CN109255208B - Software service product authorization method and system - Google Patents
Software service product authorization method and system Download PDFInfo
- Publication number
- CN109255208B CN109255208B CN201811024213.2A CN201811024213A CN109255208B CN 109255208 B CN109255208 B CN 109255208B CN 201811024213 A CN201811024213 A CN 201811024213A CN 109255208 B CN109255208 B CN 109255208B
- Authority
- CN
- China
- Prior art keywords
- authorization
- software service
- service product
- server
- current
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 294
- 238000000034 method Methods 0.000 title claims abstract description 34
- 238000011084 recovery Methods 0.000 claims description 11
- 238000004364 calculation method Methods 0.000 claims description 6
- 238000004064 recycling Methods 0.000 claims description 3
- 239000002184 metal Substances 0.000 description 10
- 230000008569 process Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 239000000126 substance Substances 0.000 description 3
- 208000013738 Sleep Initiation and Maintenance disease Diseases 0.000 description 1
- 230000003213 activating effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 206010022437 insomnia Diseases 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002035 prolonged effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04J—MULTIPLEX COMMUNICATION
- H04J3/00—Time-division multiplex systems
- H04J3/02—Details
- H04J3/06—Synchronising arrangements
- H04J3/0635—Clock or time synchronisation in a network
- H04J3/0638—Clock or time synchronisation among nodes; Internode synchronisation
- H04J3/0658—Clock or time synchronisation among packet nodes
- H04J3/0661—Clock or time synchronisation among packet nodes using timestamps
- H04J3/0667—Bidirectional timestamps, e.g. NTP or PTP for compensation of clock drift and for compensation of propagation delays
Abstract
The invention provides an authorization method and a system of software service products, wherein the method comprises the following steps: deploying an authorization server in a government affair cloud center; receiving a software service request input by a user by utilizing a government affair cloud management platform; determining a request type of a software service request; when the request type is an opening request, creating a software service product example in a government affair cloud center according to software service product parameters carried in the opening request; determining an authorization license certificate corresponding to license requirement information carried by the opening request from an authorization server; authorizing the software service product instance by using the authorization server according to the authorization license certificate, and generating authorization feedback information according to the authorized software service product instance; and sending the authorization feedback information to the government affair cloud management platform by using the authorization server so that the government affair cloud management platform outputs the authorization feedback information to the user. The scheme can improve the user experience and the use flexibility.
Description
Technical Field
The invention relates to the technical field of computers, in particular to an authorization method and an authorization system for software service products.
Background
Software service products of some third-party vendors are often required to be integrated in the government affairs cloud so as to provide comprehensive services for users. The software service products can normally provide services only after being authorized by the corresponding third-party manufacturer, so that quick authorization of the software service products in the government affair cloud is an important influence factor for improving the efficiency of the government affair cloud service.
Currently, software service products are mainly authorized manually, that is, software service products pre-deployed in a government cloud are authorized one by a staff of a third party manufacturer. Because the number of software service products needing to be authorized is large, the software service products are authorized one by one in a manual mode, service opening time can be prolonged, and user experience is reduced.
Disclosure of Invention
The embodiment of the invention provides a method and a system for authorizing a software service product, which can improve user experience.
In a first aspect, an embodiment of the present invention provides an authorization method for a software service product, where an authorization server is deployed in a government cloud center; the method comprises the following steps:
receiving a software service request input by a user by utilizing a government affair cloud management platform;
determining a request type of the software service request;
when the request type is an opening request, creating a software service product example in the government affair cloud center according to software service product parameters carried in the opening request;
determining an authorization license certificate corresponding to license requirement information carried by the opening request from the authorization server;
authorizing the software service product instance by using the authorization server according to the authorization license certificate, and generating authorization feedback information according to the authorized software service product instance;
and sending the authorization feedback information to a government affair cloud management platform by using the authorization server so that the government affair cloud management platform outputs the authorization feedback information to the user.
Preferably, the first and second electrodes are formed of a metal,
after the determining the request type of the software service request, further comprising:
when the request type is a logout request, determining a software service product example to be logout and a current authorization license certificate used by the software service product example to be logout according to logout identification information carried in the logout request;
recovering the current authorization license certificate by using the authorization server, and sending recovery information to the government affair cloud management platform;
and utilizing the government affair cloud management platform to log out the software service product example to be logged out according to the recovery information.
Preferably, the first and second electrodes are formed of a metal,
after the creating the software service product instance at the government cloud center, further comprising:
starting the software service product instance to acquire target identification information corresponding to the software service product instance;
then, the determining an authorization license certificate in the authorization server corresponding to the license requirement information carried by the provisioning request, and the authorizing the software service product instance by using the authorization server according to the authorization license certificate include:
determining whether a formal authorization license certificate corresponding to the license requirement information exists in the authorization server;
if so, sending the target identification information to the authorization server, and authorizing the target identification information of the software service product instance by utilizing the authorization server according to the formal authorization license certificate;
otherwise, determining a trial authorized license certificate corresponding to the license requirement information from the authorization server; and authorizing the software service product instance according to the trial authorization license certificate by utilizing the authorization server.
Preferably, the first and second electrodes are formed of a metal,
the authorizing, with the authorization server, the software service product instance according to the authorization license certificate includes:
updating a current usage state of the authorization license certificate to a used state with the authorization server;
updating the user information of the authorized license certificate to the identification information of the software service product instance;
updating the use start time of the authorization license certificate to the current time;
preferably, the first and second electrodes are formed of a metal,
the recycling the current authorization license certificate by using the authorization server includes:
updating the use state of the current authorization license certificate to an unused state by the authorization server;
updating the user information of the current authorization license certificate to be null;
calculating the residual time length corresponding to the current authorization license certificate by using the following calculation formula, and updating the residual time length of the current authorization license certificate according to the calculated residual time length;
M=Q-(A-B)
wherein M represents the remaining duration; q represents the available total time length corresponding to the current authorization license; a represents the current moment; b characterizes the start time of the use of the current authorized license certificate.
Preferably, the first and second electrodes are formed of a metal,
further comprising: deploying an NTP server in the government affair cloud center;
after the deploying an authorization server in a government cloud center, before the authorizing, by the authorization server, the software service product instance according to the authorization license certificate, further comprising:
time synchronization is carried out on the authorization server and the NTP server;
preferably, the first and second electrodes are formed of a metal,
after said authorizing, with the authorization server, the instance of the software service product according to the authorization license credential, further comprising:
recording the use duration of the authorization license certificate by using the authorization server;
generating an encrypted file according to the use duration;
and sending the encrypted file to an external manufacturer server according to a preset period, so that the manufacturer server determines the authorization cost corresponding to the authorization license certificate according to the encrypted file.
Preferably, the first and second electrodes are formed of a metal,
said time synchronizing said authorization server with said NTP server, comprising:
acquiring international standard time by using an NTP (network time protocol) server, and sending a standard character string corresponding to the international standard time to the authorization server;
determining a current character string corresponding to the current moment recorded by the authorization server;
calculating the difference value between each current character in the current character string and the corresponding standard character in the standard character string according to the following calculation formula;
when the difference value is not 0, replacing the current character with the standard character;
wherein K characterizes the difference value, aiCharacterizing the ith current character in the current string, biAnd characterizing the ith standard character in the standard character string.
In a second aspect, an embodiment of the present invention provides an authorization system for a software service product, including: the system comprises a government affair cloud management platform, an authorization server and a government affair cloud center; wherein the content of the first and second substances,
the authorization server is deployed on the government affairs cloud center;
the government affair cloud management platform is used for receiving a software service request input by a user; determining a request type of the software service request; when the request type is an opening request, creating a software service product example in the government affair cloud center according to software service product parameters carried in the opening request; sending authorization feedback information to the government affair cloud center;
the authorization server is used for determining an authorization license certificate corresponding to the license requirement information carried by the opening request and authorizing the software service product instance by using the authorization license certificate; generating the authorization feedback information according to the authorized software service product example, and sending the authorization feedback information to the government affair cloud management platform;
and the government affair cloud center is used for outputting the authorization feedback information to the user.
Preferably, the first and second electrodes are formed of a metal,
the government affair cloud management platform is further used for determining a software service product example to be revoked and a current authorization license certificate used by the software service product example to be revoked according to logout identification information carried in a logout request when the request type is determined to be the logout request; when receiving the recovery information sent by the authorization server, logging off the software service product example to be logged off;
the authorization server is further configured to recycle the current authorization license and send the recycle information to the government affair cloud management platform.
Preferably, the first and second electrodes are formed of a metal,
the government affair cloud management platform is further used for starting the software service product example to acquire target identification information corresponding to the software service product example;
the authorization server is used for determining whether a formal authorization license certificate corresponding to the license requirement information exists; if so, authorizing the target identification information of the software service product instance by using the formal authorization license certificate; otherwise, determining a trial authorized license certificate corresponding to the license requirement information; and authorizing the software service product instance by using the trial authorization license certificate.
