CN105653982A - Method and system used for data permission control - Google Patents
Method and system used for data permission control Download PDFInfo
- Publication number
- CN105653982A CN105653982A CN201511026657.6A CN201511026657A CN105653982A CN 105653982 A CN105653982 A CN 105653982A CN 201511026657 A CN201511026657 A CN 201511026657A CN 105653982 A CN105653982 A CN 105653982A
- Authority
- CN
- China
- Prior art keywords
- data
- node
- tree
- model
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a method and a system used for data permission control. The method used for the data permission control comprises the following steps: establishing an institutional framework tree model; according to different data permission requirements, classifying data; according to different data permissions, independently collecting user identifiers and classified data types into each node of the institutional framework tree model; and according to the node of the institutional framework tree model, controlling the data operation permission of a user. According to various implementation ways of the method, a lightweight class data permission control scheme is put forward, the lightweight class data permission control scheme can simply realize the data permission control by aiming at a situation that fine-grain permission control in the prior art is not required, and the data permission control can be realized only in a way that the data types and users are mounted to the specific nodes of a specific organization tree, and a filtering condition does not need to be independently configured for each user.
Description
Technical field
The present invention relates to the communications field, specifically, relate to a kind of method and system controlled for data permission.
Background technology
The user of different role is different to the operating right of the different data in system. In an information system, the user of different role signs in in system, it is seen that data are different. Such as general manager logs on to it can be seen that all of management data in system, and salesman signs in the sales information that can only see the client belonging to him in system, and the such as finance that can't see other wait other information.
In data permission control, prior art is essentially all by the certain filtercondition of some operation setting to user, this filtercondition is probably either directly through sql (i.e. StructuredQueryLanguage, SQL) write out, possibly by json (i.e. JavaScriptObjectNotation, it is the data interchange format of a kind of lightweight) or xml (i.e. ExtensibleMarkupLanguage, extensible markup language) etc. form express, but finally all to be expressed by sql. Such as, salesman can only check the sequence information of the client oneself safeguarded, then salesman is when checking order, it is necessary to filtercondition on band, namely can only check one's own client. For other user operation, to bring this type of filtercondition too. But, due to different user operations, the filtercondition needed is different, that is, for different user operations, need independently to write filtercondition (attention: this filtercondition may be by what the mode of configuration file realized, namely the mode of json and xml above-mentioned), so this type of scheme neither one universality.
In such scheme, for the different filtercondition of different operative configuration to realize data permission, it is achieved be that fine-grained data permission controls. Such as control salesman and can only check the order of certain some user after 1 day January in 2014, this scheme is required for a set of filtercondition of separate configurations for each user operation, if certain system has 100 user operations, so being accomplished by 100 filterconditions of separate configurations, this method is excessively loaded down with trivial details.But, in most cases, data permission need not accomplish such fine granularity, in such cases, is using such scheme will produce many extra work amounts, is too increasing the complexity of system simultaneously.
Summary of the invention
In view of the drawbacks described above of prior art, embodiments of the present invention provide a kind of method and system controlled for data permission, which propose the data permission control program of a kind of lightweight.
According to one embodiment of the present invention, it is provided that a kind of method controlled for data permission, described method may include that sets up organization's tree-model; Require data are classified according to different data permissions; According to different data permissions, ID and sorted data type are collected respectively in each node of described organizational structure tree-model; And the authority of user operation data is controlled by the node according to described organization tree-model.
According to another embodiment of the invention, it is provided that a kind of data permission controls system, and described system may include that
Organization's tree module, is used for setting up organization's tree-model;
Carry module, for requiring data are classified according to different data permissions, and collects in each node of described organizational structure tree-model respectively by ID and sorted data type;
Control of authority module, is controlled the authority of user operation data for the node according to described organization tree-model.
The various embodiments adopting the present invention have following beneficial effect:
Various embodiments according to the present invention, propose the data permission control program of a kind of lightweight, for need not as prior art the situation of fine-grained control of authority, the data permission control program of described lightweight can realize data permission control simply, as long as the concrete node that data type and user are mounted on concrete mechanism tree can realize, the configurating filtered condition of each user operation need not be stood alone as. Thus, relative to prior art, workload is reduced, and also simplify the complexity of system simultaneously.
Accompanying drawing explanation
Fig. 1 is the flow chart illustrating a kind of method controlled for data permission according to embodiment of the present invention;
Fig. 2 illustrates the block diagram that a kind of data permission according to embodiment of the present invention controls system;
Fig. 3 illustrates the block diagram that a kind of data permission according to another embodiment of the present invention controls system.
Detailed description of the invention
For the ease of understanding the various aspects of technical solution of the present invention, feature and advantage, below in conjunction with accompanying drawing, the present invention is specifically described. Should be appreciated that following various embodiments are served only for illustrating, not for limiting the scope of the invention.
With reference to Fig. 1, it is shown that the handling process of the method controlled for data permission of one embodiment of the present invention. According to embodiment of the present invention, described method can include, but are not limited to following process:
S110. organization's tree-model is set up;
S120. require data are classified according to different data permissions;
S130. according to different data permissions, ID and sorted data type (i.e. data classification) are collected respectively in each node of described organizational structure tree-model;
S140. the authority of user operation data is controlled by the node according to described organization tree-model. Wherein, user operation data may include but be not limited to: user is to the inquiry of data, write, change, deletion etc.
According to embodiment of the present invention, as long as the data permission that the concrete node that data type and user are mounted on concrete mechanism tree can realize lightweight controls, the configurating filtered condition of each user operation need not be stood alone as. Thus, relative to prior art, workload is reduced, and also simplify the complexity of system simultaneously.
In another embodiment of the invention, process S110 and may include that according to institutional structural system, set up the organization tree with hierarchical relationship; And be each node one node identification of distribution in described organization tree.
In one embodiment of the invention, process S140 and may include that the data of data type corresponding to present node can be operated by the user allowing present node.
In the preferred embodiment of the present invention, process S130 can include, but are not limited to:
According to different data permissions, set up data type and the first corresponding relation of the node identification of each node in described organization tree-model, set up user and the second corresponding relation of the node identification of each node in described organization tree-model.
Further, process S140 may include that and determines, with described second corresponding relation, the node identification that user is corresponding based on ID; According to described node identification and described first corresponding relation, the authority of user operation data is controlled.
Wherein, it is alternatively that, it is controlled may include that to the authority of user operation data according to described node identification and described first corresponding relation
The data type corresponding with described node identification is determined with described first corresponding relation according to described node identification;
Allow user that the data of the described data type determined are operated.
With reference to Fig. 2, it illustrates the data permission according to one embodiment of the present invention and control system. In embodiments of the present invention, described system can include but not limited to: organization's tree module 210, carry module 220 and control of authority module 230.
Specifically, described organization tree module 210 is used for setting up organization's tree-model, for instance, according to institutional structural system, set up the organization tree with hierarchical relationship, and be each node one node identification of distribution in described organization tree. Described carry module 220 is for requiring data are classified according to different data permissions, and ID and sorted data type is collected respectively in each node of described organizational structure tree-model. Further, the authority of user operation data is controlled by described control of authority module 230 for the node according to described organization tree-model. Wherein, user operation data may include but be not limited to: user is to the inquiry of data, write, change, deletion etc.
In one embodiment of the invention, described carry module 220 may include that
Carry data type element 221, for setting up data type and the first corresponding relation of the node identification of each node in described organization tree-model according to different data permissions;
Carry subscriber unit 222, for setting up user and the second corresponding relation of the node identification of each node in described organization tree-model according to different data permissions.
In another embodiment of the invention, according to the node of described organization tree-model, the authority of user operation data is controlled may include that the data of data type corresponding to present node can be operated by the user allowing present node by described control of authority module 230.
In a preferred embodiment of the invention, the authority of user operation data is controlled may include that according to the node of described organization tree-model and determines, with described second corresponding relation, the node identification that user is corresponding based on ID by described control of authority module 230;According to described node identification and described first corresponding relation, the authority of user operation data is controlled.
Further, it is controlled comprising the steps that to the authority of user operation data according to described node identification and described first corresponding relation and determines the data type corresponding with described node identification according to described node identification with described first corresponding relation; Allow user that the data of the described data type determined are operated.
According to embodiment of the present invention, as long as the data permission that the concrete node that data type and user are mounted on concrete mechanism tree can realize lightweight controls, the configurating filtered condition of each user operation need not be stood alone as. Thus, relative to prior art, workload is reduced, and also simplify the complexity of system simultaneously.
It should be noted that embodiment of above is only used for the present invention is illustrated, it is not intended to limit the scope of the invention. Under the premise without departing from the objective of the present invention; above-mentioned embodiment can be carried out various amendment; such as; can carrying out again splitting or combination according to the function realized to the module realizing each function, the embodiment that this fractionation or combination obtain falls into the protection domain of the claims in the present invention equally.
Check data instance with user below, the data permission control program of the lightweight that the present invention proposes is illustrated.
In general, in present embodiment, first a set of organization tree will be set up, then to needing the data doing data permission first to make classification, sorted data type is collected respectively in corresponding organization tree simultaneously, the user role checking data will be needed also to collect in corresponding organization tree simultaneously, so, can control different users it can be seen that all data in organization's tree node belonging to current (or the data of upper level/next stage, system can configure), without the operation separate configurations filtercondition for each user.
As it is shown on figure 3, another embodiment that a kind of data permission of the present invention controls system can include but not limited to: organization's tree module 310, carry data categorization module 320, carry line module 330 and inquiry data module 340. Specifically, organization tree module 310 sets up a set of tree with hierarchical relationship; Carry data categorization module 320 sorts data into and the node one_to_one corresponding on organization tree; Carry line module 330 is by user and the node on organization tree one by one corresponding; And inquiry data module 340 is according to user's querying node data on organization tree.
In embodiments of the present invention, the process of data permission control system is as follows:
Set up organization's tree-model
Live tissue structure situation according to company, setting up an organization tree with hierarchical relationship, each node in this mechanism tree has a node serial number (i.e. node identification), and this numbering is by from illustrating that rule generates, such as, root mechanism is numbered 1, and one-level mechanism is 1_1,1_2,1_3 ..., secondary facility is 1_1_1,1_1_2,1_1_3 .... May identify which out from numbering above, if numbering in contain " _ ", then be root mechanism, if contain one " _ ", then be one-level mechanism, if contain two " _ ", then be secondary facility. Can be easy to extrapolate the numbering of the numbering of his father mechanism, one-level clamp mechanism by current facility numbering simultaneously. Being 1_1 if present node is 1_1_3, Ze Fu mechanism, clamp mechanism is 1_1_3_* (* can represent arbitrary value), and other nodes are by that analogy.
Categorical data
For sales type company, generally carry out the classification of data with client for dimension. That is, client is associated as the node of main body and organization tree, time data permission controls, as long as it can be seen that this client, all information of this client just can be seen. Other categorical data can be made a concrete analysis of according to system concrete condition. When some particular user login time, the system " numbering " according to mechanism corresponding to this user, search all and that there is this " numbering " client in systems, show all information of this client simultaneously accordingly. For inquiry less than client, then do not display, it is achieved data permission control.
Carry user/categorical data is to organization tree
The user of inquiry data will be needed respectively, and categorical data hangs under some node concrete of mechanism tree.
The unified configuration of data permission filtercondition
When carrying out the operations such as data query, the organization's tree node numbering belonging to active user, inquire about the data of (this node upper level/next stage can customize) under this node.
Some user it can be seen that data rule as follows:
If the mechanism tree that this user is corresponding be numbered 1_1, then it can be seen that all there are 1_1 numbering and the data of 1_1_* numbering in " hang over data classification ", other data without so numbering can not be seen by this user, it is achieved data permission controls.
In sum, prior art is based on fine-grained data permission, will realize this fine granularity, it is necessary to the operation for user each time makes a filtercondition, adds the complexity of system. In actual use procedure, user needs this type of fine-grained situation less, it is more the data inquiring about to one's name department or oneself administration client, for this situation, the present invention can solve this problem very easily, as long as the concrete node that data classification and user are mounted on concrete authorities tree can realize, the configurating filtered condition of each user operation need not be stood alone as.
The various different embodiment of the present invention described in detail above, other aspects or the feature of the technical scheme of embodiment of the present invention are described below in another form, and it is not limited to following a series of paragraph, in order to clear and effectively for the purpose of, specify alphanumeric can to the some or all of paragraphs in these paragraphs. The content group that in these paragraphs each section can combine with one or more than one other paragraph in any suitable manner. When the example of some in not limiting suitable combination, some paragraphs hereinafter are quoted other paragraphs especially and limit other paragraphs further.
A1. the method controlled for data permission may include that and sets up organization's tree-model; Require data are classified according to different data permissions; According to different data permissions, ID and sorted data type are collected respectively in each node of described organizational structure tree-model; And the authority of user operation data is controlled by the node according to described organization tree-model.
A2. the method according to paragraph A1, described organization's tree-model of setting up may include that
According to institutional structural system, set up the organization tree with hierarchical relationship; And be each node one node identification of distribution in described organization tree.
A3. the method according to paragraph A2, described according to different data permissions, user and sorted data type are collected respectively in each node of described organizational structure tree-model and may include that
According to different data permissions, set up data type and the first corresponding relation of the node identification of each node in described organization tree-model, set up user and the second corresponding relation of the node identification of each node in described organization tree-model.
A4. according to the method one of paragraph A1��A3 Suo Shu, according to the node of described organization tree-model, the authority of user operation data being controlled comprising the steps that, the data of data type corresponding to present node can be operated by the user allowing present node.
A5. the method according to paragraph A2 or A3, is controlled comprising the steps that to the authority of user operation data according to the node of described organization tree-model
Determine, with described second corresponding relation, the node identification that user is corresponding based on ID; According to described node identification and described first corresponding relation, the authority of user operation data is controlled.
A6. the method according to paragraph A5, further, is controlled may include that to the authority of user operation data according to described node identification and described first corresponding relation
The data type corresponding with described node identification is determined with described first corresponding relation according to described node identification; Allow user that the data of the described data type determined are operated.
B1. a data permission control system includes:
Organization's tree module, is used for setting up organization's tree-model;
Carry module, for requiring data are classified according to different data permissions, and collects in each node of described organizational structure tree-model respectively by ID and sorted data type;
Control of authority module, is controlled the authority of user operation data for the node according to described organization tree-model.
B2. the system according to paragraph B1, described organization tree module is set up organization's tree-model and be may include that
According to institutional structural system, set up the organization tree with hierarchical relationship; And be each node one node identification of distribution in described organization tree.
B3. the system according to paragraph B2, further, described carry module comprises the steps that
Carry data type element, for setting up data type and the first corresponding relation of the node identification of each node in described organization tree-model according to different data permissions;
Carry subscriber unit, for setting up user and the second corresponding relation of the node identification of each node in described organization tree-model according to different data permissions.
B4. according to the system one of paragraph B1��B3 Suo Shu, according to the node of described organization tree-model, the authority of user operation data is controlled may include that the data of data type corresponding to present node can be operated by the user allowing present node by described control of authority module.
B5. the system according to paragraph B2 or B3, the authority of user operation data is controlled may include that by described control of authority module according to the node of described organization tree-model
Determine, with described second corresponding relation, the node identification that user is corresponding based on ID; According to described node identification and described first corresponding relation, the authority of user operation data is controlled.
B6. the system according to paragraph B5, further, is controlled comprising the steps that to the authority of user operation data according to described node identification and described first corresponding relation
The data type corresponding with described node identification is determined with described first corresponding relation according to described node identification; Allow user that the data of the described data type determined are operated.
Through the above description of the embodiments, those skilled in the art is it can be understood that can realize by the mode of software combined with hardware platform to the present invention.Based on such understanding, what background technology was contributed by technical scheme can embody with the form of software product in whole or in part, this computer software product can be stored in storage medium, such as ROM/RAM, magnetic disc, CD etc., including some instructions with so that a computer equipment (can be personal computer, server, or the network equipment etc.) perform the method described in some part of each embodiment of the present invention or embodiment.
Skilled person should be appreciated that and disclosed above is only embodiments of the present invention, certainly with this interest field limiting the present invention, according to the equivalent variations that embodiment of the present invention is made, can not still belong to the scope that the claims in the present invention contain.
Claims (12)
1. the method controlled for data permission, it is characterised in that described method includes:
Set up organization's tree-model;
Require data are classified according to different data permissions;
According to different data permissions, ID and sorted data type are collected respectively in each node of described organizational structure tree-model;
The authority of user operation data is controlled by the node according to described organization tree-model.
2. method according to claim 1, it is characterised in that set up organization's tree-model and include:
According to institutional structural system, set up the organization tree with hierarchical relationship;
A node identification is distributed for each node in described organization tree.
3. method according to claim 2, it is characterised in that according to different data permissions, each node that user and sorted data type collect described organizational structure tree-model respectively is included:
According to different data permissions, set up data type and the first corresponding relation of the node identification of each node in described organization tree-model, set up user and the second corresponding relation of the node identification of each node in described organization tree-model.
4. method according to claim 1, it is characterised in that be controlled including to the authority of user operation data according to the node of described organization tree-model:
The data of data type corresponding to present node can be operated by the user allowing present node.
5. method according to claim 2, it is characterised in that be controlled including to the authority of user operation data according to the node of described organization tree-model:
Determine, with described second corresponding relation, the node identification that user is corresponding based on ID;
According to described node identification and described first corresponding relation, the authority of user operation data is controlled.
6. method according to claim 5, it is characterised in that be controlled including to the authority of user operation data according to described node identification and described first corresponding relation:
The data type corresponding with described node identification is determined with described first corresponding relation according to described node identification;
Allow user that the data of the described data type determined are operated.
7. a data permission controls system, it is characterised in that described system includes:
Organization's tree module, is used for setting up organization's tree-model;
Carry module, for requiring data are classified according to different data permissions, and collects in each node of described organizational structure tree-model respectively by ID and sorted data type;
Control of authority module, is controlled the authority of user operation data for the node according to described organization tree-model.
8. system according to claim 7, it is characterised in that described organization tree module is set up organization's tree-model and included:
According to institutional structural system, set up the organization tree with hierarchical relationship;
A node identification is distributed for each node in described organization tree.
9. system according to claim 8, it is characterised in that described carry module includes:
Carry data type element, for setting up data type and the first corresponding relation of the node identification of each node in described organization tree-model according to different data permissions;
Carry subscriber unit, for setting up user and the second corresponding relation of the node identification of each node in described organization tree-model according to different data permissions.
10. system according to claim 7, it is characterised in that the authority of user operation data is controlled including by described control of authority module according to the node of described organization tree-model:
The data of data type corresponding to present node can be operated by the user allowing present node.
11. system according to claim 8, it is characterised in that the authority of user operation data is controlled including by described control of authority module according to the node of described organization tree-model:
Determine, with described second corresponding relation, the node identification that user is corresponding based on ID;
According to described node identification and described first corresponding relation, the authority of user operation data is controlled.
12. system according to claim 11, it is characterised in that be controlled including to the authority of user operation data according to described node identification and described first corresponding relation:
The data type corresponding with described node identification is determined with described first corresponding relation according to described node identification;
Allow user that the data of the described data type determined are operated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511026657.6A CN105653982A (en) | 2015-12-31 | 2015-12-31 | Method and system used for data permission control |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511026657.6A CN105653982A (en) | 2015-12-31 | 2015-12-31 | Method and system used for data permission control |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105653982A true CN105653982A (en) | 2016-06-08 |
Family
ID=56490396
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201511026657.6A Pending CN105653982A (en) | 2015-12-31 | 2015-12-31 | Method and system used for data permission control |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105653982A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107301354A (en) * | 2017-06-27 | 2017-10-27 | 北京微影时代科技有限公司 | A kind of System right management method and device |
| CN107872687A (en) * | 2017-11-23 | 2018-04-03 | 华平智慧信息技术(深圳)有限公司 | Authority distributing method and system in monitoring system |
| CN108920914A (en) * | 2018-05-02 | 2018-11-30 | 中国银联股份有限公司 | A kind of authority control method and device |
| CN109656921A (en) * | 2018-11-26 | 2019-04-19 | 平安科技(深圳)有限公司 | Organizational structure data processing method, device, computer equipment and storage medium |
| CN110750766A (en) * | 2019-10-12 | 2020-02-04 | 平安医疗健康管理股份有限公司 | Authority verification method and device, computer equipment and storage medium |
| CN111343172A (en) * | 2020-02-20 | 2020-06-26 | 中国建设银行股份有限公司 | Network access authority dynamic processing method and device |
| CN111444543A (en) * | 2020-04-02 | 2020-07-24 | 深圳市康拓普信息技术有限公司 | Data authority management method and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101714172A (en) * | 2009-11-13 | 2010-05-26 | 华中科技大学 | Index structure supporting access control and search method thereof |
| CN102402652A (en) * | 2010-09-16 | 2012-04-04 | 金蝶软件(中国)有限公司 | Method, system and terminal for controlling authority |
| US20130232539A1 (en) * | 2012-03-01 | 2013-09-05 | Humanconcepts | Method and system for controlling data access to organizational data maintained in hierarchical |
| CN103425654A (en) * | 2012-05-16 | 2013-12-04 | 深圳中兴力维技术有限公司 | Method, device and system for reproducing permission tree in linkage manner |
| CN104182503A (en) * | 2014-08-18 | 2014-12-03 | 上海众恒信息产业股份有限公司 | Cloud platform data access safety isolation method |
-
2015
- 2015-12-31 CN CN201511026657.6A patent/CN105653982A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101714172A (en) * | 2009-11-13 | 2010-05-26 | 华中科技大学 | Index structure supporting access control and search method thereof |
| CN102402652A (en) * | 2010-09-16 | 2012-04-04 | 金蝶软件(中国)有限公司 | Method, system and terminal for controlling authority |
| US20130232539A1 (en) * | 2012-03-01 | 2013-09-05 | Humanconcepts | Method and system for controlling data access to organizational data maintained in hierarchical |
| CN103425654A (en) * | 2012-05-16 | 2013-12-04 | 深圳中兴力维技术有限公司 | Method, device and system for reproducing permission tree in linkage manner |
| CN104182503A (en) * | 2014-08-18 | 2014-12-03 | 上海众恒信息产业股份有限公司 | Cloud platform data access safety isolation method |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107301354A (en) * | 2017-06-27 | 2017-10-27 | 北京微影时代科技有限公司 | A kind of System right management method and device |
| CN107872687A (en) * | 2017-11-23 | 2018-04-03 | 华平智慧信息技术(深圳)有限公司 | Authority distributing method and system in monitoring system |
| CN108920914A (en) * | 2018-05-02 | 2018-11-30 | 中国银联股份有限公司 | A kind of authority control method and device |
| CN109656921A (en) * | 2018-11-26 | 2019-04-19 | 平安科技(深圳)有限公司 | Organizational structure data processing method, device, computer equipment and storage medium |
| CN109656921B (en) * | 2018-11-26 | 2023-09-01 | 平安科技(深圳)有限公司 | Organization architecture data processing method, device, computer equipment and storage medium |
| CN110750766A (en) * | 2019-10-12 | 2020-02-04 | 平安医疗健康管理股份有限公司 | Authority verification method and device, computer equipment and storage medium |
| CN110750766B (en) * | 2019-10-12 | 2022-11-04 | 深圳平安医疗健康科技服务有限公司 | Authority verification method, device, computer equipment and storage medium |
| CN111343172A (en) * | 2020-02-20 | 2020-06-26 | 中国建设银行股份有限公司 | Network access authority dynamic processing method and device |
| CN111444543A (en) * | 2020-04-02 | 2020-07-24 | 深圳市康拓普信息技术有限公司 | Data authority management method and system |
| CN111444543B (en) * | 2020-04-02 | 2023-02-28 | 南方电网数字平台科技(广东)有限公司 | Data authority management method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105653982A (en) | Method and system used for data permission control | |
| CN103377336B (en) | The control method of a kind of computer system user authority and system | |
| CN102831122B (en) | Data storage method, inquiring method and inquiring device for workflow table | |
| CN105450705B (en) | Business data processing method and equipment | |
| CN105160273B (en) | A kind of knowledge management method based on access control and intelligent retrieval | |
| CN107025411B (en) | A kind of system and method for fine-grained data permission dynamic control | |
| CN108509437A (en) | A kind of ElasticSearch inquiries accelerated method | |
| CN106126977B (en) | A kind of efficient electronic document permission inheritance and transmission method | |
| CN112416923A (en) | Metadata management method and device, equipment and storage medium | |
| US10579681B2 (en) | Privilege information management system and privilege information management program | |
| CN106095964A (en) | A kind of method that data are carried out visualization filing and search | |
| CN109416684A (en) | The intake manager of analysis platform | |
| US7487183B1 (en) | Grouped filter rules for workflow application update notifications | |
| CN102479354A (en) | Data processing method and system based on workflow | |
| US9672231B2 (en) | Concurrent access for hierarchical data storage | |
| CN105930741A (en) | Power system resource permission management system | |
| CN111177700A (en) | Method and device for controlling row-level authority | |
| CN115310945A (en) | Method and system for multi-dimensional process grouping examination and approval | |
| CN105450878B (en) | The distribution method and distribution system of resource of attending a banquet code | |
| US20140075028A1 (en) | Centralized Data Provisioning | |
| CN113886397A (en) | Data resource directory system | |
| CN112231658A (en) | VUE-based ERP dynamic authority control method | |
| CN111291354A (en) | Device binding management method, system, readable storage medium and device terminal | |
| CN110472111A (en) | Rights management, user right inquiry and resource information authorization method | |
| CN110471968A (en) | Dissemination method, device, equipment and the storage medium of ETL task |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160608 |