CN104410640B - A kind of authority control method and system of the acquisition of information under distributed cooperation environment - Google Patents

A kind of authority control method and system of the acquisition of information under distributed cooperation environment Download PDF

Info

Publication number
CN104410640B
CN104410640B CN201410722053.4A CN201410722053A CN104410640B CN 104410640 B CN104410640 B CN 104410640B CN 201410722053 A CN201410722053 A CN 201410722053A CN 104410640 B CN104410640 B CN 104410640B
Authority
CN
China
Prior art keywords
user
signal
equipment
permission
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201410722053.4A
Other languages
Chinese (zh)
Other versions
CN104410640A (en
Inventor
江志和
张超
谭小刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Vtron Technologies Ltd
Original Assignee
Vtron Technologies Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vtron Technologies Ltd filed Critical Vtron Technologies Ltd
Priority to CN201410722053.4A priority Critical patent/CN104410640B/en
Publication of CN104410640A publication Critical patent/CN104410640A/en
Application granted granted Critical
Publication of CN104410640B publication Critical patent/CN104410640B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The authority control method and system of the present invention relates to a kind of under distributed cooperation environment acquisition of information.Method includes the registration request of administrative center's receiving device, user, signal, and setting ID number, login password and permission simultaneously return to ID number and login password;Administrative center receives and the log-on message of verifying equipment and/or signal, and variable attribute information is changed after verifying and returns to authority information;Administrative center receives user login information, judges that the user logins successfully if user right is greater than or equal to equipment permission, changes user's variable attribute description information and returns to user right information, otherwise judge the login failed for user, returns to insufficient permission;Administrative center sets filtering rule according to equipment and the permission size of signal, and signal list can be checked by returning to the user in the user place equipment logged in that succeeded according to filtering rule.The present invention can effectively solve in control room information interconnection and intercommunication bring in the application of distributed multi-service multi-person synergy system and safely and controllably challenge.

Description

A kind of authority control method and system of the acquisition of information under distributed cooperation environment
Technical field
The present invention relates to distributed systems, more particularly, to a kind of power of acquisition of information under distributed cooperation environment Limit control method and system.
Background technique
With the development of network technology and the promotion of speed, the synergistic application under distributed environment is widely used based on network Technology for information acquisition, can transmit and obtain whenever and wherever possible text, multimedia and various forms of computer output signals (commonly referred to herein as information), and can easily interconnect in the plurality of devices of multi-person synergy, it is total by information Realization is enjoyed and interacts mostly manually to cooperate with.
Control room is a typical multiple-person cooperative work environment, mainly includes the high-resolution for information centralized displaying Splicing wall display system (VW:Video Wall), various signal sources and various signal access devices.Control room generally has more A operation system is run simultaneously, and multiple business departments use simultaneously, is also needed temporarily to access oracle sometimes or will be believed Breath shares to outside, is such as shown to the signal of mobile device (plate, mobile phone) and spells on wall, or will spell the specified signal on wall It is shown to aobvious with participant in the interactive digital whiteboard screen (IDB:Interactive Digital Board) of meeting room Show in terminal.These demands are often flexible and changeable, and control room only carries out priority assignation and limit to user in the prior art System, from information security and it is controllable from the perspective of, traditional control room security strategy is difficult to meet this interim changeable information Interconnect demand, generally requires to do many setting and configuration in advance, time-consuming and laborious.
Summary of the invention
The present invention in order to overcome at least one of the drawbacks of the prior art described above (deficiency), provides a kind of ensure and connects various Enter flexibly to carry out the controllable information under distributed cooperation environment that ensures information safety while interconnecting of signal in equipment The authority control method of acquisition.
The present invention also provides guarantees while interconnecting that a kind of guarantee flexibly carries out signal on various access devices The controllable authority control system of acquisition of information under distributed cooperation environment of information security.
In order to solve the above technical problems, technical scheme is as follows:
A kind of authority control method of the acquisition of information under distributed cooperation environment, comprising:
The registration request of administrative center's receiving device, user or signal, setting ID number, login password and permission simultaneously return ID number and login password;
Administrative center receives and the log-on message of verifying equipment and/or signal, and the equipment and/or letter are changed after being verified Number variable attribute information and return to authority information;
Administrative center receives the log-on message that user is issued using the equipment logined successfully, if user right is greater than or waits Then judge that the user logs in success in equipment permission, change the variable attribute description information of user and return to user right information, Otherwise judge the login failed for user, return to insufficient permission information;
Administrative center sets filtering rule according to equipment and the permission size of signal, according to filtering rule to successfully stepping on All signal lists that the user can check are returned in the equipment used by a user of record.
Method of the invention uses permission centralized distribution and control, and administrative center is to equipment, the user for issuing registration request Globally unique ID number and login password are distributed with signal, and the permission of equipment, user and signal can be separately provided, and by ID Number the corresponding equipment of registration request or user or signal, only registered equipment, signal and user are returned to login password It can show and use in control room, improve the safety of control room information exchange;Secondly, in distributed collaboration process In, equipment and user log in and require to verify, and judge automatically equipment according to authority information and whether user has permission and step on Record and judge automatically whether user and equipment have the permission for obtaining signal, this mode passes through the power to equipment, user and signal Limit is come to equipment, the realization of the information exchange of user controllably, can effectively solve distributed multi-service multi-person synergy system in control room Information interconnection and intercommunication bring is safely and controllably challenged in.
A kind of authority control system of the acquisition of information under distributed cooperation environment, including administrative center, in the management The heart includes:
Registration request processing module, for the registration request of receiving device, user or signal, be arranged unique ID number, Login password and Permission Levels simultaneously return to ID number and login password;
Equipment and signal login module, for receiving and verifying the log-on message of equipment and/or signal, after being verified more Change the variable attribute information of the equipment and/or signal and returns to authority information;
User log-in block, the log-on message issued for receiving user using the equipment logined successfully, if user weighs Limit is greater than or equal to equipment permission and then judges that the user logins successfully, and changes the variable attribute description information of user and returns to user Otherwise authority information judges the login failed for user, return to insufficient permission information;
Signal list obtains module, for setting filtering rule according to the permission size of equipment and signal, is advised according to filtering All signal lists that the user can check then are returned in the equipment used by a user for the login that succeeded.
System of the invention uses permission centralized distribution and control, and the registration request processing module of administrative center infuses sending Equipment, user and the signal of volume request distribute globally unique ID number and login password, and equipment, Yong Huhe can be separately provided The permission of signal, and ID number and login password are returned into the corresponding equipment of registration request or user or signal, only registered Equipment, signal and user can show and use in control room, improve the safety of control room information exchange;Secondly, During distributed collaboration, equipment login module and user log-in block are in equipment and process of user login to log-on message It is verified, and equipment is judged automatically according to authority information and whether user has permission login and obtain mould using signal list Block judges automatically user and whether equipment has a permission for obtaining signal, this system by the permission to equipment, user and signal come Equipment, the information exchange of user are realized controllably, distributed multi-service multi-person synergy system application in control room can be effectively solved Middle information interconnection and intercommunication bring is safely and controllably challenged.
Detailed description of the invention
Fig. 1 is a kind of stream of the authority control method specific embodiment of the acquisition of information under distributed cooperation environment of the present invention Cheng Tu.
Fig. 2 is the processing stream registered in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention Cheng Tu.
Control when Fig. 3 is a kind of authority control method concrete application of acquisition of information under distributed cooperation environment of the present invention Room architecture diagram processed.
Fig. 4 is signal login authentication in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention Flow chart.
Fig. 5 is that equipment and user step in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention Record verifying flow chart.
Fig. 6 is that signal list obtains in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention Flow chart.
Fig. 7 is signal permission change in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention Flow chart.
Fig. 8 is equipment permission change in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention Flow chart.
Fig. 9 is user right change in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention Flow chart.
Figure 10 is a kind of architecture diagram of the authority control system of the acquisition of information under distributed cooperation environment of the present invention.
Specific embodiment
The attached figures are only used for illustrative purposes and cannot be understood as limitating the patent;
In order to better illustrate this embodiment, the certain components of attached drawing have omission, zoom in or out, and do not represent actual product Size;
To those skilled in the art, it is to be understood that certain known features and its explanation, which may be omitted, in attached drawing 's.
In the description of the present invention, it is to be understood that, term " first ", " second " are used for description purposes only, and cannot It is interpreted as indication or suggestion relative importance or implies the quantity of indicated technical characteristic." first " that limits as a result, " One or more of the features can be expressed or be implicitly included to two " feature.In the description of the present invention, unless otherwise saying Bright, the meaning of " plurality " is two or more.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation " " connects Connect " it shall be understood in a broad sense, for example, it may be being fixedly connected, it may be a detachable connection, or be integrally connected;It can be machine Tool connection, is also possible to be electrically connected;It can be directly connected, be also possible to be indirectly connected with by intermediary, it may be said that two Connection inside element.For the ordinary skill in the art, above-mentioned term can be understood in the present invention with concrete condition Concrete meaning.
The following further describes the technical solution of the present invention with reference to the accompanying drawings and examples.
Embodiment 1
As shown in Figure 1, specifically real for a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention Apply the flow chart of example.Referring to Fig. 1, a kind of permission control new method of acquisition of information under distributed cooperation environment of the present invention has Include the following steps:
S101. the registration request of administrative center's receiving device, user or signal, setting ID number, login password and permission And return to ID number and login password;
S102. administrative center receives and verifies the log-on message of equipment and/or signal, and the equipment is changed after being verified And/or signal variable attribute information and return to authority information;
S103. administrative center receives the log-on message that user is issued using the equipment logined successfully, if user right is big Then judge that the user logins successfully in or equal to equipment permission, change the variable attribute description information of user and returns to user right Otherwise information judges the login failed for user, return to insufficient permission information;
S104. administrative center sets filtering rule according to equipment and the permission size of signal, according to filtering rule to All signal lists that the user can check are returned in the equipment used by a user that success logs in.
Based on above scheme, the administrative center of this specific embodiment receives the registration from equipment, user or signal and asks It asks, according to the ID number of registration request generating device, user or signal, login password and permission, and to equipment, user or signal ID number and login password are returned to, so as to subsequent login use;In login process, administrative center receives and verifying equipment, letter Number and user log-on message and determine whether to log in conjunction with permission and the equipment that whether allows signal to use in user Upper display can prevent from illegally registering equipment, user or signal entering in system in the process using registration process, And judge whether user allow to be shown to equipment using equipment and signal using the permission of equipment, user and signal And user so that in the distributed multi-service multi-person synergy system of control room information the control for interconnecting to obtain safety, The controllability for guaranteeing information exchange is controlled by Trinitarian permission, can effectively solve the more people of distributed multi-service in control room Information interconnection and intercommunication bring is safely and controllably challenged in cooperative system application.
In the specific implementation process, as shown in Fig. 2, in step S101 using administrative center to equipment, signal and user into Row registration management, equipment, signal and user send a request for registration to administrative center, and administrative center receives registration request and generates and sets The relevant information of standby, user and signal, by the local data base of information preservation to administrative center if succeeding in registration, and to Equipment, user or signal return to ID number and login password, if registration failure, administrative center can be accused by returning to miscue Know equipment, user or signal login failure.In a particular application, equipment, signal and user require managing in control room Center is registered, and equipment, signal and user correspond to globally unique ID number and login password after registration, and administrative center is also Individually setting signal permission, equipment permission and user right, only registered equipment, signal and user side can control Room shows and uses.As shown in figure 3, for the system architecture under the distributed cooperation environment of control room in concrete application of the invention Figure, equipment, which can be, spells wall display system, IDB display system, PC machine, mobile terminal etc., when concrete application inside administrative center Registration information is managed by local data base.
As shown in Figures 4 and 5, it carries out equipment in step s 102 and/or signal login authentication, equipment and/or signal is opening The ID number and login password returned when passing through registration after dynamic automatically logs into administrative center, and administrative center is according to ID number and logs in close Code login is verified, after being verified, administrative center the variable attribute information of equipment and/or signal is modified and to Equipment, signal return to corresponding authority information.Equipment and signal acquisition authority information can be saved in local.Wherein, it can be changed and belong to Property information include but is not limited to status information and IP address, status information includes the states such as online and not online.
As shown in figure 5, user needs be successfully logged onto management during the user login validation of step S103 It is logged in the equipment at center, the log-on message of user is issued by the equipment, such as ID number and login password, administrative center is connect The equipment permission that user right and user use is judged after receiving log-on message, if user right is greater than or equal to Equipment permission then judges that the equipment can be used in the user, while administrative center updates the variable attribute description information of user, such as The IP address that user logs in, and user right information is returned, otherwise user right then judges that the user cannot less than equipment permission Using the equipment, login failure prompts insufficient permission.
As shown in fig. 6, step S104 is verified to acquisition signal in the specific implementation process.User logins successfully Afterwards, the signal list that the equipment permission build user that administrative center uses according to user can currently check is root when specifically generating It is carried out according to preset filtering rule.Filtering rule can be, but not limited to:
If signal permission is higher than equipment permission, user cannot check the signal on the login device, if signal permission Equal to or less than equipment permission, then user can check the signal in equipment.
Administrative center returns to all signal lists that this user can check according to filtering rule, and user can according to signal list To select arbitrary signal and directly initiate request of data to signal.
Signal in user selection signal list is directly initiated the connection to signal, request data;After successful connection, signal hair Equipment used by a user is transmitted data to be shown, equipment used by a user receive the data that signal is sent and local into Row display.Administrative center is needed not move through in the process, guarantees to can be realized information exchange in the case where information interaction security Simplify, high-speeding.
In the specific implementation process, administrative center can change the permission of equipment, user and signal, when administrative center changes After equipment permission, user right or signal permission, sending permission update notification is understood by administrative center, at this time equipment, user and signal It can be presence and be also possible to not presence.Under presence, i.e., under logging state, administrative center's change is in login The equipment of state, user perhaps signal permission and to corresponding equipment, user or signal sending permission update notification, specifically It is as Figure 7-9:
Administrator changes signal permission in administrative center, and signal can receive permission notice of change, the letter that will locally save Number authority credentials is revised as current value, while administrative center can send signal power to all users for checking the signal were originally had permission Update notification is limited, if signal permission adjusted is greater than or equal to the equipment permission of active user, by signal from can check It is deleted in signal list, if permission adjusted is less than the equipment permission of active user, signal, which is added to, can check letter Number list.
Administrator changes equipment permission in administrative center, and equipment can receive permission notice of change, if setting after change Standby permission improves, and is greater than active user's permission, then active user cannot reuse the equipment, and user is forced to nullify.If set Standby permission improves, and still less than or equal to active user's permission, then the equipment, but the signal that can be checked can be used in active user It can increase, administrative center will be improved due to equipment permission and the newly-increased signal checked is sent to equipment, and is updated and can be checked Signal list.If the equipment permission after change reduces, the signal that can be checked can reduce, can be automatically deleted in signal list and weigh Limit for height is in the signal of equipment permission.
Administrator changes user right in administrative center, and user can receive permission notice of change, if the use after change Family permission improves, then user can continue to use the equipment, if the user right after change drops below current device power Limit, then user cannot be used continuously the equipment, and user is forced to nullify.
In the specific implementation process, when signal, equipment and user are no longer allowed in control room in use, administrative center can To nullify signal, equipment and user.
In the method for the invention, the control of signal, equipment and the permission of user can effectively be solved to control using administrative center Information interconnection and intercommunication bring is safely and controllably challenged in the application of distributed multi-service multi-person synergy system in room processed.And it utilizes Management to Permission Levels, the present invention can carry out flexible deployment to indoor equipment, user and signal is controlled, support any more Display equipment, signal and user used in control room, system, which can according to need, to be expanded.In addition, side of the invention Method can be with flexible configuration, and administrative center can need to change any permission at any time according to application, equipment when permission is changed, signal and User does not need to log in again, and the update of permission can be carried out with direct-on-line, is easy to use, and can be according to the change of permission Signal list that real-time update user can check ensures that specified permission user can only see it and be authorized at any time and sees Information.
Embodiment 2
On the basis of embodiment 1, the permission control of the present invention also provides a kind of under distributed cooperation environment acquisition of information System processed.Referring to Figure 10, a kind of authority control system of the acquisition of information under distributed cooperation environment of the present invention specifically includes pipe Equipment, signal and user in reason center 201, administrative center and control room can establish connection and carry out information exchange;Institute Stating administrative center 201 includes:
Registration request processing module 2011 is arranged ID number, steps on for the registration request of receiving device, user or signal Record password and permission simultaneously return to ID number and login password;
Equipment and signal login module 2012 are verified for receiving the log-on message with checking signal and/or equipment The variable attribute information of the equipment and/or signal and the authority information of returning equipment are changed afterwards;
User log-in block 2013, the log-on message issued for receiving user using the equipment logined successfully, if with Family permission is greater than or equal to equipment permission and then judges that the user logins successfully, and changes the variable attribute description information of user and returns Otherwise user right information judges the login failed for user, return to insufficient permission information;
Signal list obtains module 2014, for setting filtering rule according to the permission size of equipment and signal, according to mistake Filter rule returns to all signal lists that the user can check in the equipment used by a user for the login that succeeded.
Based on above scheme, the registration request processing module 2011 of this specific embodiment receive from equipment, user or The registration request of signal, according to the ID number of registration request generating device, user or signal, login password and permission, and to setting Standby, user or signal return to ID number and login password, so as to subsequent login use;In login process, registration request processing Module 2011 receives and verifying equipment, the log-on message of signal and user and determine whether to log in conjunction with permission and whether Allow signal to show in the equipment that user uses, in the process, can prevent from illegally registering equipment using registration process, use Family or signal enter in system, and judged using the permission of equipment, user and signal user whether use equipment with And whether signal allows to be shown to equipment and user so that in the distributed multi-service multi-person synergy system of control room information it is mutual Connection intercommunication obtains the control of safety, and the controllability for guaranteeing information exchange is controlled by Trinitarian permission, can effectively be solved Information interconnection and intercommunication bring is safely and controllably challenged in the application of distributed multi-service multi-person synergy system in control room.
In the specific implementation process, registration pipe is carried out to equipment, signal and user using registration request processing module 2011 Reason, equipment, signal and user send a request for registration to the registration request processing module 2011 of administrative center, and registration request handles mould Block 2011 receives registration request and generating device, the relevant information of user and signal, arrives information preservation if succeeding in registration In local data base, and ID number and login password are returned to equipment, user or signal, if registration failure, registration request processing Module 2011 can be by returning to miscue annunciator, user or signal login failure.In a particular application, control room Middle equipment, signal and user require to register in the registration request processing module 2011 of administrative center, equipment, letter after registration Number and user all correspond to globally unique ID number and login password, administrative center also individually setting signal permission, equipment Permission and user right, only registered equipment, signal and user side can show and use in control room.
In the specific implementation process, equipment and signal login module 2012 carry out equipment and/or signal login authentication, equipment And/or signal passes through the ID number returned when registration after actuation and login password automatically logs into the equipment and signal of administrative center Login module 2012, equipment and signal login module 2012 verify login according to ID number and login password, are verified Afterwards, equipment and signal login module 2012 are modified the variable attribute information of equipment and/or signal and return to equipment, signal Return corresponding authority information.Equipment and signal acquisition authority information can be saved in local.Wherein, variable attribute information include but It is not limited to status information and IP address, status information includes the states such as online and not online.
In the specific implementation process, during user log-in block 2013 is to user login validation, user needs It is successfully logged onto the equipment of administrative center and is logged in, the log-on message of user is issued by the equipment, such as ID number and login Password, the user log-in block 2013 of administrative center weigh the equipment that user right and user use after receiving log-on message Limit is judged, judges that the equipment, while user can be used in the user if user right is greater than or equal to equipment permission Login module 2013 updates the variable attribute description information of user, such as the IP address that user logs in, and returns to user right information, Otherwise user right then judges that the user cannot use the equipment less than equipment permission, and login failure prompts insufficient permission.
It states in scheme in realization, user log-in block 2013 and equipment and signal login module 2012 can close two and be One, function is integrated into the same module and is handled.
Signal list, which obtains module 2014, in the specific implementation process is verified to acquisition signal.User logins successfully Afterwards, the letter that the equipment permission build user that the signal list of administrative center obtains that module 2014 is used according to user can currently check Number list, specific when generating is carried out according to preset filtering rule.Filtering rule can be, but not limited to:
If signal permission is higher than equipment permission, user cannot check the signal on the login device, if signal permission Equal to or less than equipment permission, then user can check the signal in equipment.
Signal list obtains module 2014 and returns to all signal lists that this user can check, Yong Hugen according to filtering rule It is believed that a number list can choose arbitrary signal and directly initiate request of data to signal.
Signal in user selection signal list is directly initiated the connection to signal, request data;After successful connection, signal hair Equipment used by a user is transmitted data to be shown, equipment used by a user receive the data that signal is sent and local into Row display.Administrative center is needed not move through in the process, guarantees to can be realized information exchange in the case where information interaction security Simplify, high-speeding.
In the specific implementation process, administrative center can change the permission of equipment, user and signal, when administrative center changes After equipment permission, user right or signal permission, sending permission update notification is understood by administrative center, at this time equipment, user and signal It can be presence and be also possible to not presence.Under presence, i.e., under logging state, administrative center's change is in login The equipment of state, user perhaps signal permission and to corresponding equipment, user or signal sending permission update notification, specifically Registration request processing mould 2011 be can use to complete.For being in the object of logging state, registration request handles mould 2011 more Change and perhaps signal permission and is updated to corresponding equipment, user or signal sending permission logical in the equipment of logging state, user Know, specifically:
Registration request handles mould 2011 and changes signal permission, and signal can receive permission notice of change, by what is locally saved Signal authority credentials is revised as current value, while the registration request processing mould 2011 of administrative center can check the letter to originally having permission Number all users send signal permission update notification, at this time the signal list update module of administrative center registration request processing Mould 2011 judges whether the permission of the signal is less than or equal to the permission of equipment after changing signal permission, if then the signal increases It is added in the signal list that user can check, otherwise deletes the signal from the signal list that user can check.
Administrator changes equipment permission in the registration request processing mould 2011 of administrative center, and equipment can receive permission change Notice is greater than active user's permission if the equipment permission after change improves, then active user cannot reuse the equipment, this When administrative center cancellation module can registration request processing module change equipment permission after judge whether the permission of equipment is greater than Using the permission of the user of the equipment, if the then login of the kick out user.If equipment permission improve, still less than or Equal to active user's permission, then the equipment can be used in active user, but the signal that can be checked can increase, at this time administrative center Signal list update module judges whether the permission of the equipment is higher than after the permission that registration request processing mould 2011 changes equipment Otherwise the permission of signal can check the signal from user if then the signal increases in the signal list that user can check Signal list in delete.
Administrator changes user right in the registration request processing mould 2011 of administrative center, and user can receive permission change Notice;The cancellation module of administrative center can judge the power of equipment after registration request processing module 2011 changes user right at this time Whether limit is greater than the permission of the user using the equipment, if the then login of the kick out user.If the user after change Permission improves, then user can continue to use the equipment, if the user right after change drops below current device permission, Then user cannot be used continuously the equipment, and user is forced to nullify.
In the specific implementation process, when signal, equipment and user are no longer allowed in control room in use, administrative center Registration request processing mould 2011 can nullify signal, equipment and user.
It in the system of the present invention, can to the control of signal, equipment and the permission of user using the modules of administrative center Effectively information interconnection and intercommunication bring is safely and controllably chosen in the application of distributed multi-service multi-person synergy system in solution control room War.And using the management to Permission Levels, the present invention can carry out flexible portion to indoor equipment, user and signal is controlled Administration supports any more display equipment, signal and user to use in control room, and system, which can according to need, to be expanded.This Outside, method of the invention can need to change any permission, permission change at any time with flexible configuration, administrative center according to application When equipment, signal and user do not need to log in again, the update of permission can be carried out with direct-on-line, is easy to use, and can According to the signal list that the change real-time update user of permission can check, ensure that specified permission user can only see at any time It is authorized to the information seen.
The same or similar label correspond to the same or similar components;
Described in attached drawing positional relationship for only for illustration, should not be understood as the limitation to this patent;
Obviously, the above embodiment of the present invention be only to clearly illustrate example of the present invention, and not be pair The restriction of embodiments of the present invention.For those of ordinary skill in the art, may be used also on the basis of the above description To make other variations or changes in different ways.There is no necessity and possibility to exhaust all the enbodiments.It is all this Made any modifications, equivalent replacements, and improvements etc., should be included in the claims in the present invention within the spirit and principle of invention Protection scope within.

Claims (9)

1. a kind of authority control method of the acquisition of information under distributed cooperation environment characterized by comprising
The registration request of administrative center's receiving device, user or signal, setting ID number, login password and permission simultaneously return to ID number And login password;
Administrative center receives and the log-on message of verifying equipment and signal, and the variable category of the equipment and signal is changed after being verified Property information simultaneously returns to authority information;
Administrative center receives the log-on message that user is issued using the equipment logined successfully, sets if user right is greater than or equal to Standby permission then judges that the user logins successfully, and changes the variable attribute description information of user and returns to user right information, otherwise Judge that the user fails, returns to insufficient permission information;
Administrative center sets filtering rule according to equipment and the permission size of signal, according to filtering rule to the login that succeeded All signal lists that the user can check are returned in equipment used by a user.
2. the authority control method of the acquisition of information according to claim 1 under distributed cooperation environment, which is characterized in that The method also includes:
Administrative center's change is in the equipment of logging state, user perhaps signal permission and to corresponding equipment, user or signal Sending permission update notification.
3. the authority control method of the acquisition of information according to claim 2 under distributed cooperation environment, which is characterized in that The method also includes:
Also judge whether the permission of equipment is greater than the user using the equipment after administrative center change user or equipment permission Permission, if the then login of the kick out user.
4. the authority control method of the acquisition of information according to claim 2 under distributed cooperation environment, which is characterized in that The method also includes:
Also judge whether the permission of the equipment is higher than the permission of signal after the permission of administrative center's change signal or equipment, if Then the signal increases in the signal list that user can check, otherwise deletes the signal from the signal list that user can check It removes.
5. the authority control method of the acquisition of information according to claim 1-4 under distributed cooperation environment, It is characterized in that,
The signal in user selection signal list after logining successfully simultaneously directly is initiated the connection to signal;
Equipment used by a user receives the data that signal is sent and is shown locally.
6. a kind of authority control system of the acquisition of information under distributed cooperation environment, which is characterized in that including administrative center, institute Stating administrative center includes:
Registration request processing module, for the registration request of receiving device, user or signal, be arranged ID number, login password and Permission simultaneously returns to ID number and login password;
Equipment and signal login module are changed this after being verified and are set for receiving and verifying the log-on message of equipment and signal Standby and signal variable attribute information simultaneously returns to authority information;
User log-in block, the log-on message issued for receiving user using the equipment logined successfully, if user right is big Then judge that the user logins successfully in or equal to equipment permission, change the variable attribute description information of user and returns to user right Otherwise information judges that the user fails, returns to insufficient permission information;
Signal list obtain module, for according to the permission size of equipment and signal set filtering rule, according to filtering rule to Succeeded login equipment used by a user on return to all signal lists that the user can check.
7. the authority control system of the acquisition of information according to claim 6 under distributed cooperation environment, which is characterized in that Registration request processing module is also used to change equipment, user or the signal permission for being in logging state, and to corresponding equipment, use Family or signal sending permission update notification.
8. the authority control system of the acquisition of information according to claim 7 under distributed cooperation environment, which is characterized in that Administrative center further include:
Cancellation module judges whether the permission of equipment is greater than after changing user or equipment permission for registration request processing module Using the permission of the user of the equipment, if the then login of the kick out user.
9. the authority control system of the acquisition of information according to claim 7 under distributed cooperation environment, which is characterized in that Administrative center further include:
Signal list update module judges the equipment after changing the permission of signal or equipment for registration request processing module Whether permission is higher than the permission of signal, if then the signal increases in the signal list that user can check, otherwise by the signal It is deleted from the signal list that user can check.
CN201410722053.4A 2014-12-03 2014-12-03 A kind of authority control method and system of the acquisition of information under distributed cooperation environment Expired - Fee Related CN104410640B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410722053.4A CN104410640B (en) 2014-12-03 2014-12-03 A kind of authority control method and system of the acquisition of information under distributed cooperation environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410722053.4A CN104410640B (en) 2014-12-03 2014-12-03 A kind of authority control method and system of the acquisition of information under distributed cooperation environment

Publications (2)

Publication Number Publication Date
CN104410640A CN104410640A (en) 2015-03-11
CN104410640B true CN104410640B (en) 2019-04-16

Family

ID=52648238

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410722053.4A Expired - Fee Related CN104410640B (en) 2014-12-03 2014-12-03 A kind of authority control method and system of the acquisition of information under distributed cooperation environment

Country Status (1)

Country Link
CN (1) CN104410640B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108156111B (en) * 2016-12-02 2021-12-03 北大方正集团有限公司 Method and device for processing network service authority
CN111125684B (en) * 2019-12-16 2024-01-30 南京国电南自轨道交通工程有限公司 Multi-control-room authority handing-over method for SCADA (supervisory control and data acquisition) system control center

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1481112A (en) * 2002-09-12 2004-03-10 联想(北京)有限公司 Service renting and authorizing method for realizing resource sharing in household network
CN101056343A (en) * 2007-06-19 2007-10-17 华为技术有限公司 Method and call terminal for multiple users to use the same call terminal
CN101110702A (en) * 2007-08-14 2008-01-23 中兴通讯股份有限公司 Method for command line interface authority classification and system thereof
CN102148867A (en) * 2011-02-09 2011-08-10 杭州华三通信技术有限公司 Method and device for accessing page based on user permission
CN103986734A (en) * 2014-06-05 2014-08-13 东信和平科技股份有限公司 Authentication management method and authentication management system applicable to high-security service system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002078286A2 (en) * 2001-03-27 2002-10-03 Bea Systems, Inc. System and method for managing objects and resources with access rights embedded in nodes within a hierarchical tree structure
CN101146243A (en) * 2006-09-15 2008-03-19 华为技术有限公司 A service subscription method, system and corresponding device
JP5814639B2 (en) * 2011-06-09 2015-11-17 キヤノン株式会社 Cloud system, cloud service license management method, and program

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1481112A (en) * 2002-09-12 2004-03-10 联想(北京)有限公司 Service renting and authorizing method for realizing resource sharing in household network
CN101056343A (en) * 2007-06-19 2007-10-17 华为技术有限公司 Method and call terminal for multiple users to use the same call terminal
CN101110702A (en) * 2007-08-14 2008-01-23 中兴通讯股份有限公司 Method for command line interface authority classification and system thereof
CN102148867A (en) * 2011-02-09 2011-08-10 杭州华三通信技术有限公司 Method and device for accessing page based on user permission
CN103986734A (en) * 2014-06-05 2014-08-13 东信和平科技股份有限公司 Authentication management method and authentication management system applicable to high-security service system

Also Published As

Publication number Publication date
CN104410640A (en) 2015-03-11

Similar Documents

Publication Publication Date Title
CN101834878B (en) Multiuser system privilege management method and instant messaging system applying same
CN1988489B (en) Intelligent system and method for monitoring house
CN1863195B (en) Family network system with safety registration function and method thereof
EP2658207B1 (en) Authorization method and terminal device
CN103516514B (en) The establishing method of account access rights and control device
CN106993151A (en) A kind of Videoconference Management System and method
CN110730153A (en) Account configuration method, device and system of cloud equipment and data processing method
CN101217368A (en) A network logging on system and the corresponding configuration method and methods for logging on the application system
CN106155463B (en) Mobile bulletin board system and method for setting information on top
CN102195930B (en) Security access method among equipment and communication equipment
CN101018155A (en) Network element management method, system and network element
CN109413080B (en) Cross-domain dynamic authority control method and system
CN101453357A (en) Network management control method and network management control system
CN109063576A (en) Management method and device for flight movement node
CN105827598A (en) Method and system for strengthening WiFi security of access router
CN105306203A (en) Account login method, device and system
CN103516674B (en) Quickly and the method for network device online and control device
CN104410640B (en) A kind of authority control method and system of the acquisition of information under distributed cooperation environment
CN104038501A (en) Cluster management system and cluster management method for display terminal
CN101945086A (en) Security system access business platform for video type security gateway and information transmission method
CN101090336A (en) Command line interface authority hierarchical method for network equipment
CN105704154B (en) A kind of service processing method based on RESTful, apparatus and system
US20070088840A1 (en) Methods and arrangements for managing and maintaining a switch environment
CN201111137Y (en) Post authoring apparatus
CN102194169B (en) Unified communication management method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190416

Termination date: 20211203

CF01 Termination of patent right due to non-payment of annual fee