Preferably, the first and second electrodes are formed of a metal,
further comprising: an NTP server; wherein the content of the first and second substances,
the NTP server is deployed on the government affair cloud center;
the authorization server is further configured to perform time synchronization with the NTP server.
The embodiment of the invention provides an authorization method and an authorization system for software service products, wherein an authorization server is deployed in a government affair cloud center, then a government affair cloud management platform is used for receiving a software service request input by a user, when the request type of the software service request is an opening request, a software service product example can be created in the government affair cloud center according to software service product parameters carried in the opening request, then an authorization license corresponding to license requirement information is determined from the authorization server, the software service product example is authorized by the authorization server according to the authorization license, and then authorization feedback information is output to the user by the government affair cloud management platform, so that the user can apply for corresponding services according to the authorization feedback information. Therefore, the software service product examples are automatically and flexibly authorized on line, and workers do not need to authorize the software service product examples one by one, so that the user experience is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a flow chart of a method for authorizing a software service product provided by one embodiment of the invention;
FIG. 2 is a schematic structural diagram of an authorization system for a software service product according to an embodiment of the present invention;
FIG. 3 is a schematic structural diagram of an authorization system for a software service product according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of an authorization system for a software service product according to another embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a method for authorizing a software service product, which may include the following steps:
step 101: deploying an authorization server in a government affair cloud center;
step 102: receiving a software service request input by a user by utilizing the government affair cloud management platform;
step 103: determining a request type of the software service request;
step 104: when the request type is an opening request, creating a software service product example in the government affair cloud center according to software service product parameters carried in the opening request;
step 105: determining an authorization license certificate corresponding to license requirement information carried by the opening request from the authorization server;
step 106: authorizing the software service product instance by using the authorization server according to the authorization license certificate, and generating authorization feedback information according to the authorized software service product instance;
step 107: and sending the authorization feedback information to a government affair cloud management platform by using the authorization server so that the government affair cloud management platform outputs the authorization feedback information to the user.
In the above embodiment, an authorization server is deployed in a government affair cloud center, then a government affair cloud management platform is used to receive a software service request input by a user, when the request type of the software service request is an opening request, a software service product instance is created in the government affair cloud center according to software service product parameters carried in the opening request, then an authorization license certificate corresponding to license requirement information is determined from the authorization server, the software service product instance is authorized by the authorization server according to the authorization license certificate, and then authorization feedback information is output to the user by the government affair cloud management platform, so that the user can apply for a corresponding service according to the authorization feedback information. Therefore, the software service product examples are automatically and flexibly authorized on line, and workers do not need to authorize the software service product examples one by one, so that the user experience is improved.
In an embodiment of the present invention, after step 103, the method may further include:
when the request type is a logout request, determining a software service product example to be logout and a current authorization license certificate used by the software service product example to be logout according to logout identification information carried in the logout request;
recovering the current authorization license certificate by using the authorization server, and sending recovery information to the government affair cloud management platform;
and utilizing the government affair cloud management platform to log out the software service product example to be logged out according to the recovery information.
When the government affair cloud management platform obtains a software service request input by a user, whether the software service request is an opening request or a logout request can be determined, when the software service request is the opening request, an opening processing flow corresponding to the opening request is executed, and when the software service request is the logout request, a logout processing flow corresponding to the logout request is executed. When the logout processing flow is executed, the authorization server recovers the current authorization license certificate currently used by the software service product example to be logout, the recovery information is returned to the government affair cloud management platform after the recovery is completed, the government affair cloud management platform logs out the software service product example to be logout, and a response is returned to the user. In the prior art, when the authorization is manually performed, each authorization is fixed, namely, the service cycle of one authorization is fixed, and the operation flow is complicated when the user terminates the service in advance.
In an embodiment of the present invention, after step 104, the method may further include:
starting the software service product instance to acquire target identification information corresponding to the software service product instance;
then steps 105 and 106 may include, in accordance with an embodiment:
determining whether a formal authorization license certificate corresponding to the license requirement information exists in the authorization server;
if so, sending the target identification information to the authorization server, and authorizing the target identification information of the software service product instance by utilizing the authorization server according to the formal authorization license certificate;
otherwise, determining a trial authorized license certificate corresponding to the license requirement information from the authorization server; and authorizing the software service product instance according to the trial authorization license certificate by utilizing the authorization server.
When an opening request initiated by a user is received in a government affair cloud management platform, determining parameters of a software service product, for example, obtaining the type, specification, use area and the like of the opened software service product, further determining parameters such as IMAGE, a resource pool, a CPU, a memory, a VLAN, an IP and the like required by a software service product example to be created, then creating a correspondingly configured software service product example in a government affair cloud center according to the parameters of the software service product, judging whether the software service product example is created according to an example state returned by the government affair cloud platform, and starting the software service product example after the creation is completed. Here, the rest api of the software service product login may be periodically called to determine that the software service product instance has been correctly started, and after the software service product instance is started, the management IP and the serial number SN of the software service product instance may be obtained.
Then, the government affair cloud management platform inquires whether a formal authorization license matched with license requirement information (certificate type, validity period and the like) exists in the authorization server, if at least one available formal authorization license exists, the government affair cloud management platform selects one available formal authorization license, then sends the ID of the selected formal authorization license, the software service product instance management IP and the software service product instance serial number SN to the authorization server, and sends an authorization instruction to the authorization server to inform the authorization server to authorize the software service product instance by using the formal authorization license corresponding to the ID of the formal authorization license.
And after receiving an authorization instruction sent by the government affair cloud management platform, the authorization server calls an interface corresponding to the software service product according to the management IP of the software service product example, introduces the selected formal license authorization certificate into the software service product example, and finally returns an authorization result to the government affair cloud management platform. After the authorization is completed, the authorization server updates the use information of the formal authorization license certificate so as to avoid the situation of repeated authorization in the later period, namely, the same formal authorization license certificate is utilized to authorize different software service product instances so as to ensure the uniqueness of the authorization.
If the formal authorization license does not exist, the software service product instance is authorized by using the trial authorization license, the authorization process is the same as the authorization process by using the formal authorization license, and the user is informed of the need of applying for activating the formal authorization license in the later period after the authorization is finished. After the authorization is completed, the government affair cloud management platform carries out initialization configuration on the software service product example, and then outputs authorization feedback information to the user, namely returns a service opening result to the user.
Correspondingly, in the logout process of the software service product, the government affair cloud management platform also performs different logout operations according to the type of the authorized license certificate corresponding to the software service product example to be logout. If the current authorized license is a trial authorized license, executing the operation of destroying the software service product instance, if the current authorized license is a formal authorized license, sending the management IP of the software product instance to be revoked and the ID of the formal authorized license used by the software product instance to be revoked to an authorization server by a government affairs cloud management platform, stopping the service state of the software service product instance to be revoked by the authorization server, recovering the formal authorized license used by the software service product instance to be revoked, executing the operation of destroying the software service product instance to be revoked, and then returning a service logout result to the user.
In an embodiment of the present invention, after step 106, the method may further include:
recording the use duration of the authorization license certificate by using the authorization server;
generating an encrypted file according to the use duration;
and sending the encrypted file to an external manufacturer server according to a preset period, so that the manufacturer server determines the authorization cost corresponding to the authorization license certificate according to the encrypted file.
Because the cooperation modes of the third party manufacturers are different, the authorization of the software service products can also be divided into two modes, one mode is a license pre-sale mode, and the other mode is a service cooperation mode. The licensing pre-selling mode is specifically that a batch of available licensing certificates are purchased from a third party manufacturer in advance, an authorization server records the product specification and duration of each licensing certificate, a government affair cloud management platform authorizes products opened by a user by using the pre-sold licensing certificates, and the government affair cloud management platform recovers the licensing certificates after the user terminates service. The service cooperation mode is that a third party manufacturer firstly provides a batch of available authorization license certificates, an authorization server records the product specification and the use duration of each authorization license certificate to an encrypted file, then the encrypted file is periodically exported to a network-enabled device to be synchronized with the third party manufacturer, and the third party manufacturer charges according to the service duration of each authorization license certificate.
In an embodiment of the present invention, the detailed implementation of step 106 may include:
updating a current usage state of the authorization license certificate to a used state with the authorization server;
updating the user information of the authorized license certificate to the identification information of the software service product instance;
updating the use start time of the authorized license certificate to the current time.
In the license pre-sale mode, the formal authorization license certificate at least has attributes such as a certificate ID, a remaining available time, a current use state, a user serial number SN, a use start time and the like. When the formal authorization license is used for authorizing the software service product instance, namely the current use state of the formal authorization license is updated to be used, the user serial number SN is updated to be the serial number of the software service product instance, and the use starting time is updated to be the currently authorized time.
In an embodiment of the present invention, the recycling the current authorization certificate by using the authorization server includes:
updating the use state of the current authorization license certificate to an unused state by the authorization server;
updating the user information of the current authorization license certificate to be null;
calculating the residual time length corresponding to the current authorization license certificate by using the following calculation formula, and updating the residual time length of the current authorization license certificate according to the calculated residual time length;
M=Q-(A-B)
wherein M represents the remaining duration; q represents the available total time length corresponding to the current authorization license; a represents the current moment; b characterizes the start time of the use of the current authorized license certificate.
When the current authorization license of the software service product instance to be cancelled is recovered, if the current authorization license is a formal authorization license, the current use state of the formal authorization license is updated to unused, the user serial number SN is updated to be null, the available remaining time is updated to be 'available total time- (current time-use starting time)', and the use starting time is updated to be null.
In one embodiment of the present invention, the method may further comprise: deploying an NTP server in the government affair cloud center;
after step 101, before step 106, it may further include:
and carrying out time synchronization on the authorization server and the NTP server.
The NTP server is deployed in the government affair cloud center and used for carrying out time synchronization on the authorization server and the software service product instance, and the specific use time of the authorization license certificate can be accurately recorded by the authorization server.
It is understood that the authorization server may be a virtual machine or a physical machine. The following describes the configuration process of the authorization server in detail by taking a virtual machine as an example. A Linux virtual machine is deployed in a government affair cloud center, and the time synchronization is carried out on the virtual machine and an NTP server. And network configuration information such as the IP (Internet protocol) of the virtual machine, the gateway and the like is configured, so that the virtual machine can be simultaneously communicated with the government affair cloud management platform and the software service product instance, but is isolated from an external network, and the safety of a government affair cloud center is ensured. Then, a permission authorization program is deployed on the virtual machine, a permission program listening port, such as 80 or 8080, is configured, the firewall setting of the virtual machine is modified, and the permission authorization program listening port, such as 80 or 8080, is opened to the outside. And placing the trial authorization license certificate and the formal authorization license certificate provided by the third party manufacturer to the specified path of the virtual machine, so that the license authorization program can correctly read the authorization license certificate and authorize the software service product. And then calling a license list query interface of the license authorization program through an Insomnia tool to ensure that the authorization server is correctly deployed and can be normally accessed. After the deployment of the authorization server is completed, the authorization server keeps continuously running to prepare for authorization when the software service product is opened and certificate recovery when the service is cancelled. Here, the device for deploying the authorization server and the government affair cloud management platform can share one physical machine, so that the system and network requirements for deploying the authorization server are met, and server resources can be effectively saved.
In an embodiment of the present invention, the time synchronization between the authorization server and the NTP server includes:
acquiring international standard time by using an NTP (network time protocol) server, and sending a standard character string corresponding to the international standard time to the authorization server;
determining a current character string corresponding to the current moment recorded by the authorization server;
calculating the difference value between each current character in the current character string and the corresponding standard character in the standard character string according to the following calculation formula;
when the difference value is not 0, replacing the current character with the standard character;
wherein K characterizes the difference value, aiCharacterizing the current stringThe ith current character in (b)iAnd characterizing the ith standard character in the standard character string.
Here, the NTP server acquires the international standard time, and then synchronizes the current time in the authorization server by using the international standard time, so that the current time of the authorization server is also the international standard time, so as to accurately record the specific use duration of the authorization license.
As shown in fig. 2 and fig. 3, an embodiment of the present invention provides an authorization system for software service products. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. From a hardware level, as shown in fig. 2, a hardware structure diagram of a device in which an authorization system of a software service product provided in the embodiment of the present invention is located is shown, except for the processor, the memory, the network interface, and the nonvolatile memory shown in fig. 2, the device in which the apparatus is located in the embodiment may also generally include other hardware, such as a forwarding chip responsible for processing a packet, and the like. Taking a software implementation as an example, as shown in fig. 3, as a logical apparatus, the apparatus is formed by reading, by a CPU of a device in which the apparatus is located, corresponding computer program instructions in a non-volatile memory into a memory for execution. The system for authorizing software service products provided by the embodiment comprises: a government affair cloud management platform 301, an authorization server 302 and a government affair cloud center 303; wherein the authorization server 302 is deployed on the government cloud center 303;
the government affair cloud management platform 301 is used for receiving a software service request input by a user; determining a request type of the software service request; when the request type is an opening request, creating a software service product example in the government affair cloud center 303 according to software service product parameters carried in the opening request; sending authorization feedback information to the government affair cloud center 303;
the authorization server 302 is configured to determine an authorization license certificate corresponding to the license requirement information carried in the provisioning request, and authorize the software service product instance by using the authorization license certificate; generating the authorization feedback information according to the authorized software service product instance, and sending the authorization feedback information to the government affair cloud management platform 301;
and the government affair cloud center 303 is configured to output the authorization feedback information to the user.
In this embodiment of the present invention, the government affair cloud management platform 301 is further configured to, when it is determined that the request type is a logout request, determine, according to logout identification information carried in the logout request, a software service product instance to be logout and a current authorization license certificate used by the software service product instance to be logout; when receiving the recovery information sent by the authorization server, logging off the software service product example to be logged off;
the authorization server 302 is further configured to recycle the current authorization license and send the recycle information to the government cloud management platform.
In an embodiment of the present invention, the government affair cloud management platform 301 is further configured to start the software service product instance to obtain target identification information corresponding to the software service product instance;
the authorization server 302, configured to determine whether a formal authorization license certificate corresponding to the license requirement information exists; if so, authorizing the target identification information of the software service product instance by using the formal authorization license certificate; otherwise, determining a trial authorized license certificate corresponding to the license requirement information; and authorizing the software service product instance by using the trial authorization license certificate.
As shown in fig. 4, in an embodiment of the present invention, the system may further include: an NTP server 401; wherein the content of the first and second substances,
the NTP server 401 is deployed on the government cloud center 303;
the authorization server 302 is further configured to perform time synchronization with the NTP server 401.
The information interaction, execution process and other contents between the units in the system are based on the same concept as the method embodiment of the present invention, and specific contents can be referred to the description in the method embodiment of the present invention, and are not described herein again.
Embodiments of the present invention provide a readable medium, which includes an execution instruction, and when a processor of a storage controller executes the execution instruction, the storage controller executes a method provided in any one of the above embodiments of the present invention.
An embodiment of the present invention provides a storage controller, including: a processor, a memory, and a bus; the memory is used for storing execution instructions, the processor is connected with the memory through the bus, and when the storage controller runs, the processor executes the execution instructions stored in the memory, so that the storage controller executes the method provided by any one of the above embodiments of the invention.
In summary, the above embodiments of the present invention have at least the following advantages:
1. in the embodiment of the invention, an authorization server is deployed in a government affair cloud center, then a government affair cloud management platform is used for receiving a software service request input by a user, when the request type of the software service request is an opening request, a software service product instance is created in the government affair cloud center according to software service product parameters carried in the opening request, then an authorization license certificate corresponding to license requirement information is determined from the authorization server, the software service product instance is authorized by the authorization server according to the authorization license certificate, and then authorization feedback information is output to the user by the government affair cloud management platform, so that the user can apply for corresponding services according to the authorization feedback information. Therefore, the software service product examples are automatically and flexibly authorized on line, and workers do not need to authorize the software service product examples one by one, so that the user experience is improved.
2. In the embodiment of the invention, when the request type of the software service request input by the user is a logout request, the software service product example to be logout is logout, and the current authorization license used by the software service product example to be logout is recovered, so that the use flexibility of the user is improved.
3. In the embodiment of the invention, the NTP server is deployed in the government affair cloud center and used for carrying out time synchronization on the authorization server and the software service product instance, so that the authorization server can accurately record the specific use time of the authorization license certificate.
4. In the embodiment of the invention, when the authorization server adopts a physical machine, the equipment for deploying the authorization server and the government affair cloud management platform share the same physical machine, thereby not only meeting the system and network requirements for deploying the authorization server, but also effectively saving server resources.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a" does not exclude the presence of other similar elements in a process, method, article, or apparatus that comprises the element.
Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by hardware related to program instructions, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it is to be noted that: the above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (1)
1. An authorization method of a software service product is characterized in that an authorization server is deployed in a government affair cloud center; the method comprises the following steps:
receiving a software service request input by a user by utilizing a government affair cloud management platform;
determining a request type of the software service request;
when the request type is an opening request, creating a software service product example in the government affair cloud center according to software service product parameters carried in the opening request;
determining an authorization license certificate corresponding to license requirement information carried by the opening request from the authorization server;
authorizing the software service product instance by using the authorization server according to the authorization license certificate, and generating authorization feedback information according to the authorized software service product instance;
the authorization server is used for sending the authorization feedback information to a government affair cloud management platform so that the government affair cloud management platform can output the authorization feedback information to the user;
after the determining the request type of the software service request, further comprising:
when the request type is a logout request, determining a software service product example to be logout and a current authorization license certificate used by the software service product example to be logout according to logout identification information carried in the logout request;
recovering the current authorization license certificate by using the authorization server, and sending recovery information to the government affair cloud management platform;
utilizing the government affair cloud management platform to log out the software service product example to be logged out according to the recovery information;
after the creating the software service product instance at the government cloud center, further comprising:
starting the software service product instance to acquire target identification information corresponding to the software service product instance;
then, the determining an authorization license certificate in the authorization server corresponding to the license requirement information carried by the provisioning request, and the authorizing the software service product instance by using the authorization server according to the authorization license certificate include:
determining whether a formal authorization license certificate corresponding to the license requirement information exists in the authorization server;
if so, sending the target identification information to the authorization server, and authorizing the target identification information of the software service product instance by utilizing the authorization server according to the formal authorization license certificate;
otherwise, determining a trial authorized license certificate corresponding to the license requirement information from the authorization server; authorizing, with the authorization server, the software service product instance in accordance with the trial authorization license certificate;
the authorizing, with the authorization server, the software service product instance according to the authorization license certificate includes:
updating a current usage state of the authorization license certificate to a used state with the authorization server;
updating the user information of the authorized license certificate to the identification information of the software service product instance;
updating the use start time of the authorization license certificate to the current time;
and/or the presence of a gas in the gas,
the recycling the current authorization license certificate by using the authorization server includes:
updating the use state of the current authorization license certificate to an unused state by the authorization server;
updating the user information of the current authorization license certificate to be null;
calculating the residual time length corresponding to the current authorization license certificate by using the following calculation formula, and updating the residual time length of the current authorization license certificate according to the calculated residual time length;
“M=Q-(A-B)”
wherein M represents the remaining duration; q represents the available total time length corresponding to the current authorization license; a represents the current moment; b represents the use starting moment of the current authorized license certificate;
further comprising: deploying an NTP server in the government affair cloud center;
after the deploying an authorization server in a government cloud center, before the authorizing, by the authorization server, the software service product instance according to the authorization license certificate, further comprising:
time synchronization is carried out on the authorization server and the NTP server;
and/or the presence of a gas in the gas,
after said authorizing, with the authorization server, the instance of the software service product according to the authorization license credential, further comprising:
recording the use duration of the authorization license certificate by using the authorization server;
generating an encrypted file according to the use duration;
sending the encrypted file to an external manufacturer server according to a preset period, so that the manufacturer server determines an authorization cost corresponding to the authorization license certificate according to the encrypted file;
said time synchronizing said authorization server with said NTP server, comprising:
acquiring international standard time by using an NTP (network time protocol) server, and sending a standard character string corresponding to the international standard time to the authorization server;
determining a current character string corresponding to the current moment recorded by the authorization server;
calculating the difference value between each current character in the current character string and the corresponding standard character in the standard character string according to the following calculation formula;
when the difference value is not 0, replacing the current character with the standard character;
wherein K characterizes the difference value, aiCharacterizing the ith current character in the current string, biAnd characterizing the ith standard character in the standard character string.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811024213.2A CN109255208B (en) | 2018-09-04 | 2018-09-04 | Software service product authorization method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811024213.2A CN109255208B (en) | 2018-09-04 | 2018-09-04 | Software service product authorization method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109255208A CN109255208A (en) | 2019-01-22 |
| CN109255208B true CN109255208B (en) | 2020-09-01 |
Family
ID=65047330
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811024213.2A Active CN109255208B (en) | 2018-09-04 | 2018-09-04 | Software service product authorization method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109255208B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110008659B (en) * | 2019-03-29 | 2021-03-23 | 深圳华锐金融技术股份有限公司 | Software license offline management method and device, computer equipment and storage medium |
| CN110401629B (en) * | 2019-05-20 | 2021-10-01 | 腾讯科技(深圳)有限公司 | Authorization activation method and related device |
| CN110708310B (en) * | 2019-09-30 | 2022-02-08 | 杭州数梦工场科技有限公司 | Tenant-level authority management method, device and equipment |
| CN112653563B (en) * | 2019-10-09 | 2022-07-05 | 北京金山云网络技术有限公司 | Cloud resource creating method and device, client and server |
| CN112883341B (en) * | 2019-11-29 | 2023-08-04 | 杭州海康威视数字技术股份有限公司 | Software authorization method, system, electronic equipment and storage medium |
| CN110912934A (en) * | 2019-12-17 | 2020-03-24 | 杭州安恒信息技术股份有限公司 | Cloud security product opening control system, method, equipment and medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103179176A (en) * | 2011-12-26 | 2013-06-26 | 中国移动通信集团公司 | Call method, device and system for web application in cloud/cluster environment |
| CN103916231A (en) * | 2014-03-25 | 2014-07-09 | 汉柏科技有限公司 | Cloud computing platform and server time synchronization method thereof |
| CN106570358A (en) * | 2016-11-18 | 2017-04-19 | 广东欧珀移动通信有限公司 | Method and device for setting application permissions |
| CN107241435A (en) * | 2017-07-18 | 2017-10-10 | 贵阳动视云科技有限公司 | The authority checking method and cloud computing platform of software cloud service |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102324009B (en) * | 2011-09-07 | 2014-03-26 | 普元信息技术股份有限公司 | Software copyright control method based on cloud computing platform |
| US9245096B2 (en) * | 2012-01-24 | 2016-01-26 | International Business Machines Corporation | Software license management in a networked computing environment |
| US20150128293A1 (en) * | 2013-11-01 | 2015-05-07 | Numecent Holdings Inc. | Application distribution network |
-
2018
- 2018-09-04 CN CN201811024213.2A patent/CN109255208B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103179176A (en) * | 2011-12-26 | 2013-06-26 | 中国移动通信集团公司 | Call method, device and system for web application in cloud/cluster environment |
| CN103916231A (en) * | 2014-03-25 | 2014-07-09 | 汉柏科技有限公司 | Cloud computing platform and server time synchronization method thereof |
| CN106570358A (en) * | 2016-11-18 | 2017-04-19 | 广东欧珀移动通信有限公司 | Method and device for setting application permissions |
| CN107241435A (en) * | 2017-07-18 | 2017-10-10 | 贵阳动视云科技有限公司 | The authority checking method and cloud computing platform of software cloud service |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109255208A (en) | 2019-01-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109255208B (en) | Software service product authorization method and system | |
| EP3675418B1 (en) | Issuance of service configuration file | |
| WO2021051878A1 (en) | Cloud resource acquisition method and apparatus based on user permission, and computer device | |
| JP6707153B2 (en) | Secure configuration of cloud computing nodes | |
| WO2019184164A1 (en) | Method for automatically deploying kubernetes worker node, device, terminal apparatus, and readable storage medium | |
| CN108462710B (en) | Authentication and authorization method, device, authentication server and machine-readable storage medium | |
| TWI679550B (en) | Account login method and device | |
| WO2016015558A1 (en) | Method and apparatus for applying for license | |
| US20120297468A1 (en) | Techniques for accessing a backup system | |
| US9401905B1 (en) | Transferring soft token authentication capabilities to a new device | |
| EP3249527B1 (en) | Operation method and device for vnf package | |
| CN110430115A (en) | Service restoration method, system, the network equipment and computer readable storage medium | |
| CN108289074B (en) | User account login method and device | |
| CN107294910B (en) | Login method and server | |
| CN113626133A (en) | Virtual machine control method, device, equipment and computer readable storage medium | |
| WO2022105365A1 (en) | Device control method and system, electronic device, and storage medium | |
| US9628642B2 (en) | Information processing system, license server, communication relay device, non-transitory readable recording medium and data restoration method | |
| CN108494749B (en) | Method, device and equipment for disabling IP address and computer readable storage medium | |
| WO2017219829A1 (en) | Method and device for online management of leased line subscriber | |
| CN112751800A (en) | Authentication method and device | |
| CN111611574A (en) | Information acquisition method, device, equipment and system | |
| CN115859253A (en) | Service access control method, device, equipment and medium | |
| CN108259414B (en) | Virtual resource management and control method and server | |
| US11784996B2 (en) | Runtime credential requirement identification for incident response | |
| US20140366084A1 (en) | Management system, management method, and non-transitory storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Applicant after: Tidal Cloud Information Technology Co.,Ltd. Address before: 250100 Ji'nan science and technology zone, Shandong high tide Road, No. 1036 wave of science and Technology Park, building S06 Applicant before: SHANDONG LANGCHAO YUNTOU INFORMATION TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Applicant after: Inspur cloud Information Technology Co., Ltd Address before: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Applicant before: Tidal Cloud Information Technology Co.,Ltd. |
|
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Yan Liang Inventor after: Qi Guangpeng Inventor after: Zhang Honglei Inventor before: Zhang Honglei |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |