CN104424404A - Implementation method for realizing third-party escrow system through authorization management - Google Patents
Implementation method for realizing third-party escrow system through authorization management Download PDFInfo
- Publication number
- CN104424404A CN104424404A CN201310402344.0A CN201310402344A CN104424404A CN 104424404 A CN104424404 A CN 104424404A CN 201310402344 A CN201310402344 A CN 201310402344A CN 104424404 A CN104424404 A CN 104424404A
- Authority
- CN
- China
- Prior art keywords
- user
- authorization
- users
- implementation method
- realizing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to an implementation method for realizing a third-party escrow system through authorization management, which is capable of solving the problem that inconvenience is caused as one user account needs to be given to other users for operation due to a special reason in the system. Along with the continuous development of informationization, the computer application technology is already infiltrated in every industry; due to the difference of system authorization assignment, the roles of all users in the system are different, the own operation authorizations are different, the own user authorization needs to be temporarily escrowed by the other users under some conditions, the implementation method for realizing the third-party escrow system through the authorization management is realized aiming at the problems of undefined responsibility, user information leakage and the like as the authorization in the system is given to other users for use, and the problems of the system using responsibility, the user information leakage and the like can be effectively avoided.
Description
Technical field
The present invention relates to and a kind ofly realize by empowerment management the implementation method that third party manages on behalf of another system.The invention belongs to field of computer technology.
Background technology
Along with informationalized development, Computer Applied Technology has penetrated into often goes in every industry, due to the difference that System Privileges distributes, the role that each user is taken in systems in which is also different, the authority having operation is also different, in some cases (as employee goes on business, has a holiday), own user authority may be needed to allow other user temporarily on behalf of management.But easily be there is a lot of problem directly to the way of another person in user account number, such as, user profile all will inevitably be leaked user account to another people; New user is when the system of use, and data in system are got wrong by misoperation, can bring unnecessary trouble, even have larger loss to unit, and after causing damage, responsibility is indefinite.
Summary of the invention
To use thus the problems such as the responsibility brought is indefinite, user profile leakage to other user authority for this in system, this method achieves and a kind ofly realizes by empowerment management the implementation method that third party manages on behalf of another system, effectively can evade this system and use the problem such as responsibility and user profile leakage, meet the typing operational requirements of relation of inclusion business datum closely simultaneously.Concrete steps are as follows:
Step 1: delegation.After logging in system by user, selection " delegation " function can be clicked, select the people that will require to entrust, preserve.
Step 2: daily record entrusted by system log (SYSLOG).Clientage is when carrying out delegation, and system can entrust daily record by record automatically, mainly comprises the information such as clientage, mandatory, trust time.
Step 3: mandatory uses system.After the Account login system of mandatory with oneself, before can seeing, there is no the partial function of authority, every data manipulation can be carried out according to actual needs.
Step 4: system log (SYSLOG) Operation Log.System according to mandatory's practical operation record Operation Log, can comprise the information such as operator, running time, complete operation.
System is by by authority directly " transfer ", and all operation of user will leave system journal, can carry out responsibility in this way and evade.
Embodiment
Embodiment one
Use MyEclipse 8.6 as developing instrument, use special database management tools MySQL on market to set up the database required for system.
1. system manager is to user A(clientage), B(mandatory) authorize, ensure that these two users have different authorities.
2. under special circumstances, party A-subscriber login system can click " delegation " by the delegation of self to user B.
3. the Operation Log of system log (SYSLOG) scope of authority, comprises the information such as clientage, mandatory, trust time.
4. user B login system, can use all systemic-functions that user A entrusts.
5. the Operation Log that system records user B is all.Comprise the information such as operator, running time, complete operation.
In addition to the implementation, the present invention can also have other embodiments.All employings are equal to the technical scheme of replacement or equivalent transformation formation, all drop on the protection domain of application claims.
Claims (5)
1. system manager is to user A(clientage), B(mandatory) authorize, ensure that these two users have different authorities.
2. under special circumstances, party A-subscriber login system can click " delegation " by the delegation of self to user B.
3. the Operation Log of system log (SYSLOG) scope of authority, comprises the information such as clientage, mandatory, trust time.
4. user B login system, can use all systemic-functions that user A entrusts.
5. the Operation Log that system records user B is all; Comprise the information such as operator, running time, complete operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310402344.0A CN104424404A (en) | 2013-09-07 | 2013-09-07 | Implementation method for realizing third-party escrow system through authorization management |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310402344.0A CN104424404A (en) | 2013-09-07 | 2013-09-07 | Implementation method for realizing third-party escrow system through authorization management |
Publications (1)
Publication Number | Publication Date |
---|---|
CN104424404A true CN104424404A (en) | 2015-03-18 |
Family
ID=52973348
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310402344.0A Pending CN104424404A (en) | 2013-09-07 | 2013-09-07 | Implementation method for realizing third-party escrow system through authorization management |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104424404A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106778354A (en) * | 2017-01-17 | 2017-05-31 | 泰康保险集团股份有限公司 | The method and device of rights management |
CN108268793A (en) * | 2016-12-30 | 2018-07-10 | 珠海金山办公软件有限公司 | A kind of permission edit methods and device |
CN110781471A (en) * | 2019-11-09 | 2020-02-11 | 厦门中软海晟信息技术有限公司 | Method for entrusting others to carry out safety assistance by system user |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1513091A1 (en) * | 2003-09-05 | 2005-03-09 | Matsushita Electric Industrial Co., Ltd. | Data management apparatus, data management method and program thereof |
CN101714196A (en) * | 2009-11-20 | 2010-05-26 | 上海电机学院 | Authority entrusting method based on cycle time |
CN101729550A (en) * | 2009-11-09 | 2010-06-09 | 西北大学 | Digital content safeguard system based on transparent encryption and decryption method thereof |
CN103218574A (en) * | 2013-04-09 | 2013-07-24 | 电子科技大学 | Hash tree-based data dynamic operation verifiability method |
-
2013
- 2013-09-07 CN CN201310402344.0A patent/CN104424404A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1513091A1 (en) * | 2003-09-05 | 2005-03-09 | Matsushita Electric Industrial Co., Ltd. | Data management apparatus, data management method and program thereof |
CN101729550A (en) * | 2009-11-09 | 2010-06-09 | 西北大学 | Digital content safeguard system based on transparent encryption and decryption method thereof |
CN101714196A (en) * | 2009-11-20 | 2010-05-26 | 上海电机学院 | Authority entrusting method based on cycle time |
CN103218574A (en) * | 2013-04-09 | 2013-07-24 | 电子科技大学 | Hash tree-based data dynamic operation verifiability method |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108268793A (en) * | 2016-12-30 | 2018-07-10 | 珠海金山办公软件有限公司 | A kind of permission edit methods and device |
CN106778354A (en) * | 2017-01-17 | 2017-05-31 | 泰康保险集团股份有限公司 | The method and device of rights management |
CN110781471A (en) * | 2019-11-09 | 2020-02-11 | 厦门中软海晟信息技术有限公司 | Method for entrusting others to carry out safety assistance by system user |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11531495B2 (en) | Distributed storage system for long term data storage | |
RU2531569C2 (en) | Secure and private backup storage and processing for trusted computing and data services | |
Okuhara et al. | Security architecture for cloud computing | |
CN109460413B (en) | Method and system for establishing account across block chains | |
US8356105B2 (en) | Enterprise device policy management | |
Moffett et al. | Specifying discretionary access control policy for distributed systems | |
EP2909770B1 (en) | Computerized method and system for managing networked secure collaborative exchange environment | |
US20030229812A1 (en) | Authorization mechanism | |
US20080107271A1 (en) | Systems and Methods for Document Control Using Public Key Encryption | |
DE102012219155A1 (en) | Encrypt data objects for data backup | |
US8516138B2 (en) | Multiple authentication support in a shared environment | |
US20200394206A1 (en) | Channeling data with decentralized identity stores | |
CN105184144A (en) | Multi-system privilege management method | |
US20190386998A1 (en) | Data transfer in a data protection system | |
CN103369022A (en) | Method and system for communication with memory device | |
CN105225072A (en) | A kind of access management method of multi-application system and system | |
CN103164828A (en) | Electronic government affair system based on software as a service (SaaS) | |
US20220108031A1 (en) | Cloud Core Architecture for Managing Data Privacy | |
CN104424404A (en) | Implementation method for realizing third-party escrow system through authorization management | |
CN110555310A (en) | private data secure storage and sharing method and device thereof | |
Mortier et al. | The personal container, or your life in bits | |
CN109784016B (en) | Authority management method, system, electronic device and medium | |
Zheng et al. | Dynamic Role-Based Access Control Model. | |
Eltaeib et al. | Taxonomy of challenges in cloud security | |
CN105227551A (en) | The uniform permission administration method of XBRL application platform |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150318 |
|
WD01 | Invention patent application deemed withdrawn after publication |