permission determination module 12 in a data permission control system of an enterprise reporting platform, where the permission determination module includes:
a time obtaining unit 121, configured to receive an access request input by a user, and obtain an access time of the user;
the stem generation unit 122 is configured to calculate a relative position of the access time in a time period, and extract corresponding content from the record information according to the relative position to obtain a stem; wherein the relative position is a percentage;
the data replacement unit 123 is configured to randomly replace the content of the preset proportion in the question stem according to a preset information frame, so as to obtain a verification problem;
and the feedback determining unit 124 is configured to send the verification problem to the user, receive feedback content of the user, calculate a coincidence rate of the feedback content and the question stem, and determine a reference right of the user according to the coincidence rate.
The functions which can be realized by the data authority control method of the enterprise report platform are all completed by computer equipment, the computer equipment comprises one or more processors and one or more memories, at least one program code is stored in the one or more memories, and the program code is loaded and executed by the one or more processors to realize the functions of the data authority control method of the enterprise report platform.
The processor fetches instructions and analyzes the instructions one by one from the memory, then completes corresponding operations according to the instruction requirements, generates a series of control commands, enables all parts of the computer to automatically, continuously and coordinately act to form an organic whole, realizes the input of programs, the input of data, the operation and the output of results, and the arithmetic operation or the logic operation generated in the process is completed by the arithmetic unit; the Memory comprises a Read-Only Memory (ROM) for storing a computer program, and a protection device is arranged outside the Memory.
Illustratively, a computer program can be partitioned into one or more modules, which are stored in memory and executed by a processor to implement the present invention. One or more of the modules may be a series of computer program instruction segments capable of performing certain functions, the instruction segments being used to describe the execution of the computer program in the terminal device.
It will be appreciated by those skilled in the art that the above description of the serving device is merely an example and does not constitute a limitation of the terminal device, and may include more or less components than those described above, or some of the components may be combined, or different components may include, for example, input output devices, network access devices, buses, etc.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. The general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like, which is the control center of the terminal equipment and connects the various parts of the entire user terminal using various interfaces and lines.
The memory may be used to store computer programs and/or modules, and the processor may implement various functions of the terminal device by operating or executing the computer programs and/or modules stored in the memory and calling data stored in the memory. The memory mainly comprises a storage program area and a storage data area, wherein the storage program area can store an operating system, application programs (such as an information acquisition template display function, a product information publishing function and the like) required by at least one function and the like; the storage data area may store data created according to the use of the berth-state display system (e.g., product information acquisition templates corresponding to different product types, product information that needs to be issued by different product providers, etc.), and the like. In addition, the memory may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.
The terminal device integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the modules/units in the system according to the above embodiment may be implemented by a computer program, which may be stored in a computer-readable storage medium and used by a processor to implement the functions of the embodiments of the system. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying computer program code, recording medium, U.S. disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution media, and the like.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. A data authority control method of an enterprise report platform is characterized by comprising the following steps:
receiving a registration request containing an enterprise file sent by a user, and generating filing information according to the enterprise file;
receiving an access request input by a user, generating a verification problem according to the filing information, and determining the reference authority of the user based on the verification problem;
receiving an interactive instruction input by a user, acquiring the requirement authority of the interactive instruction, comparing the requirement authority with the reference authority, and executing an interactive action according to a comparison result; the interactive instruction at least comprises a downloading instruction;
and recording the operation information of the user in real time, and correcting the reference authority in real time according to the operation information.
2. The method for controlling data authority of an enterprise reporting platform according to claim 1, wherein the step of receiving a registration request containing an enterprise file sent by a user and generating filing information according to the enterprise file comprises:
receiving a registration request containing an enterprise tag sent by a user, and sending a preset enterprise information acquisition template to the user; the enterprise information acquisition template comprises an area mark;
acquiring an enterprise file based on the enterprise information acquisition template, and identifying the content of a corresponding area in the enterprise file based on the area mark to obtain primary screening information;
and sending the primary screening information to a user, receiving feedback information of the user, and correcting the primary screening information according to the feedback information to obtain record information.
3. The method for controlling data authority of an enterprise reporting platform according to claim 1, wherein the step of receiving an access request input by a user, generating a verification problem according to the docketing information, and determining the reference authority of the user based on the verification problem comprises:
receiving an access request input by a user, and acquiring the access time of the user;
calculating the relative position of the access time in a time period, and extracting corresponding content from the record information according to the relative position to obtain a question stem; wherein the relative position is a percentage;
randomly replacing the content of a preset proportion in the question stem according to a preset information frame to obtain a verification problem;
and sending the verification problem to a user, receiving feedback content of the user, calculating the coincidence rate of the feedback content and the question stem, and determining the reference authority of the user according to the coincidence rate.
