CN109033775A - A kind of long-range control method and system of access authority - Google Patents
A kind of long-range control method and system of access authority Download PDFInfo
- Publication number
- CN109033775A CN109033775A CN201811020476.6A CN201811020476A CN109033775A CN 109033775 A CN109033775 A CN 109033775A CN 201811020476 A CN201811020476 A CN 201811020476A CN 109033775 A CN109033775 A CN 109033775A
- Authority
- CN
- China
- Prior art keywords
- access
- management
- user
- terminal
- authorization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000013475 authorization Methods 0.000 claims abstract description 61
- 230000005540 biological transmission Effects 0.000 claims description 23
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to rights management techniques fields, disclose the long-range control method and system of a kind of access authority, and the long-range control method includes: when user's sign-on access account has been identified in accessed end, and accessed end sends authorization requests to management end;After receiving the authorization requests, the management end generates corresponding authorization access instruction according to authorization requests and is sent to the accessed end;The accessed end assigns the corresponding access authority of user according to authorization access instruction.The embodiment of the present invention uses remote controlled manner to access authority, when there is user's access in accessed end, assigns corresponding access authority in management end by administrator for active user.In this way, user can log in accessed end using no pin mode, and administrator can customize different access authority for each user, it can either highly ensure the data security of accessed end, facilitate administrator again effectively to manage all users, significantly facilitates access of the user to accessed end.
Description
Technical Field
The invention relates to the technical field of terminals, in particular to a remote control method and a remote control system for access authority.
Background
With the wider and wider application of computers, modern society has gradually advanced to the information-oriented era. A large amount of data is input and output from the computer every day, so that the security of the data is correspondingly transferred to the security protection of the computer. Thus, access protection for personal and corporate PCs or notebooks is important.
At present, a plurality of user accounts are generally preset by an administrator, different use permissions are set for each user account, and different users need to input corresponding accounts and passwords to log in and use equipment. However, during the application process, the following problems exist in the method:
1. each user needs to accurately record the password, and actually forgets the password often, so that the password needs to be inquired or searched for obtaining, and the password is very inconvenient;
2. the number of preset user accounts is limited, and under the condition that the number of users is large and a plurality of different use authorities are needed, an administrator cannot respectively endow reasonable use authorities to each user.
Disclosure of Invention
The invention aims to provide a remote control method and a remote control system for access permission, which overcome the defects of permission management in the prior art.
In order to achieve the purpose, the invention adopts the following technical scheme:
a remote control method of access rights, the remote control method comprising:
when the accessed terminal identifies that a user logs in an access account, the accessed terminal sends an authorization request to the management terminal;
after receiving the authorization request, the management terminal generates a corresponding authorization access instruction according to the authorization request and sends the authorization access instruction to the accessed terminal;
and the accessed terminal endows the corresponding access authority to the user according to the authorized access instruction.
Optionally, the remote control method further includes: generating a corresponding access control table in advance according to all documents and software needing access authority control on the accessed terminal, wherein the access control table comprises a plurality of table entries, and each table entry corresponds to one document or one software;
the generation method of the authorized access instruction comprises the following steps: and at the management end, acquiring the selected current authorized access table entry in the access control table, and automatically generating an authorized access instruction according to the current authorized access table entry.
Optionally, the generation operation of the access control table may be performed at the accessed terminal or at the management terminal.
Optionally, the authorization request carries user-related information, where the user-related information includes at least one of identity information and access requirement information of the user.
Optionally, the authorized access instruction includes at least one of an authorized access content and an authorized access mode; the authorized access mode includes: single access or multiple access within a specified time period, read-only, edit, or copy mode.
Optionally, the remote control method further includes: and at the management end, at least one authorized access instruction template is generated and stored in advance for selective use.
A remote control system of access authority comprises a management terminal and at least one accessed terminal, wherein the management terminal is connected with the accessed terminal through a wired or wireless network;
the accessed terminal comprises: the device comprises an authorization request generating unit, a right management unit and a first information transmission unit; wherein,
the authorization request generating unit is used for acquiring user related information when a user login access account is identified, generating an authorization request and sending the authorization request to the management terminal through the first information transmission unit;
the authority management unit is used for giving corresponding access authority to the user according to the authorized access instruction from the management end;
the first information transmission unit is used for realizing the information transmission between the accessed terminal and the management terminal through a wired or wireless network;
the management terminal comprises an authorization instruction generating unit and a second information transmission unit; wherein,
the authorization instruction generating unit is used for generating a corresponding authorization access instruction according to the authorization request from the accessed terminal and sending the corresponding authorization access instruction to the accessed terminal through the second information transmission unit;
and the second information transmission unit is used for realizing the information transmission between the management terminal and the accessed terminal through a wired or wireless network.
Optionally, the management end further includes a management and control table management unit; the management and control table management unit is used for generating a corresponding access management and control table according to all documents and software which need to be subjected to access authority control on an accessed terminal, wherein the access management and control table comprises a plurality of table entries, and each table entry corresponds to one document or one piece of software;
the authorization instruction generation unit includes:
the access control information acquisition module is used for acquiring the selected current authorized access table item in the access control table;
and the instruction automatic generation module is used for automatically generating a corresponding authorized access instruction according to the current authorized access table item.
Optionally, the management terminal and the accessed terminal are mobile phones, computers or PADs.
Optionally, the authorization instruction generating unit is further configured to generate and store at least one authorization access instruction template in advance for selective use.
Compared with the prior art, the embodiment of the invention has the following beneficial effects:
the embodiment of the invention adopts a remote control mode for the access authority, and when the accessed terminal has user access, the administrator gives corresponding access authority to the current user at the management terminal. Therefore, the user can log in the accessed terminal in a password-free mode, and an administrator can customize different access authorities for each user, so that the data security of the accessed terminal can be highly guaranteed, the administrator can effectively manage all users, and the user can greatly conveniently access the accessed terminal.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without inventive exercise.
Fig. 1 is a flowchart of a remote control method for access rights according to an embodiment of the present invention;
fig. 2 is a flowchart of a remote control method for access rights according to a second embodiment of the present invention;
fig. 3 is an architecture diagram of a remote control system for access rights according to a third embodiment of the present invention.
Detailed Description
In order to make the objects, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the embodiments described below are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The core idea of the invention is that: the invention adopts a remote control mode for the access authority, when the accessed terminal has user access, the accessed terminal actively sends an authorization request to the management terminal, the administrator sets the access authority of the current user at the management terminal and feeds back the access authority to the accessed terminal, and the accessed terminal gives corresponding access permission to the current user according to the setting of the administrator. Therefore, an administrator can customize different access authorities for each user, the data security of an accessed terminal can be highly guaranteed, the administrator can effectively manage all users, and the use of the users is greatly facilitated.
The technical scheme of the invention is further explained by the specific implementation mode in combination with the attached drawings.
Example one
Referring to fig. 1, the present embodiment provides a method for remotely controlling access rights, including the following steps:
step 101, when the accessed terminal identifies that a user logs in an access account, the accessed terminal sends an authorization request to the management terminal.
In order to facilitate the administrator to identify the current user, the authorization request may carry user-related information obtained by the accessed terminal, where the user-related information may include identity information of the current user (e.g., a department to which the current user belongs, a nickname of the user, a name of the user, or an image of the user), and may also include access requirement information of the current user (e.g., a name of a document/software to be accessed) and other related information (e.g., an access duration).
At the initial time, the visited end may set only two accounts: an administrator account and an access account. The administrator account can log in through a user name and a password mode, and the access account can log in through a password-free mode; under the administrator account, giving the maximum access authority to the user without sending an authorization request to a management terminal; and under the access account, giving the minimum access right or no access right to the user before an authorized access instruction returned by the management terminal is not received. Certainly, the access account can also be logged in by adopting a user name and password mode, and the accessed terminal sends an authorization request to the management terminal after the user logs in through the password, so that the access of the user is actually verified twice, and the safety is further improved.
The accessed terminal can acquire the required relevant information of the user through a login interface or other interfaces; the accessed terminal and the management terminal are connected in a wired network or wireless network mode to realize information transmission.
The accessed terminal and the access terminal can be various terminal devices such as a computer, a mobile phone, a PAD and the like.
And 102, after receiving the authorization request, the management terminal generates a corresponding authorization access instruction according to the authorization request and sends the authorization access instruction to the accessed terminal.
