CN101729541A - Method and system for accessing resources of multi-service platform - Google Patents
Method and system for accessing resources of multi-service platform Download PDFInfo
- Publication number
- CN101729541A CN101729541A CN200910194193A CN200910194193A CN101729541A CN 101729541 A CN101729541 A CN 101729541A CN 200910194193 A CN200910194193 A CN 200910194193A CN 200910194193 A CN200910194193 A CN 200910194193A CN 101729541 A CN101729541 A CN 101729541A
- Authority
- CN
- China
- Prior art keywords
- user
- resource
- request
- information
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a method and system for accessing resources of a multi-service platform. The method comprises the following steps: a service server intercepts the access request of resources by the user, wherein the request comprises the levels of the resources and the resources coding information of which dependency relations are arranged uniformly; an authentication server identifies the identities of the user intensively and obtains the identification result; if the identification result shows that the user is legal user, the service server obtains the resources access and control information of the user according to the identity identification information of the legal user; and the service server judges whether the resources coding information in the resources access and control information of the user is match with the resources coding information contained in the request according to the levels of the resources and the dependency relations and executes the operation that the user accesses the corresponding resources after the matching is successfully completed. The technical scheme provided by the invention can effectively avoid the illegal access of the resources in the multi-service platform without influencing the experience of the user.
Description
Technical field
The present invention relates to communication technical field, particularly a kind of resource access method of multiple service platform and system.
Background technology
Multiple service platform is meant and can be managed concentratedly each data service by administrative staff, solves the professional variety of issue that brings of disperseing, simultaneously, and the visit that the user can concentrate data.Usually, the resource in the business platform being conducted interviews need implementation control.Described resource can comprise the visible various contents of user in the information system, as the page, page elements etc., and the corresponding operating that various contents are carried out, as clicking, check etc.Wherein, partial content and corresponding operation thereof provide to the user in function (or claiming authority) mode usually.The user is according to the content of different range in its access rights access system and obtain corresponding function of use, thereby helps the enforcement of multiple service platform security strategy.
Usually, all there is certain hierarchical structure in the resource in the multiple service platform, has subordinate relation between each layer resource, actual visible content of underlying resource representative of consumer and spendable function, and high-rise resource representative of consumer is obtained the path that underlying resource need pass through.
Though the existing resource access technique is that development is than mature technique, as all using this technology in operating system, Database Systems and the various application system.But when carrying out resource access under the multiple service platform environment, the existing resource access technique need carry out resource access control, two kinds of implementations of main at present employing, a kind of is that the visit of high-rise resource is controlled, for underlying resource, then need in layer to conduct interviews and obtain, to realize access control the whole system resource by the path that high-rise resource is formed; Another kind is to the underlying resource control that conducts interviews, and high-rise resource is visible to all users.The inventor finds that in realizing process of the present invention there is following at least technical problem in prior art:
Preceding a kind of mode is difficult to avoid malicious user by guessing the mode in path, realizes the unauthorized access to underlying resource; A kind of mode in back can not obtain the service experience of " What You See Is What You Get " to domestic consumer when exposing security information, the resource that exists the user as seen but not allow the user to operate.
Therefore, in the prior art level of two kinds of more extreme resource accesses divide comparatively simple, be not suitable for the resource notion extensively, management and use the multiple service platform system that lays equal stress on.
Summary of the invention
The embodiment of the invention provides a kind of resource access method and system of multiple service platform, to solve the unauthorized access that exists in the prior art, the technical problem that influences user experience.
For solving the problems of the technologies described above, embodiments of the invention provide a kind of resource access method of multiple service platform, and described multiple service platform includes service server and certificate server, and this method comprises:
The resource access request that service server interception user sends comprises the level by resource, the resource code information that subordinate relation is unified layout in this request;
Certificate server is concentrated user's identity is discerned, and obtains recognition result;
If described recognition result is a validated user for the user, then service server obtains this user's resource access control information according to the identity identification information of this validated user;
Service server judges according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates, and in the operation of the match is successful the back carries out user capture respective resources.
Wherein, certificate server is concentrated user's identity is discerned, and the acquisition recognition result comprises:
Certificate server obtains the billing information that is associated with user identity in the described resource access request;
Certificate server mates the user identification information may that described billing information and this server obtain from database, if the match is successful, then described user is a validated user, otherwise is the disabled user.
Wherein, the certificate server step of obtaining the billing information that is associated with user identity in the described resource access request comprises:
Whether comprise the billing information that is associated with user identity in the described service server judging resource access request;
If judged result is then obtained billing information in this request by certificate server for comprising described billing information in the request from described service server;
If judged result is not for comprising described billing information in the request, then after certificate server receives the information that described user successfully logins, produce billing information at random and this billing information added to by certificate server and send to service server in the resource access request, from described service server, obtain billing information in this request by certificate server again.
Wherein, the described resource code information Action number that comprises resource number and resource is operated;
Described service server is judged according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates and is comprised:
Service server is searched resource number and the Action number that whether comprises in the described resource access control information in the described request, if lookup result is for comprising described resource number and Action number, then judged result is that the match is successful, otherwise, be judged as and do not match.
Wherein, the resource code information in the described request only comprises resource number;
Described service server is judged according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates and is comprised:
Search the resource number that whether comprises in the described resource access control information in the described request, if lookup result is for comprising described resource number, then judged result is incorrect for this request form, do not match, otherwise, the son numbering that whether comprises the resource number in the described request in the described resource access control information further searched, if lookup result is for comprising described son numbering, then judged result is that the match is successful, otherwise judged result is not for matching.
Wherein, at the identity identification information of service server according to this validated user, the step of obtaining this user's resource access control information also comprises afterwards:
Service server is preserved this user's resource access control information, so that in that this user is follow-up when carrying out resource access, can directly utilize the described resource access control information control that conducts interviews.
Correspondingly, the present invention also provides a kind of resource access treatment system of multiple service platform, and it includes: service server, certificate server and database; Wherein
Database is used for each user's of centralized stores identity identification information;
Certificate server is used to visit described database, concentrates user's identity is discerned, and obtains recognition result, and with described recognition result informing business server;
Service server is used to tackle the resource access request that each service-user sends, comprise by resource hierarchy in this request, subordinate relation is unified the resource code information of layout, and the notification authentication server is discerned user identity, if the recognition result of certificate server is a validated user for the user, then according to the identity identification information of this validated user, obtain this user's resource access control information, judge according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates then, and in the operation of the match is successful the back carries out described user capture respective resources.
Wherein, described service server can comprise:
The access request blocker is used to tackle the resource access request that each service-user sends, and comprises the resource code information of unifying layout by resource hierarchy, subordinate relation in this request;
The access control processor, being used for the notification authentication server discerns user identity, if the recognition result of certificate server is a validated user for the user, then according to the identity identification information of this validated user, obtain this user's resource access control information, judge according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates then, and in the operation of the match is successful the back carries out described user capture respective resources.
The prior art of comparing, the technical scheme that the embodiment of the invention provides has following beneficial effect:
Multiple service platform resource access control method provided by the invention and system, can be based on centralized authentication service, make user's (as browser end, cell-phone customer terminal) in various sources to enter in the platform by same inlet, and have unified identify label, for multi-service integration provides support.The centralized authentication service business that makes itself need not considered the logic relevant with access control simultaneously, and user-dependent like this security information just can be deposited separately, and Operational Visit can not be passed through in these information outsides;
In addition, make hierarchical relationship, subordinate relation between the resource be easy to identification, obtain and judge by the level of resource, the resource code information that subordinate relation is unified layout, the system that makes just can realize access control to high-rise resource according to the visit information of underlying resource;
Once more, by interception mode towards request, feasible any visit to resource can both be verified and control, prevented to guess the appearance of path situation, when effectively avoiding unauthorized access, do not influence user experience, and be suitable for the resource notion extensively, management and use the information system such as the mobile value-added service platform of laying equal stress on.
Description of drawings
Fig. 1 is the flow chart of the resource access method of multiple service platform among the present invention;
Fig. 2 is the composition frame chart of the resource access treatment system of multiple service platform in the embodiment of the invention;
Fig. 3 is a resource access process chart in the embodiment of the invention one;
Fig. 4 is a resource access process chart in the embodiment of the invention two.
Embodiment
Referring to Fig. 1, Fig. 1 is the flow chart of the resource access method of multiple service platform among the present invention, and described multiple service platform includes service server and certificate server, and this method can may further comprise the steps:
The resource access request that step 101, service server interception user send, comprise resource code information in this request, as, this resource code information comprises the resource number of user's request resource, has perhaps not only comprised resource number, but also has comprised the Action number that request resource is operated.In the practical application, can also comprise the billing information relevant in the described request with subscriber identity information.
