CN107992767A - A kind of authority control method based on more cloud platforms - Google Patents
A kind of authority control method based on more cloud platforms Download PDFInfo
- Publication number
- CN107992767A CN107992767A CN201711222430.8A CN201711222430A CN107992767A CN 107992767 A CN107992767 A CN 107992767A CN 201711222430 A CN201711222430 A CN 201711222430A CN 107992767 A CN107992767 A CN 107992767A
- Authority
- CN
- China
- Prior art keywords
- function
- role
- association
- overall leadership
- system under
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The present invention relates to cloudy platform management technical field, particularly a kind of authority control method based on more cloud platforms.Method of the present invention is to set system under the overall leadership, and multiple cloud platforms, which are unified in system under the overall leadership, carries out control of authority;Specific steps include step 1:All function points of system under the overall leadership are concluded, establish simultaneously function of initializing table;Step 2:According to the role needed for business function requirement definition, establish and initialize role's table;Step 3:Establish and initialize role and function association table;Step 4:According to contingency table, system under the overall leadership carries out corresponding authority limitation to different roles.The present invention solves cloudy platform power control complexity, can not uniformly set the authority of more cloud platforms, cause the problems such as waste of human resource;It can be applied to cloudy platform power unified management environment.
Description
Technical field
The present invention relates to cloudy platform management technical field, particularly a kind of authority control method based on more cloud platforms.
Background technology
Due to cloud computing fast development for many years, large quantities of ripe cloud computing platforms have been emerged in large numbers, these cloud platforms are carried
The function of confession is similar.Many large enterprises or government organs, all dispose the cloud platform of multiple and different brands, and these clouds
Platform each has a set of authority control method;Thus there are following hidden danger:
First, the function that each cloud platform provides is similar, but its control of authority page, api interface are not consistent,
It can not be managed collectively.
Second, each cloud platform is required for single expert engineer to carry out rights management, waste of human resource is caused.
The content of the invention
Present approach provides a kind of authority control method based on more cloud platforms, solves cloudy platform power control
Complexity, can not uniformly set the authority of more cloud platforms, the problems such as causing waste of human resource.
The present invention solve above-mentioned technical problem technical solution be:
The method is to set system under the overall leadership, and multiple cloud platforms, which are unified in system under the overall leadership, carries out control of authority;Specifically
Step is as follows:
Step 1:All function points of system under the overall leadership are concluded, establish simultaneously function of initializing table;
Step 2:According to the role needed for business function requirement definition, establish and initialize role's table;
Step 3:Establish and initialize role and function association table;
Step 4:According to contingency table, system under the overall leadership carries out corresponding authority limitation to different roles.
The system under the overall leadership, refers to the system of the multiple cloud platform infrastructure of unified management, all cloud platforms
All registered in system under the overall leadership;The various functions of cloud platform are all operated by this system, and system under the overall leadership contains different clouds
The all functions operation of platform.
The foundation and function of initializing table, refer to the association attributes according to function, define the table structure of its database,
And created, then all functions point summarized in system under the overall leadership is inserted into menu.
The step 2 is according to specific institutional framework, is classified to user;According to business demand, for each
A role, defines its exercisable envelop of function, which function point is specifically included;And according to the association attributes of role, define it
The table structure of database, is created, and then all roles gone out according to business function requirement definition are inserted into role's table;
The step 3 refers to the association attributes according to role and function association, defines the table structure of its database, goes forward side by side
Row creates, and then the association of the corresponding function point of each role is inserted into role and function association table.
The step 4 refers to, according to the current character of system currently logged on user under the overall leadership and associating for menu, only permit
Perhaps the function point of the current user operation role association.
Beneficial effects of the present invention are as follows:
The method of the present invention provides a kind of method of the control of authority based on more cloud platforms, solves cloudy platform power control
Complexity, can not uniformly set the authority of more cloud platforms, cause the problems such as waste of human resource;Under unified management, can effectively it reduce
Human resources are put into, and simplify the control of authority of more cloud platforms.
Brief description of the drawings
The present invention is further described below in conjunction with the accompanying drawings:
Fig. 1 is flow chart of the present invention.
Embodiment
Flow chart as shown in Figure 1, the description of specific embodiment below the present invention to establish and function of initializing table, role
Table, function and role association table, carry out different roles corresponding authority limitation core interface to illustrate implementation method, specifically
Implementation process is as follows:
1st, establish and function of initializing table code is as follows:
Establish menu:
According to actual functional capability, function of initializing table:
INSERT INTO`gcloud_cloud_manager`.`gcm_function`(`id`,`parentId`,`
Name`, `url`, `description`, `disabled`) VALUES (' 05', NULL, ' Server', NULL, ' cloud service
Device ', ' 0');
INSERT INTO`gcloud_cloud_manager`.`gcm_function`(`id`,`parentId`,`
Name`, `url`, `description`, `disabled`) VALUES (' 06', NULL, ' Storage', NULL, ' storage money
Source ', ' 0');
INSERT INTO`gcloud_cloud_manager`.`gcm_function`(`id`,`parentId`,`
Name`, `url`, `description`, `disabled`) VALUES (' 07', NULL, ' Network', NULL, ' network money
Source ', ' 0');
INSERT INTO`gcloud_cloud_manager`.`gcm_function`(`id`,`parentId`,`
Name`, `url`, `description`, `disabled`) VALUES (' 08', NULL, ' Image', NULL, ' mirror image pipe
Reason ', ' 0');
2nd, establish and to initialize role's table code as follows:
Establish role's table:
According to actual role, role's table is initialized:
INSERT INTO`gcloud_cloud_manager`.`gcm_role`(`id`,`name`,`creator`,`
scope`,`description`,`createTime`,`isSuperAdmin`)VALUES('
7d4581b36e454f5d9dfbd8b54d775e5a', ' system manager ', '
29fd7212dcb04247b533850d6ce9b5fc', ' 0', ' system manager ', ' 2017-10-10 20:30:37','
1');
INSERT INTO`gcloud_cloud_manager`.`gcm_role`(`id`,`name`,`creator`,`
scope`,`description`,`createTime`,`isSuperAdmin`)VALUES('
7d4581b36e454f5d9dfbd8b54d775e5b', ' department manager ', '
29fd7212dcb04247b533850d6ce9b5fc', ' 1', ' department manager ', ' 2017-10-10 20:30:37','
0');
INSERT INTO`gcloud_cloud_manager`.`gcm_role`(`id`,`name`,`creator`,`
scope`,`description`,`createTime`,`isSuperAdmin`)VALUES('
7d4581b36e454f5d9dfbd8b54d775e5c', ' Project Manager ', '
29fd7212dcb04247b533850d6ce9b5fc', ' 2', ' Project Manager ', ' 2017-10-10 20:30:37','
0');
INSERT INTO`gcloud_cloud_manager`.`gcm_role`(`id`,`name`,`creator`,`
scope`,`description`,`createTime`,`isSuperAdmin`)VALUES('
7d4581b36e454f5d9dfbd8b54d775e5d', ' department rank and file ', '
29fd7212dcb04247b533850d6ce9b5fc', ' 1', ' common sector member ', ' 2017-10-10 20:30:37','
0');INSERT INTO`gcloud_cloud_manager`.`gcm_role`(`id`,`name`,`creator`,`scope
`,`description`,`createTime`,`isSuperAdmin`)VALUES('
7d4581b36e454f5d9dfbd8b54d775e5e', ' project rank and file ', '
29fd7212dcb04247b533850d6ce9b5fc', ' 2', ' common sector member ', ' 2017-10-10 20:30:37','
0');
3rd, establish and function of initializing and role association table code are as follows:
Establish function and role association table:
According to actual functional capability and role association, function of initializing and role association table:
INSERT INTO`gcloud_cloud_manager`.`gcm_role_function`(`id`,`roleId`,`
functionId`)VALUES('771','7d4581b36e454f5d9dfbd8b54d775e5e','01');
INSERT INTO`gcloud_cloud_manager`.`gcm_role_function`(`id`,`roleId`,`
functionId`)VALUES('772','7d4581b36e454f5d9dfbd8b54d775e5e','03');
INSERT INTO`gcloud_cloud_manager`.`gcm_role_function`(`id`,`roleId`,`
functionId`)VALUES('773','7d4581b36e454f5d9dfbd8b54d775e5e','0302');
4th, it is as follows to the different corresponding authority constrained codes of role's progress:
Whole flow process terminates.
Claims (10)
- A kind of 1. authority control method based on more cloud platforms, it is characterised in that:The method is to set system under the overall leadership, multiple Cloud platform, which is unified in system under the overall leadership, carries out control of authority;Comprise the following steps that:Step 1:All function points of system under the overall leadership are concluded, establish simultaneously function of initializing table;Step 2:According to the role needed for business function requirement definition, establish and initialize role's table;Step 3:Establish and initialize role and function association table;Step 4:According to contingency table, system under the overall leadership carries out corresponding authority limitation to different roles.
- 2. according to the method described in claim 1, it is characterized in that:The system under the overall leadership, refers to the system of the multiple cloud platform infrastructure of unified management, and all cloud platforms all exist Registered in system under the overall leadership;The various functions of cloud platform are all operated by this system, and system under the overall leadership contains different cloud platforms All functions operation.
- 3. according to the method described in claim 1, it is characterized in that:The foundation and function of initializing table, refer to the association attributes according to function, define the table structure of its database, go forward side by side Row creates, and then all functions point summarized in system under the overall leadership is inserted into menu.
- 4. according to the method described in claim 2, it is characterized in that:The foundation and function of initializing table, refer to the association attributes according to function, define the table structure of its database, go forward side by side Row creates, and then all functions point summarized in system under the overall leadership is inserted into menu.
- 5. method according to any one of claims 1 to 4, it is characterised in that:The step 2 is according to specific institutional framework, is classified to user;According to business demand, for each angle Color, defines its exercisable envelop of function, which function point is specifically included;And according to the association attributes of role, define its data The table structure in storehouse, is created, and then all roles gone out according to business function requirement definition are inserted into role's table;
- 6. method according to any one of claims 1 to 4, it is characterised in that:The step 3 refers to the association attributes according to role and function association, defines the table structure of its database, and is created Build, then the association of the corresponding function point of each role is inserted into role and function association table.
- 7. according to the method described in claim 5, it is characterized in that:The step 3 refers to the association attributes according to role and function association, defines the table structure of its database, and is created Build, then the association of the corresponding function point of each role is inserted into role and function association table.
- 8. method according to any one of claims 1 to 4, it is characterised in that:The step 4 refers to according to the current character of system currently logged on user under the overall leadership and associating for menu, only allows to work as The function point of the preceding user's operation role association.
- 9. according to the method described in claim 5, it is characterized in that:The step 4 refers to according to the current character of system currently logged on user under the overall leadership and associating for menu, only allows to work as The function point of the preceding user's operation role association.
- 10. according to the method described in claim 7, it is characterized in that:The step 4 refers to according to the current character of system currently logged on user under the overall leadership and associating for menu, only allows to work as The function point of the preceding user's operation role association.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711222430.8A CN107992767A (en) | 2017-11-29 | 2017-11-29 | A kind of authority control method based on more cloud platforms |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711222430.8A CN107992767A (en) | 2017-11-29 | 2017-11-29 | A kind of authority control method based on more cloud platforms |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107992767A true CN107992767A (en) | 2018-05-04 |
Family
ID=62033988
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711222430.8A Withdrawn CN107992767A (en) | 2017-11-29 | 2017-11-29 | A kind of authority control method based on more cloud platforms |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107992767A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108923991A (en) * | 2018-08-15 | 2018-11-30 | 国云科技股份有限公司 | A kind of policy template implementation method based on cloudy platform |
CN108933699A (en) * | 2018-07-16 | 2018-12-04 | 国云科技股份有限公司 | A kind of cloudy platform message method based on message template |
CN109067756A (en) * | 2018-08-20 | 2018-12-21 | 国云科技股份有限公司 | A kind of user's synchronization and authority control method suitable for cloudy management |
CN109213478A (en) * | 2018-09-13 | 2019-01-15 | 国云科技股份有限公司 | A method of the self-defined template based on cloudy platform creates application |
CN109710486A (en) * | 2018-11-28 | 2019-05-03 | 国云科技股份有限公司 | A method of the customized example warning strategies based on cloudy platform |
CN114124524A (en) * | 2021-11-19 | 2022-03-01 | 国云科技股份有限公司 | Cloud platform permission setting method and device, terminal equipment and storage medium |
WO2023087278A1 (en) * | 2021-11-19 | 2023-05-25 | 国云科技股份有限公司 | Cloud platform permission setting method and apparatus, terminal device, and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102571821A (en) * | 2012-02-22 | 2012-07-11 | 浪潮电子信息产业股份有限公司 | Cloud security access control model |
CN103188269A (en) * | 2013-04-08 | 2013-07-03 | 汉柏科技有限公司 | Method for controlling user access permission in cloud platform |
CN106330575A (en) * | 2016-11-08 | 2017-01-11 | 上海有云信息技术有限公司 | Safety service platform and safety service deployment method |
-
2017
- 2017-11-29 CN CN201711222430.8A patent/CN107992767A/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102571821A (en) * | 2012-02-22 | 2012-07-11 | 浪潮电子信息产业股份有限公司 | Cloud security access control model |
CN103188269A (en) * | 2013-04-08 | 2013-07-03 | 汉柏科技有限公司 | Method for controlling user access permission in cloud platform |
CN106330575A (en) * | 2016-11-08 | 2017-01-11 | 上海有云信息技术有限公司 | Safety service platform and safety service deployment method |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108933699A (en) * | 2018-07-16 | 2018-12-04 | 国云科技股份有限公司 | A kind of cloudy platform message method based on message template |
CN108923991A (en) * | 2018-08-15 | 2018-11-30 | 国云科技股份有限公司 | A kind of policy template implementation method based on cloudy platform |
CN109067756A (en) * | 2018-08-20 | 2018-12-21 | 国云科技股份有限公司 | A kind of user's synchronization and authority control method suitable for cloudy management |
CN109213478A (en) * | 2018-09-13 | 2019-01-15 | 国云科技股份有限公司 | A method of the self-defined template based on cloudy platform creates application |
CN109710486A (en) * | 2018-11-28 | 2019-05-03 | 国云科技股份有限公司 | A method of the customized example warning strategies based on cloudy platform |
CN114124524A (en) * | 2021-11-19 | 2022-03-01 | 国云科技股份有限公司 | Cloud platform permission setting method and device, terminal equipment and storage medium |
WO2023087278A1 (en) * | 2021-11-19 | 2023-05-25 | 国云科技股份有限公司 | Cloud platform permission setting method and apparatus, terminal device, and storage medium |
CN114124524B (en) * | 2021-11-19 | 2023-12-29 | 国云科技股份有限公司 | Cloud platform permission setting method and device, terminal equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107992767A (en) | A kind of authority control method based on more cloud platforms | |
CN102185901B (en) | Client message conversion method | |
CN105955208B (en) | Network robot data control system based on cloud platform | |
CN102622262B (en) | Distributed real-time interactive simulation system based on modelica modeling language | |
US20160261530A1 (en) | Moderating online discussion using graphical text analysis | |
CN105894159A (en) | Implementation method of cross-domain and cross-platform user unified management system | |
CN105278972A (en) | A system and method using a dynamic install package to allow users to fast become friends | |
CN104239122A (en) | VM (virtual machine) migration method and device | |
US20150066788A1 (en) | Social media integration platform | |
CN107888673A (en) | A kind of unified management implementation method suitable for isomery cloud platform | |
CN106716405A (en) | System, method and computer program product for injecting directly into a web browser commands and/or contents created on local desktop applications of a computer device, and vice-versa | |
CN104484058A (en) | Instant expression image outputting method and instant expression image outputting device | |
CN105808763A (en) | Data processing method and apparatus | |
CN103761388A (en) | HLA-based universal heterogeneous simulation system interconnection method | |
CN109840267B (en) | Data ETL system and method | |
CN107292136A (en) | A kind of pdf document anti-counterfei waterprint embedding grammar and system based on micro services | |
CN113177088B (en) | Multi-scale simulation big data management system for material irradiation damage | |
CN104123135B (en) | A kind of method and device of unified back office interface | |
CN104184791A (en) | Image effect extraction | |
CN109683917A (en) | For the method for being deployed in application server, equipment and medium will to be applied | |
CN107454456B (en) | Management control method and system for floating layer elements | |
CN106790347A (en) | A kind of large-scale concurrent data forwarding method based on netty | |
US20140181783A1 (en) | Component integration by distribution of schema definition on heterogenous platforms | |
CN103414791A (en) | Mobile application development cloud platform | |
CN102546809A (en) | Unified control method of large-scale server cluster |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20180504 |