CN108090374A - A kind of multi User Privilege Management method and system - Google Patents
A kind of multi User Privilege Management method and system Download PDFInfo
- Publication number
- CN108090374A CN108090374A CN201810019582.6A CN201810019582A CN108090374A CN 108090374 A CN108090374 A CN 108090374A CN 201810019582 A CN201810019582 A CN 201810019582A CN 108090374 A CN108090374 A CN 108090374A
- Authority
- CN
- China
- Prior art keywords
- user
- identity
- password
- permission
- user name
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses a kind of multi User Privilege Management method and system, this method is used to test user name and whether password is correct;If so, according to the correspondence between user name and system identity, the corresponding identity of the user name is determined;Corresponding system permission is determined for the identity, and shows the corresponding display content of the system permission.It is achieved thereby that the more rights management different contents of multi-user; also the password of user is encrypted simultaneously; it is deposited in the form of ciphertext in the database; prevent the leakage of user password; different users is due to the difference of permission; so the content that can be browsed and the operation being managed are also different, this protects the content of other users to a certain extent, is also more favorable for managing and safeguard and has played the role of good security and confidentiality.
Description
Technical field
This application involves system management technologies field more particularly to a kind of multi User Privilege Management method and system.
Background technology
With computer technology development at full speed and the expansion of application field, particularly computer network and e-commerce
Development, greatly change the management mode of account management, can be provided for client conveniently, fast, safe service.
But most customer account management management (English:Customer Relationship Management, referred to as:
CRM) system is all single user management, but also cannot browse and manage different contents, so relatively simple, and
User password is also plaintext, it is easy to reveal, some contents can only administrator see, and other user it can also be seen that
Cause security, confidentiality bad, be unfavorable for managing to a certain extent, nor beneficial to maintenance.
The content of the invention
The present invention provides a kind of multi User Privilege Management method and system, to solve crm system power in the prior art
It is single to limit way to manage, and there are problems that security.
Its specific technical solution is as follows:
A kind of multi User Privilege Management method, the described method includes:
When getting user name input by user and password, verify whether the user name and password are correct;
If so, according to the correspondence between user name and system identity, the corresponding identity of the user name is determined;
Corresponding system permission is determined for the identity, and shows the corresponding display content of the system permission.
Optionally, determine corresponding system permission for the identity, and show the corresponding display content of the system permission,
Including:
Whether it is the identity distribution system permission in decision-making system in the corresponding identity of definite user name;
If unallocated system permission then shows the page without any content;
If distribution system permission, then the corresponding display content of the system permission is shown in the page.
Optionally, the method further includes:
User name input by user and password are being got, password input by user is being carried out by Advanced Encryption Standard
Encryption;
And encrypted password is stored in the database in the form of ciphertext.
Optionally, after the corresponding display content of the system permission is shown, the method further includes:
Detect whether the instruction for being added and binding to active coding there are user;
If in the presence of the active coding of addition or user bound input.
Optionally, after the corresponding display content of the system permission is shown, the method further includes:
Obtain the instruction for transferring system log;
According to described instruction, the corresponding system log of the user is transferred out, and shows the system log.
A kind of multi User Privilege Management system, the system comprises:
Authentication module, for when getting user name input by user and password, verifying the user name and close
Whether code is correct;
Processing module during for when being verified, getting user name input by user and password, verifies the use
Whether name in an account book and password are correct;
Optionally, the processing module, specifically in the corresponding identity of definite user name, in decision-making system whether be
The identity distribution system permission;If unallocated system permission then shows the page without any content;If distribution system is weighed
Limit, then show the corresponding display content of the system permission in the page.
Optionally, the processing module is additionally operable to getting user name input by user and password, and user is inputted
Password be encrypted by Advanced Encryption Standard;And encrypted password is stored in the database in the form of ciphertext.
Optionally, the processing module is additionally operable to detect whether what is be added active coding there are user and bind
Instruction;If in the presence of the active coding of addition or user bound input.
Optionally, the processing module is additionally operable to obtain the instruction for transferring system log;According to described instruction, transfer out
The corresponding system log of the user, and show the system log.
By scheme provided by the present invention, system verifies whether the user name and password are correct;If so, according to
Correspondence between user name and system identity determines the corresponding identity of user name;Corresponding system is determined for the identity
Permission, and show the corresponding display content of the system permission.It is achieved thereby that the more rights management different contents of multi-user, simultaneously
Also the password of user is encrypted, is deposited in the form of ciphertext in the database, it is therefore prevented that the leakage of user password, it is different
User is due to the difference of permission, so the content that can be browsed and the operation being managed are also different, this is protected to a certain extent
The content of other users has been protected, has also been more favorable for managing and safeguard and played the role of good security and confidentiality.
Description of the drawings
Fig. 1 is a kind of flow chart of multi User Privilege Management method in the embodiment of the present invention;
Fig. 2 is a kind of structure diagram of multi User Privilege Management system in the embodiment of the present invention.
Specific embodiment
Technical solution of the present invention is described in detail below by attached drawing and specific embodiment, it should be understood that this hair
Particular technique feature in bright embodiment and embodiment is the explanation rather than restriction to technical solution of the present invention, not
In the case of conflict, the particular technique feature in the embodiment of the present invention and embodiment can be mutually combined.
It is as shown in Figure 1 a kind of flow chart of multi User Privilege Management method in the embodiment of the present invention, this method includes:
S101 when getting user name input by user and password, verifies whether user name and password are accurate;
Within the system, user can input user name and password come login system by login interface.
After user name input by user and password is detected, system will test user name and password system
Card.When being verified, system will perform S102, if user name and password authentification are obstructed out-of-date, perform S104.
Further, in embodiments of the present invention, in order to ensure the security of the password of user, which will input user
Password be encrypted by Advanced Encryption Standard AES, then by encrypted password storage into database, by this way into
After row encryption, the user password in system cannot be checked at will, so as to ensure that the security of user password.
S102 according to the correspondence between user name and system identity, determines the corresponding identity of user name;
In embodiments of the present invention, each user is managed for convenience, so in systems to each legal use
An identity is all distributed at family, which determines the operation that user can perform in systems, so definite input by user
After user name and password are legal, identity just is carried out to the user's name and is determined.
S103 determines corresponding system permission, and the corresponding display content of display system permission for the identity;
S104 prompts user to re-enter user name and password.
After the corresponding identity of definite the user, system will determine corresponding system permission according to identity.Specifically,
Determine whether system is the identity distribution system permission, if having been allocated for system permission, then system is shown in the page first
The corresponding display content of permission of uniting, if unallocated system permission, then shows the page without any content.
Briefly, permission is distributed for client, then the corresponding content of permission can be shown in the page, if not weighing
Limit does not show any content then, so ensures the security of system for content.
Certainly, come except through permission outside display content, different contents can also be shown by switch operators.
Corresponding operator is namely determined according to identity, so as to show different contents based on the difference of operator.
Further, in embodiments of the present invention, system can detect in real time user whether be active coding be added or
Bindings, if be added the either instruction of binding to active coding there are user, then according to activation input by user
Code is added and bindings.Except of course that outside addition and binding, user can also convert active coding, with
And the operations such as active coding presence adjustment are carried out to active coding, it can so facilitate rapid and convenient pipe of the user to active coding
Reason.
Further, in embodiments of the present invention, if user needs to transfer system log, acquisition is transferred system by system
The instruction of daily record according to the instruction, transfers out the corresponding system log of the user, and show the system log so that it is convenient to
System is investigated, and also makes system maintenance enhanced convenience quick.
By scheme provided by the present invention, system verifies whether the user name and password are correct;If so, according to
Correspondence between user name and system identity determines the corresponding identity of user name;Corresponding system is determined for the identity
Permission, and show the corresponding display content of the system permission.It is achieved thereby that the more rights management different contents of multi-user, simultaneously
Also the password of user is encrypted, is deposited in the form of ciphertext in the database, it is therefore prevented that the leakage of user password, it is different
User is due to the difference of permission, so the content that can be browsed and the operation being managed are also different, this is protected to a certain extent
The content of other users has been protected, has also been more favorable for managing and safeguard and played the role of good security and confidentiality.
In addition, additionally providing a kind of multi User Privilege Management system in the embodiment of the present invention, it is illustrated in figure 2 of the invention real
Applying a kind of structure diagram of multi User Privilege Management system, the system in example includes:
Authentication module 201, for when getting user name input by user and password, verify the user name and
Whether password is correct;
Processing module 202, for when being verified, according to the correspondence between user name and system identity, determining
The corresponding identity of the user name;Corresponding system permission is determined for the identity, and shows that the system permission is corresponding aobvious
Show content.
Further, in embodiments of the present invention, the processing module 202, specifically in the corresponding body of definite user name
Whether it is the identity distribution system permission in decision-making system during part;If unallocated system permission is then shown without any content
The page;If distribution system permission, then the corresponding display content of the system permission is shown in the page.
Further, in embodiments of the present invention, the processing module 202 is additionally operable to getting user input by user
Name and password, password input by user is encrypted by Advanced Encryption Standard;And by encrypted password with the shape of ciphertext
Formula stores in the database.
Further, in embodiments of the present invention, the processing module 202 is additionally operable to detect whether there are user to activation
The instruction that code is added and binds;If in the presence of the active coding of addition or user bound input.
Further, in embodiments of the present invention, the processing module 202 is additionally operable to obtain the instruction for transferring system log;
According to described instruction, the corresponding system log of the user is transferred out, and shows the system log.
Although the preferred embodiment of the application has been described, one of ordinary skilled in the art once knows substantially
Creative concept can then make these embodiments other change and modification.So appended claims are intended to be construed to wrap
It includes preferred embodiment and falls into all change and modification of the application scope, including determining vertex using special symbol, mark
Wait changes mode.
Obviously, those skilled in the art can carry out the application essence of the various modification and variations without departing from the application
God and scope.In this way, if these modifications and variations of the application belong to the scope of the application claim and its equivalent technologies
Within, then the application is also intended to comprising including these modification and variations.
Claims (10)
- A kind of 1. multi User Privilege Management method, which is characterized in that the described method includes:When getting user name input by user and password, verify whether the user name and password are correct;If so, according to the correspondence between user name and system identity, the corresponding identity of the user name is determined;Corresponding system permission is determined for the identity, and shows the corresponding display content of the system permission.
- 2. the method as described in claim 1, which is characterized in that determine corresponding system permission for the identity, and show institute The corresponding display content of system permission is stated, including:Whether it is the identity distribution system permission in decision-making system in the corresponding identity of definite user name;If unallocated system permission then shows the page without any content;If distribution system permission, then the corresponding display content of the system permission is shown in the page.
- 3. the method as described in claim 1, which is characterized in that the method further includes:User name input by user and password are being got, password input by user is being added by Advanced Encryption Standard It is close;And encrypted password is stored in the database in the form of ciphertext.
- 4. the method as described in claim 1, which is characterized in that after the corresponding display content of the system permission is shown, The method further includes:Detect whether the instruction for being added and binding to active coding there are user;If in the presence of the active coding of addition or user bound input.
- 5. the method as described in claim 1, which is characterized in that after the corresponding display content of the system permission is shown, The method further includes:Obtain the instruction for transferring system log;According to described instruction, the corresponding system log of the user is transferred out, and shows the system log.
- 6. a kind of multi User Privilege Management system, which is characterized in that the system comprises:Authentication module, for when getting user name input by user and password, verifying that the user name and password be It is no correct;Processing module, for when being verified, according to the correspondence between user name and system identity, determining the user The corresponding identity of name;Corresponding system permission is determined for the identity, and shows the corresponding display content of the system permission.
- 7. system as claimed in claim 6, which is characterized in that the processing module, specifically for being corresponded in definite user name Identity when, whether be the identity distribution system permission in decision-making system;If unallocated system permission is then shown without any The page of content;If distribution system permission, then the corresponding display content of the system permission is shown in the page.
- 8. system as claimed in claim 6, which is characterized in that the processing module, be additionally operable to get it is input by user Password input by user is encrypted by Advanced Encryption Standard for user name and password;And by encrypted password with ciphertext Form storage in the database.
- 9. system as claimed in claim 6, which is characterized in that the processing module is additionally operable to detect whether that there are users couple The instruction that active coding is added and binds;If in the presence of the active coding of addition or user bound input.
- 10. system as claimed in claim 6, which is characterized in that the processing module is additionally operable to obtain and transfers system log Instruction;According to described instruction, the corresponding system log of the user is transferred out, and shows the system log.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810019582.6A CN108090374A (en) | 2018-01-09 | 2018-01-09 | A kind of multi User Privilege Management method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810019582.6A CN108090374A (en) | 2018-01-09 | 2018-01-09 | A kind of multi User Privilege Management method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108090374A true CN108090374A (en) | 2018-05-29 |
Family
ID=62181849
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810019582.6A Pending CN108090374A (en) | 2018-01-09 | 2018-01-09 | A kind of multi User Privilege Management method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108090374A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110378087A (en) * | 2019-07-24 | 2019-10-25 | 四川爱创科技有限公司 | Self-service terminal management method and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1464402A (en) * | 2002-06-10 | 2003-12-31 | 联想(北京)有限公司 | User identification confirmation and operation conferring process |
| CN102004866A (en) * | 2009-09-01 | 2011-04-06 | 上海杉达学院 | Method and device for user identity verification and access control of information system |
| CN102043993A (en) * | 2009-10-13 | 2011-05-04 | 上海虹迪物流配送有限公司 | System control method for transport management system |
| CN104980570A (en) * | 2014-04-11 | 2015-10-14 | 昆山研达电脑科技有限公司 | Multi-user personalized configuration method for mobile equipment |
| CN106815503A (en) * | 2017-02-24 | 2017-06-09 | 郑州云海信息技术有限公司 | A kind of operating system method for managing user right and system |
| CN107342992A (en) * | 2017-06-27 | 2017-11-10 | 努比亚技术有限公司 | A kind of System right management method, apparatus and computer-readable recording medium |
-
2018
- 2018-01-09 CN CN201810019582.6A patent/CN108090374A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1464402A (en) * | 2002-06-10 | 2003-12-31 | 联想(北京)有限公司 | User identification confirmation and operation conferring process |
| CN102004866A (en) * | 2009-09-01 | 2011-04-06 | 上海杉达学院 | Method and device for user identity verification and access control of information system |
| CN102043993A (en) * | 2009-10-13 | 2011-05-04 | 上海虹迪物流配送有限公司 | System control method for transport management system |
| CN104980570A (en) * | 2014-04-11 | 2015-10-14 | 昆山研达电脑科技有限公司 | Multi-user personalized configuration method for mobile equipment |
| CN106815503A (en) * | 2017-02-24 | 2017-06-09 | 郑州云海信息技术有限公司 | A kind of operating system method for managing user right and system |
| CN107342992A (en) * | 2017-06-27 | 2017-11-10 | 努比亚技术有限公司 | A kind of System right management method, apparatus and computer-readable recording medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110378087A (en) * | 2019-07-24 | 2019-10-25 | 四川爱创科技有限公司 | Self-service terminal management method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109522735B (en) | Data permission verification method and device based on intelligent contract | |
| US20200019714A1 (en) | Distributed data storage by means of authorisation token | |
| US9769137B2 (en) | Extensible mechanism for securing objects using claims | |
| US8417964B2 (en) | Software module management device and program | |
| US20140007215A1 (en) | Mobile applications platform | |
| CN115391749A (en) | Method and system for protecting computer software using distributed hash table and blockchain | |
| CN103605930A (en) | Double file anti-divulging method and system based on HOOK and filtering driving | |
| CN105516110A (en) | Mobile equipment secure data transmission method | |
| WO2003038578A2 (en) | User access control to distributed resources on a data communications network | |
| CN108123795A (en) | Distributing method, application process, publishing platform and the system of quantum key chip | |
| US9942047B2 (en) | Controlling application access to mobile device functions | |
| US8060464B2 (en) | Data-centric distributed computing | |
| US20170171192A1 (en) | Managing exchanges of sensitive data | |
| CN102685122B (en) | The method of the software protection based on cloud server | |
| Noctor | PSD2: Is the banking industry prepared? | |
| US8863241B2 (en) | System and method for managing usage rights of software applications | |
| CN105450581A (en) | Authority control method and device | |
| US9443067B1 (en) | System for the distribution and deployment of applications, with provisions for security and policy conformance | |
| CN109766708B (en) | Data resource access method, system, computer system and storage medium | |
| CN102202306A (en) | Mobile security authentication terminal and method | |
| CN105450750A (en) | Secure interaction method for intelligent terminal | |
| CN101414913A (en) | Computer network authentication system and method based on virtual technology | |
| CN106951795A (en) | A kind of application data access partition method and device | |
| CN115730338A (en) | Zero-trust sensitive big data cross-domain sharing method and device based on privacy calculation | |
| KR20120067105A (en) | Social verification login system being possible to verify user and providing method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180529 |