CN107770146B - User data authority control method and device - Google Patents
User data authority control method and device Download PDFInfo
- Publication number
- CN107770146B CN107770146B CN201610710737.1A CN201610710737A CN107770146B CN 107770146 B CN107770146 B CN 107770146B CN 201610710737 A CN201610710737 A CN 201610710737A CN 107770146 B CN107770146 B CN 107770146B
- Authority
- CN
- China
- Prior art keywords
- information
- role information
- user
- mobile terminal
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Abstract
The invention provides a user data authority control method and a device, wherein the method comprises the steps of searching a preset table according to an identifier of a mobile terminal when an authority access request sent by the mobile terminal is received, and acquiring role information of the mobile terminal; the access permission request comprises an identifier of the mobile terminal; acquiring to-be-opened authority role information corresponding to the role information according to the role information of the mobile terminal and a preset relation between the role information and the to-be-opened authority role information; searching user group identification information containing the identification of the mobile terminal in another preset table; searching user information of the permission to be opened corresponding to the user group identification information and the role information of the permission to be opened in a preset user group database; controlling the data authority of the user with the authority to be opened to the mobile terminal; and the user with the right to be opened is the user corresponding to the user information with the right to be opened. The invention only needs to distribute roles for each user and determine the authority relationship between the roles, thereby being convenient for obtaining the data authority of the user.
Description
Technical Field
The invention relates to the technical field of computer processing, in particular to a user data authority control method and device.
Background
The authority management generally refers to that a user can access and only can access authorized resources, not much, according to security rules or security policies set by a system. Rights management occurs within almost any system, as long as there is a system of users and passwords.
At present, controlling the data authority of a user is generally realized through an organization structure and a post, that is, the user is bound to a specific department and a post, and then the user obtains the basic authority of the post and inherits all the authorities of the post subordinate to the post.
However, sometimes an organization does not have a perfect organization structure and department position, in which case the above method of controlling the data rights of users is no longer applicable.
Disclosure of Invention
The invention provides a method and a device for controlling user data permission, which can acquire the data permission of a mobile terminal to acquire the permission only by allocating roles to each user and determining the permission relation between the roles without depending on an organization structure, post information and the like, thereby being convenient for acquiring the data permission of the user.
In a first aspect, the present invention provides a method for controlling user data permissions, including:
when an access permission request sent by a mobile terminal is received, searching a preset role information table according to an identifier of the mobile terminal, and acquiring role information of the mobile terminal; the authority access request comprises an identifier of the mobile terminal, and the role information table comprises a corresponding relation between the identifier of the mobile terminal and the role information;
acquiring to-be-opened authority role information corresponding to the role information according to the role information of the mobile terminal and a preset relation between the role information and the to-be-opened authority role information;
searching user group identification information containing the identification of the mobile terminal in a preset user group information table; the user group information table comprises a corresponding relation between the identification of the mobile terminal and the user group identification information;
searching user information of the to-be-opened authority corresponding to the user group identification information and the to-be-opened authority role information in a preset user group database; the user group database comprises corresponding relations of user group identification information, role information and user information;
controlling the data authority of the user with the authority to be opened to the mobile terminal; and the user with the right to be opened is a user corresponding to the user information with the right to be opened.
Preferably, the obtaining, according to the role information of the mobile terminal and the preset relationship between the role information and the role information to be opened, the role information to be opened corresponding to the role information includes:
searching a preset authority table according to the role information of the mobile terminal, and acquiring hierarchy information of a tree structure corresponding to the role information of the mobile terminal; the authority table comprises a corresponding relation between role information and hierarchy information of a tree structure;
searching a preset tree structure storage table according to the hierarchy information of the tree structure to acquire the role information of the authority to be opened; the tree structure storage table includes a relationship corresponding to hierarchy information and role information of the tree structure.
Preferably, the obtaining, according to the role information of the mobile terminal and the preset relationship between the role information and the role information to be opened, the role information to be opened corresponding to the role information includes:
and acquiring the role information of the authority to be opened corresponding to the role information according to the role information of the mobile terminal and the relational expression of the role information and the role information of the authority to be opened.
Preferably, the method further comprises:
receiving a data acquisition request sent by the mobile terminal;
and acquiring the data of the user with the right to be opened according to the data acquisition request, and sending the data to the mobile terminal.
Preferably, the user group database comprises a corresponding relationship among user group identification information, role information and user identifications;
and the user information of the right to be opened is a user identifier.
In a second aspect, the present invention provides a user data right control apparatus, including:
the first obtaining unit is used for searching a preset role information table according to the identification of the mobile terminal when receiving an access permission request sent by the mobile terminal, and obtaining the role information of the mobile terminal; the authority access request comprises an identifier of the mobile terminal, and the role information table comprises a corresponding relation between the identifier of the mobile terminal and the role information;
the second acquisition unit is used for acquiring the role information of the authority to be opened corresponding to the role information according to the role information of the mobile terminal and the preset relation between the role information and the role information of the authority to be opened;
a first searching unit, configured to search, in a preset user group information table, user group identification information including an identification of the mobile terminal; the user group information table comprises a corresponding relation between the identification of the mobile terminal and the user group identification information;
the second searching unit is used for searching user information of the permission to be opened corresponding to the user group identification information and the role information of the permission to be opened in a preset user group database; the user group database comprises corresponding relations of user group identification information, role information and user information;
the authority control unit is used for controlling the data authority of the user with the authority to be opened to the mobile terminal; and the user with the right to be opened is a user corresponding to the user information with the right to be opened.
Preferably, the second obtaining unit is further configured to:
searching a preset authority table according to the role information of the mobile terminal, and acquiring hierarchy information of a tree structure corresponding to the role information of the mobile terminal; the authority table comprises a corresponding relation between role information and hierarchy information of a tree structure;
searching a preset tree structure storage table according to the hierarchy information of the tree structure to acquire the role information of the authority to be opened; the tree structure storage table includes a relationship corresponding to hierarchy information and role information of the tree structure.
Preferably, the second obtaining unit is further configured to:
and acquiring the role information of the authority to be opened corresponding to the role information according to the role information of the mobile terminal and the relational expression of the role information and the role information of the authority to be opened.
Preferably, the apparatus comprises:
a receiving unit, configured to receive a data acquisition request sent by the mobile terminal;
and the third acquisition unit is used for acquiring the data of the user with the right to be opened according to the data acquisition request and sending the data to the mobile terminal.
Preferably, the user group database comprises a corresponding relationship among user group identification information, role information and user identifications;
and the user information of the right to be opened is a user identifier.
According to the technical scheme, the data authority of the mobile terminal to acquire the authority can be acquired only by allocating roles to each user and determining the authority relationship among the roles, and the data authority of the user can be acquired without depending on an organization structure, post information and the like, so that the data authority of the user can be acquired conveniently.
Drawings
Fig. 1 is a flowchart of a user data authority control method according to an embodiment of the present disclosure;
fig. 2 is a schematic block diagram of a user data right control apparatus according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be described below in a clear and complete manner with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
Some words mentioned in the embodiments of the present disclosure are exemplified below.
The User Equipment (UE) mentioned in the embodiments of the present disclosure refers to a calling service party, such as a passenger in a vehicle calling service, a mobile terminal or a Personal Computer (PC) used by the calling service party. Such as a smart phone, a Personal Digital Assistant (PDA), a tablet computer, a laptop computer, a car computer (carputer), a handheld game console, smart glasses, a smart watch, a wearable device, a virtual display device or a display enhancement device (e.g., Google Glass, Oculus Rift, Hololens, Gear VR), etc.
The terminal mentioned in the embodiment of the disclosure is a device used by a service provider, such as a driver in a vehicle calling service, a mobile terminal or a PC terminal for receiving orders, and the like. Such as the devices used by the call service parties described above. In this embodiment, in order to distinguish between a passenger and a driver, the user equipment UE and the terminal are respectively used to represent devices such as mobile terminals held by the passenger and the driver.
The existing client development technology comprises ios and android, and can monitor system incoming call notification, read system call records and read and write system address lists.
The authority name of the android system read-write address book is as follows:
permission, read _ CONTACTS (read)
Permission write CONTACTS write
The authority framework of the ios system reading and writing system address book is as follows:
ABAddressBook Framework
fig. 1 is a flowchart of a user data authority control method according to an embodiment of the present disclosure;
as shown in fig. 1, a method for controlling user data permission of this embodiment includes:
s101, when an authority access request sent by a mobile terminal is received, searching a preset role information table according to an identifier of the mobile terminal, and acquiring role information of the mobile terminal; the authority access request comprises an identifier of the mobile terminal, and the role information table comprises a corresponding relation between the identifier of the mobile terminal and the role information;
it is understood that the role information is pre-assigned to each user, and may be defined according to the nature of the organization where the user is located, for example, the role of the vehicle operation company may include: city manager, vehicle captain, drive management and outside drive management, the role of an enterprise can include: president, chief director, chief manager, staff member, etc.
S102, acquiring to-be-opened authority role information corresponding to the role information according to the role information of the mobile terminal and a preset relation between the role information and the to-be-opened authority role information;
s103, searching user group identification information containing the identification of the mobile terminal in a preset user group information table; the user group information table comprises a corresponding relation between the identification of the mobile terminal and the user group identification information;
it is understood that the users under the same role may be different, for example, for the vehicle operation company, based on the reasons of locality and role level, a city manager may manage the operation management of different cities, and if it is responsible for the fleet management of city a and the fleet management of city B, it needs to group all roles in an organization based on the reasons, so as to determine the user with control authority of a specific user.
S104, searching user information of the to-be-opened authority corresponding to the user group identification information and the to-be-opened authority role information in a preset user group database; the user group database comprises corresponding relations of user group identification information, role information and user information;
s105, controlling the data authority of the user to be subjected to the authority opening to be opened to the mobile terminal; and the user with the right to be opened is a user corresponding to the user information with the right to be opened.
The disclosed embodiments are illustrated: if the organization is a vehicle operation company, the roles of the organization comprise: city manager, vehicle captain, drive pipe and outside management of driving, wherein: the city manager is the first level, the captain of the vehicle is the second level, the driving management and the external driving management are the third level, and the upper level has the control authority of all the lower levels.
If the mobile terminal of a certain city manager sends an authority access request to the server, after the server determines the role of the city manager, the roles which can be checked by the city manager are determined to be the captain, the driving management and the external driving management according to the step S102; and then, acquiring user group identification information containing the identification of the mobile terminal according to the step S103, setting two user groups, namely a group A and a group B, wherein the two user groups both comprise the identification of the mobile terminal of the city manager, searching and acquiring the user information of the captain, the driving management and the external driving management in the group A and the group B, and controlling the data permission of all the captain, the driving management and the external driving management in the group A and the group B to be opened to the mobile terminal.
The method and the device for acquiring the data authority of the mobile terminal can acquire the data authority of the mobile terminal to be subjected to the authority acquisition only by distributing roles for each user and determining the authority relationship among the roles without depending on an organization structure, post information and the like, so that the data authority of the user can be acquired conveniently.
As a preferred embodiment, the step S102 includes:
searching a preset authority table according to the role information of the mobile terminal, and acquiring hierarchy information of a tree structure corresponding to the role information of the mobile terminal; the authority table comprises a corresponding relation between role information and hierarchy information of a tree structure;
it can be understood that, since the data authority of some roles in an organization is the same, the authority relationship of the roles is more clearly represented by a topological tree structure, so the relationship between the roles is stored in the form of a tree structure in this step.
Searching a preset tree structure storage table according to the hierarchy information of the tree structure to acquire the role information of the authority to be opened; the tree structure storage table includes a relationship corresponding to hierarchy information and role information of the tree structure.
It will be appreciated that as stored in the tree structure memory table is the first level: a city manager; a second layer: the captain of the vehicle; and a third layer: cab tube and outer cab tube.
In fact, the relationship between the roles can be expressed by the expression according to the relationship between the roles, and therefore, as a preferred embodiment, the step S102 includes:
and acquiring the role information of the authority to be opened corresponding to the role information according to the role information of the mobile terminal and the relational expression of the role information and the role information of the authority to be opened.
It can be understood that the storage space for storing the role information and the authority relationship between the roles can be saved by acquiring the to-be-opened authority role information corresponding to the role information in a relational expression manner.
As a preferred embodiment, after the step S105, the method further includes:
receiving a data acquisition request sent by the mobile terminal;
and acquiring the data of the user with the right to be opened according to the data acquisition request, and sending the data to the mobile terminal.
It can be understood that the data of the user with the control authority of the mobile terminal, which is obtained as described above, can be viewed by using the embodiment of the present disclosure.
As a preferred embodiment, the user group database includes correspondence of user group identification information, role information, and user identifications;
and the user information of the right to be opened is a user identifier.
It is understood that the user information to be granted with permission may be other user attribute information besides the user identifier, and this disclosure is not limited thereto.
The disclosure is illustrated below by means of a specific embodiment.
If a certain vehicle operation company includes 7 users, they are: A. b, C, D, E, F, G, the 7 users are respectively assigned roles of: a: and a city manager B: captain C: captain D: and (4) driving a pipe E: and F, driving a pipe: the external driving pipe G is an external driving pipe;
wherein, the authority relationship among roles is as follows: the city manager is the first level, the captain of the vehicle is the second level, the driving management and the external driving management are the third level, and the upper level has the control authority of all the lower levels.
The 7 users are divided into two groups, namely a group 1 and a group 2, wherein the group 1 comprises A, B, D, F, and the group 2 comprises A, C, E, G;
according to the authority relationship among the roles and the method disclosed by the disclosure, the user actually having the control authority is B, D, F, C, E, G; the user whose user actually has the control authority is D, F; the user for which user C actually has control authority is E, G.
Fig. 2 is a schematic block diagram of a user data right control apparatus according to an embodiment of the present disclosure.
A user data right control apparatus as shown in fig. 2, comprising:
a first obtaining unit 201, configured to, when receiving an access permission request sent by a mobile terminal, search a preset role information table according to an identifier of the mobile terminal, and obtain role information of the mobile terminal; the authority access request comprises an identifier of the mobile terminal, and the role information table comprises a corresponding relation between the identifier of the mobile terminal and the role information;
a second obtaining unit 202, configured to obtain, according to the role information of the mobile terminal and a preset relationship between the role information and the role information to be opened, role information to be opened corresponding to the role information;
a first searching unit 203, configured to search, in a preset user group information table, user group identification information including an identification of the mobile terminal; the user group information table comprises a corresponding relation between the identification of the mobile terminal and the user group identification information;
a second searching unit 204, configured to search, in a preset user group database, user information of a right to be opened corresponding to the user group identification information and the role information of the right to be opened; the user group database comprises corresponding relations of user group identification information, role information and user information;
an authority control unit 205, configured to control opening of a data authority of a user to be subjected to authority opening to the mobile terminal; and the user with the right to be opened is a user corresponding to the user information with the right to be opened.
As a preferred embodiment, the second obtaining unit 202 is further configured to:
searching a preset authority table according to the role information of the mobile terminal, and acquiring hierarchy information of a tree structure corresponding to the role information of the mobile terminal; the authority table comprises a corresponding relation between role information and hierarchy information of a tree structure;
searching a preset tree structure storage table according to the hierarchy information of the tree structure to acquire the role information of the authority to be opened; the tree structure storage table includes a relationship corresponding to hierarchy information and role information of the tree structure.
As a preferred embodiment, the second obtaining unit 202 is further configured to:
and acquiring the role information of the authority to be opened corresponding to the role information according to the role information of the mobile terminal and the relational expression of the role information and the role information of the authority to be opened.
As a preferred embodiment, the apparatus comprises:
a receiving unit, configured to receive a data acquisition request sent by the mobile terminal;
and the third acquisition unit is used for acquiring the data of the user with the right to be opened according to the data acquisition request and sending the data to the mobile terminal.
As a preferred embodiment, the user group database includes correspondence of user group identification information, role information, and user identifications;
and the user information of the right to be opened is a user identifier.
For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.
It should be noted that, in the respective components of the system of the present disclosure, the components therein are logically divided according to the functions to be implemented, but the present disclosure is not limited thereto, and the respective components may be re-divided or combined as needed, for example, some components may be combined into a single component, or some components may be further decomposed into more sub-components.
Various component embodiments of the disclosure may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components in a system according to embodiments of the present disclosure. The present disclosure may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present disclosure may be stored on a computer-readable medium or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the disclosure, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The disclosure may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The above embodiments are only suitable for illustrating the present disclosure, and not limiting the present disclosure, and those skilled in the relevant art can make various changes and modifications without departing from the spirit and scope of the present disclosure, so that all equivalent technical solutions also belong to the scope of the present disclosure, and the scope of the present disclosure should be defined by the claims.
Claims (10)
1. A method for controlling user data rights, comprising:
when an access permission request sent by a mobile terminal is received, searching a preset role information table according to an identifier of the mobile terminal, and acquiring role information of the mobile terminal; the authority access request comprises an identifier of the mobile terminal, and the role information table comprises a corresponding relation between the identifier of the mobile terminal and the role information;
acquiring to-be-opened authority role information corresponding to the role information according to the role information of the mobile terminal and a preset relation between the role information and the to-be-opened authority role information;
searching user group identification information containing the identification of the mobile terminal in a preset user group information table; the user group information table comprises a corresponding relation between the identification of the mobile terminal and the user group identification information;
searching user information of the to-be-opened authority corresponding to the user group identification information and the to-be-opened authority role information in a preset user group database; the user group database comprises corresponding relations of user group identification information, role information and user information;
controlling the data authority of the user with the authority to be opened to the mobile terminal; and the user with the right to be opened is a user corresponding to the user information with the right to be opened.
2. The method of claim 1, wherein obtaining the to-be-opened authority role information corresponding to the role information according to the role information of the mobile terminal and a preset relationship between the role information and the to-be-opened authority role information comprises:
searching a preset authority table according to the role information of the mobile terminal, and acquiring hierarchy information of a tree structure corresponding to the role information of the mobile terminal; the authority table comprises a corresponding relation between role information and hierarchy information of a tree structure;
searching a preset tree structure storage table according to the hierarchy information of the tree structure to acquire the role information of the authority to be opened; the tree structure storage table includes a relationship corresponding to hierarchy information and role information of the tree structure.
3. The method of claim 1, wherein obtaining the to-be-opened authority role information corresponding to the role information according to the role information of the mobile terminal and a preset relationship between the role information and the to-be-opened authority role information comprises:
and acquiring the role information of the authority to be opened corresponding to the role information according to the role information of the mobile terminal and the relational expression of the role information and the role information of the authority to be opened.
4. The method of claim 1, further comprising:
receiving a data acquisition request sent by the mobile terminal;
and acquiring the data of the user with the right to be opened according to the data acquisition request, and sending the data to the mobile terminal.
5. The method according to any of claims 1-4, wherein the user group database comprises correspondences of user group identification information, role information, and user identifications;
and the user information of the right to be opened is a user identifier.
6. A user data right control apparatus, comprising:
the first obtaining unit is used for searching a preset role information table according to the identification of the mobile terminal when receiving an access permission request sent by the mobile terminal, and obtaining the role information of the mobile terminal; the authority access request comprises an identifier of the mobile terminal, and the role information table comprises a corresponding relation between the identifier of the mobile terminal and the role information;
the second acquisition unit is used for acquiring the role information of the authority to be opened corresponding to the role information according to the role information of the mobile terminal and the preset relation between the role information and the role information of the authority to be opened;
a first searching unit, configured to search, in a preset user group information table, user group identification information including an identification of the mobile terminal; the user group information table comprises a corresponding relation between the identification of the mobile terminal and the user group identification information;
the second searching unit is used for searching user information of the permission to be opened corresponding to the user group identification information and the role information of the permission to be opened in a preset user group database; the user group database comprises corresponding relations of user group identification information, role information and user information;
the authority control unit is used for controlling the data authority of the user with the authority to be opened to the mobile terminal; and the user with the right to be opened is a user corresponding to the user information with the right to be opened.
7. The apparatus of claim 6, wherein the second obtaining unit is further configured to:
searching a preset authority table according to the role information of the mobile terminal, and acquiring hierarchy information of a tree structure corresponding to the role information of the mobile terminal; the authority table comprises a corresponding relation between role information and hierarchy information of a tree structure;
searching a preset tree structure storage table according to the hierarchy information of the tree structure to acquire the role information of the authority to be opened; the tree structure storage table includes a relationship corresponding to hierarchy information and role information of the tree structure.
8. The apparatus of claim 6, wherein the second obtaining unit is further configured to:
and acquiring the role information of the authority to be opened corresponding to the role information according to the role information of the mobile terminal and the relational expression of the role information and the role information of the authority to be opened.
9. The apparatus of claim 6, wherein the apparatus comprises:
a receiving unit, configured to receive a data acquisition request sent by the mobile terminal;
and the third acquisition unit is used for acquiring the data of the user with the right to be opened according to the data acquisition request and sending the data to the mobile terminal.
10. The apparatus according to any of claims 6-9, wherein the user group database comprises correspondences of user group identification information, role information, and user identifications;
and the user information of the right to be opened is a user identifier.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610710737.1A CN107770146B (en) | 2016-08-23 | 2016-08-23 | User data authority control method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610710737.1A CN107770146B (en) | 2016-08-23 | 2016-08-23 | User data authority control method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107770146A CN107770146A (en) | 2018-03-06 |
| CN107770146B true CN107770146B (en) | 2020-06-26 |
Family
ID=61264725
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610710737.1A Active CN107770146B (en) | 2016-08-23 | 2016-08-23 | User data authority control method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107770146B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110808964A (en) * | 2019-10-22 | 2020-02-18 | 贵阳朗玛信息技术股份有限公司 | Authority management method and device |
| CN111027091B (en) * | 2019-11-13 | 2022-04-22 | 北京字节跳动网络技术有限公司 | Method, device, medium and electronic equipment for managing authority |
| CN111241526B (en) * | 2019-12-31 | 2022-11-22 | 深圳云天励飞技术有限公司 | Data permission matching method and device, electronic equipment and storage medium |
| CN112465476A (en) * | 2020-12-17 | 2021-03-09 | 中国农业银行股份有限公司 | Access control method, device, equipment and medium |
| CN112733162A (en) * | 2020-12-31 | 2021-04-30 | 北京乐学帮网络技术有限公司 | Resource allocation method, device, computer equipment and storage medium |
| CN114884733A (en) * | 2022-05-10 | 2022-08-09 | 中国农业银行股份有限公司 | Authority management method and device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101441688A (en) * | 2007-11-20 | 2009-05-27 | 阿里巴巴集团控股有限公司 | User authority allocation method and user authority control method |
| CN101582767A (en) * | 2009-06-24 | 2009-11-18 | 阿里巴巴集团控股有限公司 | Authorization control method and authorization server |
| US7904556B2 (en) * | 2002-03-05 | 2011-03-08 | Computer Associates Think, Inc. | Method and apparatus for role grouping by shared resource utilization |
| CN102456103A (en) * | 2010-10-26 | 2012-05-16 | 王芳 | Improved RBAC (Role Based Access Control) model |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101207639A (en) * | 2007-12-03 | 2008-06-25 | 华为技术有限公司 | Method and apparatus of classifying for user |
| CN101247395B (en) * | 2008-03-13 | 2011-03-16 | 武汉理工大学 | ISAPI access control system for Session ID fully transparent transmission |
-
2016
- 2016-08-23 CN CN201610710737.1A patent/CN107770146B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7904556B2 (en) * | 2002-03-05 | 2011-03-08 | Computer Associates Think, Inc. | Method and apparatus for role grouping by shared resource utilization |
| CN101441688A (en) * | 2007-11-20 | 2009-05-27 | 阿里巴巴集团控股有限公司 | User authority allocation method and user authority control method |
| CN101582767A (en) * | 2009-06-24 | 2009-11-18 | 阿里巴巴集团控股有限公司 | Authorization control method and authorization server |
| CN102456103A (en) * | 2010-10-26 | 2012-05-16 | 王芳 | Improved RBAC (Role Based Access Control) model |
Non-Patent Citations (1)
| Title |
|---|
| 多组织多用户条件下基于角色的访问控制;孙群;《中国优秀硕士学位论文全文数据库 信息科技辑》;20051215(第8期);第I139-81页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107770146A (en) | 2018-03-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107770146B (en) | User data authority control method and device | |
| JP6752969B2 (en) | Methods, devices and servers for account login | |
| US9544726B2 (en) | Adding location names using private frequent location data | |
| CN110569657B (en) | Data access method, device, equipment and storage medium | |
| US20160232374A1 (en) | Permission control method and apparatus | |
| CN105404819A (en) | Data access control method and apparatus and terminal | |
| CN109788037B (en) | Cluster management method, device and system and computer storage medium | |
| US20160092887A1 (en) | Application license distribution and management | |
| CN107465687B (en) | Method, device and terminal for realizing permission configuration | |
| CN107730375B (en) | Tax map management method, system and terminal equipment | |
| CN111966866A (en) | Data asset management method and device | |
| CN111460496A (en) | Permission configuration method based on user role, electronic device and storage medium | |
| CN114666159A (en) | Cloud service system, method, device, equipment and medium | |
| US20190095536A1 (en) | Method and device for content recommendation and computer readable storage medium | |
| TWI716385B (en) | Authentication method and authentication device | |
| CN111142799A (en) | Distributed storage method and device, network node and storage medium | |
| CN111324799B (en) | Search request processing method and device | |
| WO2018152978A1 (en) | Method and device for prompting change of account-bound telephone number and computer storage medium | |
| CN111177700A (en) | Method and device for controlling row-level authority | |
| US11687627B2 (en) | Media transit management in cyberspace | |
| CN110851185A (en) | Automatic configuration method and device for equipment, electronic equipment and storage medium | |
| CN113486401A (en) | Method, device, equipment and medium for verifying access authority | |
| Jha et al. | A framework for addressing data privacy issues in e-governance projects | |
| CN112948811A (en) | Block chain-based user authorization information processing method, device, medium and system | |
| CN111159759A (en) | Mixed sensitive information discovery method and device based on black and white list and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |