CN115001800A - Password dynamic replacement method and device, computer equipment and storage medium - Google Patents
Password dynamic replacement method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN115001800A CN115001800A CN202210601249.2A CN202210601249A CN115001800A CN 115001800 A CN115001800 A CN 115001800A CN 202210601249 A CN202210601249 A CN 202210601249A CN 115001800 A CN115001800 A CN 115001800A
- Authority
- CN
- China
- Prior art keywords
- password
- java
- connection pool
- application
- management system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 230000000977 initiatory effect Effects 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 13
- 230000008859 change Effects 0.000 claims description 9
- 230000005540 biological transmission Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 abstract description 6
- 238000007726 management method Methods 0.000 description 50
- 238000010586 diagram Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000013515 script Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a dynamic password replacement method, which comprises the following steps: loading a Java connection pool with a password obtaining engine in a Java application program, and deploying a password obtaining configuration file; inquiring a password of an application subscription account; establishing an access link between a Java connection pool and the application database; inquiring whether password updating exists in the privileged account management system by the password fetching engine at certain intervals; inquiring a new password of an application subscription account from a privileged account management system through a password obtaining engine, and replacing an object password field value of the existing Java connection pool by the inquired new password; and establishing a new access link between the Java connection pool and the application database. Also discloses a device, computer equipment and a storage medium for realizing the dynamic password replacement method. The invention realizes the password replacement of the Java connection pool in the running process of the Java application program and eliminates the hard coding problem of the application embedded account.
Description
Technical Field
The invention relates to the technical field of computer information security, in particular to a method and a device for dynamically replacing a password applied to a Java database connection pool, computer equipment and a storage medium.
Background
The privileged account is an identity credential for accessing an IT asset, and generally has the rights of system sensitive data access, service start and stop, configuration modification, file operation and the like. Therefore, how to effectively protect the security of the privileged account becomes the most critical ring in the enterprise data security protection link.
The privileged account management system (PAM for short) can effectively manage and control the operations of creating, deleting, secret changing, locking and the like of privileged accounts, support batch and automatic daily management of privileged accounts of IT assets, and enable passwords of all privileged accounts to meet the requirement of complexity management.
The account number which is needed by the application program to access other applications or services is called as an embedded account number, and is commonly used as an account number of an embedded database, the account number is thought from the perspective of an attacker, an embedded plaintext password is usually found from the positions of application codes, tools, scripts, files and the like, and the attack can be initiated after the password is obtained. This is the lowest cost and difficulty, the highest "cost-performance" attack method. Meanwhile, when enterprises face security audit and compliance check, the places where the embedded passwords are most easily required to be modified.
Generally, the current password replacement method for embedded accounts is to modify the passwords in configuration files and scripts first, and then restart the Java application service. That is, during password change, the Java application service must be interrupted to complete the password change. In addition, the existing seal replacement method also has the problem of hard coding of the certificate, which undoubtedly increases the leakage risk of the access certificate of the database.
To this end, the applicant has sought, through useful research and research, a solution to the above-mentioned problems, in the context of which the technical solutions to be described below have been made.
Disclosure of Invention
One of the technical problems to be solved by the present invention is: the method can realize the password replacement of the database connection pool in the running process of the Java application, and simultaneously effectively solves the hard coding problem of the application embedded account.
The second technical problem to be solved by the present invention is: a dynamic password replacing device for implementing the dynamic password replacing method is provided.
The third technical problem to be solved by the invention is that: a computer device for realizing the dynamic password replacement method is provided.
The fourth technical problem to be solved by the invention is that: a computer-readable storage medium for implementing the above dynamic password replacement method is provided.
A method for dynamically changing a password according to a first aspect of the present invention includes:
loading a Java connection pool with a password obtaining engine in a Java application program, and deploying a password obtaining configuration file for obtaining account password information from a privileged account management system;
when the Java application program is started, inquiring the password of an application subscription account from the privileged account management system through the encryption engine, and setting the inquired password as the value of an object password field of a Java connection pool;
initiating login authentication to an application database by using the object password field value through the Java connection pool, and establishing an access link between the Java connection pool and the application database;
inquiring whether password updating exists in the privileged account management system by the password obtaining engine at a certain interval;
when the password updating of the privileged account management system is inquired by the password acquiring engine, inquiring a new password of an application subscription account from the privileged account management system through the password acquiring engine, replacing the value of an object password field of the existing Java connection pool with the inquired new password, and simultaneously ensuring that the current access link is not influenced in the password replacement period; and
and after the Java application program is accessed, initiating login authentication to the application database by using the replaced object password field value through the Java connection pool, and establishing a new access link between the Java connection pool and the application database.
In a preferred embodiment of the present invention, the encryption configuration file includes an encryption interface address, application account information, application privacy information, subscribed database account information, and a data transmission key.
In a preferred embodiment of the present invention, the Java connection pool is one of a c3p0 connection pool, a durid connection pool, a dbcp connection pool, or a hikari connection pool.
In a preferred embodiment of the present invention, the query interval time of the decryption engine is not less than 3 seconds.
A password dynamic change device as a second aspect of the present invention for implementing the above password dynamic change method includes:
the system comprises an application program initialization module, a password obtaining module and a password obtaining module, wherein the application program initialization module is used for loading a Java connection pool with a password obtaining engine in a Java application program and deploying a password obtaining configuration file for obtaining password information from a privileged account management system;
the first password query module is used for querying the password of the application subscription account from the privileged account management system through the password obtaining engine when the Java application program is started, and setting the queried password as the value of an object password field of a Java connection pool;
a first access link establishing module, configured to initiate login authentication to an application database through the Java connection pool using the object password field value, and establish an access link between the Java connection pool and the application database;
the password inquiry updating module is used for inquiring whether password updating exists in the privileged account management system at intervals of a certain time through the password obtaining engine;
the second password query module is used for querying a new password of an application subscription account from the privileged account management system through the password fetching engine when the password updating of the privileged account management system is queried by the password fetching engine, replacing the value of an object password field of the existing Java connection pool with the queried new password, and simultaneously ensuring that the current access link is not influenced in the password replacement period; and
and the second access link establishing module is used for initiating login authentication to the application database by using the changed object password field value through the Java connection pool after the Java application program is accessed, and establishing a new access link between the Java connection pool and the application database.
A computer device as a third aspect of the present invention for implementing a dynamic password replacement method includes a memory and a processor, the memory storing a computer program, and the processor implementing the following steps when executing the computer program:
loading a Java connection pool with a password obtaining engine in a Java application program, and deploying a password obtaining configuration file for obtaining password information from a privileged account management system;
when the Java application program is started, inquiring the password of an application subscription account from the privileged account management system through the encryption engine, and setting the inquired password as the value of an object password field of a Java connection pool;
initiating login authentication to an application database by using the object password field value through the Java connection pool, and establishing an access link between the Java connection pool and the application database;
inquiring whether password updating exists in the privileged account management system by the password obtaining engine at a certain interval;
when the password updating of the privileged account management system is inquired by the password acquiring engine, inquiring a new password of an application subscription account from the privileged account management system through the password acquiring engine, replacing the value of an object password field of the existing Java connection pool with the inquired new password, and simultaneously ensuring that the current access link is not influenced in the password replacement period;
and after the Java application program is accessed, initiating login authentication to the application database by using the replaced object password field value through the Java connection pool, and establishing a new access link between the Java connection pool and the application database.
A computer-readable storage medium as a fourth aspect of the present invention for implementing the above dynamic password replacement method, has a computer program stored thereon, and when executed by a processor, implements the following steps:
loading a Java connection pool with a password obtaining engine in a Java application program, and deploying a password obtaining configuration file for obtaining password information from a privileged account management system;
when the Java application program is started, inquiring the password of an application subscription account number from the privileged account number management system through the encryption engine, and setting the inquired password as an object password field value of a Java connection pool;
initiating login authentication to an application database by using the object password field value through the Java connection pool, and establishing an access link between the Java connection pool and the application database;
inquiring whether password updating exists in the privileged account management system by the password obtaining engine at a certain interval;
when the password updating of the privileged account management system is inquired by the password acquiring engine, inquiring a new password of an application subscription account from the privileged account management system through the password acquiring engine, replacing the value of an object password field of the existing Java connection pool with the inquired new password, and simultaneously ensuring that the current access link is not influenced in the password replacement period; and
and after the Java application program is accessed, initiating login authentication to the application database by using the replaced object password field value through the Java connection pool, and establishing a new access link between the Java connection pool and the application database.
Due to the adoption of the technical scheme, the invention has the beneficial effects that: according to the method, on the basis that the privileged account management system provides the password acquisition API, the password acquisition engine for acquiring the password from the privileged account management system is loaded in the Java connection pool, so that the password of the Java connection pool can be well changed in the running process of a Java application program, the hard coding problem of the application embedded account can be effectively solved, the leakage risk of the access certificate of the database is greatly reduced, the safety of sensitive data assets is effectively guaranteed, and the requirement of safety compliance is met.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is an application scenario diagram of an embodiment of a dynamic password replacement method of the present invention.
FIG. 2 is a flow chart of the method for dynamically changing passwords of the present invention.
Fig. 3 is a schematic structural diagram of an embodiment of a dynamic password replacement method according to the present invention.
Fig. 4 is an internal structural view of the computer device of the present invention.
Detailed Description
In order to make the technical means, the creation characteristics, the achievement purposes and the effects of the invention easy to understand, the invention is further explained below by combining the specific drawings.
The password dynamic replacement method provided by the invention can be applied to the application scene shown in figure 1. The Java application 101 may obtain the password of the application subscription account from the privileged account management system 102, and access the application database 103 according to the obtained password of the application subscription account.
Referring to fig. 2, the method for dynamically changing passwords of the present invention includes the following steps:
step S10, loading a Java connection pool with a password obtaining engine in the Java application program, and deploying a password obtaining configuration file for obtaining account password information from the privileged account management system. In this embodiment, the password obtaining engine is a PAM plug-in, and has functions of querying a password and obtaining the password from the privileged account management system. The Java connection pool may be one of a c3p0 connection pool, a durid connection pool, a dbcp connection pool, or a hikari connection pool. The encryption configuration file comprises an encryption interface address, application program account information, application program private information, subscribed database account information and a data transmission key.
Step S20, when the Java application program is started, the password of the application subscription account is inquired from the privileged account management system through the password obtaining engine, and the inquired password is set as the object password field value of the Java connection pool.
And step S30, initiating login authentication to the application database by using the object password field value through the Java connection pool, and establishing an access link between the Java connection pool and the application database.
And step S40, inquiring whether password updating exists in the privileged account management system by the password fetching engine at intervals of a certain time. The query interval time of the encryption engine is not less than 3 seconds and is generally set to be 3-5 seconds. A privileged account management system typically updates a database account password according to user instructions or database escrow account password policies.
Step S50, when the password updating engine inquires that the privileged account management system has the password updating, the password updating engine inquires the new password of the application subscription account from the privileged account management system, and changes the value of the object password field of the existing Java connection pool by the inquired new password, and simultaneously ensures that the current access link is not influenced in the password changing period, thus ensuring that the Java application program can be normally used in the password changing period.
And step S60, after the Java application program is accessed, initiating login authentication to the application database by using the changed object password field value through the Java connection pool, and establishing a new access link between the Java connection pool and the application database.
According to the method, on the basis that the privileged account management system provides the password acquisition API, the password acquisition engine for acquiring the password from the privileged account management system is loaded in the Java connection pool, so that the password of the Java connection pool can be well changed in the running process of a Java application program, the hard coding problem of the application embedded account can be effectively solved, the leakage risk of the access certificate of the database is greatly reduced, the safety of sensitive data assets is effectively guaranteed, and the requirement of safety compliance is met.
Referring to fig. 3, a password dynamic changing apparatus of the present invention is shown, which includes an application initialization module 110, a first password query module 120, a first access link establishment module 130, a password query update module 140, a second password query module 150, and a second access link establishment module 160.
The application initialization module 110 is configured to load a Java connection pool with a password obtaining engine in a Java application, and deploy a password obtaining configuration file that obtains password information from the privileged account management system.
The first password query module 120 is configured to query, by the cryptographic engine, a password of an application subscription account from the privileged account management system when the Java application program is started, and set the queried password as an object password field value of the Java connection pool.
The first access link establishing module 130 is configured to initiate login authentication to the application database through the Java connection pool using the object password field value, and establish an access link between the Java connection pool and the application database.
The password query update module 140 is configured to query the privileged account management system whether there is a password update at a certain interval by the password fetching engine.
The second password query module 150 is configured to query, by the password obtaining engine, a new password of the application subscription account to the privileged account management system when the password obtaining engine queries that the privileged account management system has updated the password, and replace the value of the object password field of the existing Java connection pool with the queried new password, while ensuring that the current access link is not affected during the password replacement period.
The second access link establishing module 160 is configured to initiate login authentication to the application database through the Java connection pool using the replaced object password field value after the Java application access is completed, and establish a new access link between the Java connection pool and the application database.
The modules in the dynamic password replacing device can be wholly or partially realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent of a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
The invention also provides a computer device for implementing the above password dynamic change method, the computer device may be a server, and its internal structure diagram may be as shown in fig. 4. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing data such as user information, record information and files. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a dynamic password replacement method as described above.
Those skilled in the art will appreciate that the configuration shown in fig. 4 is a block diagram of only a portion of the configuration associated with the present solution and does not constitute a limitation on the computing device to which the present solution applies, and that a particular computing device may include more or less components than those shown, or combine certain components, or have a different arrangement of components.
Specifically, the computer device of the present invention includes a memory storing a computer program and a processor implementing the following steps when the processor executes the computer program:
step S10, loading a Java connection pool with a password obtaining engine in a Java application program, and deploying a password obtaining configuration file for obtaining account password information from a privileged account management system;
step S20, when the Java application program is started, the password of the application subscription account is inquired from the privileged account management system through the password obtaining engine, and the inquired password is set as the object password field value of the Java connection pool;
step S30, initiating login authentication to the application database by using the object password field value through the Java connection pool, and establishing an access link between the Java connection pool and the application database;
step S40, inquiring whether password updating exists in the privileged account management system by the password obtaining engine at intervals of a certain time;
step S50, when the password updating of the privileged account management system is inquired by the password acquiring engine, inquiring a new password of an application subscription account from the privileged account management system through the password acquiring engine, and replacing the object password field value of the existing Java connection pool with the inquired new password, and simultaneously ensuring that the current access link is not influenced in the password replacement period;
and step S60, after the Java application program is accessed, initiating login authentication to the application database by using the changed object password field value through the Java connection pool, and establishing a new access link between the Java connection pool and the application database.
The present invention also provides a computer-readable storage medium for implementing the above dynamic password replacement method, having a computer program stored thereon, which when executed by a processor, implements the steps of:
step S10, loading a Java connection pool with a password obtaining engine in a Java application program, and deploying a password obtaining configuration file for obtaining account password information from a privileged account management system;
step S20, when the Java application program is started, the password of the application subscription account is inquired from the privileged account management system through the password obtaining engine, and the inquired password is set as the object password field value of the Java connection pool;
step S30, initiating login authentication to the application database by using the object password field value through the Java connection pool, and establishing an access link between the Java connection pool and the application database;
step S40, inquiring whether password updating exists in the privileged account management system by the password obtaining engine at intervals of a certain time;
step S50, when the password updating of the privileged account management system is inquired by the password acquiring engine, inquiring a new password of an application subscription account from the privileged account management system through the password acquiring engine, and replacing the object password field value of the existing Java connection pool with the inquired new password, and simultaneously ensuring that the current access link is not influenced in the password replacement period;
and step S60, after the Java application program is accessed, initiating login authentication to the application database by using the changed object password field value through the Java connection pool, and establishing a new access link between the Java connection pool and the application database.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above may be implemented by hardware instructions of a computer program, which may be stored in a non-volatile computer-readable storage medium, and when executed, may include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The foregoing shows and describes the general principles and broad features of the present invention and advantages thereof. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are given by way of illustration of the principles of the present invention, but that various changes and modifications may be made without departing from the spirit and scope of the invention, and such changes and modifications are within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (7)
1. A method for dynamically changing a password, comprising:
loading a Java connection pool with a password obtaining engine in a Java application program, and deploying a password obtaining configuration file for obtaining account password information from a privileged account management system;
when the Java application program is started, inquiring the password of an application subscription account number from the privileged account number management system through the encryption engine, and setting the inquired password as an object password field value of a Java connection pool;
initiating login authentication to an application database by using the object password field value through the Java connection pool, and establishing an access link between the Java connection pool and the application database;
inquiring whether password updating exists in the privileged account management system by the password obtaining engine at a certain interval;
when the password updating of the privileged account management system is inquired by the password acquisition engine, inquiring a new password of an application subscription account from the privileged account management system through the password acquisition engine, replacing an object password field value of the existing Java connection pool with the inquired new password, and simultaneously ensuring that a current access link is not influenced in a password replacement period;
and after the Java application program is accessed, initiating login authentication to the application database by using the replaced object password field value through the Java connection pool, and establishing a new access link between the Java connection pool and the application database.
2. The method for dynamically changing a password according to claim 1, wherein the password configuration file comprises a password interface address, application account information, application privacy information, subscribed database account information and a data transmission key.
3. The dynamic password change method as claimed in claim 1, wherein the Java connection pool is one of a c3p0 connection pool, a durid connection pool, a dbcp connection pool, or a hikari connection pool.
4. The method for dynamically changing passwords as claimed in claim 1, wherein the query interval time of the password engine is not less than 3 seconds.
5. A password dynamic change device is characterized by comprising:
the system comprises an application program initialization module, a password acquisition module and a password management module, wherein the application program initialization module is used for loading a Java connection pool with a password acquisition engine in a Java application program and deploying a password acquisition configuration file for acquiring password information from a privileged account management system;
the first password query module is used for querying the password of the application subscription account from the privileged account management system through the password obtaining engine when the Java application program is started, and setting the queried password as the value of an object password field of a Java connection pool;
a first access link establishing module, configured to initiate login authentication to an application database through the Java connection pool using the object password field value, and establish an access link between the Java connection pool and the application database;
the password inquiry updating module is used for inquiring whether password updating exists in the privileged account management system at intervals of a certain time through the password fetching engine;
the second password query module is used for querying a new password of an application subscription account number from the privileged account number management system through the password fetching engine when the password updating of the privileged account number management system is queried by the password fetching engine, replacing an object password field value of an existing Java connection pool by the queried new password, and simultaneously ensuring that a current access link is not influenced in a password replacement period; and
and the second access link establishing module is used for initiating login authentication to the application database by using the changed object password field value through the Java connection pool after the Java application program is accessed, and establishing a new access link between the Java connection pool and the application database.
6. A computer device comprising a memory and a processor, the memory storing a computer program, wherein the processor when executing the computer program implements the steps of the dynamic password change method according to any one of claims 1 to 4.
7. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method for dynamic password change according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210601249.2A CN115001800A (en) | 2022-05-30 | 2022-05-30 | Password dynamic replacement method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210601249.2A CN115001800A (en) | 2022-05-30 | 2022-05-30 | Password dynamic replacement method and device, computer equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115001800A true CN115001800A (en) | 2022-09-02 |
Family
ID=83030724
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210601249.2A Pending CN115001800A (en) | 2022-05-30 | 2022-05-30 | Password dynamic replacement method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115001800A (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101689848B1 (en) * | 2016-08-09 | 2016-12-27 | (주)유니스소프트 | Password management system and method for changing password using password management system |
| US20190028463A1 (en) * | 2016-01-11 | 2019-01-24 | Osirium Limited | Password maintenance in computer networks |
| CN110602054A (en) * | 2019-08-20 | 2019-12-20 | 广州海颐信息安全技术有限公司 | Proxy-based privilege certificate authentication protection method and device |
| CN110717176A (en) * | 2019-09-23 | 2020-01-21 | 广州海颐信息安全技术有限公司 | Method and device for changing application embedded privileged account on line |
| CN110719298A (en) * | 2019-11-05 | 2020-01-21 | 广州海颐信息安全技术有限公司 | Method and device for supporting user-defined change of privileged account password |
| CN110717160A (en) * | 2019-09-23 | 2020-01-21 | 广州海颐信息安全技术有限公司 | Method and device for periodically checking and correcting privileged account |
| CN111953481A (en) * | 2020-07-28 | 2020-11-17 | 麒麟软件有限公司 | PAM-based dynamic password authentication method |
| US20200410086A1 (en) * | 2019-06-25 | 2020-12-31 | Jpmorgan Chase Bank, N.A. | Method and system for ssis password management integration |
| WO2021107178A1 (en) * | 2019-11-27 | 2021-06-03 | (주)이스톰 | Method for managing login account information |
-
2022
- 2022-05-30 CN CN202210601249.2A patent/CN115001800A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190028463A1 (en) * | 2016-01-11 | 2019-01-24 | Osirium Limited | Password maintenance in computer networks |
| KR101689848B1 (en) * | 2016-08-09 | 2016-12-27 | (주)유니스소프트 | Password management system and method for changing password using password management system |
| US20200410086A1 (en) * | 2019-06-25 | 2020-12-31 | Jpmorgan Chase Bank, N.A. | Method and system for ssis password management integration |
| CN110602054A (en) * | 2019-08-20 | 2019-12-20 | 广州海颐信息安全技术有限公司 | Proxy-based privilege certificate authentication protection method and device |
| CN110717176A (en) * | 2019-09-23 | 2020-01-21 | 广州海颐信息安全技术有限公司 | Method and device for changing application embedded privileged account on line |
| CN110717160A (en) * | 2019-09-23 | 2020-01-21 | 广州海颐信息安全技术有限公司 | Method and device for periodically checking and correcting privileged account |
| CN110719298A (en) * | 2019-11-05 | 2020-01-21 | 广州海颐信息安全技术有限公司 | Method and device for supporting user-defined change of privileged account password |
| WO2021107178A1 (en) * | 2019-11-27 | 2021-06-03 | (주)이스톰 | Method for managing login account information |
| CN111953481A (en) * | 2020-07-28 | 2020-11-17 | 麒麟软件有限公司 | PAM-based dynamic password authentication method |
Non-Patent Citations (2)
| Title |
|---|
| 冯宽: "融合数据平台特权访问安全关键技术与系统研究", 《中国优秀硕士学位论文全文数据库信息科技辑》, pages 2 - 3 * |
| 罗家燕: "基于RBAC的PMI研究与设计", 《万方数据知识服务平台》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9838424B2 (en) | Techniques to provide network security through just-in-time provisioned accounts | |
| US20180206123A1 (en) | Delegated profile and policy management | |
| US8983543B2 (en) | Methods and apparatus for managing data within a secure element | |
| TWI499316B (en) | Methods and apparatus for managing data within a secure element | |
| US9785766B2 (en) | Automated password management | |
| US10187386B2 (en) | Native enrollment of mobile devices | |
| CN113646761A (en) | Providing application security, authentication and feature analysis to applications | |
| CN110781507A (en) | File authority control method and device, computer equipment and storage medium | |
| CN110955448A (en) | Intelligent contract separation method, contract processing method, apparatus, device and medium | |
| CN112527835B (en) | Authentication request processing method and device based on cache and related equipment | |
| CN111177741A (en) | Pre-authorization data access method and device based on enterprise browser | |
| CN111917711B (en) | Data access method and device, computer equipment and storage medium | |
| CN112016122A (en) | Webpage data processing method and device, computer equipment and storage medium | |
| CN109831521B (en) | Cache instance management method and device, computer equipment and storage medium | |
| CN109314711B (en) | Open authorization method, device and terminal | |
| CN112560006A (en) | Single sign-on method and system under multi-application system | |
| CN115001800A (en) | Password dynamic replacement method and device, computer equipment and storage medium | |
| CN113742681B (en) | Account management method and device, computer equipment and storage medium | |
| WO2021073440A1 (en) | Access control method and device for embedded universal integrated circuit card, and storage medium | |
| CN109460654B (en) | Service control method, service control system, server and computer storage medium | |
| CN109088854B (en) | Access method and device of shared application and readable storage medium | |
| CN110610069A (en) | Method and device for calling REST interface in web system | |
| CN110535957B (en) | Data calling method of service application platform and service application platform system | |
| CN116881964A (en) | System data access authority control method, system, medium and computer | |
| CN113886014A (en) | Method, device and equipment for loading dynamic secret key by middleware and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |