CN103679321A - Service authority management subsystem of large-scale distributed meteorological information sensing platform - Google Patents
Service authority management subsystem of large-scale distributed meteorological information sensing platform Download PDFInfo
- Publication number
- CN103679321A CN103679321A CN201210365479.XA CN201210365479A CN103679321A CN 103679321 A CN103679321 A CN 103679321A CN 201210365479 A CN201210365479 A CN 201210365479A CN 103679321 A CN103679321 A CN 103679321A
- Authority
- CN
- China
- Prior art keywords
- user
- subsystem
- local
- management
- overall
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a service authority management subsystem of a large-scale distributed meteorological information sensing platform. The service authority management subsystem is a distributed user information management and identity authentication system which is composed of a national level node and multiple flow/regional and provincial nodes and is used for performing level-to-level management on user information and distributed authentication on user identities. The service authority management subsystem comprises a global user information management subsystem, a local user information management subsystem, a global user identity authentication subsystem, a local user identity authentication subsystem and a customer relationship management subsystem. Compared with the prior art, and according to the service authority management subsystem of the invention, through establishing a unified, role-based access control-based and personalized user information management subsystem, the security of meteorological data and a system can be ensured, and user information management and user identity authentication functions can be realized.
Description
Technical field
The present invention relates to the system to all kinds of service object's management, particularly a kind of Service Privileges of large-scale distributed weather information aware platform management subsystem.
Background technology
Weather information and our life are closely bound up, have influence on our every aspect, how to integrate these meteorological resources used for us, are no small challenges.This just needs us to build the platform of a relevant weather information resource consolidation, deepen Meteorological Services content, realize fully sharing and utilizing of weather information, for the important departments such as water conservancy, civil aviaton, army, meteorology, agricultural, forestry, ocean provide higher-quality weather information service, make whole national Meteorological Science service system bring into play maximum overall efficiency.Research for this field both at home and abroad also has a lot, in development.
But, for the utilization of the resource information on such platform, will inevitably relate to different use crowds.This just needs the appearance of a suitable Subscriber Management System to carry out reasonable management to all kinds of service objects of system.
?
Summary of the invention
The object of the present invention is to provide a kind of Service Privileges management subsystem of large-scale distributed weather information aware platform, thereby realize, all kinds of service objects of system are carried out to different management.
The technical solution that realizes the object of the invention is:
A kind of Service Privileges management subsystem of large-scale distributed weather information aware platform, be distributed subscriber information management and an identity authorization system being comprised of a national node and a plurality of stream/region, provincial node, system feature is user profile differentiated control, user identity distributed authentication.User is divided into A, B, C tri-classes and overall user and two kinds of ranks of local user.Wherein, category-A user: governments at all levels, the relevant industries departments such as water conservancy, civil aviaton, army and meteorology; Category-B user: the personal user of above-mentioned industry department and public welfare scientific research institutions, educational institution; C class user: the general public.According to function needs, Service Privileges management subsystem is shared the needs of data retrieval service system, two application of social sharing data retrieval service system for industry, according to A, B, C tri-class user managements and the overall situation of data sharing service system, the needs of local two-stage user management, be divided into five subsystems: overall subscriber information management subsystem, local subscriber information management subsystem, overall authenticating user identification subsystem, local user's authentication subsystem, customer relation management subsystem.Wherein, the management object of overall situation subscriber information management subsystem is overall user, the functions such as application, registration, cancellation, subscriber authorisation, authentication and management, access statistics, user behavior tracking that mainly realize overall A, B, C tri-class users, overall user profile is managed concentratedly by national host node.The management object of local subscriber information management subsystem is local user, mainly realize A, the B of local partial node, functions such as C tri-class users' application, registration, cancellation, subscriber authorisation, authentication and management, access statistics, user behavior tracking, local user's information is in charge of by local partial node.Overall situation authenticating user identification subsystem makes user by unified authentication and rights management, for overall user provides the information resources authentication access entrance that the whole network is unified, for user provides single-sign-on, network-wide access function.Local user's authentication subsystem, according to relevant rule, is implemented authenticating user identification and rights management, for local user provides user to login and identity authentication function.Meanwhile, for the service of local user access local data provides support.Customer relation management subsystem, by setting up online interaction platform, is realized the function of user and the interaction of SIM system information management department, replys user's message, meteorological professional technique guide is provided, collects consumers' opinions and suggestion.Conversion instrument and the relevant MAIL service of subscribing to lastest imformation of data customization, data layout are provided according to user's demand simultaneously.
The present invention compared with prior art, its remarkable advantage: unified by setting up, that control based on role access, personalized subscriber information management subsystem, can guarantee the safety of weather data and the safety of system; Realize user's information management and identity authentication function.
Below in conjunction with accompanying drawing, the present invention is described in further detail.
Accompanying drawing explanation
Fig. 1 is Service Privileges management subsystem composition diagram.
Fig. 2 is overall subscriber information management subsystem module Organization Chart.
Fig. 3 is local subscriber information management subsystem module Organization Chart.
Fig. 4 is overall authenticating user identification subsystem module Organization Chart.
Fig. 5 is the process flow diagram of overall authenticating user identification.
Fig. 6 is local user's authentication subsystem module Organization Chart.
Fig. 7 is local user's authentication sequential chart.
Fig. 8 is customer relation management subsystem module Organization Chart.
Embodiment
In conjunction with Fig. 1, the present invention relates to a kind of Service Privileges management subsystem of large-scale distributed weather information aware platform, user is divided three classes, as follows:
| Class of subscriber | Data acquisition authority | Data acquisition mode |
| A | Have total data retrieval and download permission | Real-Time Sharing distributes and downloads with retrieval |
| B | Restriction downloading data scope and a day amount to obtain | Retrieval is downloaded |
| C | Real-time weather data product | Browse |
Again user is divided into two ranks, as follows:
| User class | Data acquisition scope | Subscriber information management mode |
| Overall situation user | Have whole node data retrievals and download permission | National host node unified management |
| Local user | Have local node data retrieval and download permission | Local partial node is in charge of |
The corresponding relation of user's classification and user's classification is as follows:
Service Privileges management subsystem is comprised of subscriber information management and authenticating user identification two aspects.Subscriber information management comprises that the mode with LDAP and tables of data manages to A, B, C tri-class users' subscriber group information, user role information, user basic information and user behavior information, local user's information management is responsible for by local partial node, and overall user's information management is responsible for by national host node.Authenticating user identification is realized respectively local user's authentication and rights management, overall authenticating user identification and rights management according to user's rank, for system user provides login and identity authentication function.
In conjunction with Fig. 2, the management object of overall situation subscriber information management subsystem is overall user, the functions such as application, registration, cancellation, subscriber authorisation, authentication and management, access statistics, user behavior tracking that mainly realize overall A, B, C tri-class users, overall user profile is managed concentratedly by national host node.The user who comprises overall user organizes several modules such as management, user role management, subscriber information management, user management statistics and analysis, user behavior tracking and analysis.Wherein, overall category-A user: for providing user, need to initiatively be provided by every profession and trade by system for the category-A user application way of the departments such as meteorological system and water conservancy, civil aviaton, army.Global B class user: be written application registration for category-B user application ways such as the individual of the section industries such as meteorological system and water conservancy, civil aviaton, army and public welfare scientific research institutions, educational institutions, user should provide written application and need through audit.Overall situation C class user: the general public is C class user, and application way is web online registration, does not need can browse whole nation weather data product in real time through audit.
In conjunction with Fig. 3, local subscriber information management subsystem comprises that local user's user organizes management, user role management, subscriber information management, user management statistics and analysis, user behavior tracking and analysis module.Management object is this node users, mainly realizes A, the B of this node, functions such as C tri-class users' application, registration, cancellation, subscriber authorisation, authentication and management, access statistics, user behavior tracking, and local user's information is in charge of by local partial node.Wherein, local category-A user: for providing user, need to initiatively be provided by every profession and trade by system for the category-A user application way of the departments such as local meteorological system and water conservancy, civil aviaton, army.Local category-B user: be written application registration for category-B user application ways such as the individual of the section industries such as local meteorological system and water conservancy, civil aviaton, army and public welfare scientific research institutions, educational institutions, user should provide written application and need through audit.Local C class user: the general local public is C class user, and application way is web online registration, does not need can browse whole nation weather data product in real time through audit.
In conjunction with Fig. 4, overall authenticating user identification subsystem comprises overall user's login interface module, overall user's unified login service module, overall user's authentication interface module, overall user's unified certification service module and global session administration module.For overall user provides the information resources authentication access entrance that the whole network is unified, for user provides single-sign-on, network-wide access function.Overall situation user authenticates and comprises unified certification and single-sign-on.
