CN105099665A - Command line interface CLI privilege management method and system - Google Patents
Command line interface CLI privilege management method and system Download PDFInfo
- Publication number
- CN105099665A CN105099665A CN201510587828.6A CN201510587828A CN105099665A CN 105099665 A CN105099665 A CN 105099665A CN 201510587828 A CN201510587828 A CN 201510587828A CN 105099665 A CN105099665 A CN 105099665A
- Authority
- CN
- China
- Prior art keywords
- cli
- user
- authority
- preset
- active user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to a command line interface CLI privilege management method and a system. The method comprises a step of timely monitoring CLI in a preset CLI knowledge base. When a preset keyword appears in the heard CLI, management on user authority is carried out according to the preset authority control strategies. Through the method and the system, data safety can be guaranteed, and data change randomness is avoided.
Description
Technical field
The present invention relates to information security field, be specifically related to a kind of Command Line Interface CLI right management method and system.
Background technology
Along with develop rapidly that is scientific and technical and information technology, the application of high performance computer system is also more and more extensive, and information security also more and more receives concern.For computer, Informational Expression is various data, and this just brings huge challenge for the difficulty of information safety protection.In order to ensure information safety, there is data catastrophic failure-tolerant backup mechanism in the government that large-scale data circulates, enterprise at present, although to some extent solve a difficult problem for information security, also can cause certain loss unavoidably.This just needs to ensure that data are not deleted by mistake from more upstream, change by mistake, misoperation, ensures the fail safe of data, avoids the randomness that data change.Also corrupted data can be avoided to flow into downstream, because more downstream data safety guarantee is more difficult, cost is also higher.
Summary of the invention
In order to solve the problem, the present invention proposes a kind of Command Line Interface CLI right management method and system, the fail safe of data can be ensured, avoiding the randomness that data change.
In order to achieve the above object, the present invention proposes a kind of Command Line Interface CLI right management method, the method comprises:
Described CLI in the CLI knowledge base that real-time listening is preset.
When there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.
Preferably,
The CLI knowledge base preset comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools.
The keyword preset comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
Preferably, the method also comprises: before the CLI in the CLI knowledge base that real-time listening is preset, and creates control of authority strategy in advance for the different CLI platform in the CLI knowledge base preset and different keywords; And set up different user and CLI platform, one-to-one relationship between keyword and control of authority strategy.
Preferably, carry out management according to the control of authority strategy preset to user right to comprise:
Obtain the control of authority strategy of active user according to this corresponding relation, judge whether active user has the authority of current operation, when active user does not have the authority of current operation, prompting active user's insufficient permission also cancels current operation; When active user has the authority of current operation, prompting active user inputs default web-privilege password Web.
Preferably, the method also comprises: carry out maintenance and management to the information of each user, and is new user registration, distributes web-privilege password Web to new user.
In order to achieve the above object, the invention allows for a kind of Command Line Interface CLI Rights Management System, this system comprises: monitor module and administration module.
Monitor module, for the CLI in the CLI knowledge base that real-time listening is preset.
Administration module, for when there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.
Preferably,
The CLI knowledge base preset comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools.
The keyword preset comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
Preferably, this system also comprises creation module.
Creation module, before the CLI in the CLI knowledge base preset at real-time listening, creates control of authority strategy for the different CLI platform in the CLI knowledge base preset and different keywords in advance; And set up different user and CLI platform, one-to-one relationship between keyword and control of authority strategy.
Preferably, administration module carries out management to user right refer to according to the control of authority strategy preset:
Obtain the control of authority strategy of active user according to this corresponding relation, judge whether active user has the authority of current operation, when active user does not have the authority of current operation, prompting active user's insufficient permission also cancels current operation; When active user has the authority of current operation, prompting active user inputs default web-privilege password Web.
Preferably, this system also comprises Registering modules.
Registering modules, for carrying out maintenance and management to the information of each user, and being new user registration, distributing described web-privilege password Web to described new user.
Compared with prior art, the present invention includes: the described CLI in the CLI knowledge base that real-time listening is preset.When there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.By the solution of the present invention, the fail safe of data can be ensured, avoid the randomness that data change.
Accompanying drawing explanation
Be described the accompanying drawing in the embodiment of the present invention below, the accompanying drawing in embodiment is for a further understanding of the present invention, is used from explanation the present invention, does not form limiting the scope of the invention with specification one.
Fig. 1 is CLI right management method flow chart of the present invention;
Fig. 2 is CLI Rights Management System block diagram of the present invention.
Embodiment
For the ease of the understanding of those skilled in the art, below in conjunction with accompanying drawing, the invention will be further described, can not be used for limiting the scope of the invention.
Structural design of the present invention mainly considers the feature that the capable interface C LI of operating system command (command-lineinterface) orders, adopt the realizations such as CLI monitoring, CLI control of authority, user management at the security assurance information of operating system aspect, the risk of the avoiding critical data not deleted by mistake, change by mistake of higher authority, misoperation, has better ensured the fail safe of information.
In order to achieve the above object, the present invention proposes a kind of Command Line Interface CLI right management method, as shown in Figure 1, the method comprises:
Described CLI in the CLI knowledge base that S101, real-time listening are preset.
Preferably,
The CLI knowledge base preset comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools.
In embodiments of the present invention, in CLI knowledge base, be integrated with the operating system, the CLI monitor supervision platform of database and the default keyword that store critical data.
Preferably,
The keyword preset comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
Preferably, the method also comprises: before the CLI in the CLI knowledge base that real-time listening is preset, and creates control of authority strategy in advance for the different CLI platform in the CLI knowledge base preset and different keywords; And set up different user and CLI platform, one-to-one relationship between keyword and control of authority strategy.
S102, when there being default keyword to occur in the CLI listened to, according to preset control of authority strategy user right is managed.
In embodiments of the present invention, when there being the sensitive keys word existed in CLI knowledge base to occur, such as, when deletion action, the renewal rewards theory orders such as rm, mv, delete occur, CLI rights management mechanism can being triggered, rights management is carried out to this operation.
Preferably, carry out management according to the control of authority strategy preset to user right to comprise:
Obtain the control of authority strategy of active user according to this corresponding relation, judge whether active user has the authority of current operation, when active user does not have the authority of current operation, prompting active user's insufficient permission also cancels current operation; When active user has the authority of current operation, prompting active user inputs default web-privilege password Web.
Such as, when user carries out deletion action, if user right is not enough, user right can be pointed out not enough and cancel deletion action.When user has permission, need user again to input web-privilege password Web, guarantee to delete by mistake.
Preferably, the method also comprises: carry out maintenance and management to the information of each user, and is new user registration, distributes web-privilege password Web to new user.
In embodiments of the present invention, each user is before use the present invention program carries out CLI rights management, need to register in the CLI Rights Management System preset in advance, the CLI Rights Management System preset can carry out maintenance and management to the information of each user, and can distribute web-privilege password Web to new user when user registers.It further ensures the safety of information.
In a word, present invention achieves the security assurance information in operating system aspect, the risk of the avoiding critical data not deleted by mistake, change by mistake of higher authority, misoperation, has better ensured the fail safe of information, has had very high technological value.
In order to achieve the above object, the invention allows for a kind of Command Line Interface CLI Rights Management System 01, as shown in Figure 2, this system comprises: monitor module 02 and administration module 03.
Monitor module 02, for the CLI in the CLI knowledge base that real-time listening is preset.
Administration module 03, for when there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.
Preferably,
The CLI knowledge base preset comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools.
The keyword preset comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
Preferably, this system also comprises creation module 04.
Creation module 04, before the CLI in the CLI knowledge base preset at real-time listening, creates control of authority strategy for the different CLI platform in the CLI knowledge base preset and different keywords in advance; And set up different user and CLI platform, one-to-one relationship between keyword and control of authority strategy.
Preferably, administration module 03 carries out management to user right refer to according to the control of authority strategy preset:
Obtain the control of authority strategy of active user according to this corresponding relation, judge whether active user has the authority of current operation, when active user does not have the authority of current operation, prompting active user's insufficient permission also cancels current operation; When active user has the authority of current operation, prompting active user inputs default web-privilege password Web.
Preferably, this system also comprises Registering modules 05.
Registering modules 05, for carrying out maintenance and management to the information of each user, and being new user registration, distributing described web-privilege password Web to described new user.
Compared with prior art, the present invention includes: the described CLI in the CLI knowledge base that real-time listening is preset.When there being default keyword to occur in the CLI listened to, the control of authority strategy according to presetting manages user right.By the solution of the present invention, the fail safe of data can be ensured, avoid the randomness that data change.
It should be noted that; above-described embodiment is only understand for the ease of those skilled in the art; be not limited to protection scope of the present invention; under the prerequisite not departing from inventive concept of the present invention, any apparent replacement and improvement etc. that those skilled in the art make the present invention are all within protection scope of the present invention.
Claims (10)
1. a Command Line Interface CLI right management method, is characterized in that, described method comprises:
Described CLI in the CLI knowledge base that real-time listening is preset;
When having default keyword to occur in the described CLI listened to, the control of authority strategy according to presetting manages user right.
2. CLI right management method as claimed in claim 1, is characterized in that,
Described default CLI knowledge base comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools;
Described default keyword comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
3. CLI right management method as claimed in claim 2, it is characterized in that, described method also comprises: before the described CLI in the CLI knowledge base that real-time listening is preset, and creates described control of authority strategy in advance for the different CLI platform in the described CLI knowledge base preset and different keywords; And set up different user and described CLI platform, one-to-one relationship between described keyword and described control of authority strategy.
4. CLI right management method as claimed in claim 3, is characterized in that, the control of authority strategy that described basis is preset carries out management to user right and comprises:
The described control of authority strategy of active user is obtained according to described corresponding relation, judge whether described active user has the authority of current operation, when described active user does not have the authority of current operation, point out described active user's insufficient permission and cancel current operation; When described active user has the authority of current operation, described active user is pointed out to input default web-privilege password Web.
5. CLI right management method as claimed in claim 4, it is characterized in that, described method also comprises: carry out maintenance and management to the information of each user, and is new user registration, distributes described web-privilege password Web to described new user.
6. a Command Line Interface CLI Rights Management System, is characterized in that, described system comprises: monitor module and administration module;
Described monitoring module, for the described CLI in the CLI knowledge base that real-time listening is preset;
Described administration module, for when having default keyword to occur in the described CLI listened to, the control of authority strategy according to presetting manages user right.
7. CLI Rights Management System as claimed in claim 6, is characterized in that,
Described default CLI knowledge base comprises one or more CLI platforms following: linux system terminal, Windows system MS-DOS and database management tools;
Described default keyword comprises one or more of following operational order: remove rm, remove mv, delete delete and renewal.
8. CLI Rights Management System as claimed in claim 7, it is characterized in that, described system also comprises creation module;
Described creation module, before the described CLI in the CLI knowledge base preset at real-time listening, creates described control of authority strategy for the different CLI platform in the described CLI knowledge base preset and different keywords in advance; And set up different user and described CLI platform, one-to-one relationship between described keyword and described control of authority strategy.
9. CLI Rights Management System as claimed in claim 8, is characterized in that, described administration module carries out management according to the control of authority strategy preset to user right and refers to:
The described control of authority strategy of active user is obtained according to described corresponding relation, judge whether described active user has the authority of current operation, when described active user does not have the authority of current operation, point out described active user's insufficient permission and cancel current operation; When described active user has the authority of current operation, described active user is pointed out to input default web-privilege password Web.
10. CLI Rights Management System as claimed in claim 9, it is characterized in that, described system also comprises Registering modules;
Described Registering modules, for carrying out maintenance and management to the information of each user, and being new user registration, distributing described web-privilege password Web to described new user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510587828.6A CN105099665A (en) | 2015-09-15 | 2015-09-15 | Command line interface CLI privilege management method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510587828.6A CN105099665A (en) | 2015-09-15 | 2015-09-15 | Command line interface CLI privilege management method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105099665A true CN105099665A (en) | 2015-11-25 |
Family
ID=54579311
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510587828.6A Pending CN105099665A (en) | 2015-09-15 | 2015-09-15 | Command line interface CLI privilege management method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105099665A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109740329A (en) * | 2019-01-25 | 2019-05-10 | 成都西加云杉科技有限公司 | CLI right management method and device |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040049697A1 (en) * | 2002-03-28 | 2004-03-11 | International Business Machines Corporation | Methods and systems authenticating a user's credentials against multiple sets of credentials |
CN101090336A (en) * | 2007-07-12 | 2007-12-19 | 中兴通讯股份有限公司 | Command line interface authority hierarchical method for network equipment |
CN102333090A (en) * | 2011-09-28 | 2012-01-25 | 辽宁国兴科技有限公司 | Internal control bastion host and security access method of internal network resources |
CN102456113A (en) * | 2011-10-31 | 2012-05-16 | 中标软件有限公司 | Method for setting right over software package compiling platform for users |
CN102571476A (en) * | 2010-12-27 | 2012-07-11 | 中国银联股份有限公司 | Method and device for monitoring terminal command line in real time |
CN103457761A (en) * | 2013-07-17 | 2013-12-18 | 国家电网公司 | Cross-platform command line configuration interface implementation method |
CN104125107A (en) * | 2013-04-25 | 2014-10-29 | 上海斐讯数据通信技术有限公司 | EPON system and testing device of OAM extension message and method thereof |
-
2015
- 2015-09-15 CN CN201510587828.6A patent/CN105099665A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040049697A1 (en) * | 2002-03-28 | 2004-03-11 | International Business Machines Corporation | Methods and systems authenticating a user's credentials against multiple sets of credentials |
CN101090336A (en) * | 2007-07-12 | 2007-12-19 | 中兴通讯股份有限公司 | Command line interface authority hierarchical method for network equipment |
CN102571476A (en) * | 2010-12-27 | 2012-07-11 | 中国银联股份有限公司 | Method and device for monitoring terminal command line in real time |
CN102333090A (en) * | 2011-09-28 | 2012-01-25 | 辽宁国兴科技有限公司 | Internal control bastion host and security access method of internal network resources |
CN102456113A (en) * | 2011-10-31 | 2012-05-16 | 中标软件有限公司 | Method for setting right over software package compiling platform for users |
CN104125107A (en) * | 2013-04-25 | 2014-10-29 | 上海斐讯数据通信技术有限公司 | EPON system and testing device of OAM extension message and method thereof |
CN103457761A (en) * | 2013-07-17 | 2013-12-18 | 国家电网公司 | Cross-platform command line configuration interface implementation method |
Non-Patent Citations (1)
Title |
---|
GANESH PRASAD等著、华中兴业科技发展有限公司译: "《Linux部署专业技术》", 31 March 2001, 人民邮电出版社 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109740329A (en) * | 2019-01-25 | 2019-05-10 | 成都西加云杉科技有限公司 | CLI right management method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108600029B (en) | Configuration file updating method and device, terminal equipment and storage medium | |
US9870212B2 (en) | Data loading device and data loading method for loading software into aircraft systems | |
US20160048541A1 (en) | Automatic table cleanup for relational databases | |
DE102014002181B4 (en) | Chip and method of operating a chip | |
US20150058947A1 (en) | Mobile device authentication | |
WO2007060959A1 (en) | Plant control system | |
CN105243321A (en) | Container virtualization technology based cipher machine, implementation method and working method therefor | |
CN105635320A (en) | Method and equipment for calling configuration information | |
CN106815342A (en) | A kind of distributed file system user quota system and method | |
CN103441926A (en) | Security gateway system of numerically-controlled machine tool network | |
CN105515769A (en) | Dynamic password generation method and dynamic password generation system for network equipment | |
CN117195231A (en) | Security protection method, system and medium for real-time operation system of trusted DCS controller | |
CN105099665A (en) | Command line interface CLI privilege management method and system | |
CN109450925B (en) | User authority verification method and device for operation and maintenance of power secondary system and electronic equipment | |
CN105159797A (en) | Oracle database based backup and recovery method | |
CN105592114A (en) | Application software issuing method in virtual desktop environment | |
CN103414554A (en) | Objectification secret key management system and secret key management method based on system | |
CN108279996A (en) | A kind of high in the clouds data backup processing method and device | |
CN106302473A (en) | The duplication maintaining method of a kind of SQL Server data base and system | |
CN105279455A (en) | Security architecture of mobile device and running method of application | |
CN105119766A (en) | Train control data management platform | |
CN113536251A (en) | Protection method and system for digital key | |
CN112565367B (en) | Data exchange platform and data exchange method based on symmetric algorithm | |
CN104363276B (en) | Third party cloud monitoring method based on point domain | |
US9727712B2 (en) | System that enforces accountability by requiring justifications for sensitive information technology operations |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151125 |