CN106534199A - 大数据环境下基于xacml和saml的分布式系统认证与权限管理平台 - Google Patents
大数据环境下基于xacml和saml的分布式系统认证与权限管理平台 Download PDFInfo
- Publication number
- CN106534199A CN106534199A CN201611216782.8A CN201611216782A CN106534199A CN 106534199 A CN106534199 A CN 106534199A CN 201611216782 A CN201611216782 A CN 201611216782A CN 106534199 A CN106534199 A CN 106534199A
- Authority
- CN
- China
- Prior art keywords
- user
- saml
- management module
- xacml
- department
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000013475 authorization Methods 0.000 claims abstract description 20
- 238000012545 processing Methods 0.000 claims abstract description 20
- 230000005540 biological transmission Effects 0.000 claims abstract description 11
- 230000003993 interaction Effects 0.000 claims abstract description 5
- 230000009471 action Effects 0.000 claims description 26
- 238000000034 method Methods 0.000 claims description 21
- 230000008520 organization Effects 0.000 claims description 19
- 230000006870 function Effects 0.000 claims description 14
- 230000007246 mechanism Effects 0.000 claims description 12
- 230000000694 effects Effects 0.000 claims description 9
- 230000008569 process Effects 0.000 claims description 8
- 238000004891 communication Methods 0.000 claims description 7
- 238000001914 filtration Methods 0.000 claims description 6
- 230000002159 abnormal effect Effects 0.000 claims description 4
- 238000012790 confirmation Methods 0.000 claims description 3
- 230000000737 periodic effect Effects 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 claims description 2
- 238000004458 analytical method Methods 0.000 description 7
- 230000015654 memory Effects 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 238000007792 addition Methods 0.000 description 3
- 238000003491 array Methods 0.000 description 3
- 230000009977 dual effect Effects 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 239000007787 solid Substances 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000014509 gene expression Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611216782.8A CN106534199B (zh) | 2016-12-26 | 2016-12-26 | 大数据环境下基于xacml和saml的分布式系统认证与权限管理平台 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611216782.8A CN106534199B (zh) | 2016-12-26 | 2016-12-26 | 大数据环境下基于xacml和saml的分布式系统认证与权限管理平台 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106534199A true CN106534199A (zh) | 2017-03-22 |
CN106534199B CN106534199B (zh) | 2019-11-15 |
Family
ID=58338084
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611216782.8A Active CN106534199B (zh) | 2016-12-26 | 2016-12-26 | 大数据环境下基于xacml和saml的分布式系统认证与权限管理平台 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106534199B (zh) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107257292A (zh) * | 2017-05-26 | 2017-10-17 | 河南职业技术学院 | 一种跨域分布式大数据通讯系统设计规划方法 |
CN107368601A (zh) * | 2017-07-26 | 2017-11-21 | 成都三零盛安信息系统有限公司 | 本地数据访问方法和装置 |
CN107733863A (zh) * | 2017-09-07 | 2018-02-23 | 济南双瑞软件有限公司 | 一种分布式hadoop环境下的日志调试方法和装置 |
CN110867258A (zh) * | 2019-11-13 | 2020-03-06 | 李大旭 | 基于移动健康的个人信息平台 |
CN110969321A (zh) * | 2018-09-29 | 2020-04-07 | 上海可鲁系统软件有限公司 | 工业信息资产管理方法及装置 |
CN111064731A (zh) * | 2019-12-23 | 2020-04-24 | 北京神州绿盟信息安全科技股份有限公司 | 一种浏览器请求的访问权限的识别方法、识别装置及终端 |
CN111262337A (zh) * | 2018-11-30 | 2020-06-09 | 国网江苏省电力有限公司南京供电分公司 | 基于远程调阅的主、配网一体化scada操作方法 |
CN111865937A (zh) * | 2020-07-01 | 2020-10-30 | 哈尔滨工程大学 | 一种用于数据库集群权限冲突检测和消解的系统及方法 |
CN111949973A (zh) * | 2020-07-31 | 2020-11-17 | 上海中通吉网络技术有限公司 | 身份识别与访问管理系统和方法 |
CN112269971A (zh) * | 2020-11-10 | 2021-01-26 | 电子科技大学 | 一种用于大型软件的权限组织结构及权限管理方法 |
CN113452650A (zh) * | 2020-03-24 | 2021-09-28 | 钉钉控股(开曼)有限公司 | 访问控制方法、装置、设备和存储介质 |
CN114697084A (zh) * | 2022-03-14 | 2022-07-01 | 浙江大豪科技有限公司 | 缝纫设备数据访问方法 |
-
2016
- 2016-12-26 CN CN201611216782.8A patent/CN106534199B/zh active Active
Non-Patent Citations (4)
Title |
---|
YURI DEMCHENKO等: "Using SAML and XACML for Complex Authorisation Scenarios in Dynamic Resource Provisioning", 《THE SECOND INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY》 * |
孙立: "Web服务中跨域安全的认证与授权研究", 《计算机光盘软件与应用》 * |
彭军等: "基于XML和XACML的角色访问控制的实施", 《石河子大学学报(自然科学版)》 * |
杭园园等: "Web服务中基于SAML和XACML的RBAC模型", 《计算机工程与设计》 * |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107257292A (zh) * | 2017-05-26 | 2017-10-17 | 河南职业技术学院 | 一种跨域分布式大数据通讯系统设计规划方法 |
CN107257292B (zh) * | 2017-05-26 | 2019-11-19 | 河南职业技术学院 | 一种跨域分布式大数据通讯系统设计规划方法 |
CN107368601A (zh) * | 2017-07-26 | 2017-11-21 | 成都三零盛安信息系统有限公司 | 本地数据访问方法和装置 |
CN107733863A (zh) * | 2017-09-07 | 2018-02-23 | 济南双瑞软件有限公司 | 一种分布式hadoop环境下的日志调试方法和装置 |
CN110969321A (zh) * | 2018-09-29 | 2020-04-07 | 上海可鲁系统软件有限公司 | 工业信息资产管理方法及装置 |
CN110969321B (zh) * | 2018-09-29 | 2024-06-04 | 上海可鲁系统软件有限公司 | 工业信息资产管理方法及装置 |
CN111262337A (zh) * | 2018-11-30 | 2020-06-09 | 国网江苏省电力有限公司南京供电分公司 | 基于远程调阅的主、配网一体化scada操作方法 |
CN110867258A (zh) * | 2019-11-13 | 2020-03-06 | 李大旭 | 基于移动健康的个人信息平台 |
CN111064731B (zh) * | 2019-12-23 | 2022-02-15 | 绿盟科技集团股份有限公司 | 一种浏览器请求的访问权限的识别方法、识别装置及终端 |
CN111064731A (zh) * | 2019-12-23 | 2020-04-24 | 北京神州绿盟信息安全科技股份有限公司 | 一种浏览器请求的访问权限的识别方法、识别装置及终端 |
CN113452650A (zh) * | 2020-03-24 | 2021-09-28 | 钉钉控股(开曼)有限公司 | 访问控制方法、装置、设备和存储介质 |
CN113452650B (zh) * | 2020-03-24 | 2023-04-07 | 钉钉控股(开曼)有限公司 | 访问控制方法、装置、设备和存储介质 |
CN111865937A (zh) * | 2020-07-01 | 2020-10-30 | 哈尔滨工程大学 | 一种用于数据库集群权限冲突检测和消解的系统及方法 |
CN111865937B (zh) * | 2020-07-01 | 2022-04-12 | 哈尔滨工程大学 | 一种用于数据库集群权限冲突检测和消解的系统及方法 |
CN111949973A (zh) * | 2020-07-31 | 2020-11-17 | 上海中通吉网络技术有限公司 | 身份识别与访问管理系统和方法 |
CN112269971A (zh) * | 2020-11-10 | 2021-01-26 | 电子科技大学 | 一种用于大型软件的权限组织结构及权限管理方法 |
CN114697084A (zh) * | 2022-03-14 | 2022-07-01 | 浙江大豪科技有限公司 | 缝纫设备数据访问方法 |
CN114697084B (zh) * | 2022-03-14 | 2024-03-26 | 浙江大豪科技有限公司 | 缝纫设备数据访问方法 |
Also Published As
Publication number | Publication date |
---|---|
CN106534199B (zh) | 2019-11-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106534199B (zh) | 大数据环境下基于xacml和saml的分布式系统认证与权限管理平台 | |
AU2019206006B2 (en) | System and method for biometric protocol standards | |
US10829088B2 (en) | Identity management for implementing vehicle access and operation management | |
US11055802B2 (en) | Methods and apparatus for implementing identity and asset sharing management | |
US20230245019A1 (en) | Use of identity and access management for service provisioning | |
US11310231B2 (en) | Systems and methods for secure online credential authentication | |
KR100696316B1 (ko) | 개인 정보 관리 방법 및 장치 | |
CN106888084B (zh) | 一种量子堡垒机系统及其认证方法 | |
US9825938B2 (en) | System and method for managing certificate based secure network access with a certificate having a buffer period prior to expiration | |
EP3510746A1 (en) | Architecture for access management | |
CN102546664A (zh) | 用于分布式文件系统的用户与权限管理方法及系统 | |
CN109756446B (zh) | 一种车载设备的访问方法和系统 | |
Ghaffari et al. | Authentication and access control based on distributed ledger technology: A survey | |
CN106921678A (zh) | 一种集成异构舰载信息系统的统一安全认证平台 | |
CN109886675A (zh) | 基于区块链的资源访问令牌的分发和资源使用监控方法 | |
CN112861157A (zh) | 一种基于去中心化身份和代理重加密的数据共享方法 | |
US8301900B1 (en) | Secure transformable password generation | |
KR100842276B1 (ko) | 무선 lan 보안 표준 기술을 확장한 무선 rfid의료기기 접근제어방법 | |
Tiwari et al. | Privacy issues & security techniques in big data | |
CN109639419A (zh) | 密钥保护方法、密钥存储设备及终端设备 | |
Vignesh et al. | Secured Data Access and Control Abilities Management over Cloud Environment using Novel Cryptographic Principles | |
CN107395577B (zh) | 一种大型电力企业薪酬安全系统 | |
CN108600178A (zh) | 一种征信数据的安全保障方法及系统、征信平台 | |
CN206259969U (zh) | 大数据环境下小微企业管理用集成系统设备 | |
Peng et al. | Big Data‐Based Access Control System in Educational Information Security Assurance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20200728 Address after: Room 809, Kechuang building, Dongtai hi tech Industrial Development Zone, Yancheng City, Jiangsu Province 224200 Patentee after: Dongtai Dongke Intellectual Property Service Co.,Ltd. Address before: 224051 Yancheng City, Century Avenue, Jiangsu research and development building, No. 1166 Patentee before: YANCHENG INSTITUTE OF TECHNOLOGY |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210420 Address after: 48 No. 224200 Yancheng City Dongtai city of Jiangsu Province East New District East Avenue Patentee after: Dongtai Chengdong science and Technology Pioneer Park Management Co.,Ltd. Address before: Room 809, Kechuang building, Dongtai hi tech Industrial Development Zone, Yancheng City, Jiangsu Province 224200 Patentee before: Dongtai Dongke Intellectual Property Service Co.,Ltd. |
|
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20170322 Assignee: Dongtai tepusong Machinery Equipment Co.,Ltd. Assignor: Dongtai Chengdong science and Technology Pioneer Park Management Co.,Ltd. Contract record no.: X2023980043158 Denomination of invention: A Distributed System Authentication and Permission Management Platform Based on XACML and SAML in the Big Data Environment Granted publication date: 20191115 License type: Common License Record date: 20231012 |
|
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20170322 Assignee: Dongtai Donggao Electronic Information Technology Co.,Ltd. Assignor: Dongtai Chengdong science and Technology Pioneer Park Management Co.,Ltd. Contract record no.: X2023980045160 Denomination of invention: A Distributed System Authentication and Permission Management Platform Based on XACML and SAML in the Big Data Environment Granted publication date: 20191115 License type: Common License Record date: 20231102 |
|
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20170322 Assignee: Dongtai Gaoxin Mechanical Equipment Co.,Ltd. Assignor: Dongtai Chengdong science and Technology Pioneer Park Management Co.,Ltd. Contract record no.: X2023980046304 Denomination of invention: A Distributed System Authentication and Permission Management Platform Based on XACML and SAML in the Big Data Environment Granted publication date: 20191115 License type: Common License Record date: 20231110 |