201015458 九、發明說明: 【發明所屬之技術領域】 -種權限管_統及其方法,制係指—種集中多服 務帳號之權限管理系統及其方法。 【先前技術】 權限管理系統’通常是將使用者的權限設定儲存於使 用者貧料巾,細記錄伽者可進行的觀。當使用者欲 進行任何齡行树,觀管理緒會補使肖者識別資 料來比對制者所進狀操作是賴合⑽存之權限設 定’來判斷使用者可否進行此操作。由於觀管理系統依 據使用者的不同身份提供不_服務,因此被企業廣泛的 使用,其中,以提供多種服務的服務平台最常見。 隨著企業的業務拓展,往往會針對各種不同的發展方 向建立各自的服務平纟,由於發展方向不同,0此不同服 務平台的使用者在發展的初期並不容易重疊,所以各個服 務平台通常會具有各自的權限管理系統。不過若服務平台 所提供的服務越來越完整,_ 了發展的後期,各個服務 平口中重疊的使用者將會越來越多,如此一來,對使用者 而言’需要為乡個服務平#管理乡_制者識別資料, 並不方便使用者使用各種服務平台;另外,對企業而言, 除了而要分別維護各個服務平台的權限管理系統之外,若 要整合服務時也需要花費較多的成本整合權限管理系統 中的使用者資料。 练上所述’可知先前技術中長期以來一直存在多個服 5 201015458 務平台的權限管理系統之間並不方便整合管理的問題,因 此有必要提出改進的技術手段,來解決此一問題。 【發明内容】 有鑒於先前技術存在多個服務平台的權限管理系統 之間並不方便整合管理的問題,本發明遂揭露一種集中多 服務帳號之權限管理系統及其方法,其中: 本發明所揭露之集中多服務帳號之權限管理系統,其 包括有··服務平台’用以提供使用者輸入使用者識別資 料;管理伺服器,更包含:儲存模組,用以儲存使用者之 使用者基本資料及使用者於服務平台之權限資料;傳輸模 組,用以接收服務平台所傳送之使用者識別資料;登入模 組,用以依據使用者識別資料登入使用者;授權模組,用 以於使用者登入後’依據使用者識別資料讀取使用者於服 務平台上之權限資料,並透過傳輸模組傳送權限資料至服 務平台,使月艮務平台依據權限資料提供相對應之特定服務 予使用者操作,其透過管理舰n的儲存模_存使用者 在各服務平台上的權限資料,並由授權模組依據使用者識 別碼讀取服務平台的權限資料,使服務平台依據權限資料 提供使用者可操作的服務’藉贿決先前技賴存在的問 題。 本發明所揭露之集中多服務帳號之權限管理方法,其 包括有下列步驟:管理恤H儲存制者之錢者基本資 料及使用者於服務平自之觀:諸;服務平台傳送使用者 所輸入之使用者識別資料至管理伺服器;管理伺服器依據 201015458 細者識別資料登入使用者;管理伺服器依據使用者識別 貧料讀取使用者於服務平台上之權限資料;管理飼服器傳 送權限資料i服務平纟;服務平自依雜歸料提供相對 應之特定服軒使用者操作,其透過管朗服器儲存使用 者在各服務平台上的觀#料,並依據朗麵別碼讀取 服務平台的概資料,使服務平台依據觀資料提供使用 者可操作的服務’來解決先前技術所存在的問題。 本發明所揭露之系統與方法如上,其與先前技術之間 的差異在於本㈣使膽理伺服韻存制者在各服務 平台上的觀資料,管_服!!會依敝用者顧碼讀取 使用者在各服務平纟上的觀資料,使服務平台提供與權 限資料對應的服務予使用者操作。透過上述的技術手段, 本發明可以達成提供使用者以同一使用者識別碼登入所 有服務平台的技術功效。 【實施方式】 以下將配合圖式及實施例來詳細說明本發明之詳細 特徵與實施方式,内容足以使任何熟習相關技藝者輕易地 理解本發明解決技術問題所應用的技術手段並據以實 施’及理解實現本發明可達成的功效。 以下先以「第1圖」本發明所提之集中多服務帳號之 權限官理系統之系統架構圖來說明本發明的系統運作。如 圖所不’本發明之系統含有管理伺服器200以及多個提供 服務平台的數位裝置1〇〇。 數位裝置100負責提供服務平台所需的硬體環境,使 7 201015458 服務平台在數位裝置⑽中執行,數位裝置刚包含作不 限於個人之_、伺服器以賴測健康之電子裝置等,其 中’電腦會執行應用程式來生成服務平台,而舰器以及 ,子裝置通常是本身便已域行有特定_式來提供特 疋的服務’也就是說’舰如及電子裝置通常也是服務 平台的一種呈現方式。 上述之服務平台負貴提供特定的服務予使用者操 作,Pf著服務平台的不同,各個服務平台所提供的服務並 不一定只有-個’例如’執行在個人電腦上的字詞查找平 台提供字詞查找以及即時翻譯的服務等,執行在舰器上 的網路字詞查找平台則提供權威字查找以及大眾字查找 的服務等,而在健康偵測儀器中執行的健康管理平台則可 能只有提供個人健康管理的服務。 一般而言,使用者在操作服務平台時,服務平台通常 會先透過數位裝置100將使用者識別資料傳送到管理伺服 器200進行登入,前述之使用者識別資料會與使用者相對 應,且在使用者識別資料的有效期間,不會有另外一個使 用者使用相同的使用者識別資料,使用者識別資料例如使 用者的帳號密碼、或是購買服務時所獲得的授權碼等,但 本發明並不以此為限。而服務平台所傳送的使用者識別資 料則是來自使用者在登入介面中所輸入的使用者識別資 料,或是讀取使用者已預先輸入的使用者識別資料。 在使用者完成登入之後,服務平台可以透過數位裝置 100接收到管理伺服器200所傳回的權限資料,服務平台 201015458 可以依據接收到的權限資料致能及/或禁能與權限資料相 對應的服務’使得使用者可以在服務平台中對其可使用的 服務進行操作。 上述之權限資料記錄有使用者對服務平台中所提供 之各個服務的權限’甚至包含使用者對各個服務的使用期 限’也就是說’權限資料中記錄使用者可以使用服務平台 中的哪些服務,甚至記錄使用者可以使用該些服務的時 間。 若執行服務平台的數位裝置100為伺服器,則使用者 會而要透過所使用的其他數位裝置輸入使用者識別資料 至服務平台’使服務平台可以傳送使用者識別資料至管理 伺服器進行登入;若執行服務平台的數位裝置100為非伺 服器的個人電腦或健康個儀料,則使膽除了可以在 服務平台中輸入使用者識別資料之外,服務平台也可以在 使用者欲使用服務之前,自動傳送使用者識別資料至管理 伺服器200。 官理伺服器200集中管理所有使用者的使用者基本資 料以及權限資料’如「第2圖」本發明所提之管理祠服器 200之το件示意圖所示,管理伺服器2〇〇包含儲存模組 21〇、傳輸拉、组22〇、登入模组24〇以及授麵組25〇。 儲存模組210負責儲存使用者的使用者基本資料及使 用者在服務平台中的權限資料。使用者基本資料包含但不 限於使用者的姓名、年齡、住址、電話以及登人時所使用 的帳號密喝等。 201015458 傳輸模組220負責接收服務平台透過數位裝置丨⑻所 傳送的使用者識別資料,並傳送授權模組25〇所產生之權 限資料至執行於數位裝置1〇〇上的服務平台。 登入模組240負責依據傳輸模組22〇所接收之使用者 識別資料登入使用者,其中,登入模组24〇會判斷傳輸模 組220所接收之使用者識別資料是否與儲存模組2丨〇所儲 存之使用者的使用者基本資料進行比對,由於使用者基本 資料中也記錄有使用者識別資料,因此登入模組24〇可以 在比對兩使用者識別資料相同時,完成使用者登入;而若 登入模組240可以比對出兩使用者識別資料不同時,拒絕 使用者登入,使得授權模組250不會執行,因此服務平台 不會獲得權限資料’使用者也無法藉以使用服務平台所提 供的服務。 授權模組250負責在登入模組240完成使用者的登入 後’依據傳輸模組220所接收之使用者識別資料,至儲存 模組210中讀取使用者在傳送使用者識別資料之服務平台 上的權限資料,由於使用者識別資料在同一時間内並不會 重複,因此授權模組250可以在搜尋使用者識別資料之 後,讀出與使用者識別資料對應的權限資料。 授權模組250在讀取權限資料後,會透過傳輸模組 220傳送權限資料至執行於數位裝置1〇〇上的服務平台, 使服務平台可以提供與權限資料對應的特定服務予使用 者操作。 本發明更可以包含註冊模組28〇、權限設定模組291 201015458 以及權限修改模組292。 註冊模組280負責提供使用者登入使用者基本資料, 使用者在服矛务平台中輸入使用者基本資料之後,服務平台 會透過數位裝置1〇〇傳送使用者基本資料至管理飼服器 200的傳輸模組220,註冊模組會將傳輸模組22〇所接收 到的使用者基本資料寫入儲存模組21〇中,藉以完成使用 者的註冊,若使用者在多個服務平台中註冊,則註冊模組 280會判斷使用者是否曾經註冊過,若是,則註冊模組⑽ 不會將使用者基本資料寫入儲存模組21〇中。 權限設定模組291負責設定權限資料。管理飼服器 200可以提供管理錬器2〇〇或各服務平台的管理者透過 權限设定模組291設定使用者在各個服務平台中可使用的 服務,也可贿據使用麵f的服務内容或是使用者輸入 的授權碼自動設定使用者的權限資料。 /另外,服務平台更可以記錄使用者在服務平台上所執 ❹ 狀各職賴作記錄’並透過触裝置1GG傳送操作記 錄至官理伺服器2〇〇的傳輸模組22〇,管理伺服器2〇〇上 ' 的權限修改模、组292會依據管理者定義的權限擴增規則以 及傳輸模組220所接收的操作記錄設定使用者於其他服務 M 服務所對應的槪資料。前述之操作記錄包 含但不限於使时執行服務的咖、歧鮮。前述之權 限擴增規収義各服務平纟巾的服務侧啟祕件,例如 使用者需要使用钱種服務幾次或使用者需要使用某服 務多久時間等,但本發明所提之權限擴增規則並不以此為 11 201015458 限。 接著以一個實施例來解說本發明的運作系統與方 法’並請參照「第3圖」本發明所提之集中多服務帳號之 權限管理方法之方法流程圖。 饭设本實施例如「第1圖」所示,包含執行在電腦(數 <立裝置100)上的字詞查找平台、運行在飼服器(數位裝 置100)上社群討論平台與網路字詞查找平台、以及由偵 m _康之電子裝置(數位裝置觸)所提供的健康管理平 p 台等服務平台。 官理伺服器200的儲存模組210中儲存使用者的基本 資料以及使用者在上述各個服務平台中的權限資料(步驟 306) ’其中,儲存模組21〇中可以如「第4A圖」所示, 以權限没疋表400的形式來儲存使用者的權限資料,但本 發明儲存權限資料之方式並不以此為限。 使用者使用上述任一服務平台之前,會透過欲使用的 φ 服務平台輸入上述之使用者的基本資料,假設使用者使用 執行錢腦上的字啦餅纟,贼肖者在稍查找平台 所提供的§主冊介面中輸入使用者的基本資料後,字詞查找 平台會傳送使用者的基本資料至管理伺服器2〇〇的傳輸模 組220,在傳輸模組22〇接收到使用者的基本資料後,管 理飼服器200的註冊模、组280 f進行使用者的註冊程序, 並將使用者的基本資料存入管理伺服器2〇〇的儲存模組 中’藉以完成使用者的註冊。 事實上,在使用者在註冊介面中輸入使用者的基本資 12 201015458 料時,除了輸入姓名、年齡、地址等資料之外,還會需要 輸入講買糊錢平細顧財時所獲得的鄕碼(在 本實施例中即為使用者識別資料),在管理舰器的 傳輸模組220接收到使用者的基本資料後,管理飼服器 200上的權限設定模組會291依據授權碼設定使用者在字 詞查找平台上的權限資料,假設使用者顧了字詞查找、 即時翻譯以及加值服務三項功能,因此設定模組19〇一會依 藝 據授權碼設定使用者可以在字詞查找平台上使用字詞查 找、即時翻譯以及加值服務三項服務,設定模組19〇甚至 可以依據授權碼設定使用者使用加值服務的使用期限為 「2008/01/01〜2008/12/31」。 當管理飼服器200的儲存模組21〇中儲存有使用者的 基本資料以及使用者在上述各個服務平台中的權限資料 (步驟306)之後,字詞查找平台會透過電腦(數位裝置 1〇〇)傳送使用者的使用者識別資料至管理伺服器200 (步 φ 驟322),由於本實施例之使用者識別資料為授權碼,使用 者在輸入使用者的基本資料時便已在註冊介面中輸入 過’因此字詞查找平台可以讀出使用者所輸入過的授權碼 並直接傳送給管理伺服器200,當然,字詞查找平台也可 以提供使用者登入介面’在使用者輸入授權碼之後才傳送 使用者所輸入之授權碼至管理伺服器200。 在字詞查找平台傳送使用者識別資料至管理飼服器 200 (步驟322)後,管理伺服器200的傳輸模組220會接 收到字詞查找平台所傳送的使用者識別資料,管理伺服器 13 201015458 200的登入模組240會在依據使用者識別資料進行登入使 用者的程序(步驟330),藉以完成使用者的登入。登入模 組240通常會比對儲存在儲存模組210之使用者基本資料 以及使用者識別資料是否正確,當兩者相同時,登入模組 240才會進行登入使用者的程序,反之,則會透過傳輪模 組220傳送登入失敗的訊息至字詞查找平台。 . 在登入模組240依據使用者識別資料登入使用者(步 - 驟330)後,管理伺服器200的授權模組250會依據使用 ® 者識別資料(在本實施例中為授權碼)讀出使用者在字詞 查找平台中的權限資料(步驟350),被讀出的權限資料記 錄著使用者可以使用字詞查找、即時翻譯以及加值服務等 服務,且加值服務的使用期限為 「2008/01/01〜2008/12/31」。 在權限模組250依據使用者識別資料讀出使用者在字 詞查找平台中的權限資料(步驟35G)後,管理鑛器2〇〇 〇 的傳輸模組220會將授權模組250所讀出的權限資料傳送 至執行字詞查找平台的電腦(步驟36〇),字詞查找平台在 ' 透過電腦接收到傳輸模組2⑽所傳送的權限資概,^依 據權限資料上的記錄,提供使用者字詞查找、即時翻譯以 及加值服務等服務(步驟370 )’如此使用者便可以操作字 詞查找平台,也就是制字詞麵、㈣鱗以及加值服 務。 」综上所述’可知本發明與先前技術之間的差異在於具 有官理舰器儲存使用者在各服務平台上的權限資料,管 201015458 理伺服器會依據使用者識別碼讀取使用者在各服務平台 上的權限資料’使服務平台提供與權限資料對應的服務予 使用者操作,藉由此-技術手段可以解決先前技術所存在 夕個服務平台的權限管理系統之間並不方便整合管理的 問題’進而達成提供使用者以同一使用者識別碼登入所有 服務平台的功效。 • 另外,本發明所提之服務平台更可以再使用者操作服 務平台時,記錄使用者在服務平台上的操作記錄,例如記 β 錄使用者執行的服務的時間、次數等,並透過數位裝置1〇〇 傳送操作記錄至管理伺服器2〇〇的傳輸模組22〇。 假设在上述實施例中,使用者的操作記錄已記錄使用 者執行字詞查找服務100次,且第一次執行字詞查找服務 的時間為半年前,若權限擴增規則中定義執行字詞查找服 務滿100次且使用字詞查找服務三個月以上時,可以開啟 ’祠路子4查找平台的大尿字查詢服矛务則管理飼服器 ❹ 上的權限修改模組292會判斷出使用者已達到權限擴增規 則所定義的標準,因此會如「第4Β圖」所示,設定使用 * 者可以使用網路字詞查找平台的大眾字查詢服務。 Γ 雖然本發明所揭露之實施方式如上,惟所述之内容並 非用以直接限疋本發明之專利保護範圍。任何本發明所屬 技術領域巾具有通常知識者’在不麟本發騎揭露之精 神和範圍之内,在實施的形式上及細節上所為之更動或潤 飾,均屬本發明之專利保護範圍。因此本發明之專利保護 範圍仍須以本說明書所附之申請專利範圍所界定者為準。 201015458 【圖式簡單說明】 第1圖係本發明所提之集中多服務帳號之權限管理系 統之系統架構圖。 第2係本發明所提之管理伺服器之元件示意圖。 第3係本發明所提之集中多服務帳號之權限管理方法 之方法流程圖。 • 第4A本發明實施例所提之權限資料記錄格式示意 , 圖。 • 第4B本發明實施例所提之權限資料記錄格式示意 圖。 【主要元件符號說明】 100 數位裝置 200 管理伺服器 210 儲存模組 220 傳輸模組 240 登入模組 250 授權模組 280 註冊模組 291 權限設定模組 292 權限修改模組 400 權限設定表 步驟306管理伺服器儲存使用者基本資料及使用者 於服務平台之權限資料 步驟322服矛务平台傳送使用者識別資料至管理伺服 201015458 步驟330 步驟350 步驟360 步驟370 器 管理祠服器依據使用者識別資料登入使用 者 管理伺服器依據使用者識別資料讀取服務 平台上之權限資料 管理伺服器傳送權限資料至服務平台 服務平台依據權轉料提供對應之特定服 務予使用者操作201015458 IX. Description of the invention: [Technical field to which the invention belongs] - a kind of authority management system and its method, the system refers to a rights management system and method for centralized multi-service account. [Prior Art] The rights management system 'generally stores the user's permission settings in the user's poor towel, and records the view that the gambling can be performed. When the user wants to perform any age tree, the management manager will compensate the reader to identify the data to determine whether the user can perform the operation by comparing the user's operation with the permission setting (10). Since the management system provides non-services according to the different identities of users, it is widely used by enterprises, and the service platform that provides multiple services is the most common. As the business of the company expands, it will often establish its own service level for different development directions. Due to different development directions, users of different service platforms will not easily overlap in the initial stage of development, so each service platform usually Have their own rights management system. However, if the services provided by the service platform are more and more complete, _ in the later stage of development, there will be more and more users overlapping in each service level. As a result, for the users, it is necessary to serve the township. #管理乡_制者识别资料, it is not convenient for users to use various service platforms; in addition, for enterprises, in addition to maintaining the rights management system of each service platform separately, it is also necessary to integrate services. More cost integration of user data in the rights management system. In the prior art, it can be seen that there has been a problem in the prior art that the rights management systems of the multiple service platforms have not been convenient for integration, and therefore it is necessary to propose improved technical means to solve this problem. SUMMARY OF THE INVENTION In view of the problem that the prior art has a plurality of service platform rights management systems that are not convenient for integrated management, the present invention discloses a centralized multi-service account rights management system and method thereof, wherein: The centralized multi-service account rights management system includes a service platform for providing user input user identification data, a management server, and a storage module for storing user basic data of the user. And the user's access to the service platform; the transmission module for receiving user identification data transmitted by the service platform; the login module for logging in to the user based on the user identification data; and the authorization module for use After logging in, the user's identification data is used to read the user's permission information on the service platform, and the permission data is transmitted to the service platform through the transmission module, so that the monthly service platform provides the corresponding specific service to the user according to the authority data. Operation, which manages the storage mode of the ship n - the user's authority on each service platform By authorization modules based on user permissions to read data service platform identification code, the service platform provides a user-operable data services based on rights' issues by bribery must rely on technology previously existed. The method for managing rights of a centralized multi-service account disclosed in the present invention includes the following steps: managing the basic information of the money storage system of the user and the user's view on the service: the service platform transmits the user input The user identification data is sent to the management server; the management server logs in the user according to the 201015458 detailed identification data; the management server reads the user's permission data on the service platform according to the user identification poor material; manages the feeding device transmission authority The information i service is flat; the service is provided by the corresponding service user, and the user is stored on the service platform through the device, and reads according to the code of the face. Taking the general information of the service platform, the service platform provides the user-operable service based on the view data to solve the problems of the prior art. The system and method disclosed in the present invention are as above, and the difference between the prior art and the prior art is that (4) the information of the loyal servo server on each service platform is controlled. According to the user's code, the user's view information on each service platform is read, so that the service platform provides the service corresponding to the authority data to the user. Through the above technical means, the present invention can achieve the technical effect of providing users with the same user identification code to log in to all service platforms. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The detailed features and embodiments of the present invention will be described in detail below with reference to the drawings and embodiments, which are sufficient to enable those skilled in the art to readily understand the technical means to which the present invention solves the technical problems. And understanding the achievable effects of the present invention. Hereinafter, the system operation of the present invention will be described with reference to the system architecture diagram of the rights management system of the centralized multi-service account referred to in the "FIG. 1". The system of the present invention includes a management server 200 and a plurality of digital devices providing service platforms. The digital device 100 is responsible for providing the hardware environment required by the service platform, so that the 7 201015458 service platform is executed in the digital device (10), and the digital device just includes an electronic device that is not limited to an individual, and the server is used to measure health, among which ' The computer will execute the application to generate the service platform, and the ship and the sub-devices usually have a specific service to provide special services. That is to say, the ship and the electronic device are usually also a kind of service platform. ways of presenting. The service platform mentioned above provides a specific service to the user to operate. Pf is different from the service platform. The services provided by each service platform do not necessarily have to be - for example, a word search platform provided on a personal computer provides a word. Word search and instant translation services, etc., the online word search platform on the ship provides authoritative word search and public word search services, while the health management platform executed in the health detection instrument may only provide Personal health management services. In general, when the user operates the service platform, the service platform usually transmits the user identification data to the management server 200 through the digital device 100 for login. The user identification data corresponding to the user corresponds to the user. During the validity period of the user identification data, no other user uses the same user identification data, such as the user's account password or the authorization code obtained when purchasing the service, but the present invention Not limited to this. The user identification data transmitted by the service platform is from the user identification data input by the user in the login interface, or the user identification data that the user has input in advance. After the user completes the login, the service platform can receive the permission data returned by the management server 200 through the digital device 100, and the service platform 201015458 can enable and/or disable the corresponding permission data according to the received permission data. The service 'allows the user to operate on the services available to them in the service platform. The above privilege data records the user's rights to each service provided in the service platform 'even the user's use period for each service', that is, the privilege data records which services in the service platform can be used by the user. Even the time when the user can use the services is recorded. If the digital device 100 executing the service platform is a server, the user will input the user identification data to the service platform through the other digital devices used to enable the service platform to transmit the user identification data to the management server for login; If the digital device 100 executing the service platform is a non-server personal computer or a healthy device, the service platform can also be used before the user wants to use the service, in addition to inputting the user identification data in the service platform. The user identification data is automatically transmitted to the management server 200. The official server 200 centrally manages the user's basic data and the rights data of all users. As shown in the figure of the second embodiment of the management server 200 of the present invention, the management server 2 includes storage. The module 21〇, the transfer pull, the group 22〇, the login module 24〇, and the face group 25〇. The storage module 210 is responsible for storing user basic information of the user and the authority data of the user in the service platform. The user's basic information includes, but is not limited to, the user's name, age, address, telephone number, and account number used when boarding. The transmission module 220 is responsible for receiving the user identification data transmitted by the service platform through the digital device (8), and transmitting the authority data generated by the authorization module 25 to the service platform executed on the digital device 1 . The login module 240 is responsible for logging in to the user according to the user identification data received by the transmission module 22, wherein the login module 24 determines whether the user identification data received by the transmission module 220 is related to the storage module 2 The user's basic data of the stored user is compared. Since the user identification data is also recorded in the user's basic data, the login module 24 can complete the user login when the two user identification data are the same. If the login module 240 can compare the two user identification data, the user is denied login, so that the authorization module 250 will not execute, so the service platform will not obtain the permission data, and the user cannot use the service platform. The services provided. The authorization module 250 is responsible for reading the user identification data received by the transmission module 220 after the login module 240 completes the login of the user, and reading the user to the service platform for transmitting the user identification data to the storage module 210. Since the user identification data is not repeated at the same time, the authorization module 250 can read the permission data corresponding to the user identification data after searching for the user identification data. After reading the permission data, the authorization module 250 transmits the permission data to the service platform executed on the digital device 1 through the transmission module 220, so that the service platform can provide a specific service corresponding to the authority data to the user. The present invention may further include a registration module 28, an authority setting module 291 201015458, and a rights modification module 292. The registration module 280 is responsible for providing the user with the basic information of the user. After the user inputs the basic information of the user in the service platform, the service platform transmits the basic information of the user to the management server 200 through the digital device. The transmission module 220, the registration module writes the user basic data received by the transmission module 22 into the storage module 21, to complete the registration of the user, and if the user registers in multiple service platforms, The registration module 280 determines whether the user has ever registered, and if so, the registration module (10) does not write the user basic data into the storage module 21A. The authority setting module 291 is responsible for setting the authority data. The management server 200 can provide the management device 2 or the administrator of each service platform through the authority setting module 291 to set the service that the user can use in each service platform, and can also bribe the service content of the use surface f Or the authorization code input by the user automatically sets the user's permission data. / In addition, the service platform can record the user's responsibilities in the service platform and record the operation record to the official server 2 through the touch device 1GG. The management server The privilege modification module and group 292 of the second id will set the 对应 data corresponding to the other service M services according to the privilege augmentation rule defined by the administrator and the operation record received by the transmission module 220. The foregoing operational records include, but are not limited to, coffee and ambiguity for performing services on time. The foregoing privilege amplification protocol defines the service side secrets of each service flat towel, for example, the user needs to use the money service several times or the user needs to use a certain service for a long time, etc., but the authority extension of the present invention is expanded. The rules are not limited to 11 201015458. Next, the operation system and method of the present invention will be explained by way of an embodiment. Please refer to the flowchart of the method for managing the rights management of the multi-service account in the present invention. The present embodiment is shown in Fig. 1 and includes a word search platform executed on a computer (number device 100), a community discussion platform and a network running on a feeding device (digital device 100). The word search platform and the service platform such as the health management platform provided by the Detective _ Kangzhi electronic device (digital device touch). The storage module 210 of the official server 200 stores the basic data of the user and the authority data of the user in each of the service platforms (step 306). [The storage module 21 can be as shown in FIG. 4A. It is shown that the user's permission data is stored in the form of the permissionless table 400, but the manner in which the present invention stores the permission data is not limited thereto. Before using any of the above service platforms, the user will input the basic data of the above-mentioned users through the φ service platform to be used, assuming that the user uses the words on the brain of the execution money, and the thief is provided by the platform. After inputting the basic data of the user in the main book interface, the word search platform transmits the basic data of the user to the transmission module 220 of the management server 2, and receives the basic of the user in the transmission module 22 After the data, the registration module of the server 200 is managed, the group 280 f performs the registration process of the user, and the basic data of the user is stored in the storage module of the management server 2 to complete the registration of the user. In fact, when the user enters the user's basic capital 12 201015458 in the registration interface, in addition to inputting the name, age, address and other information, it is also necessary to input the money obtained when buying the money and paying attention to the money. The code (in this embodiment, the user identification data), after the transmission module 220 of the management ship receives the basic data of the user, the authority setting module on the management feeder 200 is set according to the authorization code. The user's permission data on the word search platform assumes that the user has taken care of the three functions of word search, instant translation and value-added service. Therefore, the setting module 19 will set the user to be in the word according to the art authorization code. The word search platform uses three services: word search, instant translation and value-added service. The setting module 19 can even set the user's use of the value-added service according to the authorization code as "2008/01/01~2008/12". /31". After the storage module 21 of the management server 200 stores the basic data of the user and the authority data of the user in each of the service platforms (step 306), the word search platform passes through the computer (digital device 1). 〇) transmitting the user identification data of the user to the management server 200 (step 322). Since the user identification data of the embodiment is an authorization code, the user is already in the registration interface when inputting the user's basic data. In the input, the word search platform can read the authorization code input by the user and directly transmit it to the management server 200. Of course, the word search platform can also provide the user login interface 'after the user inputs the authorization code. The authorization code input by the user is transmitted to the management server 200. After the word search platform transmits the user identification data to the management server 200 (step 322), the transmission module 220 of the management server 200 receives the user identification data transmitted by the word search platform, and the management server 13 The login module 240 of 201015458 200 will perform the process of logging in to the user according to the user identification data (step 330), thereby completing the user's login. The login module 240 generally compares the user basic data stored in the storage module 210 with the user identification data. When the two are the same, the login module 240 performs the login user process. Otherwise, The login failure message is transmitted to the word search platform through the delivery module 220. After the login module 240 logs in the user according to the user identification data (step 330), the authorization module 250 of the management server 200 reads out according to the usage identification data (in the present embodiment, the authorization code). The user's permission data in the word search platform (step 350), the read permission data records that the user can use the word search, instant translation, and value-added services, and the service period of the value-added service is " 2008/01/01~2008/12/31". After the permission module 250 reads the authority data of the user in the word search platform according to the user identification data (step 35G), the transmission module 220 of the management miner 2 will read out the authorization module 250. The permission data is transmitted to the computer executing the word search platform (step 36〇), and the word search platform receives the permission information transmitted by the transmission module 2 (10) through the computer, and provides the user according to the record on the permission data. Services such as word search, instant translation, and value-added services (step 370)' so that the user can operate the word search platform, that is, the word surface, (four) scales, and value-added services. In summary, it can be seen that the difference between the present invention and the prior art is that there is a license information of the user storage device on each service platform, and the server 201015458 manages the user according to the user identification code. The permission information on each service platform enables the service platform to provide the service corresponding to the permission data to the user operation, and the technical means can solve the problem that the prior art technology exists in the service management system of the service platform is not convenient to integrate management The problem 'further achieves the ability to provide users with the same user ID to log in to all service platforms. In addition, the service platform provided by the present invention can record the operation record of the user on the service platform when the user operates the service platform, for example, the time and number of times the service performed by the user is recorded, and the digital device is transmitted through the digital device. 1〇〇 Transfer operation is recorded to the transfer module 22〇 of the management server 2〇〇. It is assumed that in the above embodiment, the user's operation record has recorded that the user performed the word search service 100 times, and the time for executing the word search service for the first time is half a year ago, if the execution of the word search is defined in the authority amplification rule When the service is over 100 times and the word search service is used for more than three months, you can open the 大 子 4 查找 查找 查找 查找 查找 查找 管理 管理 管理 管理 管理 管理 管理 管理 管理 权限 权限 权限 权限 权限 权限 权限The standard defined by the privilege augmentation rule has been reached, so the public word query service using the Internet word search platform can be set as shown in the "4th figure". Although the embodiments of the present invention are as described above, the above description is not intended to limit the scope of the invention. Any form or detail of the implementation of the invention is intended to be within the spirit and scope of the invention, and is intended to be within the scope of the invention. Therefore, the scope of the invention is to be determined by the scope of the appended claims. 201015458 [Simple description of the drawing] Fig. 1 is a system architecture diagram of the rights management system for the centralized multi-service account mentioned in the present invention. The second is a schematic diagram of components of the management server proposed by the present invention. The third method is a flowchart of a method for managing a rights management method for a centralized multi-service account. • FIG. 4A is a schematic diagram showing the format of the permission data record in the embodiment of the present invention. • 4B is a schematic diagram of a permission data record format proposed by the embodiment of the present invention. [Main component symbol description] 100 digital device 200 management server 210 storage module 220 transmission module 240 login module 250 authorization module 280 registration module 291 authority setting module 292 authority modification module 400 permission setting table step 306 management The server stores the user basic data and the user's permission information on the service platform. Step 322: The spear platform transmits the user identification data to the management server 201015458. Step 330 Step 350 Step 360 Step 370 The device management server logs in according to the user identification data. The user management server reads the permission data management server transmission authority data on the service platform according to the user identification data to the service platform service platform, and provides the corresponding specific service to the user operation according to the rights and materials.