CN103455889A - Computer user identity access control system in power industry - Google Patents

Computer user identity access control system in power industry Download PDF

Info

Publication number
CN103455889A
CN103455889A CN2013104132630A CN201310413263A CN103455889A CN 103455889 A CN103455889 A CN 103455889A CN 2013104132630 A CN2013104132630 A CN 2013104132630A CN 201310413263 A CN201310413263 A CN 201310413263A CN 103455889 A CN103455889 A CN 103455889A
Authority
CN
China
Prior art keywords
data
user
module
management
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2013104132630A
Other languages
Chinese (zh)
Inventor
曹晓斌
龚谷初
王蕾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Changde Power Supply Co of State Grid Hunan Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
Changde Power Supply Co of State Grid Hunan Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Changde Power Supply Co of State Grid Hunan Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN2013104132630A priority Critical patent/CN103455889A/en
Publication of CN103455889A publication Critical patent/CN103455889A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A computer user identity access control system in the power industry comprises a data base server, a Web server/application server and a plurality of user terminals, wherein the data base server, the Web server/application server and the user terminals are connected through the network. The computer user identity access control system in the power industry has the advantages that due to the electronic process management, workloads of front-line working personnel are effectively relieved, the work of operating maintenance is specified, and management difficulty is lowered; grassroots units can check the flow schedule of application states through the system and completely master current approval schedule states of users; due to delicacy management, the efficiency of access application of the users is improved, efficiency of overall situation management on DHCPs and IP addresses is improved, and the DHCPs and the IP addresses can be expanded, regulated and recovered conveniently and timely; due to the powerful auxiliary DHCP function processing, administrators are effectively assisted in management and distribution of the IP addresses, and workloads of the network administrators are greatly relieved; due to a comprehensive and careful system operation log audit, safety and reliability of data are ensured.