The access request of step 104, refusing user's.
With reference to figure 2, this figure is the resource access treatment system of corresponding above-mentioned resource access method in the multiple service platform of the present invention, and is concrete, and the resource access treatment system of multiple service platform can comprise in the present embodiment: service server 1, certificate server 2 and database 3; Wherein
Service server 1 is mainly used in the resource access request that each service-user of interception sends, comprise by resource hierarchy in this request, subordinate relation is unified the resource code information of layout, and 2 pairs of user identity of notification authentication server are discerned, if the recognition result of certificate server 2 is a validated user for the user, then according to the identity identification information of this validated user, obtain this user's resource access control information, judge according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates then, and in the operation of the match is successful the back carries out described user capture respective resources, during specific implementation, as a specific embodiment, described service server 1 can comprise: the access request blocker, be used to tackle the resource access request that each service-user sends, comprise by resource hierarchy in this request, subordinate relation is unified the resource code information of layout;
The access control processor, being used for the notification authentication server discerns user identity, if the recognition result of certificate server is a validated user for the user, then according to the identity identification information of this validated user, obtain this user's resource access control information, judge according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates then, and in the operation of the match is successful the back carries out described user capture respective resources.Because on service layer, service server 1 is accessing database 3 directly, make and professional itself need not consider the logic relevant, thereby when realization is verified user identity and access rights, effectively guarantee safety of data in the database with access control.
Referring to Fig. 3, Fig. 3 is a resource access process chart in the embodiment of the invention one, and this flow process can may further comprise the steps:
In the present embodiment, do not comprise the user identity billing information in the request, the concrete processing for comprising the situation of user identity billing information in the request sees specifying of subsequent embodiment two for details.
After step 203, certificate server are received log-on message, obtain user identification information may from database.
The resource access control information that step 210, service server storage are received is done coupling with resource access control information and resource code information, if the match is successful, then allows this resource of user capture, carries out the operation of access resources, otherwise, execution in step 211.
In the specific implementation of the present invention, the resource access control information specifically can be Access Control List (ACL) (ACL, Access Control List), the list items of this tabulation Action number that can carry out by a plurality of resource numbers that comprise user-accessible and to this resource is formed.The resource access control information is that the user uses in the process of business platform and produces, and as in the value-added service platform that has, when the user registers certain data service, must determine that it wants the business tine of obtaining by customization.Each user is no matter which kind of platform of use used in the time of all must producing the resource access control information for access control by similar mode.Service server is preserved it after certificate server obtains this tabulation first, and the access control at this user after making does not need access registrar server once more, to quicken the proof procedure of access control.
Need to prove, carry out above-mentioned compare operation, in the specific implementation of the present invention, adopt the resource code information and the resource access control information of identical coded format for making things convenient for service server.For example, content of consumption and management functions all in the multiple service platform system are all encoded according to a kind of tree structure, the basic skills of this number form structured coding is that the numeral of employing one location number is come the resource in the expression system, resource in the system is distributed the not field of isotopic number according to level distribution big-endian, like this for the resource of a certain level, can know its parent resource numbering by high order field, reach the purpose of access path information stores in this resource that will arrive this resource.
In addition, the resource number in resource number in the resource access request and the resource access control information is not only handled according to correspondence one by one, also considers that their set membership (or being called subordinate relation) handles simultaneously.Be specially, whether when comprising resource number and Action number in the request, looking into ACL has the list items that comprises this resource number and Action number, visit if any then allowing, otherwise denied access; Whether when only comprising resource number in the request, looking into ACL has the resource number of list items corresponding with it, and if any representing that then this request form is incorrect, coupling is unsuccessful, does not allow visit; Whether resource number is arranged in the ACL table is the list items of the son numbering of resource number in the request otherwise further search, and if any representing that then requested resource is the path that this child resource must pass through among the visit ACL, agrees this access request, otherwise denied access.In this way, as long as according to coding rule,, carry out effective access control to being in the high-rise resource on the access path and the underlying resource of expression actual content and function point no matter be that content of consumption or management function can both be according to tree structures.
Referring to Fig. 4, Fig. 4 is a resource access process chart in the embodiment of the invention two, and this flow process can may further comprise the steps:
Step 301, service server are received the request of the customer requirements access resources that client sends, and comprise resource code information in this request.
Step 302, service server judging self store user's billing information, by coded communication billing information are sent to certificate server.
Step 303, certificate server obtain user identification information may from database, and user identification information may that gets access to and the billing information of receiving are done coupling, if the match is successful, and execution in step 304; Otherwise, execution in step 306.
Step 304, service server continue this request of interception according to the result that the match is successful.
Step 305, service server judging self store this user's resource access control information, then resource access control information and resource code information are compared, if both unanimities, then allow this resource of user capture, carry out the operation of access resources, otherwise, execution in step 306.
The request of step 306, service server refusing user's.
To sum up, the resource access method of multiple service platform provided by the invention and system, based on centralized authentication service, make user's (as browser end, cell-phone customer terminal) in various sources to enter in the platform by same inlet, and have unified identify label, for multi-service integration provides support.The centralized authentication service business that makes itself need not considered the logic relevant with access control simultaneously, and user-dependent like this security information just can be deposited separately, and Operational Visit can not be passed through in these information outsides; Adopt the resource Unified coding to make hierarchical relationship, subordinate relation between the resource be easy to identification, obtain and judge, the system that makes just can realize access control to high-rise resource according to the visit information of underlying resource; By the interception mode towards request, feasible any visit to resource can both be verified and control, and has prevented the above-mentioned appearance of guessing the path situation.
The above only is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (8)
1. the resource access method of a multiple service platform, described multiple service platform includes service server and certificate server, it is characterized in that, and described method comprises:
The resource access request that service server interception user sends comprises the level by resource, the resource code information that subordinate relation is unified layout in this request;
Certificate server is concentrated user's identity is discerned, and obtains recognition result;
If described recognition result is a validated user for the user, then service server obtains this user's resource access control information according to the identity identification information of this validated user;
Service server judges according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates, and in the operation of the match is successful the back carries out user capture respective resources.
2. method according to claim 1 is characterized in that, certificate server is concentrated user's identity is discerned, and the acquisition recognition result comprises:
Certificate server obtains the billing information that is associated with user identity in the described resource access request;
Certificate server mates the user identification information may that described billing information and this server obtain from database, if the match is successful, then described user is a validated user, otherwise is the disabled user.
3. method according to claim 2 is characterized in that, the step that certificate server obtains the billing information that is associated with user identity in the described resource access request comprises:
Whether comprise the billing information that is associated with user identity in the described service server judging resource access request;
If judged result is then obtained billing information in this request by certificate server for comprising described billing information in the request from described service server;
If judged result is not for comprising described billing information in the request, then after certificate server receives the information that described user successfully logins, produce billing information at random and this billing information added to by certificate server and send to service server in the resource access request, from described service server, obtain billing information in this request by certificate server again.
4. method according to claim 1 is characterized in that, the Action number that described resource code information comprises resource number and resource is operated;
Described service server is judged according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates and is comprised:
Service server is searched resource number and the Action number that whether comprises in the described resource access control information in the described request, if lookup result is for comprising described resource number and Action number, then judged result is that the match is successful, otherwise, be judged as and do not match.
5. method according to claim 1 is characterized in that, the resource code information in the described request only comprises resource number;
Described service server is judged according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates and is comprised:
Search the resource number that whether comprises in the described resource access control information in the described request, if lookup result is for comprising described resource number, then judged result is incorrect for this request form, do not match, otherwise, the son numbering that whether comprises the resource number in the described request in the described resource access control information further searched, if lookup result is for comprising described son numbering, then judged result is that the match is successful, otherwise judged result is not for matching.
6. method according to claim 1 is characterized in that, at the identity identification information of service server according to this validated user, the step of obtaining this user's resource access control information also comprises afterwards:
Service server is preserved this user's resource access control information, so that in that this user is follow-up when carrying out resource access, can directly utilize the described resource access control information control that conducts interviews.
7. the resource access treatment system of a multiple service platform is characterized in that, comprising: service server, certificate server and database; Wherein
Database is used for each user's of centralized stores identity identification information;
Certificate server is used to visit described database, concentrates user's identity is discerned, and obtains recognition result, and with described recognition result informing business server;
Service server is used to tackle the resource access request that each service-user sends, comprise by resource hierarchy in this request, subordinate relation is unified the resource code information of layout, and the notification authentication server is discerned user identity, if the recognition result of certificate server is a validated user for the user, then according to the identity identification information of this validated user, obtain this user's resource access control information, judge according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates then, and in the operation of the match is successful the back carries out described user capture respective resources.
8. according to the system of claim 7, it is characterized in that described service server comprises:
The access request blocker is used to tackle the resource access request that each service-user sends, and comprises the resource code information of unifying layout by resource hierarchy, subordinate relation in this request;
The access control processor, being used for the notification authentication server discerns user identity, if the recognition result of certificate server is a validated user for the user, then according to the identity identification information of this validated user, obtain this user's resource access control information, judge according to resource hierarchy and subordinate relation whether the resource code information that comprises in resource code information in this user's the resource access control information and the described request mates then, and in the operation of the match is successful the back carries out described user capture respective resources.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910194193.8A CN101729541B (en) | 2009-11-26 | 2009-11-26 | Method and system for accessing resources of multi-service platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910194193.8A CN101729541B (en) | 2009-11-26 | 2009-11-26 | Method and system for accessing resources of multi-service platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101729541A true CN101729541A (en) | 2010-06-09 |
| CN101729541B CN101729541B (en) | 2014-08-13 |
Family
ID=42449747
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910194193.8A Expired - Fee Related CN101729541B (en) | 2009-11-26 | 2009-11-26 | Method and system for accessing resources of multi-service platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101729541B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102457507A (en) * | 2010-10-29 | 2012-05-16 | 中兴通讯股份有限公司 | Secure sharing method, device and system for cloud computing resources |
| CN102571380A (en) * | 2010-12-16 | 2012-07-11 | 北京博阳世通信息技术有限公司 | Multi-instance GIS platform unified user management method and system |
| CN103795690A (en) * | 2012-10-31 | 2014-05-14 | 华为技术有限公司 | Cloud access control method, proxy server, and cloud access control system |
| CN104361051A (en) * | 2014-10-29 | 2015-02-18 | 中国联合网络通信集团有限公司 | Detection method and device for webpage service quality |
| CN107749875A (en) * | 2017-10-11 | 2018-03-02 | 四川省电科互联网加产业技术研究院有限公司 | A kind of big data artificial intelligence analysis system |
| CN109274650A (en) * | 2018-08-30 | 2019-01-25 | 山东浪潮通软信息科技有限公司 | A kind of management system and method that electron image is had access to |
| CN109617895A (en) * | 2018-12-27 | 2019-04-12 | 东莞见达信息技术有限公司 | Access safety control method and system |
| CN111953634A (en) * | 2019-05-15 | 2020-11-17 | 北京奇安信科技有限公司 | Access control method and device for terminal equipment, computer equipment and storage medium |
| CN112769834A (en) * | 2016-08-30 | 2021-05-07 | 创新先进技术有限公司 | Identity verification system, method and platform |
| CN112769670A (en) * | 2021-01-20 | 2021-05-07 | 清华大学 | VPN data security access control method and system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101170409B (en) * | 2006-10-24 | 2010-11-03 | 华为技术有限公司 | Method, system, service device and certification server for realizing device access control |
| CN100591015C (en) * | 2008-03-11 | 2010-02-17 | 南京邮电大学 | Dynamic accesses control method based on trust model |
-
2009
- 2009-11-26 CN CN200910194193.8A patent/CN101729541B/en not_active Expired - Fee Related
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102457507B (en) * | 2010-10-29 | 2016-06-08 | 中兴通讯股份有限公司 | Cloud computing resources secure sharing method, Apparatus and system |
| CN102457507A (en) * | 2010-10-29 | 2012-05-16 | 中兴通讯股份有限公司 | Secure sharing method, device and system for cloud computing resources |
| CN102571380A (en) * | 2010-12-16 | 2012-07-11 | 北京博阳世通信息技术有限公司 | Multi-instance GIS platform unified user management method and system |
| CN103795690A (en) * | 2012-10-31 | 2014-05-14 | 华为技术有限公司 | Cloud access control method, proxy server, and cloud access control system |
| CN104361051A (en) * | 2014-10-29 | 2015-02-18 | 中国联合网络通信集团有限公司 | Detection method and device for webpage service quality |
| CN112769834B (en) * | 2016-08-30 | 2023-09-26 | 创新先进技术有限公司 | Identity verification system, method and platform |
| CN112769834A (en) * | 2016-08-30 | 2021-05-07 | 创新先进技术有限公司 | Identity verification system, method and platform |
| CN107749875A (en) * | 2017-10-11 | 2018-03-02 | 四川省电科互联网加产业技术研究院有限公司 | A kind of big data artificial intelligence analysis system |
| CN107749875B (en) * | 2017-10-11 | 2021-01-08 | 成都星时代宇航科技有限公司 | Big data artificial intelligence analytic system |
| CN109274650A (en) * | 2018-08-30 | 2019-01-25 | 山东浪潮通软信息科技有限公司 | A kind of management system and method that electron image is had access to |
| CN109274650B (en) * | 2018-08-30 | 2020-12-08 | 浪潮通用软件有限公司 | Electronic image retrieval management system and method |
| CN109617895A (en) * | 2018-12-27 | 2019-04-12 | 东莞见达信息技术有限公司 | Access safety control method and system |
| CN111953634A (en) * | 2019-05-15 | 2020-11-17 | 北京奇安信科技有限公司 | Access control method and device for terminal equipment, computer equipment and storage medium |
| CN111953634B (en) * | 2019-05-15 | 2023-02-17 | 奇安信科技集团股份有限公司 | Access control method and device for terminal equipment, computer equipment and storage medium |
| CN112769670B (en) * | 2021-01-20 | 2021-11-23 | 清华大学 | VPN data security access control method and system |
| CN112769670A (en) * | 2021-01-20 | 2021-05-07 | 清华大学 | VPN data security access control method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101729541B (en) | 2014-08-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101729541B (en) | Method and system for accessing resources of multi-service platform | |
| CN112615849B (en) | Micro-service access method, device, equipment and storage medium | |
| US10055561B2 (en) | Identity risk score generation and implementation | |
| US9047462B2 (en) | Computer account management system and realizing method thereof | |
| CN111488595B (en) | Method for realizing authority control and related equipment | |
| CN102638454B (en) | Plug-in type SSO (single signon) integration method oriented to HTTP (hypertext transfer protocol) identity authentication protocol | |
| EP1953950B1 (en) | A method for protecting network service application account, the system, and the apparatus thereof | |
| CN103581105B (en) | Login validation method and login authentication system | |
| CN101127606B (en) | Method and device for transmitting data object | |
| CN101626369B (en) | Method, device and system for single sign-on | |
| US9047643B2 (en) | Method of extending web service application programming interfaces using query languages | |
| US20140041002A1 (en) | Secure Access Method, Apparatus And System For Cloud Computing | |
| CN103944890A (en) | Virtual interaction system and method based on client/server mode | |
| EP2212821A1 (en) | Methods and systems for user authorization | |
| US9888041B2 (en) | Virtual communication endpoint services | |
| CN108259502A (en) | For obtaining the identification method of interface access rights, server-side and storage medium | |
| CN103188249A (en) | Concentration permission management system, authorization method and authentication method thereof | |
| CN105022939B (en) | Information Authentication method and device | |
| CN109817347A (en) | Inline diagnosis platform, its right management method and Rights Management System | |
| CN107438054A (en) | The method and system of menu information control are realized based on public platform | |
| CN103577180A (en) | Data processing method and data processing device | |
| CN101325493B (en) | Method and system for authenticating a user | |
| WO2009066858A1 (en) | Personal information management apparatus and personal information management method | |
| CN106209746B (en) | Security service providing method and server | |
| KR20070076342A (en) | User Group Role / Permission Management System and Access Control Methods in a Grid Environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: ZHEJIANG YUTIAN TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: ZHEJIANG YUTIAN TECHNOLOGY CO., LTD. XIA YANG |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20110517 Address after: 510600 8D building, two middle road, Zhongshan, Guangdong, Guangzhou Applicant after: Guangdong Yutian Technology Co., Ltd. Co-applicant after: Zhejiang Yutian Technology Co., Ltd. Address before: 510600 8D building, two middle road, Zhongshan, Guangdong, Guangzhou Applicant before: Guangdong Yutian Technology Co., Ltd. Co-applicant before: Zhejiang Yutian Technology Co., Ltd. Co-applicant before: Xia Yang |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140813 Termination date: 20191126 |