The authorized access instruction includes authorized access content (i.e. documents and software information authorized to be accessed by the current user) and an authorized access mode.
There are a number of authorized access modes: 1. only a single access is allowed, or an unlimited number of accesses within a specified time period; 2. the operation authority includes read-only, editing, copying and the like.
In this step, the management end generates different authorized access instructions for different users, thereby realizing customized management.
And 103, the accessed terminal endows the corresponding access authority to the user according to the authorized access instruction. Therefore, the user can operate the accessed terminal within the access authority acquired by the user.
In summary, in this embodiment, for the access right of the user at the accessed terminal, the administrator may perform remote control operation at the management terminal, and assign different access rights to each user, so as to meet different access requirements of each user, and ensure information security of the accessed terminal.
In fact, since the management side performs the remote control function, the number of accessed sides is not limited to one, and may be a plurality. Therefore, one administrator can simultaneously carry out authority management control on a plurality of accessed terminals, so that the work of the administrator is more convenient and efficient.
Example two
Referring to fig. 2, the present embodiment provides a method for remotely controlling access rights, including the following steps:
step 201, for all documents and software which need to be access-controlled by the accessed terminal, a corresponding access control table is generated, the table includes a plurality of entries, and each entry corresponds to one document or one software.
The generation operation of the access control table may be performed at the accessed terminal or the management terminal, which is not limited in particular.
Step 202, when the accessed terminal identifies that the user logs in the access account, the accessed terminal acquires the user related information and sends an authorization request carrying the user related information to the management terminal.
Step 203, the management terminal generates a corresponding authorized access instruction according to the currently received user related information, and sends the authorized access instruction to the accessed terminal.
In this step, the method for generating the authorized access instruction includes: and acquiring the current authorized access table item selected by the administrator in the pre-stored access control table, and automatically generating an authorized access instruction according to the checked table item.
Compared with the first embodiment, the instruction generation method of the second embodiment can further simplify the instruction generation operation of the administrator.
In actual operation, at the management end, one or more authorized access instruction templates can be generated and stored in advance for the administrator to select and use according to needs.
And step 204, the accessed terminal endows the corresponding access authority to the user according to the authorized access instruction.
Compared with the first embodiment, the second embodiment adopts a relatively intuitive and convenient authorized access instruction generation mode, and the operation of an administrator is greatly simplified.
EXAMPLE III
Referring to fig. 3, the present embodiment provides a remote control system for access rights, including: the management terminal is connected with the accessed terminal through a wired or wireless network.
The accessed terminal can be various terminals such as a mobile phone, a computer or a PAD, and comprises:
the authorization request generation unit is used for acquiring user related information when a user login access account is identified, generating an authorization request according to the user related information, and sending the authorization request to the management terminal through the first information transmission unit; the user related information comprises identity information, access requirement information or other related information of the current user;
the authority management unit is used for endowing corresponding access authority to the current user according to the authorized access instruction from the management end;
and the first information transmission unit is used for realizing the information transmission of the accessed terminal and the management terminal through a wired or wireless network.
The management terminal can be various terminals such as a mobile phone, a computer or a PAD, and comprises:
the authorization instruction generating unit is used for generating a corresponding authorization access instruction according to the authorization request from the accessed terminal and sending the corresponding authorization access instruction to the accessed terminal through the second information transmission unit;
and the second information transmission unit is used for realizing the information transmission between the management terminal and the accessed terminal through a wired or wireless network.
In order to further simplify the work of the administrator, the management terminal may further include a management and control table management unit, configured to generate a corresponding access and control table according to all documents and software that need to be access-right controlled on the accessed terminal, where the access and control table includes multiple table entries, and each table entry corresponds to one document or one software;
meanwhile, the authorization instruction generating unit may specifically include:
the access control information acquisition module is used for acquiring the current authorized access table item selected by the administrator in a pre-generated and stored access control table;
and the instruction automatic generation module is used for automatically generating a corresponding authorized access instruction according to the selected authorized access table item.
In this embodiment, the authorization instruction generating unit is further configured to generate and store at least one authorization access instruction template in advance for selective use. When a plurality of accessed terminals are included, a corresponding access control table can be generated and stored in advance according to all documents and software which need to be subjected to access authority control by each accessed terminal, wherein the table includes a plurality of table entries, and each table entry corresponds to one document or one software. Therefore, when the administrator controls the access authority of the accessed terminal, the administrator only needs to check the list item authorized to be accessed in the corresponding access control list.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A remote control method of access rights, the remote control method comprising:
when the accessed terminal identifies that a user logs in an access account, the accessed terminal sends an authorization request to the management terminal;
after receiving the authorization request, the management terminal generates a corresponding authorization access instruction according to the authorization request and sends the authorization access instruction to the accessed terminal;
and the accessed terminal endows the corresponding access authority to the user according to the authorized access instruction.
2. The method of claim 1, further comprising: generating a corresponding access control table in advance according to all documents and software needing access authority control on the accessed terminal, wherein the access control table comprises a plurality of table entries, and each table entry corresponds to one document or one software;
the generation method of the authorized access instruction comprises the following steps: and at the management end, acquiring the selected current authorized access table entry in the access control table, and automatically generating an authorized access instruction according to the current authorized access table entry.
3. The method according to claim 1, wherein the generating operation of the access control table is performed at an accessed side or a management side.
4. The method according to claim 1, wherein the authorization request carries user-related information, and the user-related information includes at least one of identity information and access requirement information of the user.
5. The method of claim 1, wherein the authorized access instruction includes at least one of an authorized access content and an authorized access mode; the authorized access mode includes: single access or multiple access within a specified time period, read-only, edit, or copy mode.
6. The method of claim 1, further comprising: and at the management end, at least one authorized access instruction template is generated and stored in advance for selective use.
7. The remote control system for the access authority is characterized by comprising a management terminal and at least one accessed terminal, wherein the management terminal is connected with the accessed terminal through a wired or wireless network;
the accessed terminal comprises: the device comprises an authorization request generating unit, a right management unit and a first information transmission unit; wherein,
the authorization request generating unit is used for acquiring user related information when a user login access account is identified, generating an authorization request and sending the authorization request to the management terminal through the first information transmission unit;
the authority management unit is used for giving corresponding access authority to the user according to the authorized access instruction from the management end;
the first information transmission unit is used for realizing the information transmission between the accessed terminal and the management terminal through a wired or wireless network;
the management terminal comprises an authorization instruction generating unit and a second information transmission unit; wherein,
the authorization instruction generating unit is used for generating a corresponding authorization access instruction according to the authorization request from the accessed terminal and sending the corresponding authorization access instruction to the accessed terminal through the second information transmission unit;
and the second information transmission unit is used for realizing the information transmission between the management terminal and the accessed terminal through a wired or wireless network.
8. The remote control system of access rights according to claim 7, wherein the management side further comprises a management table management unit; the management and control table management unit is used for generating a corresponding access management and control table according to all documents and software which need to be subjected to access authority control on an accessed terminal, wherein the access management and control table comprises a plurality of table entries, and each table entry corresponds to one document or one piece of software;
the authorization instruction generation unit includes:
the access control information acquisition module is used for acquiring the selected current authorized access table item in the access control table;
and the instruction automatic generation module is used for automatically generating a corresponding authorized access instruction according to the current authorized access table item.
9. The system for remote control of access rights according to claim 7, wherein the management terminal and the access terminal are mobile phones, computers or PADs.
10. The system according to claim 7, wherein the authorization command generating unit is further configured to generate and store at least one authorization access command template in advance for selective use.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811020476.6A CN109033775A (en) | 2018-09-03 | 2018-09-03 | A kind of long-range control method and system of access authority |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811020476.6A CN109033775A (en) | 2018-09-03 | 2018-09-03 | A kind of long-range control method and system of access authority |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109033775A true CN109033775A (en) | 2018-12-18 |
Family
ID=64622882
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811020476.6A Pending CN109033775A (en) | 2018-09-03 | 2018-09-03 | A kind of long-range control method and system of access authority |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109033775A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110363021A (en) * | 2019-06-13 | 2019-10-22 | 平安科技(深圳)有限公司 | A kind of system access management-control method and platform |
| CN111241555A (en) * | 2019-12-30 | 2020-06-05 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN116645023A (en) * | 2023-07-21 | 2023-08-25 | 中海油信息科技有限公司 | Real-time index control process transportation system and method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101030175A (en) * | 2006-02-28 | 2007-09-05 | 国际商业机器公司 | Universal serial bus storage device and access control method thereof |
| US7571318B2 (en) * | 2002-03-27 | 2009-08-04 | Advanced Micro Devices, Inc. | Method and apparatus for improved security in a data processor |
| CN101677441A (en) * | 2008-09-18 | 2010-03-24 | 深圳华为通信技术有限公司 | Method, device and system of authorization control |
| CN102156844A (en) * | 2011-04-22 | 2011-08-17 | 南京邮电大学 | Implementation method of electronic document on-line/off-line safety management system |
| CN106657091A (en) * | 2016-12-28 | 2017-05-10 | 北京奇艺世纪科技有限公司 | Online server authorization management method and system |
-
2018
- 2018-09-03 CN CN201811020476.6A patent/CN109033775A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7571318B2 (en) * | 2002-03-27 | 2009-08-04 | Advanced Micro Devices, Inc. | Method and apparatus for improved security in a data processor |
| CN101030175A (en) * | 2006-02-28 | 2007-09-05 | 国际商业机器公司 | Universal serial bus storage device and access control method thereof |
| CN101677441A (en) * | 2008-09-18 | 2010-03-24 | 深圳华为通信技术有限公司 | Method, device and system of authorization control |
| CN102156844A (en) * | 2011-04-22 | 2011-08-17 | 南京邮电大学 | Implementation method of electronic document on-line/off-line safety management system |
| CN106657091A (en) * | 2016-12-28 | 2017-05-10 | 北京奇艺世纪科技有限公司 | Online server authorization management method and system |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110363021A (en) * | 2019-06-13 | 2019-10-22 | 平安科技(深圳)有限公司 | A kind of system access management-control method and platform |
| CN111241555A (en) * | 2019-12-30 | 2020-06-05 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN111241555B (en) * | 2019-12-30 | 2022-07-12 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN116645023A (en) * | 2023-07-21 | 2023-08-25 | 中海油信息科技有限公司 | Real-time index control process transportation system and method |
| CN116645023B (en) * | 2023-07-21 | 2024-03-01 | 中海油信息科技有限公司 | Real-time index control process transportation system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108108223B (en) | Kubernetes-based container management platform | |
| US9853963B2 (en) | Authorization server, authentication cooperation system, and storage medium storing program | |
| CN105072135B (en) | A kind of the authorization method for authenticating and system of cloud file-sharing | |
| US10547601B2 (en) | System and method to allow third-party developer to debug code in customer environment | |
| US8839354B2 (en) | Mobile enterprise server and client device interaction | |
| EP3133767B1 (en) | Authorization control method, client and server | |
| CN106341234B (en) | Authorization method and device | |
| EP2037385B1 (en) | Information processing apparatus, authentication control method, and authentication control program | |
| CN112769826B (en) | Information processing method, device, equipment and storage medium | |
| US9584506B2 (en) | Server apparatus, information processing method, program, and storage medium | |
| US9081982B2 (en) | Authorized data access based on the rights of a user and a location | |
| CN107979571B (en) | File use processing method, terminal and server | |
| CN109033775A (en) | A kind of long-range control method and system of access authority | |
| KR101681888B1 (en) | Image processing apparatus that performs user authentication, authentication method therefor, and storage medium | |
| KR101668550B1 (en) | Apparatus and Method for Allocating Role and Permission based on Password | |
| US10496342B2 (en) | Printing system, method, and program for implementing service coordination among a plurality of security domains | |
| US11126460B2 (en) | Limiting folder and link sharing | |
| CN112507295A (en) | Data processing method and system | |
| CN112507320A (en) | Access control method, device, system, electronic equipment and storage medium | |
| JP5046816B2 (en) | Image processing apparatus, session management method, and session management program | |
| CN111200601A (en) | Method and system for butting user and application based on universal transit service | |
| CN108268796B (en) | Offline management method and device based on offline password | |
| CN105744521A (en) | Access authentication management method of wireless network | |
| JP2014186707A (en) | Document generation system | |
| US12001736B1 (en) | System and method for providing alternative authentication modes in multifunction peripherals |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181218 |