4. The data authority control method of the enterprise reporting platform as claimed in claim 3, wherein the step of receiving the interactive instruction input by the user, obtaining the requirement authority of the interactive instruction, comparing the requirement authority with the reference authority, and executing the interactive action according to the comparison result comprises:
receiving an interactive instruction input by a user, and inquiring the required authority of the downloading instruction in a preset authority library when the interactive instruction is the downloading instruction;
comparing the reference authority with the required authority, and positioning downloaded content in a preset data storage library according to a downloading instruction when the reference authority reaches the required authority;
converting the downloaded content into text data, extracting a characteristic segment in the text data, generating an encryption key according to the characteristic segment and encrypting the downloaded content;
and sending the encrypted download content to the user.
5. The method for controlling data permissions of an enterprise reporting platform of claim 4, wherein the steps of converting the downloaded content into text data, extracting a feature segment in the text data, generating an encryption key according to the feature segment and encrypting the downloaded content comprise:
converting the downloaded content into text data, and calculating the data volume of the text data;
reading the access time of a user, inputting the access time into a trained frequency determination model to obtain a sampling frequency, and determining a reading node containing a mark number according to the sampling frequency and the data volume;
intercepting a text to be detected in the text data by taking the reading node as an endpoint; the label of the text to be detected is the same as that of the corresponding reading node;
acquiring keywords in a text to be detected, and generating a keyword group with a label to be detected as an index as a characteristic segment;
and inputting the characteristic segment into a trained transcoding model to obtain an encryption key and encrypting the downloaded content.
6. The data authority control method of the enterprise reporting platform as claimed in claim 1, wherein the step of recording the operation information of the user in real time and correcting the reference authority in real time according to the operation information comprises:
recording operation information of a user in real time, traversing a preset reference operation table according to the operation information, and generating an operation characteristic table of the user according to a traversal result;
reading historical operation data of a user, and calculating an abnormal value of the operation characteristic table according to the historical operation data; the historical operation data is a set of all operation characteristic tables of the user within a preset time range;
and correcting the reference authority in real time according to the abnormal value.
7. The method for controlling data authority of an enterprise reporting platform according to claim 6, wherein the step of recording the operation information of the user in real time, traversing a preset reference operation table according to the operation information, and generating an operation characteristic table of the user according to the traversal result comprises:
recording the operation type containing time information of a user in real time;
judging whether the operation type is a reference operation or not based on a preset reference operation table, and generating a user operation table within a preset time range according to the operation type containing time information when the operation type is the reference operation;
calculating the repeated characteristics of each operation type and the sequence characteristics of the operation types according to the user operation table; wherein the repetitive features are digital signal images, and the independent variable in the digital signal images is time information; the order feature is an array whose index is an order determined by time information and whose value is a value determined by the type of operation.
8. A system for controlling data authority of an enterprise reporting platform, which is used for implementing the steps of the method for controlling data authority of the enterprise reporting platform as claimed in any one of claims 1 to 7, and the system comprises:
the system comprises a filing information generation module, a file registration module and a file registration module, wherein the filing information generation module is used for receiving a registration request containing enterprise files sent by a user and generating filing information according to the enterprise files;
the authority determining module is used for receiving an access request input by a user, generating a verification problem according to the filing information and determining the reference authority of the user based on the verification problem;
the interaction module is used for receiving an interaction instruction input by a user, acquiring the requirement authority of the interaction instruction, comparing the requirement authority with the reference authority, and executing an interaction action according to a comparison result; the interactive instruction at least comprises a downloading instruction;
and the permission correction module is used for recording the operation information of the user in real time and correcting the reference permission in real time according to the operation information.
9. The system for controlling data authority of an enterprise reporting platform as claimed in claim 8, wherein the filing information generating module comprises:
the template sending unit is used for receiving a registration request containing an enterprise tag sent by a user and sending a preset enterprise information acquisition template to the user; the enterprise information acquisition template comprises an area mark;
the template application unit is used for acquiring an enterprise file based on the enterprise information acquisition template, and identifying the content of a corresponding area in the enterprise file based on the area mark to obtain primary screening information;
and the interactive processing unit is used for sending the primary screening information to a user, receiving feedback information of the user, and correcting the primary screening information according to the feedback information to obtain the record information.
10. The data permission control system of an enterprise reporting platform as set forth in claim 8, wherein the permission determination module comprises:
the time acquisition unit is used for receiving an access request input by a user and acquiring the access time of the user;
the question stem generating unit is used for calculating the relative position of the access time in a time period, and extracting corresponding content from the record information according to the relative position to obtain a question stem; wherein the relative position is a percentage;
the data replacement unit is used for randomly replacing the content of a preset proportion in the question stem according to a preset information frame to obtain a verification problem;
and the feedback determining unit is used for sending the verification problem to a user, receiving feedback content of the user, calculating the coincidence rate of the feedback content and the question stem, and determining the reference authority of the user according to the coincidence rate.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210831901.XA CN114896634B (en) | 2022-07-15 | 2022-07-15 | Data authority control method and system of enterprise report platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210831901.XA CN114896634B (en) | 2022-07-15 | 2022-07-15 | Data authority control method and system of enterprise report platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114896634A true CN114896634A (en) | 2022-08-12 |
| CN114896634B CN114896634B (en) | 2022-11-11 |
Family
ID=82729693
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210831901.XA Active CN114896634B (en) | 2022-07-15 | 2022-07-15 | Data authority control method and system of enterprise report platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114896634B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115720148A (en) * | 2022-10-12 | 2023-02-28 | 上海慧程工程技术服务有限公司 | Industrial Internet of things information visualization method, server and storage medium |
| CN116032652A (en) * | 2023-01-31 | 2023-04-28 | 湖南创亿达实业发展有限公司 | Gateway authentication method and system based on intelligent interactive touch panel |
| CN116108024A (en) * | 2023-04-14 | 2023-05-12 | 深圳市安信达存储技术有限公司 | Data storage method and data storage system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102611687A (en) * | 2011-12-19 | 2012-07-25 | 上海华御信息技术有限公司 | System and method for controlling access authority based on feedback |
| GB2527285A (en) * | 2014-06-11 | 2015-12-23 | Arm Ip Ltd | Resource access control using a validation token |
| CN111431843A (en) * | 2019-01-10 | 2020-07-17 | 中国科学院电子学研究所 | Access control method based on trust and attribute in cloud computing environment |
-
2022
- 2022-07-15 CN CN202210831901.XA patent/CN114896634B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102611687A (en) * | 2011-12-19 | 2012-07-25 | 上海华御信息技术有限公司 | System and method for controlling access authority based on feedback |
| GB2527285A (en) * | 2014-06-11 | 2015-12-23 | Arm Ip Ltd | Resource access control using a validation token |
| CN111431843A (en) * | 2019-01-10 | 2020-07-17 | 中国科学院电子学研究所 | Access control method based on trust and attribute in cloud computing environment |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115720148A (en) * | 2022-10-12 | 2023-02-28 | 上海慧程工程技术服务有限公司 | Industrial Internet of things information visualization method, server and storage medium |
| CN115720148B (en) * | 2022-10-12 | 2024-04-26 | 上海慧程工程技术服务有限公司 | Industrial Internet of things information visualization method, server and storage medium |
| CN116032652A (en) * | 2023-01-31 | 2023-04-28 | 湖南创亿达实业发展有限公司 | Gateway authentication method and system based on intelligent interactive touch panel |
| CN116032652B (en) * | 2023-01-31 | 2023-08-25 | 湖南创亿达实业发展有限公司 | Gateway authentication method and system based on intelligent interactive touch panel |
| CN116108024A (en) * | 2023-04-14 | 2023-05-12 | 深圳市安信达存储技术有限公司 | Data storage method and data storage system |
| CN116108024B (en) * | 2023-04-14 | 2023-06-27 | 深圳市安信达存储技术有限公司 | Data storage method and data storage system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114896634B (en) | 2022-11-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114896634B (en) | Data authority control method and system of enterprise report platform | |
| US11144670B2 (en) | Data processing systems for identifying and modifying processes that are subject to data subject access requests | |
| US11347889B2 (en) | Data processing systems for generating and populating a data inventory | |
| US10564936B2 (en) | Data processing systems for identity validation of data subject access requests and related methods | |
| US11334682B2 (en) | Data subject access request processing systems and related methods | |
| US10346638B2 (en) | Data processing systems for identifying and modifying processes that are subject to data subject access requests | |
| US20220159041A1 (en) | Data processing and scanning systems for generating and populating a data inventory | |
| US10430740B2 (en) | Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods | |
| JP5144340B2 (en) | Contract content setting system and contract content setting method | |
| US10776514B2 (en) | Data processing systems for the identification and deletion of personal data in computer systems | |
| US10776517B2 (en) | Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods | |
| US20220286482A1 (en) | Data processing systems and methods for performing assessments and monitoring of new versions of computer code for compliance | |
| WO2019196905A1 (en) | Method and system for conveniently processing accounting data | |
| WO2019028405A1 (en) | Data processing systems for the identification and deletion of personal data in computer systems | |
| CN114861623A (en) | Protocol template generation method and device, electronic equipment and storage medium | |
| US20210344720A1 (en) | Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance | |
| CN104704521A (en) | Multi-factor profile and security fingerprint analysis | |
| US20240127379A1 (en) | Generating actionable information from documents | |
| CN112150299B (en) | Annuity data processing method, annuity data processing device, medium and electronic equipment | |
| CN113822603A (en) | Cloud computing processing method based on SaaS | |
| CN113626844A (en) | User authority control method, system, computer equipment and storage medium | |
| US20080140685A1 (en) | Apparatus and method for management of content | |
| CN113220762A (en) | Method, device, processor and storage medium for realizing general record processing of key service field change in big data application | |
| CN117195256B (en) | Financial data processing method and system | |
| US20230186418A1 (en) | System and method for applying ricardian contract principles to agreements |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A Data Permission Control Method and System for Enterprise Report Platform Effective date of registration: 20230831 Granted publication date: 20221111 Pledgee: Bank of Beijing Co.,Ltd. Jinan Branch Pledgor: SHANDONG HENGMAI INFORMATION & TECHNOLOGY Co.,Ltd. Registration number: Y2023980054768 |