In conjunction with Fig. 5, overall authenticating user identification process step is as follows:
(1) overall user P, in partial node A login, submits SOAP request (account and password), request login in HTTP mode to national host node overall situation user unified login service module by the overall user's login interface module on partial node.
(2) overall user's unified login service module is accepted after logging request, and first access, for the overall customer data base of overall user's unified management, is inquired about and returned results.
(3) by overall user conversation administration module, set up this user's temporary receipt document, ticket contents comprises account and a random code dynamically generating, record type of action (comprising login, newly-increased application etc.) and actuation time that this user this time operates simultaneously, and return to this account, random code, user role to partial node, represent to login successfully.
(4) if Query Result is TRUE, to partial node, return to user's account, random code, user role, represent to login successfully.
(5) this overall situation user P accesses partial node B as needs, with list form, to partial node B, submits this user's account and random code to.
(6) partial node B gives overall user's authentication interface module by the user's form information receiving, and to national host node overall situation unified certification service module, submits to SOAP to ask by interface module, and this user is authenticated.
(7) national host node overall situation authentication application service module receives after the user authentication request of partial node A submission, calling party temporary receipt document, the user account that need are authenticated and random code and user's temporary receipt content are identified, as there is the temporary receipt consistent with this user authentication request information, represent to authenticate and pass through.
(8) if national host node overall situation user's unified certification request passes, to overall user's authentication interface module of partial node B, return to one group of information, comprise this user account, random code, user role, represent by authentication.
In conjunction with Fig. 6, local user's authentication subsystem comprises local user's login interface module, local user authentication interface module, subscriber authorisation module.For user provides user's login feature and authentication.Meanwhile, for the service of local user access local data provides support.Local user is only approved by this partial node, adopts the local authentication system of partial node, does not have the authority of other node resources in accesses network.
In conjunction with Fig. 7, local user's identification step is as follows:
1. local user, in certain partial node A login, is confirmed to be after the local user of partial node A through judging, by partial node user authentication function module, to this node users authentication application module, submits request (account name and password) to, request login.
2. this node users authentication application module is accepted after logging request, and local user's information database that access is managed concentratedly by local user, inquires about and return results.
3., if result is FALSE, return to this user's account name and logon information not, login failed for user.Local user authentication finishes.
4. result is TRUE else if, returns to user's account name and Role Information, represents to login successfully.Local user authentication finishes.
In conjunction with Fig. 8, customer relation management subsystem comprises message board module, data customization module, information subscribing module.By setting up online interaction platform, realize the function of user and the interaction of data sharing service system administrative authority, reply user's message, meteorological professional technique guide is provided, collects consumers' opinions and suggestion.Conversion instrument and the relevant MAIL service of subscribing to lastest imformation of data customization, data layout are provided according to user's demand simultaneously.
Claims (7)
1. the Service Privileges of a large-scale distributed weather information aware platform is managed subsystem, be one by a national node and a plurality of stream/region, distributed subscriber information management and identity authorization system that provincial node forms, according to function needs, Service Privileges management is shared data retrieval service system for industry, the needs of two application of social sharing data retrieval service system, A according to data sharing service system, B, C tri-class user management and the overall situations, the needs of local two-stage user management, be divided into five subsystems: overall subscriber information management subsystem, local subscriber information management subsystem, overall situation authenticating user identification subsystem, local user's authentication subsystem, customer relation management subsystem.
2. the Service Privileges of large-scale distributed weather information aware platform according to claim 1 is managed subsystem, it is characterized in that system adopts user profile differentiated control, user identity distributed authentication, is divided into A, B, C tri-classes and overall user and two kinds of ranks of local user user; Wherein, category-A user: governments at all levels, the relevant industries departments such as water conservancy, civil aviaton, army and meteorology; Category-B user: the personal user of above-mentioned industry department and public welfare scientific research institutions, educational institution; C class user: the general public.
3. the Service Privileges of large-scale distributed weather information aware platform according to claim 1 is managed subsystem, it is characterized in that: the management object of overall subscriber information management subsystem is overall user, the functions such as application, registration, cancellation, subscriber authorisation, authentication and management, access statistics, user behavior tracking that mainly realize overall A, B, C tri-class users, overall user profile is managed concentratedly by national host node.
4. the Service Privileges of large-scale distributed weather information aware platform according to claim 1 is managed subsystem, it is characterized in that: the management object of local subscriber information management subsystem is local user, mainly realize A, the B of local partial node, functions such as C tri-class users' application, registration, cancellation, subscriber authorisation, authentication and management, access statistics, user behavior tracking, local user's information is in charge of by local partial node.
5. the Service Privileges of large-scale distributed weather information aware platform according to claim 1 is managed subsystem, it is characterized in that: overall authenticating user identification subsystem makes user by unified authentication and rights management, for overall user provides the information resources authentication access entrance that the whole network is unified, for user provides single-sign-on, network-wide access function.
6. the Service Privileges of large-scale distributed weather information aware platform according to claim 1 is managed subsystem, it is characterized in that: local user's authentication subsystem is according to relevant rule, implement authenticating user identification and rights management, for local user provides user to login and identity authentication function; Meanwhile, for the service of local user access local data provides support.
7. the Service Privileges of large-scale distributed weather information aware platform according to claim 1 is managed subsystem, it is characterized in that: customer relation management subsystem is by setting up online interaction platform, realize the function of user and the interaction of SIM system information management department, reply user's message, meteorological professional technique guide is provided, collects consumers' opinions and suggestion; Conversion instrument and the relevant MAIL service of subscribing to lastest imformation of data customization, data layout are provided according to user's demand simultaneously.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210365479.XA CN103679321A (en) | 2012-09-26 | 2012-09-26 | Service authority management subsystem of large-scale distributed meteorological information sensing platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210365479.XA CN103679321A (en) | 2012-09-26 | 2012-09-26 | Service authority management subsystem of large-scale distributed meteorological information sensing platform |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103679321A true CN103679321A (en) | 2014-03-26 |
Family
ID=50316803
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210365479.XA Pending CN103679321A (en) | 2012-09-26 | 2012-09-26 | Service authority management subsystem of large-scale distributed meteorological information sensing platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103679321A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116108019A (en) * | 2023-04-03 | 2023-05-12 | 中国民用航空局空中交通管理局航空气象中心 | Meteorological big data sharing service system based on distributed technology |
-
2012
- 2012-09-26 CN CN201210365479.XA patent/CN103679321A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116108019A (en) * | 2023-04-03 | 2023-05-12 | 中国民用航空局空中交通管理局航空气象中心 | Meteorological big data sharing service system based on distributed technology |
| CN116108019B (en) * | 2023-04-03 | 2023-06-16 | 中国民用航空局空中交通管理局航空气象中心 | Meteorological big data sharing service system based on distributed technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Vendil Pallin | Internet control through ownership: The case of Russia | |
| CN104094576B (en) | Different cloud service data and behavior are integrated based on the trusting relationship between cloud service | |
| CN109787815A (en) | Government information resources shared system based on block chain | |
| Ma | The construction path and mode of public tourism information service system based on the perspective of smart city | |
| CN101707594A (en) | Single sign on based grid authentication trust model | |
| WO2018031308A1 (en) | Secure private location based services | |
| CN106992988A (en) | A kind of cross-domain anonymous resource sharing platform and its implementation | |
| Cano et al. | Distributed framework for electronic democracy in smart cities | |
| Mehnen et al. | Governance and sense of place: Half a century of a German nature park | |
| CN104283961A (en) | Community management cloud service integration platform and method | |
| CN102025495A (en) | SAML2.0-based identity authentication and management | |
| CN113515732B (en) | Cross-domain unified user authentication system and method | |
| CN113986865A (en) | Cross-department service collaboration system and method based on block chain | |
| CN103593591B (en) | A kind of user profile access control method based on RBAC access control model | |
| Fukami et al. | The impact of decentralized identity architecture on data exchange | |
| CN104052613A (en) | Service access management subsystem of distributed public safety video information sensing platform | |
| CN103679321A (en) | Service authority management subsystem of large-scale distributed meteorological information sensing platform | |
| Dai | From personal ties to village welfare: changing community bonding in post-socialist rural China | |
| CN111353057A (en) | Face recognition service platform | |
| Benítez Martínez et al. | The “Tokenization” of the eParticipation in public governance: An opportunity to hack democracy | |
| Splichal et al. | Media research paradigms: Conceptual distinctions, continuing divisions | |
| Nsengimana | Reflections upon periclitations in privacy: perspectives from Rwanda’s digital transformation | |
| Backhouse | Interoperability of identity and identity management systems | |
| Sinnott et al. | Security attribute aggregation models for e-Research collaborations | |
| Jho | The transformation of cyberactivism and democratic governance in Korea: The role of technology, civil society, and institutions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140326 |