Description

Power industry computer user's identity access control system
[technical field] the present invention relates to a kind of power industry computer user identity access control system.
[background technology] electric system adopts informatization and operation, and routine office work and the operation maintenance work in each work position is managed.Increasing along with computer terminal quantity, safety management for computer equipment, and the management of the management of user profile and Unit account of plant there are the following problems: 1, man-machine correspondence is inaccurate, whether truly can't examine whether corresponding, corresponding with the computing machine information of user; 2, network and manage the employing manual control, work efficiency is not high, can not carry out electronic user-network access, change, cancellation etc. and examine flow process, and the workload of computing machine daily servicing is large; 3, IP address assignment difficult management, every maintenance work difficulty of terminal device IP address and DHCP action scope improves, and has the inconsistent phenomenon of IP address and MAC Address in the part producing system, causes user profile inaccurate.
[summary of the invention] the present invention is directed to the problems referred to above, and a kind of power industry computer user is provided the identity access control system.
This power industry computer user identity access control system, is characterized in that, comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in described database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in described Web server/application server; Described user's access administration module is accepted and is examined user's network admittance, change or cancellation application, and the user information data data of formation are imported the basic data administration module into; The DHCP service management module completes distribution and the management to user's IP address, and the user information data data of formation are imported the basic data administration module into; The account data that in the basic data administration module, recording user computer information and user information data form, the account data are carried out the computerized information safety management by access data scrubbing module; The quick consumer positioning access device of data statistic analysis module and port; The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note; The daily record of each operating process in Operation Log audit module records network admittance flow process; The log-on message of computer statistics analysis module supervisory computer and antivirus software mount message.
The basic data administration module can be realized organizational structure, subscriber data, computing machine, network equipment ledger management, and guarantees that the user is correctly corresponding with computing machine.
Operation Log audit module is inquired by classification the log information of all kinds of operation notes of native system; All kinds of operation informations that convenient understanding native system occurs; Operation Log comprises that DHCP deletion daily record, modification daily record, increase daily record, computer are deleted daily record, the user logins daily record; Daily record data can be exported as to the Excel file.
User's access administration module system is realized electronic approval process of user's access, change, cancellation; The network manager can realize that access, change, cancellation examine very easily by system, and grass-roots unit can realize that application status flow process progress checks by system, grasps the user comprehensively and examines at present progress status.
The DHCP service management module can complete DHCP action scope management, and the additions and deletions that the action scope management mainly comprises action scope change looks into and lease situation processing capacity; Divide according to the business of system ip address and constituent parts or function, constituent parts is arranged to different DHCP action scopes, according to business demand, user terminal demand and develop into each action scope distributing IP address or IP address field; IP address is wherein arranged to the IP specific properties, as retained IP address and dynamic IP address allocation simultaneously; The relevant secondary attribute that arranges for IP address in action scope.
Access data scrubbing module can realize the in violation of rules and regulations management of computing machine, system by with DHCP, IMS interface, the network manager can be at any time to user isolation, networking, thereby realizes the user network access, the improving information safety level.
The data statistic analysis module can effectively improve keeper's work efficiency, system by with network device interface, realize IP, MAC Address collection, fast consumer positioning access device and port; Can also allow the keeper know at short notice the global ip address service condition, effectively promote IP address resource utilization factor.
The SMS platform administration module can be notified user and keeper with the note form in time by the situation of accepting of access, improves Information Service Quality.
The computer statistics analysis module can make the keeper understand in time registration scenarios and the antivirus software installation situation of computing machine, and the arrangement personnel process in time.
The invention has the beneficial effects as follows: 1, by electronic workflow management, effectively alleviated front man's workload, standard operation maintenance work, improved work efficiency, reduced management difficulty.2, grass-roots unit can realize that application status flow process progress checks by system, grasps the user comprehensively and examines at present progress status.3, by fine-grained management, improved the efficiency of user's access application, improved global administration's efficiency of DHCP and IP address, easily and timely carry out expansion, the adjustment of DHCP and IP address and reclaim.4, powerful auxiliary DHCP function treatment, the person of assisting management is carried out the IP address management distribution effectively, has alleviated greatly network manager's workload.5, comprehensive careful System Operation Log audit, guarantee that data security is reliable.6, the user applies for networking, approval networks, nullify IP address and violation computer user, and the SMS notice all can be arranged, and has promoted Information Service Quality.
[accompanying drawing explanation]
Fig. 1 is structural representation of the present invention
Fig. 2 is FB(flow block) of the present invention
[embodiment] is described below enforcement of the present invention below in conjunction with accompanying drawing:
In Fig. 1 and Fig. 2, power industry computer user's identity access control system comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in Web server/application server.
The user that need to enter Intranet proposes network admittance, change or nullifies application by user's access administration module, and the keeper is accepted and examines user's network admittance, change or cancellation application by user's access administration module.The keeper completes distribution and the management to user's IP address by the DHCP service management module simultaneously.The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note.The daily record of each operating process in Operation Log audit module records network admittance flow process.After user's network admittance, change or cancellation have been applied for, user computer data and user information data will form account and be recorded in the basic data administration module.The keeper can carry out the computerized information safety management to the account data in the basic data administration module by access data scrubbing module; By the data statistic analysis module, consumer positioning access device and port, know the global ip address service condition in the short time fast.The keeper can understand registration scenarios and the antivirus software installation situation of computing machine by the computer statistics analysis module, arrangement personnel process in time.

Claims (1)

1. power industry computer user identity access control system, is characterized in that, comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in described database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in described Web server/application server; Described user's access administration module is accepted and is examined user's network admittance, change or cancellation application, and the user information data data of formation are imported the basic data administration module into; The DHCP service management module completes distribution and the management to user's IP address, and the user information data data of formation are imported the basic data administration module into; The account data that in the basic data administration module, recording user computer information and user information data form, the account data are carried out the computerized information safety management by access data scrubbing module; The quick consumer positioning access device of data statistic analysis module and port; The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note; The daily record of each operating process in Operation Log audit module records network admittance flow process; The log-on message of computer statistics analysis module supervisory computer and antivirus software mount message.
CN2013104132630A 2013-09-12 2013-09-12 Computer user identity access control system in power industry Pending CN103455889A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2013104132630A CN103455889A (en) 2013-09-12 2013-09-12 Computer user identity access control system in power industry

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2013104132630A CN103455889A (en) 2013-09-12 2013-09-12 Computer user identity access control system in power industry

Publications (1)

Publication Number Publication Date
CN103455889A true CN103455889A (en) 2013-12-18

Family

ID=49738227

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2013104132630A Pending CN103455889A (en) 2013-09-12 2013-09-12 Computer user identity access control system in power industry

Country Status (1)

Country Link
CN (1) CN103455889A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104184616A (en) * 2014-08-08 2014-12-03 国家电网公司 Intelligent management system for local area network resources

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1929483A (en) * 2006-09-19 2007-03-14 清华大学 Admittance control method for IPv6 switch-in network true source address access
CN101068183A (en) * 2007-06-28 2007-11-07 杭州华三通信技术有限公司 Network invitation to enter controlling method and network invitation to enter controlling system
US8190755B1 (en) * 2006-12-27 2012-05-29 Symantec Corporation Method and apparatus for host authentication in a network implementing network access control

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1929483A (en) * 2006-09-19 2007-03-14 清华大学 Admittance control method for IPv6 switch-in network true source address access
US8190755B1 (en) * 2006-12-27 2012-05-29 Symantec Corporation Method and apparatus for host authentication in a network implementing network access control
CN101068183A (en) * 2007-06-28 2007-11-07 杭州华三通信技术有限公司 Network invitation to enter controlling method and network invitation to enter controlling system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
王颖: "网络准入控制系统的研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》, 15 March 2012 (2012-03-15) *
钱扬: "企业网网络准入控制及终端安全防护研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》, 15 May 2013 (2013-05-15) *
陈沛金: "准入控制系统在电力行业的深入设计与应用", 《现代计算机(专业版)》, no. 30, 25 October 2012 (2012-10-25) *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104184616A (en) * 2014-08-08 2014-12-03 国家电网公司 Intelligent management system for local area network resources

Similar Documents

Publication Publication Date Title
CN105450636B (en) A kind of cloud computing management system
CN108769289B (en) Network address resource visualization management system
CN110851278A (en) Distribution network automation master station mobile application service management method and system based on micro-service architecture
CN104601723B (en) Power Marketing Management System SOA framework based on internal services bus
CN110795761A (en) Dynamic desensitization method for sensitive data of ubiquitous power Internet of things
CN103944763A (en) Network-assistant management system and method of electrical power system
CN103679557B (en) Power system operating mode data management system based on C/S framework and its implementation
CN101447064A (en) Auditing management system and auditing management method
CN111371912B (en) IP address management system and method based on state
CN112150027A (en) Power supply service command platform system
CN111783053A (en) Interactive unified big data programming computing platform
CN102571413A (en) Method for resource management under cluster environment
CN106407072A (en) Monitoring system of big data platform
CN103455889A (en) Computer user identity access control system in power industry
CN207882957U (en) A kind of safe big data intelligent analysis system
CN111882143A (en) Risk early warning and prevention and control system for high-risk industry enterprises
CN111158988A (en) Operation and maintenance auditing system
CN103577905A (en) Audit method and system for information safety
CN115695165A (en) Automatic operation and maintenance method and system for firewall, electronic equipment and storage medium
CN202904322U (en) Network type operation ticket system
CN104850983A (en) Method for constructing office automation system based on information real-time control management
CN106411935A (en) Internet data information security protection system
CN107220087A (en) A kind of MDC data center management systems based on operating service
CN113347202A (en) Account identification management system of centralized account management and control platform
CN108011749B (en) Auditing method for debugging configuration information of transformer substation debugging management and control device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20131218

RJ01 Rejection of invention patent application after publication