CN103455889A - Computer user identity access control system in power industry - Google Patents
Computer user identity access control system in power industry Download PDFInfo
- Publication number
- CN103455889A CN103455889A CN2013104132630A CN201310413263A CN103455889A CN 103455889 A CN103455889 A CN 103455889A CN 2013104132630 A CN2013104132630 A CN 2013104132630A CN 201310413263 A CN201310413263 A CN 201310413263A CN 103455889 A CN103455889 A CN 103455889A
- Authority
- CN
- China
- Prior art keywords
- data
- user
- module
- management
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A computer user identity access control system in the power industry comprises a data base server, a Web server/application server and a plurality of user terminals, wherein the data base server, the Web server/application server and the user terminals are connected through the network. The computer user identity access control system in the power industry has the advantages that due to the electronic process management, workloads of front-line working personnel are effectively relieved, the work of operating maintenance is specified, and management difficulty is lowered; grassroots units can check the flow schedule of application states through the system and completely master current approval schedule states of users; due to delicacy management, the efficiency of access application of the users is improved, efficiency of overall situation management on DHCPs and IP addresses is improved, and the DHCPs and the IP addresses can be expanded, regulated and recovered conveniently and timely; due to the powerful auxiliary DHCP function processing, administrators are effectively assisted in management and distribution of the IP addresses, and workloads of the network administrators are greatly relieved; due to a comprehensive and careful system operation log audit, safety and reliability of data are ensured.
Description
[technical field] the present invention relates to a kind of power industry computer user identity access control system.
[background technology] electric system adopts informatization and operation, and routine office work and the operation maintenance work in each work position is managed.Increasing along with computer terminal quantity, safety management for computer equipment, and the management of the management of user profile and Unit account of plant there are the following problems: 1, man-machine correspondence is inaccurate, whether truly can't examine whether corresponding, corresponding with the computing machine information of user; 2, network and manage the employing manual control, work efficiency is not high, can not carry out electronic user-network access, change, cancellation etc. and examine flow process, and the workload of computing machine daily servicing is large; 3, IP address assignment difficult management, every maintenance work difficulty of terminal device IP address and DHCP action scope improves, and has the inconsistent phenomenon of IP address and MAC Address in the part producing system, causes user profile inaccurate.
[summary of the invention] the present invention is directed to the problems referred to above, and a kind of power industry computer user is provided the identity access control system.
This power industry computer user identity access control system, is characterized in that, comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in described database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in described Web server/application server; Described user's access administration module is accepted and is examined user's network admittance, change or cancellation application, and the user information data data of formation are imported the basic data administration module into; The DHCP service management module completes distribution and the management to user's IP address, and the user information data data of formation are imported the basic data administration module into; The account data that in the basic data administration module, recording user computer information and user information data form, the account data are carried out the computerized information safety management by access data scrubbing module; The quick consumer positioning access device of data statistic analysis module and port; The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note; The daily record of each operating process in Operation Log audit module records network admittance flow process; The log-on message of computer statistics analysis module supervisory computer and antivirus software mount message.
The basic data administration module can be realized organizational structure, subscriber data, computing machine, network equipment ledger management, and guarantees that the user is correctly corresponding with computing machine.
Operation Log audit module is inquired by classification the log information of all kinds of operation notes of native system; All kinds of operation informations that convenient understanding native system occurs; Operation Log comprises that DHCP deletion daily record, modification daily record, increase daily record, computer are deleted daily record, the user logins daily record; Daily record data can be exported as to the Excel file.
User's access administration module system is realized electronic approval process of user's access, change, cancellation; The network manager can realize that access, change, cancellation examine very easily by system, and grass-roots unit can realize that application status flow process progress checks by system, grasps the user comprehensively and examines at present progress status.
The DHCP service management module can complete DHCP action scope management, and the additions and deletions that the action scope management mainly comprises action scope change looks into and lease situation processing capacity; Divide according to the business of system ip address and constituent parts or function, constituent parts is arranged to different DHCP action scopes, according to business demand, user terminal demand and develop into each action scope distributing IP address or IP address field; IP address is wherein arranged to the IP specific properties, as retained IP address and dynamic IP address allocation simultaneously; The relevant secondary attribute that arranges for IP address in action scope.
Access data scrubbing module can realize the in violation of rules and regulations management of computing machine, system by with DHCP, IMS interface, the network manager can be at any time to user isolation, networking, thereby realizes the user network access, the improving information safety level.
The data statistic analysis module can effectively improve keeper's work efficiency, system by with network device interface, realize IP, MAC Address collection, fast consumer positioning access device and port; Can also allow the keeper know at short notice the global ip address service condition, effectively promote IP address resource utilization factor.
The SMS platform administration module can be notified user and keeper with the note form in time by the situation of accepting of access, improves Information Service Quality.
The computer statistics analysis module can make the keeper understand in time registration scenarios and the antivirus software installation situation of computing machine, and the arrangement personnel process in time.
The invention has the beneficial effects as follows: 1, by electronic workflow management, effectively alleviated front man's workload, standard operation maintenance work, improved work efficiency, reduced management difficulty.2, grass-roots unit can realize that application status flow process progress checks by system, grasps the user comprehensively and examines at present progress status.3, by fine-grained management, improved the efficiency of user's access application, improved global administration's efficiency of DHCP and IP address, easily and timely carry out expansion, the adjustment of DHCP and IP address and reclaim.4, powerful auxiliary DHCP function treatment, the person of assisting management is carried out the IP address management distribution effectively, has alleviated greatly network manager's workload.5, comprehensive careful System Operation Log audit, guarantee that data security is reliable.6, the user applies for networking, approval networks, nullify IP address and violation computer user, and the SMS notice all can be arranged, and has promoted Information Service Quality.
[accompanying drawing explanation]
Fig. 1 is structural representation of the present invention
Fig. 2 is FB(flow block) of the present invention
[embodiment] is described below enforcement of the present invention below in conjunction with accompanying drawing:
In Fig. 1 and Fig. 2, power industry computer user's identity access control system comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in Web server/application server.
The user that need to enter Intranet proposes network admittance, change or nullifies application by user's access administration module, and the keeper is accepted and examines user's network admittance, change or cancellation application by user's access administration module.The keeper completes distribution and the management to user's IP address by the DHCP service management module simultaneously.The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note.The daily record of each operating process in Operation Log audit module records network admittance flow process.After user's network admittance, change or cancellation have been applied for, user computer data and user information data will form account and be recorded in the basic data administration module.The keeper can carry out the computerized information safety management to the account data in the basic data administration module by access data scrubbing module; By the data statistic analysis module, consumer positioning access device and port, know the global ip address service condition in the short time fast.The keeper can understand registration scenarios and the antivirus software installation situation of computing machine by the computer statistics analysis module, arrangement personnel process in time.
Claims (1)
1. power industry computer user identity access control system, is characterized in that, comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in described database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in described Web server/application server; Described user's access administration module is accepted and is examined user's network admittance, change or cancellation application, and the user information data data of formation are imported the basic data administration module into; The DHCP service management module completes distribution and the management to user's IP address, and the user information data data of formation are imported the basic data administration module into; The account data that in the basic data administration module, recording user computer information and user information data form, the account data are carried out the computerized information safety management by access data scrubbing module; The quick consumer positioning access device of data statistic analysis module and port; The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note; The daily record of each operating process in Operation Log audit module records network admittance flow process; The log-on message of computer statistics analysis module supervisory computer and antivirus software mount message.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013104132630A CN103455889A (en) | 2013-09-12 | 2013-09-12 | Computer user identity access control system in power industry |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013104132630A CN103455889A (en) | 2013-09-12 | 2013-09-12 | Computer user identity access control system in power industry |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103455889A true CN103455889A (en) | 2013-12-18 |
Family
ID=49738227
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2013104132630A Pending CN103455889A (en) | 2013-09-12 | 2013-09-12 | Computer user identity access control system in power industry |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103455889A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104184616A (en) * | 2014-08-08 | 2014-12-03 | 国家电网公司 | Intelligent management system for local area network resources |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1929483A (en) * | 2006-09-19 | 2007-03-14 | 清华大学 | Admittance control method for IPv6 switch-in network true source address access |
CN101068183A (en) * | 2007-06-28 | 2007-11-07 | 杭州华三通信技术有限公司 | Network invitation to enter controlling method and network invitation to enter controlling system |
US8190755B1 (en) * | 2006-12-27 | 2012-05-29 | Symantec Corporation | Method and apparatus for host authentication in a network implementing network access control |
-
2013
- 2013-09-12 CN CN2013104132630A patent/CN103455889A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1929483A (en) * | 2006-09-19 | 2007-03-14 | 清华大学 | Admittance control method for IPv6 switch-in network true source address access |
US8190755B1 (en) * | 2006-12-27 | 2012-05-29 | Symantec Corporation | Method and apparatus for host authentication in a network implementing network access control |
CN101068183A (en) * | 2007-06-28 | 2007-11-07 | 杭州华三通信技术有限公司 | Network invitation to enter controlling method and network invitation to enter controlling system |
Non-Patent Citations (3)
Title |
---|
王颖: "网络准入控制系统的研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》, 15 March 2012 (2012-03-15) * |
钱扬: "企业网网络准入控制及终端安全防护研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》, 15 May 2013 (2013-05-15) * |
陈沛金: "准入控制系统在电力行业的深入设计与应用", 《现代计算机(专业版)》, no. 30, 25 October 2012 (2012-10-25) * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104184616A (en) * | 2014-08-08 | 2014-12-03 | 国家电网公司 | Intelligent management system for local area network resources |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105450636B (en) | A kind of cloud computing management system | |
CN108769289B (en) | Network address resource visualization management system | |
CN110851278A (en) | Distribution network automation master station mobile application service management method and system based on micro-service architecture | |
CN104601723B (en) | Power Marketing Management System SOA framework based on internal services bus | |
CN110795761A (en) | Dynamic desensitization method for sensitive data of ubiquitous power Internet of things | |
CN103944763A (en) | Network-assistant management system and method of electrical power system | |
CN103679557B (en) | Power system operating mode data management system based on C/S framework and its implementation | |
CN101447064A (en) | Auditing management system and auditing management method | |
CN111371912B (en) | IP address management system and method based on state | |
CN112150027A (en) | Power supply service command platform system | |
CN111783053A (en) | Interactive unified big data programming computing platform | |
CN102571413A (en) | Method for resource management under cluster environment | |
CN106407072A (en) | Monitoring system of big data platform | |
CN103455889A (en) | Computer user identity access control system in power industry | |
CN207882957U (en) | A kind of safe big data intelligent analysis system | |
CN111882143A (en) | Risk early warning and prevention and control system for high-risk industry enterprises | |
CN111158988A (en) | Operation and maintenance auditing system | |
CN103577905A (en) | Audit method and system for information safety | |
CN115695165A (en) | Automatic operation and maintenance method and system for firewall, electronic equipment and storage medium | |
CN202904322U (en) | Network type operation ticket system | |
CN104850983A (en) | Method for constructing office automation system based on information real-time control management | |
CN106411935A (en) | Internet data information security protection system | |
CN107220087A (en) | A kind of MDC data center management systems based on operating service | |
CN113347202A (en) | Account identification management system of centralized account management and control platform | |
CN108011749B (en) | Auditing method for debugging configuration information of transformer substation debugging management and control device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20131218 |
|
RJ01 | Rejection of invention patent application after publication |