CN101854251A - Authorization management system and method thereof - Google Patents
Authorization management system and method thereof Download PDFInfo
- Publication number
- CN101854251A CN101854251A CN200910131163A CN200910131163A CN101854251A CN 101854251 A CN101854251 A CN 101854251A CN 200910131163 A CN200910131163 A CN 200910131163A CN 200910131163 A CN200910131163 A CN 200910131163A CN 101854251 A CN101854251 A CN 101854251A
- Authority
- CN
- China
- Prior art keywords
- information
- authorization
- service end
- client
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses an authorization management system and a method thereof. Logon time and identification information are recorded through an authorization data sheet to learn the current authorization state which is used as authorized judgment basis when the authorization amount exceeds, thus achieving the technical efficacy of improving authorization use ratio.
Description
Technical field
The present invention relates to a kind of authentication management system and method thereof, be meant a kind of authentication management system and method thereof that can reclaim mandate especially.
Background technology
In recent years, flourish along with the network technology, many enterprises all build puts enterprise network and makes the enterprises computer can carry out line each other, to enhance administrative efficiency and to reduce the cost of message transmission, for instance, both can save money on postage by the E-mail conveyance official document, can significantly reduce the time cost that official document transmits again.
Because the high popularity rate of enterprise network, each tame manufacturer just releases the various services that are applied to enterprise network, for example: network official document system, network virus prevention system and network translation system ... Deng.The characteristic of these services is that the service that will be provided is installed on a certain computer in the enterprise network as service end, and allow other computer (being so-called client) via network connectivity to this service end to use this service, for instance, suppose network translation system is installed on service end, client can link to this service end by browser and carries out the network translation so, that is to say that client must not installed translation software can use translation service.
But; for fear of this service of unconfined use; usually can increase licensing scheme; be used to limit the usage quantity of client, for instance, suppose that authorized quantity is 50 people; its service end will write down the identifying information of 50 different clients; providing service so that judge whether to allow client to carry out line according to this identifying information, in other words, is that these 50 clients are authorized.Yet when client wherein exceeds service life and causes when eliminating, service end can't learn that client has been eliminated, and authorizes recycling, and the situation that causes superseded client always to take the authorized quantity of service end thus produces.
In sum, prior art has existed since the midium or long term always and can't reclaim the problem of mandate as can be known, is necessary to propose improved technological means therefore in fact, solves this problem.
Summary of the invention
Because the problem that prior art exists, the present invention provides a kind of authentication management system and method thereof then.
Authentication management system provided by the present invention is applied to comprise in the network environment of client/service end: client and service end.Wherein, client transmits authorization requests information by network, and this authorization requests information comprises identifying information; Service end then comprises: time logging modle, authority record module, reminding module and removing module.Wherein, the time logging modle is used to receive authorization requests information, and the time of reception of authorization requests information is recorded as the time of logining; The authority record module is used for the identifying information of authorization requests information and the time of logining are recorded in the authorization data table, and authorized client and service end binding; Reminding module is used for obtaining according to the authorization data table quantity of logining of client, and when logining quantity and exceed authorized quantity, produces and also transmit information to client; Removing module, when information produced, the deletion time of logining exceeded the identifying information of time range in the authorization data table.
As for authorization management method of the present invention, be applied to have in the network environment of client and service end, its step comprises: client transmits authorization requests information by network, and authorization requests information comprises identifying information; Service end receives authorization requests information, and the time of reception of authorization requests information is recorded as the time of logining; Service end is recorded in the authorization data table with the identifying information of authorization requests information and the time of logining, and authorized client and service end binding; Service end obtains the quantity of logining of client according to the authorization data table, and when logining quantity and exceed authorized quantity, produces and also transmit information to client; When information produced, service end was deleted the identifying information that the time of logining exceeds time range in the authorization data table.
System and method for provided by the present invention as above, and the difference between the prior art is that the present invention logins time and identifying information by the authorization data table record, be used to learn present licensing status, and the basis for estimation of when exceeding authorized quantity, authorizing as recovery.
By above-mentioned technological means, the present invention can reach and improve the technology effect of authorizing utilance.
Description of drawings
Fig. 1 is the block diagram of authentication management system of the present invention;
Fig. 2 is the flow chart of authorization management method of the present invention;
Fig. 3 is for using the schematic diagram that the present invention carries out vocabulary inquiry;
Fig. 4 is for using the schematic diagram that the present invention browsed and edited the authorization data table;
Fig. 5 is for using the schematic diagram that the present invention authorizes setting.
Embodiment
Below describe conjunction with figs. and embodiment in detail embodiments of the present invention, whereby to the present invention how the application technology means implementation procedure that solves technical problem and reach the technology effect can fully understand and implement according to this.
Before explanation authentication management system provided by the present invention and method thereof, earlier description below made in the noun that framework of the present invention and institute are defined voluntarily, at first in the part of framework, system of the present invention comprises: client and service end, described client is the electronic installation with network communications capability, as: mobile phone, personal digital assistant, PC ... Deng; Described service end be can with the client line, and provide the electronic installation of service, as server.In addition, client and service end are applied in the network environment of client/service end, and its network environment can be wired or wireless world-wide web or Local Area Network.
And in the noun of definition voluntarily, the identifying information of the authorization data table record client of being mentioned among the present invention and login the time, for instance, the identifying information of supposing client is medium access control address " 00-11-22-33-44-55 ", and its time of logining is 22: 33: 44 on the 11st November in 2008, and then the authority record table will be recorded as " 00-11-22-33-44-55 " and reach " 20081111223344 " as an authorization data.Be noted that especially this authorization data table recorded data can set in advance in service end, also can be when client to be logined, service end is received identifying information, and the time of logining of this client is recorded in the authorization data table.
Following conjunction with figs. is further described authentication management system of the present invention and method thereof, see also Fig. 1, Fig. 1 is the block diagram of authentication management system of the present invention, comprise: client 110, service end 120 and network 130, and service end 120 comprises: time logging modle 121, authority record module 122, reminding module 123 and removing module 124, in addition, service end 120 more can comprise borrowing in advance module 125.Wherein, client 110 transmits authorization requests information by network 130, this authorization requests information comprises identifying information, described identifying information be can identify customer end 110 data, as: " the computer title ", " network address (IP address) ", " hardware serial number ", " the computer title and the network address ", " computer title and hardware serial number ", " network address and hardware serial number " or " computer title, the network address and hardware serial number ".On reality is implemented, authorization requests information can be data such as the account number that is used to login service end 120 and password, and the identifying information that comprises identify customer end 110, as: " computer title ", " network address (IP address) ", " hardware serial number ", " the computer title and the network address ", " computer title and hardware serial number ", " network address and hardware serial number " or " computer title; the network address and hardware serial number " etc. have the data of recognition reaction, wherein, described hardware serial number can be: medium access control address (MAC address), central processing unit sequence number or hard disk sequence number ... Deng numerical value with uniqueness.
In the part of service end 120, the front is mentioned, and service end 120 comprises: time logging modle 121, authority record module 122, reminding module 123 and removing module 124.Wherein, time logging modle 121 is used to receive the authorization requests information that client 110 is transmitted, and with the time of reception of authorization requests information (for example: 22: 33: 44 on the 11st November in 2008) be recorded as the time of logining, as " 20081111223344 ".Because logining the detailed process of service end 120 is prior art, so seldom give unnecessary details at this.Be noted that especially the present invention does not limit the record format of the time of logining, that is to say any neither disengaging of record format spiritual place of the present invention that is used for writing time.
Removing module 124, when information produces, the deletion time of logining exceeds the identifying information of time range in the authorization data table, described time range is the parameter value that sets in advance in service end 120, for instance, suppose that the time range that desire is set is 30 days, then can be set at numerical value " 30 ", with this example, if the time is 22: 33: 44 on the 11st November in 2008 at present, when information produces, will in the authorization data table, delete the identifying information that the time of logining exceeds the scope on December 11,22: 33: 44 22: 33 44 seconds to 2008 on the 11st November in 2008.
In addition, service end 120 more can comprise borrowing in advance module 125, be used for when logining quantity and exceed authorized quantity, adjust authorized quantity in during borrowing in advance to avoid producing information, also the parameter value that sets in advance in service end 120 during the described borrowing in advance, for instance, when default parameter value is made as " 10 ", representative allowed to adjust authorized quantity to avoid producing information in ten days, on reality is implemented, the mode of its adjustment can be the numerical value that increases authorized quantity, above example, when the logining quantity and exceed default authorized quantity of reminding module 123 client that obtains 110, borrowing in advance module 125 can increase authorized quantity (for example: with the numerical value of authorized quantity by " 50 " increase to " 70 "), and amended authorized quantity was kept ten days, (for example: numerical value " 50 ") again authorized quantity was reverted to former numerical value later up to ten days.
As shown in Figure 2, Fig. 2 is the flow chart of authorization management method of the present invention, comprises the following step: client 110 transmits authorization requests information by network 130, and this authorization requests information comprises identifying information (step 201); Service end 120 receives authorization requests information, and the time of reception of authorization requests information is recorded as the time of logining (step 202); Service end 120 is recorded in the authorization data table with the identifying information of authorization requests information and the time of logining, and authorized client 110 links (step 203) with service end 120; Service end 120 obtains the quantity of logining of client 110 according to the authorization data table, and when logining quantity and exceed authorized quantity, produces and also transmit information to client 110 (step 204); When information produced, service end 120 was deleted the identifying information (step 205) that the time of logining exceeds time range in the authorization data table.In addition, in step 204, when logining quantity and exceed authorized quantity, more can be during borrowing in advance in the adjustment authorized quantity to avoid producing information (step 2041).Via above steps, can be used to learn present licensing status by the time of logining and the identifying information of authorization data table record client 110, and the basis for estimation of when exceeding authorized quantity, authorizing as recovery, be used for improving the mandate utilance.
Below cooperate Fig. 3 to Fig. 5 to carry out following explanation in the mode of embodiment, please consult Fig. 3 earlier, Fig. 3 comprises for using the schematic diagram that the present invention carries out vocabulary inquiry: vocabulary inquiry form 300, licensing status viewing area 310, vocabulary input area 320, content display region 330, inquiry element 340 and removing element 350.Be noted that especially the present invention does not limit component type and the quantity that vocabulary inquiry form 300 is comprised with this, and authentication management system of the present invention also limits and be applied in the network translation, below carry out only for convenience of description usefulness of vocabulary inquiry.
At first, when the user desires when client 110 is used the network translation of using authentication management system of the present invention, can when opening, vocabulary inquiry form 300 transmit the authorization requests information of the identifying information (for example: the medium access control address is " 00-11-22-33-44-55 ") that comprises client 110 to service end 120 by network 130.
Then, the time logging modle 121 of service end 120 receives the authorization requests information that client 110 is transmitted by network 130, and the time that will receive this authorization requests information is recorded as the time of logining, for instance, suppose that time of reception is 22: 33: 44 on the 11st November in 2008, so the time of logining of record is " 20081111223344 ".Next, authority record module 122 is recorded in the authorization data table with identifying information that comprises in the authorization requests information and the time of logining, at this moment, the authorization data table promptly has data (comprise identifying information and login the time), and authorizes the client 110 with the identifying information that is write down in the authorization data table to be connected with service end 120.
Then, reminding module 123 is according to the quantity of logining of the total incompatible acquisition client 110 of the identifying information in the authorization data table, owing to only have data in the authorization data table at present, so the quantity of logining of the client that obtains 110 is numerical value " 1 ", and do not surpass default authorized quantity (supposing that numerical value is " 50 ") because of logining quantity, so do not produce information, removing module 124 is not also done any processing.
So far, after client 110 successes link with service end 120, and can in licensing status viewing area 310, show licensing status (for example: the mode with literal shows " authorizing "), the user can import the vocabulary of desire inquiry in vocabulary input area 320 after, by clicking the vocabulary inquiry that inquiry element 340 carries out the network translation, the result of inquiry promptly is presented in the content display region 330, or clicking removing element 350 removes the content of vocabulary input area 320 and content display region 330, inquires about once more so that import another vocabulary.Because vocabulary inquiry is the prior art of network translation system, so seldom give unnecessary details at this.
Yet, along with the client of logining 110 increases gradually, the identifying information that the authorization data table is write down also increases thereupon, when the logining quantity and exceed default authorized quantity of reminding module 123 client that obtains 110, will produce and transmit the information (not shown) to client 110.At this moment, removing module 124 is deleted the identifying information that the time of logining exceeds default time range in the authorization data table.If do not have the identifying information that exceeds default time range in the authorization data table, more can during default borrowing in advance, adjust authorized quantity to avoid producing information in (for example: be numerical value " 10 " during the borrowing in advance) by borrowing in advance module 125, with this example, the adjustment that borrowing in advance module 125 can increase authorized quantity (for example: with authorized quantity by " 50 " increase to " 70 "), and adjusted authorized quantity is kept ten days (promptly being numerical value " 10 " during the borrowing in advance), after expiration in ten days, recover former authorized quantity again.
As shown in Figure 4, Fig. 4 is for using the schematic diagram that the present invention browsed and edited the authorization data table.The front is mentioned, authorization data table in the service end 120 can set in advance, its set-up mode can be undertaken by licensing status form 400, be written into element 410 and the authorization data table is loaded into authorizes editing area 420 to show or edit via clicking, the content of the authorization data table of its demonstration (for example: " 00-11-22-33-44-55 ") and login the time (for example: " 20081111223344 ") comprises identifying information, the user can directly edit the authorization data table in authorizing editing area 420, be used to increase newly, revise or the deletion identifying information, in addition, also can carry out sequencing display according to the time of logining to identifying information by the ordering element, as: the sortord of increasing or decreasing, and behind editor, can click and determine that element 440 stores, or click cancellation element 450 cancellation editors.
As shown in Figure 5, Fig. 5 is for using the schematic diagram that the present invention authorizes setting.The front is also mentioned, authorized quantity, all can be the parameter value that sets in advance during time range and the borrowing in advance, on reality is implemented, can set by empowerment management form 500 in service end 120, for instance, can pass through authorized quantity setting member 510 respectively, setting member 540 is set authorized quantity during time range setting member 530 and the borrowing in advance, parameter value during time range and the borrowing in advance, in addition, the information that reminding module 123 is produced more can generate according to information setting member 520, for instance, input characters is " authorizing full " in information setting member 520, when reminding module 123 produces information, its content will comprise literal and " authorize full " so.
In sum, difference between the present invention and the prior art is to login time and identifying information by the authorization data table record as can be known, be used to learn present licensing status, and the basis for estimation of when exceeding authorized quantity, authorizing as recovery, can realize reclaiming mandate by this technological means, solve the existing in prior technology problem, and then reach the technology effect that improves the mandate utilance.
Though the present invention with aforesaid embodiment openly as above; so it is not to be used to limit the present invention; those skilled in the art without departing from the spirit and scope of the present invention; when can doing a little change and retouching, therefore scope of patent protection of the present invention must be looked this specification appending claims and defined and be as the criterion.
Claims (10)
1. authentication management system is applied to it is characterized in that in the network environment of client/service end that this system comprises:
At least one client, this client transmits an authorization requests information by network, and this authorization requests information comprises an identifying information; And
One service end, this service end comprises:
For the moment the interocclusal record module is used to receive this authorization requests information, and the time of reception of this authorization requests information is recorded as one logins the time;
One authority record module is used for this identifying information and this time of logining of this authorization requests information are recorded in an authorization data table, and authorizes this client and this service end to link;
One reminding module is used for obtaining according to this authorization data table the quantity of logining of this client, and when this is logined quantity and exceeds an authorized quantity, produces and transmit an information to those clients; And
One removing module when this information produces, is deleted this identifying information that this time of logining exceeds a time scope certainly in this authorization data table.
2. authentication management system as claimed in claim 1 is characterized in that, this system more comprises a borrowing in advance module, be used for when this is logined quantity and exceeds this authorized quantity, during a borrowing in advance in this authorized quantity of adjustment to avoid producing this information.
3. authentication management system as claimed in claim 1 is characterized in that, when this is logined quantity and exceeds this authorized quantity, forbids that those clients are linked to this service end.
4. authentication management system as claimed in claim 1, it is characterized in that, this identifying information comprise computer title, the network address and hardware serial number at least one of them, wherein this hardware serial number comprises medium access control address, central processing unit sequence number or hard disk sequence number.
5. authentication management system as claimed in claim 1 is characterized in that, this logins the sum total of quantity for this identifying information in this authorization data table.
6. an authorization management method is applied to have in the network environment of an at least one client and a service end, it is characterized in that step comprises:
This client transmits an authorization requests information by network, and this authorization requests information comprises an identifying information;
This service end receives this authorization requests information, and the time of reception of this authorization requests information is recorded as one logins the time;
This service end is recorded in an authorization data table with this identifying information and this time of logining of this authorization requests information, and authorizes this client and this service end to link;
This service end obtains the quantity of logining of client according to this authorization data table, and when this is logined quantity and exceeds an authorized quantity, produces and transmit an information to those clients; And
When this information produced, this service end was deleted this identifying information that this time of logining exceeds a time scope in this authorization data table.
7. authorization management method as claimed in claim 6 is characterized in that, this method more is included in this when logining quantity and exceeding this authorized quantity, during a borrowing in advance in this authorized quantity of adjustment to avoid producing the step of this information.
8. authorization management method as claimed in claim 6 is characterized in that, when this is logined quantity and exceeds this authorized quantity, forbids that those clients are linked to this service end.
9. authorization management method as claimed in claim 6, it is characterized in that, this identifying information comprise computer title, the network address and hardware serial number at least one of them, wherein this hardware serial number comprises medium access control address, central processing unit sequence number or hard disk sequence number.
10. authorization management method as claimed in claim 6 is characterized in that, this logins the sum total of quantity for this identifying information in this authorization data table.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910131163A CN101854251A (en) | 2009-04-03 | 2009-04-03 | Authorization management system and method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910131163A CN101854251A (en) | 2009-04-03 | 2009-04-03 | Authorization management system and method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101854251A true CN101854251A (en) | 2010-10-06 |
Family
ID=42805532
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910131163A Pending CN101854251A (en) | 2009-04-03 | 2009-04-03 | Authorization management system and method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101854251A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103150270A (en) * | 2012-02-15 | 2013-06-12 | 林善红 | Security method for distributing data |
| CN105516218A (en) * | 2014-08-26 | 2016-04-20 | 广达电脑股份有限公司 | authorization management method |
| CN106487777A (en) * | 2015-08-26 | 2017-03-08 | 大同股份有限公司 | Identity identifying method and things-internet gateway device and authentication gateway device |
-
2009
- 2009-04-03 CN CN200910131163A patent/CN101854251A/en active Pending
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103150270A (en) * | 2012-02-15 | 2013-06-12 | 林善红 | Security method for distributing data |
| CN105516218A (en) * | 2014-08-26 | 2016-04-20 | 广达电脑股份有限公司 | authorization management method |
| CN105516218B (en) * | 2014-08-26 | 2018-12-14 | 广达电脑股份有限公司 | authorization management method |
| CN106487777A (en) * | 2015-08-26 | 2017-03-08 | 大同股份有限公司 | Identity identifying method and things-internet gateway device and authentication gateway device |
| CN106487777B (en) * | 2015-08-26 | 2021-04-13 | 大同股份有限公司 | Identity authentication method, Internet of things gateway device and authentication gateway device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210006404A1 (en) | Systems and methods for accessing and controlling media stored remotely | |
| US7054905B1 (en) | Replacing an email attachment with an address specifying where the attachment is stored | |
| US20120266107A1 (en) | Systems and methods for personal information management and contact picture synchronization and distribution | |
| JP2009266254A (en) | Method and apparatus for uploading content from device to remote network location | |
| CN101132459A (en) | Method for computer remote control by mobile phone | |
| EP2476054B1 (en) | Viewing content under enterprise digital rights management without a client side access component | |
| CN101179519B (en) | Method and system of self-defining cluster label | |
| JP2010522377A (en) | Advertising funding data access service | |
| CN102984181A (en) | Method and device of communication based on social networking services | |
| CN102780721A (en) | Picture sharing method and picture sharing device for network albums | |
| CN101854251A (en) | Authorization management system and method thereof | |
| CA2417083A1 (en) | Estimation system for vehicle repair cost | |
| US9516095B2 (en) | Data management system and method for displaying data | |
| US11985122B2 (en) | Method and apparatus for sharing content data between networked devices | |
| TW200843419A (en) | Admiration letter direct management operation system and method | |
| CN102143189A (en) | Method and system for realizing video recording on webpage | |
| WO2008090553A2 (en) | A system and a method for sending digital content to a mobile device | |
| US20070130198A1 (en) | Data management device, data management system and data management method | |
| AU2013270565B2 (en) | Systems and methods for accessing and controlling media stored remotely | |
| KR20030029556A (en) | Method for providing broadcast contents using a mobile terminal and computer readable record medium on which a program therefor is recorded | |
| AU2014233547B2 (en) | Systems and methods for accessing and controlling media stored remotely | |
| CN102130854A (en) | Method and system for displaying buddy list with buddy states | |
| JP3116326U (en) | Image creation device | |
| WO2008038399A1 (en) | Information providing system | |
| KR20000072085A (en) | A method for supporting transmission of news contents on a publication according to user's choice and the system of the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20101006 |