CN104751077A - Access control method and device - Google Patents

Access control method and device Download PDF

Info

Publication number
CN104751077A
CN104751077A CN201510189555.XA CN201510189555A CN104751077A CN 104751077 A CN104751077 A CN 104751077A CN 201510189555 A CN201510189555 A CN 201510189555A CN 104751077 A CN104751077 A CN 104751077A
Authority
CN
China
Prior art keywords
described
registered user
enterprise
privately owned
owned cloud
Prior art date
Application number
CN201510189555.XA
Other languages
Chinese (zh)
Inventor
沈文策
Original Assignee
沈文策
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 沈文策 filed Critical 沈文策
Priority to CN201510189555.XA priority Critical patent/CN104751077A/en
Publication of CN104751077A publication Critical patent/CN104751077A/en

Links

Abstract

An embodiment of the invention discloses an access control method and device which is applied to an enterprise private cloud. Operation access of every registered user to specific services under the enterprise private cloud and operation access of every registered user to specific services under every application system are stored in the enterprise private cloud and the registered users are registered on the enterprise private cloud. The access control method includes that the enterprise private cloud receives an operation request of every registered user, wherein every operation request is used for indicating a specified object and the specific operation; the operation access authentication is performed on every registered user through the enterprise private cloud so as to determine whether the registered user has the operation access to execute the corresponding specific operation or not under the corresponding specified object; the specific operation is executed according to the corresponding specified object through the enterprise private cloud or the specific operation is executed according to the corresponding specified object through the application system indicated in the corresponding operation request due to the notification of the enterprise private cloud after the operation access authentication succeeds. According to the access control method and device, the user account management and the control on the user access are convenient.

Description

Authority control method and device

Technical field

The present invention relates to technical field of data processing, more particularly, relate to authority control method and device.

Background technology

The one's own Cloud Server of privately owned Yun Shi enterprise of enterprise, and server is not opened to the outside world, only supplies intra-company's librarian use.The privately owned cloud of enterprise can connect with multiple application system, such as Content Management System, roadshow center etc.

In existing mode, a user has different account numbers in different application systems, and it is very not convenient that management is got up, and meanwhile, is also unfavorable for controlling user right.

Summary of the invention

In view of this, the object of the embodiment of the present invention is to provide authority control method and device, not convenient to nusrmgr.cpl to solve existing mode, does not utilize the problem controlled user right.

For achieving the above object, the embodiment of the present invention provides following technical scheme:

First aspect, provide a kind of authority control method, be applied to the privately owned cloud of enterprise, the privately owned cloud of described enterprise and multiple application system connect, the privately owned cloud of described enterprise stores the operating right of each registered user to business concrete under the privately owned cloud of described enterprise, and each registered user is to the operating right of business concrete under application system described in each, and described registered user is the user registered on the privately owned cloud of described enterprise;

Described method comprises:

The privately owned cloud of described enterprise receives the operation requests that registered user sends; Described operation requests is used to indicate appointed object and concrete operations; Described appointed object is the concrete business under the privately owned cloud of enterprise, or described appointed object is the concrete business under application system;

The privately owned cloud of described enterprise carries out operating right authentication to described registered user, to confirm whether described registered user has the operating right performing described concrete operations under described appointed object;

After the success of operating right authentication, the privately owned cloud of described enterprise performs described concrete operations for described appointed object, or the privately owned cloud of described enterprise notifies that the application system indicated in described operation requests performs described concrete operations for described appointed object.

Preferably, each registered user has bundle of permissions rank; Described method also comprises:

The registered user that bundle of permissions rank is high is the operating right of concrete business under registered user that at least one bundle of permissions rank is low divides the privately owned cloud of the described enterprise of pairing; And,

The high registered user of bundle of permissions rank divides the operating right of concrete business under pairing application system described in each for registered user that at least one bundle of permissions rank is low.

Preferably, described bundle of permissions rank at least comprises from high to low: super keeper, secondary super keeper, department manager, secondary department manager, general management person and observer.

Preferably, described concrete operations are for increasing, deleting, revise or inquiry.

Preferably, described registered user is associated with the role under at least one application system, and described role comprises the operating right of concrete business.

Second aspect, provide a kind of permission control device, be applied to the privately owned cloud of enterprise, the privately owned cloud of described enterprise and multiple application system connect, the privately owned cloud of described enterprise stores the operating right of each registered user to business concrete under the privately owned cloud of described enterprise, and each registered user is to the operating right of business concrete under application system described in each, and described registered user is the user registered on the privately owned cloud of described enterprise; , described device comprises:

Receiving element, for receiving the operation requests that registered user sends; Described operation requests is used to indicate appointed object and concrete operations; Described appointed object is the concrete business under the privately owned cloud of enterprise, or described appointed object is the concrete business under application system;

Authenticating unit, for carrying out operating right authentication to described registered user, to confirm whether described registered user has the operating right performing described concrete operations under described appointed object;

Perform notification unit, after the success of operating right authentication, perform described concrete operations for described appointed object, or notify that the application system indicated in described operation requests performs described concrete operations for described appointed object.

Preferably, also comprise:

Right assignment unit is the operating right of concrete business under registered user that at least one bundle of permissions rank is low divides the privately owned cloud of the described enterprise of pairing for the registered user that bundle of permissions rank is high; And,

The high registered user of bundle of permissions rank divides the operating right of concrete business under pairing application system described in each for registered user that at least one bundle of permissions rank is low.

Preferably, described bundle of permissions rank at least comprises from high to low: super keeper, secondary super keeper, department manager, secondary department manager, general management person and observer.

Preferably, described concrete operations are for increasing, deleting, revise or inquiry.

Preferably,

Described registered user is associated with the role under at least one application system, and described role comprises the operating right of concrete business.

Visible, in embodiments of the present invention, user does not need to register account number in each application system, and only need register account number on the privately owned cloud of enterprise, this makes Account Administration become convenient.Simultaneously, the privately owned cloud of enterprise stores the operating right of each registered user to business concrete under the privately owned cloud of enterprise, and each registered user is to the operating right of business concrete under each application system, by enterprise's privately owned cloud unification, operating right authentication is carried out to registered user, just can realize beyond the clouds controlling user right, facilitate the control to user right.

Accompanying drawing explanation

In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.

A kind of structural representation of the privately owned cloud of enterprise that Fig. 1 provides for the embodiment of the present invention and application system;

The process flow diagram of a kind of authority control method embodiment that Fig. 2 provides for the embodiment of the present invention;

The control of authority schematic diagram that Fig. 3 provides for the embodiment of the present invention;

The process flow diagram of a kind of another embodiment of authority control method that Fig. 4 provides for the embodiment of the present invention;

The process flow diagram of a kind of another embodiment of authority control method that Fig. 5 provides for the embodiment of the present invention;

The structural representation of a kind of permission control device embodiment that Fig. 6 provides for the embodiment of the present invention;

The structural representation of a kind of another embodiment of permission control device that Fig. 7 provides for the embodiment of the present invention.

Embodiment

For making the object of the embodiment of the present invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.

The claimed authority control method of the embodiment of the present invention.

Above-mentioned authority control method is applied to the privately owned cloud of enterprise.

Refer to Fig. 1, the privately owned cloud of above-mentioned enterprise can connect with multiple application system.More specifically, can be responsible for docking with application system by one or more Cloud Server.

The privately owned cloud of enterprise stores the operating right of each registered user to business concrete under the privately owned cloud of above-mentioned enterprise, and, each registered user is to the operating right of business concrete under each above-mentioned application system, and above-mentioned registered user is the user registered on the privately owned cloud of above-mentioned enterprise.

More specifically, the privately owned cloud of enterprise can comprise authority storehouse (database server), in authority storehouse, store the operating right of each registered user above-mentioned to business concrete under the privately owned cloud of above-mentioned enterprise, and each registered user is to the operating right of business concrete under each above-mentioned application system.

Refer to Fig. 2, above-mentioned authority control method can comprise the steps:

S1, the privately owned cloud of enterprise receive the operation requests that registered user sends.

More specifically, can by cloud server operation requests.

User by a certain application system that connects with enterprise privately owned cloud to enterprise's privately owned cloud transmit operation request.

Aforesaid operations request is used to indicate appointed object and concrete operations.

Above-mentioned appointed object is the concrete business under the privately owned cloud of enterprise.

Or above-mentioned appointed object is the concrete business under application system.

S2, the privately owned cloud of enterprise carry out operating right authentication to above-mentioned registered user, to confirm whether above-mentioned registered user has the operating right performing above-mentioned concrete operations under above-mentioned appointed object.

More specifically, whether Cloud Server can have to authority library inquiry registered user the operating right performing above-mentioned concrete operations under above-mentioned appointed object.

Above-mentioned concrete operations are for increasing, deleting, revise or inquiry.

In other embodiments of the present invention, also can comprise the account number ID of user in aforesaid operations request, the privately owned cloud of enterprise also can be verified account number ID, to judge whether user is lawful registration user.After being confirmed to be lawful registration user, then carry out operating right authentication.

After the success of S3, operating right authentication, the privately owned cloud of above-mentioned enterprise performs above-mentioned concrete operations for above-mentioned appointed object, or the application system indicated in the privately owned cloud notice aforesaid operations request of above-mentioned enterprise performs above-mentioned concrete operations for above-mentioned appointed object.

Also namely, if appointed object is exactly the concrete business under the privately owned cloud of enterprise, such as, be that so-and-so data that the privately owned cloud of enterprise stores are deleted, then the concrete operations that directly indicate in executable operations request of the privately owned cloud of enterprise (Cloud Server).

And as appointed object be the concrete business under application system, enterprise's privately owned cloud (Cloud Server) can notify that the application system indicated in operation requests performs concrete operations.

More specifically, the privately owned cloud of enterprise only can feed back corresponding application system operating right authentication successful message, then performs concrete operations voluntarily by this application system.

Further, the privately owned cloud of enterprise can provide rights interface, so that application system obtains operating right authentication successful message or query manipulation authority.

Visible, in embodiments of the present invention, user does not need to register account number in each application system, and only need register account number on the privately owned cloud of enterprise, this makes Account Administration become convenient.Simultaneously, the privately owned cloud of enterprise stores the operating right of each registered user to business concrete under the privately owned cloud of enterprise, and each registered user is to the operating right of business concrete under each application system, by enterprise's privately owned cloud unification, operating right authentication is carried out to registered user, just can realize beyond the clouds controlling user right, facilitate the control to user right.

In other embodiments of the present invention, if failed authentication, then enterprise's privately owned cloud refusal performs above-mentioned concrete operations for above-mentioned appointed object, or the application system refusal indicated in the privately owned cloud notice aforesaid operations request of above-mentioned enterprise performs above-mentioned concrete operations for above-mentioned appointed object.

More specifically, the privately owned cloud of enterprise only can feed back corresponding application system operating right failed authentication message, then is refused voluntarily to perform concrete operations by this application system.

Refer to Fig. 3, above-mentioned registered user is associated with the role under at least one application system, and role then comprises the operating right of concrete business.Therefore, the embodiment of the present invention can carry out accurate control of authority.

Below, registered user will be introduced and how to obtain operating right.

In other embodiments of the present invention, each registered user has bundle of permissions rank.Wherein, identical authority is had the registered user of same bundle of permissions.

More specifically, above-mentioned bundle of permissions rank can comprise from high to low: super keeper, secondary super keeper, department manager, secondary department manager, general management person and observer.

And referring to Fig. 4, above-mentioned authority control method also can comprise the steps:

S4, the registered user that bundle of permissions rank is high are the operating right of concrete business under registered user that bundle of permissions rank is low divides the privately owned cloud of the above-mentioned enterprise of pairing; And,

S5, the registered user that bundle of permissions rank is high are the operating right of concrete business under registered user that bundle of permissions rank is low divides each above-mentioned application system of pairing.

The tree structure that the operating right distributing (or be called appoint) can infinitely be classified represents, and authority is appointed simple and clear.

In addition, appointing efficiency to improve, also can carry out batch authority and appointing.When meaning and delegated operation authority, can select the registered user that multiple bundle of permissions rank is low, be its batch operation authority.

In other embodiments of the present invention, the registered user higher than general management person's rank can carry out authority to be appointed, and general management person and observer then only have the authority operated distributed concrete business.

So-called concrete business, its form of expression can be project, module, function.

Such as, enterprise needs to construct the factory buildings, and can increase build a construction progress project for workshop building, and appoints the inquiry of this construction progress project and amendment authority to certain or some registered users.

Again such as, in payment application system, fee payment service may exist with the form such as module or payment function of paying the fees on operation interface.Then can be certain or some registered users to appoint payment module or the operating right of payment function.

It should be noted that, enterprise generally can be divided into multiple department, and for manager, the assistant manager of department, its bundle of permissions rank is relatively higher than other employees of this department.

Provide below one more specifically example appoint flow process to the authority of the registered user that different rights group rank is described.Refer to Fig. 5, it can comprise the steps:

S501: user logs in the privately owned cloud of enterprise;

S502: the privately owned cloud of enterprise judges the bundle of permissions rank of login user; If the bundle of permissions rank of login user is on general management person, then enter step S503, otherwise carry out step S507;

S503: obtain the project that login user is selected;

Login user can select the project under enterprise or department, also, and the project that user's authorization decision is appointed.

S504: obtain the personnel (registered user that bundle of permissions rank is low) that login user is selected.

Also namely, user's authorization decision object of appointing.

S505: obtain module, function that login user is selected.

More specifically, the privately owned cloud of enterprise can list login user select project under all modules and function.Login user decides module that authority appoints and function by choosing.

S506: obtain the operating right that login user is distributed selected module, function.

Such as, login user have selected payment function, in S506, its additions and deletions of pairing can be divided to change for payment function and look into authority.

S507: login user enters the project be delegated;

S508: login user carries out concrete operations to the module or function with operating right.

In other embodiments of the present invention, also can safeguard bundle of permissions rank.Wherein, system can have 6 kinds of bundle of permissions ranks (being respectively super keeper, secondary super keeper, department manager, secondary department manager, general management person, observer from high to low), but, it should be noted that, the present invention does not limit bundle of permissions rank, system can pre-set, and user also can self-definedly add.Further, user can revise, deletes or increase the authority of bundle of permissions.Certainly, user can also delete self-defining bundle of permissions, or the bundle of permissions rank of deleting or redefining in bundle of permissions.

Correspond, the present invention also provides permission control device.This application of installation, in the privately owned cloud of enterprise, can be a module on Cloud Server.

The privately owned cloud of above-mentioned enterprise and multiple application system connect, and, the privately owned cloud of enterprise stores the operating right of each registered user to business concrete under the privately owned cloud of above-mentioned enterprise, and each registered user is to the operating right of business concrete under each above-mentioned application system.

Above-mentioned registered user is the user registered on the privately owned cloud of above-mentioned enterprise;

Refer to Fig. 6, said apparatus can comprise:

Receiving element 1, for receiving the operation requests that registered user sends.

Aforesaid operations request is used to indicate appointed object and concrete operations.

Above-mentioned appointed object is the concrete business under the privately owned cloud of enterprise, or above-mentioned appointed object is the concrete business under application system;

Above-mentioned concrete operations are for increasing, deleting, revise or inquiry.

Authenticating unit 2, for carrying out operating right authentication to above-mentioned registered user, to confirm whether above-mentioned registered user has the operating right performing above-mentioned concrete operations under above-mentioned appointed object.

Perform notification unit 3, after the success of operating right authentication, perform above-mentioned concrete operations for above-mentioned appointed object, or the application system indicated in the request of notice aforesaid operations performs above-mentioned concrete operations for above-mentioned appointed object.

Specifically refer to aforementioned Fig. 1-2 and associated description herein, therefore not to repeat here.

More specifically, refer to Fig. 3, above-mentioned registered user is associated with the role under at least one application system, and above-mentioned role comprises the operating right of concrete business.

In other embodiments of the present invention, said apparatus also can comprise:

Right assignment unit 4 is the operating right of concrete business under registered user that at least one bundle of permissions rank is low divides the privately owned cloud of the above-mentioned enterprise of pairing for the registered user that bundle of permissions rank is high; And the registered user that bundle of permissions rank is high is the operating right of concrete business under registered user that at least one bundle of permissions rank is low divides each above-mentioned application system of pairing.

In other embodiments of the present invention, said apparatus also can comprise:

First right assignment unit is the operating right of concrete business under registered user that at least one bundle of permissions rank is low divides the privately owned cloud of the above-mentioned enterprise of pairing for the registered user that bundle of permissions rank is high;

Second right assignment unit is the operating right of concrete business under registered user that at least one bundle of permissions rank is low divides each above-mentioned application system of pairing for the registered user that bundle of permissions rank is high.

More specifically, above-mentioned bundle of permissions rank at least can comprise from high to low: super keeper, secondary super keeper, department manager, secondary department manager, general management person and observer.

In this instructions, each embodiment adopts the mode of going forward one by one to describe, and what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar portion mutually see.

The software module that the method described in conjunction with embodiment disclosed herein or the step of algorithm can directly use hardware, processor to perform, or the combination of the two is implemented.Software module can be placed in the storage medium of other form any known in random access memory (RAM), internal memory, ROM (read-only memory) (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field.

To the above-mentioned explanation of the disclosed embodiments, professional and technical personnel in the field are realized or uses the present invention.To be apparent for those skilled in the art to the multiple amendment of these embodiments, General Principle as defined herein can without departing from the spirit or scope of the present invention, realize in other embodiments.Therefore, the present invention can not be restricted to these embodiments shown in this article, but will meet the widest scope consistent with principle disclosed herein and features of novelty.

Claims (10)

1. an authority control method, it is characterized in that, be applied to the privately owned cloud of enterprise, the privately owned cloud of described enterprise and multiple application system connect, the privately owned cloud of described enterprise stores the operating right of each registered user to business concrete under the privately owned cloud of described enterprise, and each registered user is to the operating right of business concrete under application system described in each, and described registered user is the user registered on the privately owned cloud of described enterprise;
Described method comprises:
The privately owned cloud of described enterprise receives the operation requests that registered user sends; Described operation requests is used to indicate appointed object and concrete operations; Described appointed object is the concrete business under the privately owned cloud of enterprise, or described appointed object is the concrete business under application system;
The privately owned cloud of described enterprise carries out operating right authentication to described registered user, to confirm whether described registered user has the operating right performing described concrete operations under described appointed object;
After the success of operating right authentication, the privately owned cloud of described enterprise performs described concrete operations for described appointed object, or the privately owned cloud of described enterprise notifies that the application system indicated in described operation requests performs described concrete operations for described appointed object.
2. the method for claim 1, is characterized in that, each registered user has bundle of permissions rank; Described method also comprises:
The registered user that bundle of permissions rank is high is the operating right of concrete business under registered user that at least one bundle of permissions rank is low divides the privately owned cloud of the described enterprise of pairing; And,
The high registered user of bundle of permissions rank divides the operating right of concrete business under pairing application system described in each for registered user that at least one bundle of permissions rank is low.
3. method as claimed in claim 2, it is characterized in that, described bundle of permissions rank at least comprises from high to low: super keeper, secondary super keeper, department manager, secondary department manager, general management person and observer.
4. the method for claim 1, is characterized in that, described concrete operations are for increasing, deleting, revise or inquiry.
5. the method as described in any one of claim 1-4, is characterized in that,
Described registered user is associated with the role under at least one application system, and described role comprises the operating right of concrete business.
6. a permission control device, it is characterized in that, be applied to the privately owned cloud of enterprise, the privately owned cloud of described enterprise and multiple application system connect, the privately owned cloud of described enterprise stores the operating right of each registered user to business concrete under the privately owned cloud of described enterprise, and each registered user is to the operating right of business concrete under application system described in each, and described registered user is the user registered on the privately owned cloud of described enterprise; , described device comprises:
Receiving element, for receiving the operation requests that registered user sends; Described operation requests is used to indicate appointed object and concrete operations; Described appointed object is the concrete business under the privately owned cloud of enterprise, or described appointed object is the concrete business under application system;
Authenticating unit, for carrying out operating right authentication to described registered user, to confirm whether described registered user has the operating right performing described concrete operations under described appointed object;
Perform notification unit, after the success of operating right authentication, perform described concrete operations for described appointed object, or notify that the application system indicated in described operation requests performs described concrete operations for described appointed object.
7. device as claimed in claim 6, is characterized in that, also comprise:
Right assignment unit is the operating right of concrete business under registered user that at least one bundle of permissions rank is low divides the privately owned cloud of the described enterprise of pairing for the registered user that bundle of permissions rank is high; And,
The high registered user of bundle of permissions rank divides the operating right of concrete business under pairing application system described in each for registered user that at least one bundle of permissions rank is low.
8. device as claimed in claim 7, it is characterized in that, described bundle of permissions rank at least comprises from high to low: super keeper, secondary super keeper, department manager, secondary department manager, general management person and observer.
9. device as claimed in claim 6, is characterized in that, described concrete operations are for increasing, deleting, revise or inquiry.
10. the device as described in any one of claim 6-9, is characterized in that,
Described registered user is associated with the role under at least one application system, and described role comprises the operating right of concrete business.
CN201510189555.XA 2015-04-21 2015-04-21 Access control method and device CN104751077A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510189555.XA CN104751077A (en) 2015-04-21 2015-04-21 Access control method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510189555.XA CN104751077A (en) 2015-04-21 2015-04-21 Access control method and device

Publications (1)

Publication Number Publication Date
CN104751077A true CN104751077A (en) 2015-07-01

Family

ID=53590745

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510189555.XA CN104751077A (en) 2015-04-21 2015-04-21 Access control method and device

Country Status (1)

Country Link
CN (1) CN104751077A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105550593A (en) * 2015-12-11 2016-05-04 北京奇虎科技有限公司 Cloud disk file monitoring method and device based on local area network
CN106067119A (en) * 2016-06-03 2016-11-02 成都镜杰科技有限责任公司 Client relation management method based on privately owned cloud
CN106096976A (en) * 2016-06-03 2016-11-09 成都镜杰科技有限责任公司 Small business's client relation management method
CN106131064A (en) * 2016-08-24 2016-11-16 明算科技(北京)股份有限公司 User data management and system towards many application
WO2017114210A1 (en) * 2015-12-31 2017-07-06 阿里巴巴集团控股有限公司 Apparatus and method for security control of data processing system
WO2019085470A1 (en) * 2017-11-01 2019-05-09 平安科技(深圳)有限公司 Authorization configuration method for system, application server and computer-readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1464402A (en) * 2002-06-10 2003-12-31 联想(北京)有限公司 User identification confirmation and operation conferring process
CN101060407A (en) * 2007-05-22 2007-10-24 上海众恒信息产业有限公司 User access authorization management method and system
CN102970292A (en) * 2012-11-20 2013-03-13 无锡成电科大科技发展有限公司 Single sign on system and method based on cloud management and key management
CN103188269A (en) * 2013-04-08 2013-07-03 汉柏科技有限公司 Method for controlling user access permission in cloud platform
US20140373103A1 (en) * 2013-06-18 2014-12-18 Canon Kabushiki Kaisha Authentication system, control method thereof, service provision device, and storage medium
CN104376272A (en) * 2014-11-13 2015-02-25 青岛龙泰天翔通信科技有限公司 Cloud computing enterprise information system and user right setting method thereof

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1464402A (en) * 2002-06-10 2003-12-31 联想(北京)有限公司 User identification confirmation and operation conferring process
CN101060407A (en) * 2007-05-22 2007-10-24 上海众恒信息产业有限公司 User access authorization management method and system
CN102970292A (en) * 2012-11-20 2013-03-13 无锡成电科大科技发展有限公司 Single sign on system and method based on cloud management and key management
CN103188269A (en) * 2013-04-08 2013-07-03 汉柏科技有限公司 Method for controlling user access permission in cloud platform
US20140373103A1 (en) * 2013-06-18 2014-12-18 Canon Kabushiki Kaisha Authentication system, control method thereof, service provision device, and storage medium
CN104376272A (en) * 2014-11-13 2015-02-25 青岛龙泰天翔通信科技有限公司 Cloud computing enterprise information system and user right setting method thereof

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105550593A (en) * 2015-12-11 2016-05-04 北京奇虎科技有限公司 Cloud disk file monitoring method and device based on local area network
WO2017114210A1 (en) * 2015-12-31 2017-07-06 阿里巴巴集团控股有限公司 Apparatus and method for security control of data processing system
CN106934300A (en) * 2015-12-31 2017-07-07 阿里巴巴集团控股有限公司 The safety control and method of a kind of data handling system
CN106067119A (en) * 2016-06-03 2016-11-02 成都镜杰科技有限责任公司 Client relation management method based on privately owned cloud
CN106096976A (en) * 2016-06-03 2016-11-09 成都镜杰科技有限责任公司 Small business's client relation management method
CN106131064A (en) * 2016-08-24 2016-11-16 明算科技(北京)股份有限公司 User data management and system towards many application
WO2018036328A1 (en) * 2016-08-24 2018-03-01 明算科技(北京)股份有限公司 Multi-application-oriented user data management method and system
WO2019085470A1 (en) * 2017-11-01 2019-05-09 平安科技(深圳)有限公司 Authorization configuration method for system, application server and computer-readable storage medium

Similar Documents

Publication Publication Date Title
US8677451B1 (en) Enabling seamless access to a domain of an enterprise
US9635000B1 (en) Blockchain identity management system based on public identities ledger
US8533261B2 (en) Extensible and programmable multi-tenant service architecture
EP2756445B1 (en) Securing data usage in computing devices
US7353282B2 (en) Methods and systems for sharing a network resource with a user without current access
EP1514173B1 (en) Managing secure resources in web resources that are accessed by multiple portals
Zhao et al. A security framework in G-Hadoop for big data computing across distributed Cloud data centres
US20110219434A1 (en) Providing security services within a cloud computing environment
US8572709B2 (en) Method for managing shared accounts in an identity management system
US8510818B2 (en) Selective cross-realm authentication
EP2337296A1 (en) Session migration between network policy servers
US9507949B2 (en) Device and methods for management and access of distributed data sources
JP2009503737A (en) Method and system for hierarchical license server
Shahzad State-of-the-art survey on cloud computing security Challenges, approaches and solutions
CN102307185B (en) Data isolation method used in storage cloud
RU2671045C2 (en) Synchronising credential hashes between directory services
CN103563294A (en) Authentication and authorization methods for cloud computing platform security
US9161226B2 (en) Associating services to perimeters
RU2598324C2 (en) Means of controlling access to online service using conventional catalogue features
US9147195B2 (en) Data custodian and curation system
US6678682B1 (en) Method, system, and software for enterprise access management control
Wang Security and privacy issues within the Cloud Computing
AU2014249630B2 (en) Automated desktop placement
US8819068B1 (en) Automating creation or modification of database objects
US9148285B2 (en) Controlling exposure of sensitive data and operation using process bound security tokens in cloud computing environment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20150701