CN103413202B - A kind of method of automatic collection mandate relation applied to O&M auditing system - Google Patents
A kind of method of automatic collection mandate relation applied to O&M auditing system Download PDFInfo
- Publication number
- CN103413202B CN103413202B CN201310365539.2A CN201310365539A CN103413202B CN 103413202 B CN103413202 B CN 103413202B CN 201310365539 A CN201310365539 A CN 201310365539A CN 103413202 B CN103413202 B CN 103413202B
- Authority
- CN
- China
- Prior art keywords
- resource
- user
- auditing system
- mandate
- relation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Debugging And Monitoring (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to a kind of method of the automatic collection mandate relation applied to O&M auditing system, including:(1)User logs in O&M auditing system, system gets user profile;(2)User accesses resource by O&M auditing system, and system gets resource information;(3)System judges whether the mandate relation of the user and the resource, if existing, without repeated data;If being not present, the mandate relation of the user and the resource are added automatically in systems.The present invention realizes O&M auditing system and collects the function that relation is authorized between user and resource automatically, by intensively collecting mandate relation automatically, eliminate it is artificial be collected manually done largely repeat cumbersome work, moreover it is possible to avoid being collected into the data of mistake because of uncontrollable factor.Its is easy to use flexibly, saves manpower and plenty of time, it is possible to increase operating efficiency.
Description
Technical field
The present invention relates to O&M audit resources authorized domain, especially a kind of automatic collection applied to O&M auditing system
The method of mandate relation.
Background technology
With the continuous progressive and information-based notable development of information technology, information security has been increasingly subject to more passes
Note.Internal information is not only threatened by external factor, and the violation operation and maloperation of internal user can also be caused seriously to it
Problem of data safety.Therefore, O&M security audit product(Hereinafter referred to as " O&M auditing system ")It is applied to increasing
In network environment, to take precautions against internal information safety problem, record network resource accession daily record to audit afterwards.It is most of this
Class product all provide Account Administration, authentication, resource authorization, single-sign-on (refer to user pass through O&M auditing system access money
Source), access control and operation audit etc. function, to help user to realize the purpose of O&M safety management and Internal Control Audit.
O&M auditing system preserves the basic datas such as user profile, resource information.User refers to O&M auditing system itself
Validated user, user has the information such as user name, login password, E-mail address.Resource refers to by the protection of O&M auditing system
Information resources, such as main frame, server, the network equipment, operating system, database.Resource has affiliated function, IP address, account
Number and the information such as login password.Certain user has the right to access the resource with a certain resource account number, then claims the resource and account number to be authorized to
The user is given, there is mandate relation between the user and the resource, the mandate relationship user, resource and account number.In portion
Administration has in the network environment of O&M auditing system, and the function that user can only be provided by O&M auditing system accesses resource.By which
A little users, which have the right which account number to access which resource these mandate relations with, to be collected, and is added in O&M auditing system, and
Set user to access the resource that there is mandate relation therewith in O&M auditing system, can be achieved with resource authorization access
Purpose, access of the control user to resource.
How to collect and there is mandate relation between which user and which resource, and these mandate relations are added to O&M
It is the big problem for needing to solve in auditing system.At present, between user and resource authorize relation collection work, it is necessary to
User is collected manually, and work difficulty is big, labor intensive and time, it is also possible to be collected into wrong data and repeated data,
It is difficult to the quality for ensureing the information being collected into, and the mandate relation being collected into needs to be added manually in system, and operation is repeated
It is cumbersome, inefficiency.
The content of the invention
It is an object of the invention to provide a kind of method of the automatic collection mandate relation applied to O&M auditing system, use
Come in actual use, automatic collection O&M audit user and O&M auditing system protect the mandate between resource to close
System, eliminate it is artificial be collected manually done largely repeat cumbersome work, moreover it is possible to avoid collecting because of uncontrollable factor
To the data of mistake.Its is easy to use flexibly, saves manpower and plenty of time, it is possible to increase operating efficiency.
The present invention is achieved through the following technical solutions:
A kind of method of automatic collection mandate relation applied to O&M auditing system, comprises the following steps:
(1)User logs in O&M auditing system, system gets user profile;
(2)User accesses resource by O&M auditing system, and system gets resource information;
(3)System judges whether the mandate relation of the user and the resource, if existing, without repeat number
According to;If being not present, the mandate relation of the user and the resource are added automatically in systems.
By the above method, mandate relation is not present therewith in systems when user is accessed by the O&M auditing system
Resource when, system will add the mandate relation of the user and the resource automatically, reach the automatic purpose for collecting mandate relation.
The user refers to the O&M auditing system validated user of itself, and user includes user name, login password, electronics postal
The user profile such as case address;Resource refers to the information resources protected by O&M auditing system, such as main frame, server, the network equipment, behaviour
Make system, database, resource includes the resource informations such as affiliated function, IP address, account number and login password.
The O&M auditing system includes a configuration item " allowing unauthorized to log in ", and the configuration item can be turned on and off,
When closing this configuration item, i.e., do not allow unauthorized to log in, after expression User logs in O&M auditing system, can only access and be
There is the resource of mandate relation in system therewith.When opening this configuration item, represent after User logs in O&M auditing system, not only
The resource that there is mandate relation therewith in systems can be accessed, moreover it is possible to access the money that mandate relation is not present therewith in systems
Source, as long as user knows the authentication information of the resource(Account number and password etc.).
The O&M auditing system includes a configuration item " collecting mandate relation ", and the configuration item can be turned on and off, when
" allowing unauthorized to log in " configuration item is opened, and when opening " collecting mandate relation " configuration item, when user is audited by O&M
When system accesses resource, system will collect mandate relation automatically.
When user has the right to access the resource with a certain resource account number, then the resource and account number is claimed to be granted to the user, should
There is mandate relation between user and the resource, the mandate relationship user, resource and account number.
The present invention compared with prior art, have the advantage that for:The present invention realizes O&M auditing system and received automatically
Collect the function that relation is authorized between user and resource, by intensively collecting mandate relation automatically, eliminate and artificially carry out manually
What collection was done largely repeats cumbersome work, moreover it is possible to avoid being collected into the data of mistake because of uncontrollable factor.It uses letter
Just flexibly, manpower and plenty of time are saved, it is possible to increase operating efficiency.
Brief description of the drawings
Fig. 1 is flow chart of the invention.
Embodiment
The present invention is described in further detail with reference to embodiment, but the implementation of the present invention is not limited to this.
Embodiment:
In O&M auditing system, the collection work to authorizing relation between user and resource, traditional method makes
User is collected using manual mode, and work difficulty is big, labor intensive and time, it is also possible to be collected into wrong data and repetition
Data, it is difficult to ensure the quality for the information being collected into, and the mandate relation being collected into needs to be added manually in system, operates
Repeat cumbersome, inefficiency;And existing technical staff thinks to be collected using manual mode, it is impossible to realize and use
The automatic collection of relation is authorized between family and resource, the present invention discloses one kind and be applied to overcome existing technology prejudice
The method of the automatic collection mandate relation of O&M auditing system, its flow are as shown in figure 1, the O&M audit system of the application present invention
System, is deployed in an application environment, in order that collecting user and resource in the application environment automatically with method of the present invention
All mandate relations, and be added in system, the O&M auditing system in the present embodiment, which has had turned on, " allows unauthorized
Log in " and " collecting mandate relation " configuration item.
When a User logs in is to O&M auditing system, system gets the user profile of the user, including user name,
Login password.When the user accesses the resource of its Internet access by O&M auditing system, system gets accessed resource
Information, including IP address, used account number, password, agreement used.When the access behavior occurs, show the user and quilt
There is mandate relation between access resource.O&M auditing system judges that the mandate relation between the user and the accessed resource is
It is no to be present in system;If it is present addition is not repeated;If it does not exist, then the mandate relation is added into system
In.In this way, just having reached the purpose of automatic collection mandate relation.
When different user accesses the resource of its Internet access by O&M auditing system in this way, it will receive automatically
Collect the mandate relation between them and be added in system.When the mandate relation in application environment has all been collected into O&M audit
After in system, it is possible to close " permission unauthorized access " and " collecting mandate relation " configuration item.So, User logs in O&M is examined
After meter systems, the resource that there is mandate relation therewith in systems can only be just accessed, the purpose that resource authorization is accessed is realized.
Relevant above-described embodiment, basic skills and common knowledge that any those skilled in the art are grasped by it, equal energy
The technology contents and advantage of the solution present invention much of that are simultaneously carried out, on the part of common knowledge,
Repeat no more.
It is described above, be only presently preferred embodiments of the present invention, any formal limitation not done to the present invention, it is every according to
According to the present invention technical spirit above example is made any simple modification, equivalent variations, each fall within the present invention protection
Within the scope of.
Claims (3)
1. a kind of method of automatic collection mandate relation applied to O&M auditing system, it is characterised in that comprise the following steps:
(1)User logs in O&M auditing system, resource is accessed by O&M auditing system, and system gets resource information, such as IP
Address, account number and login password, the resource refer to the information resources protected by O&M auditing system, including main frame, server, net
Network equipment, operating system, database;The O&M auditing system includes a configuration item " allow unauthorized log in ", when closing this
During one configuration item, i.e., do not allow unauthorized to log in, represent after User logs in O&M auditing system, can only access in systems therewith
In the presence of the resource of the relation of mandate, when opening this configuration item, represent after User logs in O&M auditing system, can not only access
There is the resource of mandate relation in system therewith, moreover it is possible to access the resource that mandate relation is not present therewith in systems, as long as with
Know the authentication information of the resource in family;
(2)System judges whether the mandate relation of the user and the resource, if existing, without repeated data;If
It is not present, then adds the mandate relation of the user and the resource automatically in systems.
2. a kind of method of automatic collection mandate relation applied to O&M auditing system, its feature according to claim 1
It is, the O&M auditing system includes a configuration item " collecting mandate relation ", and the configuration item can be turned on and off;Work as unlatching
" allowing unauthorized to log in " configuration item, and when opening " collecting mandate relation " configuration item, user is visited by O&M auditing system
When asking resource, system collects mandate relation automatically.
3. a kind of method of automatic collection mandate relation applied to O&M auditing system according to claim 1 or claim 2, it is special
Levy and be, when user has the right to access the resource with a certain resource account number, then claim the resource and account number to be granted to the user, the use
There is mandate relation between family and the resource, the mandate relationship user, resource and account number.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310365539.2A CN103413202B (en) | 2013-08-21 | 2013-08-21 | A kind of method of automatic collection mandate relation applied to O&M auditing system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310365539.2A CN103413202B (en) | 2013-08-21 | 2013-08-21 | A kind of method of automatic collection mandate relation applied to O&M auditing system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103413202A CN103413202A (en) | 2013-11-27 |
| CN103413202B true CN103413202B (en) | 2017-11-07 |
Family
ID=49606208
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310365539.2A Active CN103413202B (en) | 2013-08-21 | 2013-08-21 | A kind of method of automatic collection mandate relation applied to O&M auditing system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103413202B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104954330B (en) * | 2014-03-27 | 2018-03-16 | 华为软件技术有限公司 | A kind of methods, devices and systems to be conducted interviews to data resource |
| CN107122674B (en) * | 2017-04-12 | 2020-09-08 | 成都安恒信息技术有限公司 | Access method of oracle database applied to operation and maintenance auditing system |
| CN109063437A (en) * | 2018-08-01 | 2018-12-21 | 郑州市景安网络科技股份有限公司 | A kind of asset of equipments operation audit method, device, equipment and readable storage medium storing program for executing |
| CN109189542B (en) * | 2018-09-28 | 2021-10-15 | 成都安恒信息技术有限公司 | Remote desktop access method for operation and maintenance auditing system |
| CN110011848B (en) * | 2019-04-03 | 2020-07-31 | 南方电网数字电网研究院有限公司 | Mobile operation and maintenance auditing system |
| CN111651756B (en) * | 2020-06-04 | 2022-05-31 | 成都安恒信息技术有限公司 | Automatic substitution and filling method applied to operation and maintenance audit navicat |
| CN111984971B (en) * | 2020-08-10 | 2023-05-30 | 成都安恒信息技术有限公司 | Automatic production and management method for operation and maintenance data |
| CN113791597B (en) * | 2021-11-17 | 2022-02-22 | 浙江齐安信息科技有限公司 | Method and device for collecting configuration item information of industrial control system and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101374079A (en) * | 2008-10-10 | 2009-02-25 | 中兴通讯股份有限公司 | Method for obtaining user authority of network management system |
| CN101902402A (en) * | 2010-07-21 | 2010-12-01 | 中兴通讯股份有限公司 | Method for managing user right and device thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070185875A1 (en) * | 2006-02-09 | 2007-08-09 | International Business Machines Corporation | Extensible role based authorization for manageable resources |
-
2013
- 2013-08-21 CN CN201310365539.2A patent/CN103413202B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101374079A (en) * | 2008-10-10 | 2009-02-25 | 中兴通讯股份有限公司 | Method for obtaining user authority of network management system |
| CN101902402A (en) * | 2010-07-21 | 2010-12-01 | 中兴通讯股份有限公司 | Method for managing user right and device thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103413202A (en) | 2013-11-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103413202B (en) | A kind of method of automatic collection mandate relation applied to O&M auditing system | |
| Nguyen et al. | {FLAME}: Taming backdoors in federated learning | |
| CN103179130B (en) | A kind of information system intranet security management platform and management method | |
| EP2866411A1 (en) | Method and system for detecting unauthorized access to and use of network resources with targeted analytics | |
| CN102306258B (en) | UNIX host safety configuration auditing method based on configurable knowledge base | |
| Kott et al. | The promises and challenges of continuous monitoring and risk scoring | |
| Sha et al. | IIoT-SIDefender: Detecting and defense against the sensitive information leakage in industry IoT | |
| KR20140035146A (en) | Apparatus and method for information security | |
| Raghuvanshi et al. | An investigation on detection of vulnerabilities in Internet of Things | |
| Mbowe et al. | A conceptual framework for threat assessment based on organization’s information security policy | |
| Korman et al. | Analyzing the effectiveness of attack countermeasures in a SCADA system | |
| CN109995720A (en) | Heterogeneous device manages method, apparatus, system, equipment and medium concentratedly | |
| Wright | The IT regulatory and standards compliance handbook: How to survive information systems audit and assessments | |
| Valjarevic et al. | Introduction of concurrent processes into the digital forensic investigation process | |
| Xu et al. | Network security | |
| KR20210083607A (en) | System and method for exponentiation of security element to analyze danger | |
| Hörbe et al. | Privacy by design in federated identity management | |
| CN105893376A (en) | Database access supervision method | |
| CN204697072U (en) | A kind of secure accessing managing and control system of network end nodes | |
| CN107358098A (en) | SQL SQL injection detection method and device based on plug-in unit | |
| Accorsi | Automated counterexample-driven audits of authentic system records. | |
| Tzokatziou et al. | Exploiting SCADA vulnerabilities using a human interface device | |
| Yacob | Securing sensitive data in the cloud: a new era of security through zero trust principles | |
| Qin et al. | Development of archives management information system based on. NET multi-tier architecture | |
| Sheik et al. | Considerations for secure mosip deployment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |