CN105099665A - Command line interface CLI privilege management method and system - Google Patents

Command line interface CLI privilege management method and system Download PDF

Info

Publication number
CN105099665A
CN105099665A CN201510587828.6A CN201510587828A CN105099665A CN 105099665 A CN105099665 A CN 105099665A CN 201510587828 A CN201510587828 A CN 201510587828A CN 105099665 A CN105099665 A CN 105099665A
Authority
CN
China
Prior art keywords
cli
user
authority
preset
active user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510587828.6A
Other languages
Chinese (zh)
Inventor
李锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Beijing Electronic Information Industry Co Ltd
Original Assignee
Inspur Beijing Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Beijing Electronic Information Industry Co Ltd filed Critical Inspur Beijing Electronic Information Industry Co Ltd
Priority to CN201510587828.6A priority Critical patent/CN105099665A/en
Publication of CN105099665A publication Critical patent/CN105099665A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to a command line interface CLI privilege management method and a system. The method comprises a step of timely monitoring CLI in a preset CLI knowledge base. When a preset keyword appears in the heard CLI, management on user authority is carried out according to the preset authority control strategies. Through the method and the system, data safety can be guaranteed, and data change randomness is avoided.

Description

A kind of Command Line Interface CLI right management method and system
Technical field
The present invention relates to information security field, be specifically related to a kind of Command Line Interface CLI right management method and system.
Background technology
Along with develop rapidly that is scientific and technical and information technology, the application of high performance computer system is also more and more extensive, and information security also more and more receives concern.For computer, Informational Expression is various data, and this just brings huge challenge for the difficulty of information safety protection.In order to ensure information safety, there is data catastrophic failure-tolerant backup mechanism in the government that large-scale data circulates, enterprise at present, although to some extent solve a difficult problem for information security, also can cause certain loss unavoidably.This just needs to ensure that data are not deleted by mistake from more upstream, change by mistake, misoperation, ensures the fail safe of data, avoids the randomness that data change.Also corrupted data can be avoided to flow into downstream, because more downstream data safety guarantee is more difficult, cost is also higher.
Summary of the invention
In order to solve the problem, the present invention proposes a kind of Command Line Interface CLI right management method and system, the fail safe of data can be ensured, avoiding the randomness that data change.
In order to achieve the above object, the present invention proposes a kind of Command Line Interface CLI right management method, the method comprises:
Described CLI in the CLI knowledge base that real-time listening is preset.
When there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.
Preferably,
The CLI knowledge base preset comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools.
The keyword preset comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
Preferably, the method also comprises: before the CLI in the CLI knowledge base that real-time listening is preset, and creates control of authority strategy in advance for the different CLI platform in the CLI knowledge base preset and different keywords; And set up different user and CLI platform, one-to-one relationship between keyword and control of authority strategy.
Preferably, carry out management according to the control of authority strategy preset to user right to comprise:
Obtain the control of authority strategy of active user according to this corresponding relation, judge whether active user has the authority of current operation, when active user does not have the authority of current operation, prompting active user's insufficient permission also cancels current operation; When active user has the authority of current operation, prompting active user inputs default web-privilege password Web.
Preferably, the method also comprises: carry out maintenance and management to the information of each user, and is new user registration, distributes web-privilege password Web to new user.
In order to achieve the above object, the invention allows for a kind of Command Line Interface CLI Rights Management System, this system comprises: monitor module and administration module.
Monitor module, for the CLI in the CLI knowledge base that real-time listening is preset.
Administration module, for when there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.
Preferably,
The CLI knowledge base preset comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools.
The keyword preset comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
Preferably, this system also comprises creation module.
Creation module, before the CLI in the CLI knowledge base preset at real-time listening, creates control of authority strategy for the different CLI platform in the CLI knowledge base preset and different keywords in advance; And set up different user and CLI platform, one-to-one relationship between keyword and control of authority strategy.
Preferably, administration module carries out management to user right refer to according to the control of authority strategy preset:
Obtain the control of authority strategy of active user according to this corresponding relation, judge whether active user has the authority of current operation, when active user does not have the authority of current operation, prompting active user's insufficient permission also cancels current operation; When active user has the authority of current operation, prompting active user inputs default web-privilege password Web.
Preferably, this system also comprises Registering modules.
Registering modules, for carrying out maintenance and management to the information of each user, and being new user registration, distributing described web-privilege password Web to described new user.
Compared with prior art, the present invention includes: the described CLI in the CLI knowledge base that real-time listening is preset.When there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.By the solution of the present invention, the fail safe of data can be ensured, avoid the randomness that data change.
Accompanying drawing explanation
Be described the accompanying drawing in the embodiment of the present invention below, the accompanying drawing in embodiment is for a further understanding of the present invention, is used from explanation the present invention, does not form limiting the scope of the invention with specification one.
Fig. 1 is CLI right management method flow chart of the present invention;
Fig. 2 is CLI Rights Management System block diagram of the present invention.
Embodiment
For the ease of the understanding of those skilled in the art, below in conjunction with accompanying drawing, the invention will be further described, can not be used for limiting the scope of the invention.
Structural design of the present invention mainly considers the feature that the capable interface C LI of operating system command (command-lineinterface) orders, adopt the realizations such as CLI monitoring, CLI control of authority, user management at the security assurance information of operating system aspect, the risk of the avoiding critical data not deleted by mistake, change by mistake of higher authority, misoperation, has better ensured the fail safe of information.
In order to achieve the above object, the present invention proposes a kind of Command Line Interface CLI right management method, as shown in Figure 1, the method comprises:
Described CLI in the CLI knowledge base that S101, real-time listening are preset.
Preferably,
The CLI knowledge base preset comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools.
In embodiments of the present invention, in CLI knowledge base, be integrated with the operating system, the CLI monitor supervision platform of database and the default keyword that store critical data.
Preferably,
The keyword preset comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
Preferably, the method also comprises: before the CLI in the CLI knowledge base that real-time listening is preset, and creates control of authority strategy in advance for the different CLI platform in the CLI knowledge base preset and different keywords; And set up different user and CLI platform, one-to-one relationship between keyword and control of authority strategy.
S102, when there being default keyword to occur in the CLI listened to, according to preset control of authority strategy user right is managed.
In embodiments of the present invention, when there being the sensitive keys word existed in CLI knowledge base to occur, such as, when deletion action, the renewal rewards theory orders such as rm, mv, delete occur, CLI rights management mechanism can being triggered, rights management is carried out to this operation.
Preferably, carry out management according to the control of authority strategy preset to user right to comprise:
Obtain the control of authority strategy of active user according to this corresponding relation, judge whether active user has the authority of current operation, when active user does not have the authority of current operation, prompting active user's insufficient permission also cancels current operation; When active user has the authority of current operation, prompting active user inputs default web-privilege password Web.
Such as, when user carries out deletion action, if user right is not enough, user right can be pointed out not enough and cancel deletion action.When user has permission, need user again to input web-privilege password Web, guarantee to delete by mistake.
Preferably, the method also comprises: carry out maintenance and management to the information of each user, and is new user registration, distributes web-privilege password Web to new user.
In embodiments of the present invention, each user is before use the present invention program carries out CLI rights management, need to register in the CLI Rights Management System preset in advance, the CLI Rights Management System preset can carry out maintenance and management to the information of each user, and can distribute web-privilege password Web to new user when user registers.It further ensures the safety of information.
In a word, present invention achieves the security assurance information in operating system aspect, the risk of the avoiding critical data not deleted by mistake, change by mistake of higher authority, misoperation, has better ensured the fail safe of information, has had very high technological value.
In order to achieve the above object, the invention allows for a kind of Command Line Interface CLI Rights Management System 01, as shown in Figure 2, this system comprises: monitor module 02 and administration module 03.
Monitor module 02, for the CLI in the CLI knowledge base that real-time listening is preset.
Administration module 03, for when there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.
Preferably,
The CLI knowledge base preset comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools.
The keyword preset comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
Preferably, this system also comprises creation module 04.
Creation module 04, before the CLI in the CLI knowledge base preset at real-time listening, creates control of authority strategy for the different CLI platform in the CLI knowledge base preset and different keywords in advance; And set up different user and CLI platform, one-to-one relationship between keyword and control of authority strategy.
Preferably, administration module 03 carries out management to user right refer to according to the control of authority strategy preset:
Obtain the control of authority strategy of active user according to this corresponding relation, judge whether active user has the authority of current operation, when active user does not have the authority of current operation, prompting active user's insufficient permission also cancels current operation; When active user has the authority of current operation, prompting active user inputs default web-privilege password Web.
Preferably, this system also comprises Registering modules 05.
Registering modules 05, for carrying out maintenance and management to the information of each user, and being new user registration, distributing described web-privilege password Web to described new user.
Compared with prior art, the present invention includes: the described CLI in the CLI knowledge base that real-time listening is preset.When there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.By the solution of the present invention, the fail safe of data can be ensured, avoid the randomness that data change.
It should be noted that; above-described embodiment is only understand for the ease of those skilled in the art; be not limited to protection scope of the present invention; under the prerequisite not departing from inventive concept of the present invention, any apparent replacement and improvement etc. that those skilled in the art make the present invention are all within protection scope of the present invention.

Claims (10)

1. a Command Line Interface CLI right management method, is characterized in that, described method comprises:
Described CLI in the CLI knowledge base that real-time listening is preset;
When having default keyword to occur in the described CLI listened to, the control of authority strategy according to presetting manages user right.
2. CLI right management method as claimed in claim 1, is characterized in that,
Described default CLI knowledge base comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools;
Described default keyword comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
3. CLI right management method as claimed in claim 2, it is characterized in that, described method also comprises: before the described CLI in the CLI knowledge base that real-time listening is preset, and creates described control of authority strategy in advance for the different CLI platform in the described CLI knowledge base preset and different keywords; And set up different user and described CLI platform, one-to-one relationship between described keyword and described control of authority strategy.
4. CLI right management method as claimed in claim 3, is characterized in that, the control of authority strategy that described basis is preset carries out management to user right and comprises:
The described control of authority strategy of active user is obtained according to described corresponding relation, judge whether described active user has the authority of current operation, when described active user does not have the authority of current operation, point out described active user's insufficient permission and cancel current operation; When described active user has the authority of current operation, described active user is pointed out to input default web-privilege password Web.
5. CLI right management method as claimed in claim 4, it is characterized in that, described method also comprises: carry out maintenance and management to the information of each user, and is new user registration, distributes described web-privilege password Web to described new user.
6. a Command Line Interface CLI Rights Management System, is characterized in that, described system comprises: monitor module and administration module;
Described monitoring module, for the described CLI in the CLI knowledge base that real-time listening is preset;
Described administration module, for when having default keyword to occur in the described CLI listened to, the control of authority strategy according to presetting manages user right.
7. CLI Rights Management System as claimed in claim 6, is characterized in that,
Described default CLI knowledge base comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools;
Described default keyword comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
8. CLI Rights Management System as claimed in claim 7, it is characterized in that, described system also comprises creation module;
Described creation module, before the described CLI in the CLI knowledge base preset at real-time listening, creates described control of authority strategy for the different CLI platform in the described CLI knowledge base preset and different keywords in advance; And set up different user and described CLI platform, one-to-one relationship between described keyword and described control of authority strategy.
9. CLI Rights Management System as claimed in claim 8, is characterized in that, described administration module carries out management according to the control of authority strategy preset to user right and refers to:
The described control of authority strategy of active user is obtained according to described corresponding relation, judge whether described active user has the authority of current operation, when described active user does not have the authority of current operation, point out described active user's insufficient permission and cancel current operation; When described active user has the authority of current operation, described active user is pointed out to input default web-privilege password Web.
10. CLI Rights Management System as claimed in claim 9, it is characterized in that, described system also comprises Registering modules;
Described Registering modules, for carrying out maintenance and management to the information of each user, and being new user registration, distributing described web-privilege password Web to described new user.
CN201510587828.6A 2015-09-15 2015-09-15 Command line interface CLI privilege management method and system Pending CN105099665A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510587828.6A CN105099665A (en) 2015-09-15 2015-09-15 Command line interface CLI privilege management method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510587828.6A CN105099665A (en) 2015-09-15 2015-09-15 Command line interface CLI privilege management method and system

Publications (1)

Publication Number Publication Date
CN105099665A true CN105099665A (en) 2015-11-25

Family

ID=54579311

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510587828.6A Pending CN105099665A (en) 2015-09-15 2015-09-15 Command line interface CLI privilege management method and system

Country Status (1)

Country Link
CN (1) CN105099665A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109740329A (en) * 2019-01-25 2019-05-10 成都西加云杉科技有限公司 CLI right management method and device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040049697A1 (en) * 2002-03-28 2004-03-11 International Business Machines Corporation Methods and systems authenticating a user's credentials against multiple sets of credentials
CN101090336A (en) * 2007-07-12 2007-12-19 中兴通讯股份有限公司 Command line interface authority hierarchical method for network equipment
CN102333090A (en) * 2011-09-28 2012-01-25 辽宁国兴科技有限公司 Internal control bastion host and security access method of internal network resources
CN102456113A (en) * 2011-10-31 2012-05-16 中标软件有限公司 Method for setting right over software package compiling platform for users
CN102571476A (en) * 2010-12-27 2012-07-11 中国银联股份有限公司 Method and device for monitoring terminal command line in real time
CN103457761A (en) * 2013-07-17 2013-12-18 国家电网公司 Cross-platform command line configuration interface implementation method
CN104125107A (en) * 2013-04-25 2014-10-29 上海斐讯数据通信技术有限公司 EPON system and testing device of OAM extension message and method thereof

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040049697A1 (en) * 2002-03-28 2004-03-11 International Business Machines Corporation Methods and systems authenticating a user's credentials against multiple sets of credentials
CN101090336A (en) * 2007-07-12 2007-12-19 中兴通讯股份有限公司 Command line interface authority hierarchical method for network equipment
CN102571476A (en) * 2010-12-27 2012-07-11 中国银联股份有限公司 Method and device for monitoring terminal command line in real time
CN102333090A (en) * 2011-09-28 2012-01-25 辽宁国兴科技有限公司 Internal control bastion host and security access method of internal network resources
CN102456113A (en) * 2011-10-31 2012-05-16 中标软件有限公司 Method for setting right over software package compiling platform for users
CN104125107A (en) * 2013-04-25 2014-10-29 上海斐讯数据通信技术有限公司 EPON system and testing device of OAM extension message and method thereof
CN103457761A (en) * 2013-07-17 2013-12-18 国家电网公司 Cross-platform command line configuration interface implementation method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
GANESH PRASAD等著、华中兴业科技发展有限公司译: "《Linux部署专业技术》", 31 March 2001, 人民邮电出版社 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109740329A (en) * 2019-01-25 2019-05-10 成都西加云杉科技有限公司 CLI right management method and device

Similar Documents

Publication Publication Date Title
CN108600029B (en) Configuration file updating method and device, terminal equipment and storage medium
US9870212B2 (en) Data loading device and data loading method for loading software into aircraft systems
US20160048541A1 (en) Automatic table cleanup for relational databases
DE102014002181B4 (en) Chip and method of operating a chip
US20150058947A1 (en) Mobile device authentication
WO2007060959A1 (en) Plant control system
CN105243321A (en) Container virtualization technology based cipher machine, implementation method and working method therefor
CN105635320A (en) Method and equipment for calling configuration information
CN106815342A (en) A kind of distributed file system user quota system and method
CN103441926A (en) Security gateway system of numerically-controlled machine tool network
CN105515769A (en) Dynamic password generation method and dynamic password generation system for network equipment
CN117195231A (en) Security protection method, system and medium for real-time operation system of trusted DCS controller
CN105099665A (en) Command line interface CLI privilege management method and system
CN109450925B (en) User authority verification method and device for operation and maintenance of power secondary system and electronic equipment
CN105159797A (en) Oracle database based backup and recovery method
CN105592114A (en) Application software issuing method in virtual desktop environment
CN103414554A (en) Objectification secret key management system and secret key management method based on system
CN108279996A (en) A kind of high in the clouds data backup processing method and device
CN106302473A (en) The duplication maintaining method of a kind of SQL Server data base and system
CN105279455A (en) Security architecture of mobile device and running method of application
CN105119766A (en) Train control data management platform
CN113536251A (en) Protection method and system for digital key
CN112565367B (en) Data exchange platform and data exchange method based on symmetric algorithm
CN104363276B (en) Third party cloud monitoring method based on point domain
US9727712B2 (en) System that enforces accountability by requiring justifications for sensitive information technology operations

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20151125