CN109347811B - Heterogeneous pass management method and device and unified pass system - Google Patents

Heterogeneous pass management method and device and unified pass system Download PDF

Info

Publication number
CN109347811B
CN109347811B CN201811129506.7A CN201811129506A CN109347811B CN 109347811 B CN109347811 B CN 109347811B CN 201811129506 A CN201811129506 A CN 201811129506A CN 109347811 B CN109347811 B CN 109347811B
Authority
CN
China
Prior art keywords
information
authentication
account information
subsystem
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811129506.7A
Other languages
Chinese (zh)
Other versions
CN109347811A (en
Inventor
胡俊
陆芸芸
侯军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Oriental Pearl Group Co ltd
Original Assignee
Oriental Pearl Group Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oriental Pearl Group Co ltd filed Critical Oriental Pearl Group Co ltd
Priority to CN201811129506.7A priority Critical patent/CN109347811B/en
Publication of CN109347811A publication Critical patent/CN109347811A/en
Application granted granted Critical
Publication of CN109347811B publication Critical patent/CN109347811B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

The application provides a scheme for realizing heterogeneous pass management, which can acquire first account information in at least one subsystem to acquire data in the subsystem, and then determine second account information related to a unified pass system according to the first account information to establish a unified file in the unified pass system for a user, then switching authentication service of the subsystem to make the authentication of the user logging in the subsystem completed by the unified authentication mode of the unified pass system to generate second authentication information for authenticating the second account information, and a unified authentication mode of the user is established based on the second authentication information, so that the account between subsystems is communicated, and the original data of the subsystem can be used for silent upgrade into a uniform authentication mode under the condition that the user does not sense, and the uniform pass system is used for uniformly authenticating account information in the subsequent use process.

Description

Heterogeneous pass management method and device and unified pass system
Technical Field
The application relates to the technical field of information, in particular to a heterogeneous pass management method, heterogeneous pass management equipment and a unified pass system.
Background
The Passport system (a pass system, i.e., a login authentication system) is one of the most basic components of many products, and provides the most core authentication and authorization functions. With the development of information technology, the requirements of large enterprises on informatization systems and automation systems are higher and higher. Different network-based pass systems are designed for large enterprises in different stages of informatization and automation, but due to historical leaving and version iteration, each system can only independently manage user information in the system, so that the problems of system repeated construction and information isolated island are caused, and great pressure is brought to the data-based operation work of the enterprises. Therefore, a unified pass system for integrating enterprise subsystem user data is produced.
However, the existing integration technology still has some defects. The simply designed integration scheme cannot solve the problems of user identity identification and account binding; the complexity of the scheme of full disk receiving is too high, and the transformation and the upgrade of a unified pass system are required to be carried out every time a new subsystem is accessed; the problem of poor user experience and user loss brought by the scheme of global password resetting is very huge in cost.
Therefore, how to design an effective, simple and user-friendly unified pass system on the premise of solving the problem of subsystem multi-platform account opening and system integration is a problem to be solved.
Content of application
One of the purposes of the present application is to provide a solution for implementing heterogeneous pass management.
To achieve the above object, some embodiments of the present application provide a heterogeneous passport management method, including:
acquiring first account information in at least one subsystem;
determining second account information related to the unified passport system according to the first account information;
switching authentication service of the subsystem so that authentication when a user logs in the subsystem is completed in a uniform authentication mode of the uniform pass system;
and generating second authentication information for authenticating the second account information, and constructing a unified authentication mode of the user based on the second authentication information.
Based on another aspect of the present application, a unified passport system for implementing heterogeneous passport management is also provided, the system including:
the data transmission and filing module is used for acquiring first account information in at least one subsystem and determining second account information related to the unified passport system according to the first account information;
the service switching module is used for switching the authentication service of the subsystem so that the authentication when the user logs in the subsystem is completed by the uniform authentication mode of the uniform pass system;
and the authentication upgrading module is used for generating second authentication information for authenticating the second account information and establishing a unified authentication mode of the user based on the second authentication information.
In addition, the embodiment of the application also provides a computing device for realizing the heterogeneous pass management, the computing device comprises a memory for storing computer program instructions and a processor for executing the computer program instructions, wherein when the computer program instructions are executed by the processor, the computing device is triggered to execute the heterogeneous pass management method
Some embodiments of the present application provide solutions that can obtain first account information in at least one subsystem to obtain data in the subsystem, and then determine second account information related to the unified passport system according to the first account information to establish a unified profile in the unified passport system for a user, then switching authentication service of the subsystem to make the authentication of the user logging in the subsystem completed by the unified authentication mode of the unified pass system to generate second authentication information for authenticating the second account information, and a unified authentication mode of the user is established based on the second authentication information, so that the account between subsystems is communicated, and the original data of the subsystem can be used for silent upgrade into a uniform authentication mode under the condition that the user does not sense, and the uniform pass system is used for uniformly authenticating account information in the subsequent use process.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
fig. 1 is a processing flow of a heterogeneous pass management method according to an embodiment of the present application;
FIG. 2 is a schematic flow chart of data migration and profiling in the embodiment of the present application;
fig. 3 is a structure of a unified passport system for implementing heterogeneous passport management according to an embodiment of the present disclosure;
FIG. 4 is a schematic diagram of a computing device implementing heterogeneous passport management according to an embodiment of the present application;
the same or similar reference numbers in the drawings identify the same or similar elements.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In a typical configuration of the present application, the terminal, the devices serving the network each include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, which include both non-transitory and non-transitory, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device.
The embodiment of the application provides a heterogeneous pass management method, which provides a unified pass system, wherein the unified pass system can establish a unified file based on stock data and incremental data on subsystems, so that account opening between the subsystems is realized, the authentication mode of account information on the subsystems can be uniformly upgraded under the condition that a user does not sense, the original data of the subsystems are upgraded into a unified authentication mode in a silent mode, and the defects of a conventional pass system in the prior art are overcome. In practical scenarios, the specific implementation of the unified passport system may include, but is not limited to, a network host, a single network server, a plurality of network server sets or a computer set based on cloud computing, etc., or may also be an application program running in the above devices. Here, the Cloud is made up of a large number of hosts or web servers based on Cloud Computing (Cloud Computing), which is a type of distributed Computing, one virtual computer consisting of a collection of loosely coupled computers.
Fig. 1 shows a processing flow of a heterogeneous pass management method, which includes the following processing steps:
step S101, the unified pass system acquires first account information in at least one subsystem, so that data migration is realized.
The subsystems are heterogeneous systems, content, form and authentication mode of account information of users in the systems may be different from each other, and the first account information refers to account information in the subsystems. For example, for a user userA, accounts may be registered in 3 different subsystems, where the account is userA1 in subsystem sys1, userA2 in subsystem sys2, and userA3 in subsystem sys 3. When logging in the subsystem sys1, the user needs to use the first account information and the authentication method corresponding to the subsystem, i.e. to use the account userA1 to perform authentication and authentication in a corresponding manner, and accordingly, when logging in the other subsystems sys2 and sys3, the user needs to use the corresponding first account information and authentication method. Therefore, when the first account information in at least one subsystem is acquired, all the account information in the three subsystems can be acquired, including userA1, userA2, userA3 and the like.
In an actual scene, data related to the first account information may be divided into stock data and incremental data according to a time point, where the time point is a preset time cut point agreed in advance. The inventory data comprises first account information existing in the subsystem before a preset time cut point, and the incremental data comprises first account information updated in the subsystem after the preset time cut point. For example, taking the subsystem sys1 as an example, 2000 account information items are existed before the time point X year X month X day zero, if the time point is taken as a preset time cut point, the 2000 account information items are divided into stock data, and correspondingly, the account information updated after the time point, such as the newly registered account, is divided into incremental data.
In one embodiment of the present application, when acquiring inventory data, the unified passport system may acquire an inventory data file regarding at least one subsystem, where the inventory data file includes inventory data derived by the subsystem in a preset format. And when the incremental data is acquired, the incremental data can be acquired from at least one subsystem in real time in a data stream mode through the data interface. For example, in an actual scenario, the stock data may be exported to a specific format and transmitted offline in a file form, and warehoused in an ETL manner on the unified passport system side, and the subsystem may provide an external data interface, so that the incremental data may be transmitted in a data stream manner after being generated.
And step S102, the unified pass system determines second account information related to the unified pass system according to the first account information, so as to establish a unified file for data from each subsystem.
The second account information refers to account information of the user in the unified pass system, that is, account information corresponding to each user in the established unified file. The specific content and form of the account information may be related to the first account information of the user, for example, the first account information of the user is directly used as the second account information, or may also be generated based on part of the content or related content of the first account information of the user.
In an actual scene, the same user may use multiple subsystems at the same time, so that multiple pieces of first account information of different subsystems may belong to the same user, and therefore, in order to facilitate the user to use the unified passport system, accounts established in different subsystems for the user need to be merged, so that each user only has one piece of unique second account information. Therefore, when the second account information about the unified passport system is determined according to the first account information, the identity information corresponding to the first account information can be firstly identified, and then a unique second account information about the unified passport system is generated for each user with the same identity information.
When the identity information corresponding to the first account information is identified, a unique identifier related to the first account information can be acquired, and the identity information corresponding to the first account information is determined according to the unique identifier. The unique identifier uniquely corresponds to the identity of the user, so that the identity information corresponding to the plurality of first account information with the same unique identifier is the same, for example, in an actual scene, the unique identifier may be information which can uniquely correspond to the identity of the user, such as a mobile phone number, an identity card number, an employee number, and the like used by the user when registering an account. Further, for convenience of use by the user, the above-described unique identifier may be used when generating the second account information. For example, the user's mobile phone number is directly used as the login account number, even though the user can directly use the mobile phone number to login the subsystem.
Fig. 2 shows a rough flow of data migration and profiling, which includes determining a cutting time point, then performing stock data migration and incremental data synchronization, and further building a unified archive based on the migrated data.
And step S103, switching the authentication service of the subsystems to ensure that the authentication when the user logs in the subsystems is completed in a uniform authentication mode of the uniform pass system, so that the uniform pass system can take over each subsystem to provide service for the outside.
And step S104, the unified pass system generates second authentication information for authenticating the second account information, and constructs a unified authentication mode of the user based on the second authentication information, so that the user authentication mode is upgraded by the unified pass system.
Under different scenes, the unified pass system can finish upgrading the authentication mode in different modes. For example, when the subsystem has an account number of the user logged in, and the user selects an account number password of the original subsystem to log in, the authentication service of the subsystem is switched, so that the authentication process is guided to the unified pass system, the unified pass system authenticates the account number password (namely, the first account number information), if the authentication is passed, the user authentication mode is upgraded by using the existing user data in the unified pass system, and the user login adopts a new unified authentication mode afterwards.
In the upgrading process of the authentication mode, the processing process of the unified pass system may include the following steps: firstly, obtaining login information from a subsystem, wherein the login information comprises first account information of a user and first authentication information corresponding to the first account information in an authentication mode of the subsystem, authenticating the first account information based on the first authentication information, generating second authentication information for authenticating the second account information after the authentication is passed, and constructing a uniform authentication mode of the user based on the second authentication information, thereby finishing the upgrading of the authentication mode and enabling the user to adopt the uniform authentication mode in the subsequent login.
When the account number of a new user of the subsystem is registered, whether the user exists in the subsystem needs to be judged, if the user does not exist in the subsystem, registration information is requested to the unified pass system through a specific interface, the pass system judges whether the user exists in other subsystems, if the user does not exist in other subsystems, the registration information of the user is brand new and does not need to be combined, and if the user exists in other subsystems, the user needs to be combined, so that the account number information of the user in the unified pass system is unique.
In the upgrading process of the authentication mode, the processing process of the unified pass system may include the following steps: acquiring registration information from a subsystem, wherein the registration information comprises first account information and second authentication information of a user; then judging whether the user exists or not, if not, constructing a unified authentication mode of the user based on the second authentication information; if the user login information exists, the registration information is merged to the existing user, and a unified authentication mode of the user is constructed by using the second authentication information of the existing user, so that the user login thereafter adopts the unified authentication mode.
When the account of the new user of the subsystem logs in, because the unified authentication mode related to the new user of the subsystem is already established after the account of the new user of the subsystem is completed, the new user can directly adopt the new unified authentication mode to carry out authentication and authentication on the new user in the subsequent login process.
In addition, when the account information of the user is modified in the subsystem, the modified information can be synchronized to each subsystem after being submitted to the unified pass system, and the data integrity is guaranteed.
Based on the same inventive concept, the embodiment of the application also provides a unified pass system, the corresponding method of the system is the method in the embodiment, and the principle of solving the problem is similar to the method.
Fig. 3 illustrates a unified passport system for implementing heterogeneous passport management, which includes a data transmission and profiling module 310, a service switching module 320, and an authentication upgrade module 330. The data transmission and profiling module 310 is configured to acquire, by the unified passport system, first account information in at least one subsystem, thereby implementing data migration, and then determine, according to the first account information, second account information about the unified passport system, thereby establishing a unified profile for data from each subsystem. The service switching module 320 is used for switching the authentication service of the subsystems, so that the authentication when the user logs in the subsystems is completed by the uniform authentication mode of the uniform pass system, and thus the uniform pass system can take over each subsystem to provide service to the outside. The authentication upgrading module 330 is configured to generate, by the unified passport system, second authentication information for authenticating second account information, and construct a unified authentication manner for the user based on the second authentication information, thereby upgrading the user authentication manner by the unified passport system.
The subsystems are heterogeneous systems, content, form and authentication mode of account information of users in the systems may be different from each other, and the first account information refers to account information in the subsystems. For example, for a user userA, accounts may be registered in 3 different subsystems, where the account is userA1 in subsystem sys1, userA2 in subsystem sys2, and userA3 in subsystem sys 3. When logging in the subsystem sys1, the user needs to use the first account information and the authentication method corresponding to the subsystem, i.e. to use the account userA1 to perform authentication and authentication in a corresponding manner, and accordingly, when logging in the other subsystems sys2 and sys3, the user needs to use the corresponding first account information and authentication method. Therefore, when the first account information in at least one subsystem is acquired, all the account information in the three subsystems can be acquired, including userA1, userA2, userA3 and the like.
In an actual scene, data related to the first account information may be divided into stock data and incremental data according to a time point, where the time point is a preset time cut point agreed in advance. The inventory data comprises first account information existing in the subsystem before a preset time cut point, and the incremental data comprises first account information updated in the subsystem after the preset time cut point. For example, taking the subsystem sys1 as an example, 2000 account information items are existed before the time point X year X month X day zero, if the time point is taken as a preset time cut point, the 2000 account information items are divided into stock data, and correspondingly, the account information updated after the time point, such as the newly registered account, is divided into incremental data.
In an embodiment of the application, when the unified passport system obtains inventory data, the data transmission and profiling module may obtain an inventory data file about at least one subsystem, where the inventory data file includes inventory data derived by the subsystem in a preset format. And when the incremental data is acquired, the data transmission and profiling module can acquire the incremental data from at least one subsystem in real time in a data stream mode through the data interface. For example, in an actual scenario, the stock data may be exported to a specific format and transmitted offline in a file form, and warehoused in an ETL manner on the unified passport system side, and the subsystem may provide an external data interface, so that the incremental data may be transmitted in a data stream manner after being generated.
The second account information refers to account information of the user in the unified pass system, that is, account information corresponding to each user in the established unified file. The specific content and form of the account information may be related to the first account information of the user, for example, the first account information of the user is directly used as the second account information, or may also be generated based on part of the content or related content of the first account information of the user.
In an actual scene, the same user may use multiple subsystems at the same time, so that multiple pieces of first account information of different subsystems may belong to the same user, and therefore, in order to facilitate the user to use the unified passport system, accounts established in different subsystems for the user need to be merged, so that each user only has one piece of unique second account information. Therefore, when the second account information about the unified passport system is determined according to the first account information, the data transmission and profiling module can firstly identify the identity information corresponding to the first account information, and then generate a unique second account information about the unified passport system for each user with the same identity information.
When the identity information corresponding to the first account information is identified, the data transmission and profiling module may acquire a unique identifier associated with the first account information, and determine the identity information corresponding to the first account information according to the unique identifier. The unique identifier uniquely corresponds to the identity of the user, so that the identity information corresponding to the plurality of first account information with the same unique identifier is the same, for example, in an actual scene, the unique identifier may be information which can uniquely correspond to the identity of the user, such as a mobile phone number, an identity card number, an employee number, and the like used by the user when registering an account. Further, for convenience of use by the user, the above-described unique identifier may be used when generating the second account information. For example, the user's mobile phone number is directly used as the login account number, even though the user can directly use the mobile phone number to login the subsystem.
Fig. 2 shows a rough flow of data migration and profiling, which includes determining a cutting time point, then performing stock data migration and incremental data synchronization, and further building a unified archive based on the migrated data.
Under different scenes, the authentication upgrading module of the unified pass system can finish upgrading the authentication modes in different modes. For example, when the subsystem has an account number of the user logged in, and the user selects an account number password of the original subsystem to log in, the authentication service of the subsystem is switched, so that the authentication process is guided to the unified pass system, the unified pass system authenticates the account number password (namely, the first account number information), if the authentication is passed, the user authentication mode is upgraded by using the existing user data in the unified pass system, and the user login adopts a new unified authentication mode afterwards.
In the upgrading process of the authentication mode, the processing process of the authentication upgrading module of the unified pass system may include the following steps: firstly, obtaining login information from a subsystem, wherein the login information comprises first account information of a user and first authentication information corresponding to the first account information in an authentication mode of the subsystem, authenticating the first account information based on the first authentication information, generating second authentication information for authenticating the second account information after the authentication is passed, and constructing a uniform authentication mode of the user based on the second authentication information, thereby finishing the upgrading of the authentication mode and enabling the user to adopt the uniform authentication mode in the subsequent login.
When the account number of a new user of the subsystem is registered, whether the user exists in the subsystem needs to be judged, if the user does not exist in the subsystem, registration information is requested to the unified pass system through a specific interface, the pass system judges whether the user exists in other subsystems, if the user does not exist in other subsystems, the registration information of the user is brand new and does not need to be combined, and if the user exists in other subsystems, the user needs to be combined, so that the account number information of the user in the unified pass system is unique.
In the upgrading process of the authentication mode, the processing process of the authentication upgrading module of the unified pass system may include the following steps: acquiring registration information from a subsystem, wherein the registration information comprises first account information and second authentication information of a user; then judging whether the user exists or not, if not, constructing a unified authentication mode of the user based on the second authentication information; if the user login information exists, the registration information is merged to the existing user, and a unified authentication mode of the user is constructed by using the second authentication information of the existing user, so that the user login thereafter adopts the unified authentication mode.
When the account of the new user of the subsystem logs in, because the unified authentication mode related to the new user of the subsystem is already established after the account of the new user of the subsystem is completed, the new user can directly adopt the new unified authentication mode to carry out authentication and authentication on the new user in the subsequent login process.
In addition, when the account information of the user is modified in the subsystem, the modified information can be synchronized to each subsystem after being submitted to the unified pass system, and the data integrity is guaranteed.
In summary, in some embodiments of the present application, a first account information in at least one subsystem can be obtained to obtain data in the subsystem, and then a second account information related to the unified passport system is determined according to the first account information to establish a unified file in the unified passport system for a user, then switching authentication service of the subsystem to make the authentication of the user logging in the subsystem completed by the unified authentication mode of the unified pass system to generate second authentication information for authenticating the second account information, and a unified authentication mode of the user is established based on the second authentication information, so that the account between subsystems is communicated, and the original data of the subsystem can be used for silent upgrade into a uniform authentication mode under the condition that the user does not sense, and the uniform pass system is used for uniformly authenticating account information in the subsequent use process.
In addition, some of the present application may be implemented as a computer program product, such as computer program instructions, which when executed by a computer, may invoke or provide methods and/or techniques in accordance with the present application through the operation of the computer. Program instructions which invoke the methods of the present application may be stored on a fixed or removable recording medium and/or transmitted via a data stream on a broadcast or other signal-bearing medium and/or stored within a working memory of a computer device operating in accordance with the program instructions. One embodiment according to the present application includes a computing device as shown in fig. 4, which includes one or more memories 410 storing machine-readable instructions and a processor 420 for executing the machine-readable instructions, wherein the machine-readable instructions, when executed by the processor, trigger the device to perform the methods and/or aspects according to the embodiments of the present application.
It should be noted that the present application may be implemented in software and/or a combination of software and hardware, for example, implemented using Application Specific Integrated Circuits (ASICs), general purpose computers or any other similar hardware devices. In one embodiment, the software programs of the present application may be executed by a processor to implement the above steps or functions. Likewise, the software programs (including associated data structures) of the present application may be stored in a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. Additionally, some of the steps or functions of the present application may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions.
It will be evident to those skilled in the art that the present application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned. Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the apparatus claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.

Claims (15)

1. A heterogeneous passport management method, wherein the method comprises:
acquiring first account information in at least one subsystem;
determining second account information related to the unified passport system according to the first account information;
switching authentication service of the subsystem so that authentication when a user logs in the subsystem is completed in a uniform authentication mode of the uniform pass system;
and generating second authentication information for authenticating the second account information, and constructing a unified authentication mode of the user based on the second authentication information.
2. The method of claim 1, wherein obtaining first account information in at least one subsystem comprises:
the method comprises the steps of obtaining stock data and incremental data in at least one subsystem, wherein the stock data comprise first account information existing in the subsystem before a preset time cut point, and the incremental data comprise first account information updated in the subsystem after the preset time cut point.
3. The method of claim 2, wherein obtaining inventory data and delta data in at least one subsystem comprises:
the method comprises the steps of obtaining an inventory data file related to at least one subsystem, wherein the inventory data file comprises inventory data derived by the subsystem in a preset format, and obtaining incremental data from the at least one subsystem in a data flow mode through a data interface in real time.
4. The method of claim 1, wherein determining second account information for a unified passport system based on the first account information comprises:
identifying identity information corresponding to the first account information;
and generating a unique second account information about the unified pass system for each user with the same identity information.
5. The method of claim 4, wherein identifying identity information corresponding to the first account information comprises:
and acquiring a unique identifier related to the first account information, and determining the identity information corresponding to the first account information according to the unique identifier, wherein the identity information corresponding to a plurality of first account information with the same unique identifier is the same.
6. The method of claim 1, wherein generating second authentication information for authenticating second account information and constructing a unified authentication mode for the user based on the second authentication information comprises:
acquiring login information from a subsystem, wherein the login information comprises first account information of a user and first authentication information corresponding to the first account information in an authentication mode of the subsystem;
authenticating the first account information based on the first authentication information;
and after passing the authentication, generating second authentication information for authenticating the second account information, and constructing a unified authentication mode of the user based on the second authentication information.
7. The method of claim 1, wherein generating second authentication information for authenticating second account information and constructing a unified authentication mode for the user based on the second authentication information comprises:
acquiring registration information from a subsystem, wherein the registration information comprises first account information and second authentication information of a user;
judging whether the user exists or not, if not, constructing a unified authentication mode of the user based on the second authentication information; if the user authentication information exists, the registration information is merged to the existing user, and a unified authentication mode of the user is constructed by using the second authentication information of the existing user.
8. A unified passport system for enabling heterogeneous passport management, wherein the system comprises:
the data transmission and filing module is used for acquiring first account information in at least one subsystem and determining second account information related to the unified passport system according to the first account information;
the service switching module is used for switching the authentication service of the subsystem so that the authentication when the user logs in the subsystem is completed by the uniform authentication mode of the uniform pass system;
and the authentication upgrading module is used for generating second authentication information for authenticating the second account information and establishing a unified authentication mode of the user based on the second authentication information.
9. The system of claim 8, wherein the data transmission and profiling module is configured to obtain stock data and incremental data in at least one subsystem, wherein the stock data includes first account information existing in the subsystem before a preset time cut point, and the incremental data includes first account information updated in the subsystem after the preset time cut point.
10. The system of claim 9, wherein the data transfer and profiling module is configured to obtain an inventory data file for at least one subsystem, wherein the inventory data file includes inventory data derived by the subsystem in a predetermined format, and obtain incremental data from the at least one subsystem in real-time in a data stream via a data interface.
11. The system of claim 8, wherein the data transmission and profiling module is configured to identify identity information corresponding to the first account information and generate a unique second account information for the unified passport system for each user with the same identity information.
12. The system of claim 11, wherein the data transmission and profiling module is configured to obtain a unique identifier associated with the first account information, and determine the identity information corresponding to the first account information according to the unique identifier, wherein the identity information corresponding to a plurality of first account information with the same unique identifier is the same.
13. The system of claim 8, wherein the authentication upgrading module is configured to obtain login information from a subsystem, where the login information includes first account information of a user and first authentication information corresponding to the first account information in an authentication manner of the subsystem; authenticating the first account information based on the first authentication information; and after passing the authentication, generating second authentication information for authenticating the second account information, and constructing a unified authentication mode of the user based on the second authentication information.
14. The system of claim 8, wherein the authentication upgrading module is configured to obtain registration information from a subsystem, wherein the registration information includes first account information of a user and second authentication information; judging whether the user exists or not, if not, constructing a unified authentication mode of the user based on the second authentication information; if the user authentication information exists, the registration information is merged to the existing user, and a unified authentication mode of the user is constructed by using the second authentication information of the existing user.
15. A computing device implementing heterogeneous passport management, wherein the computing device comprises a memory for storing computer program instructions and a processor for executing the computer program instructions, wherein the computer program instructions, when executed by the processor, trigger the device to perform the method of any one of claims 1 to 7.
CN201811129506.7A 2018-09-27 2018-09-27 Heterogeneous pass management method and device and unified pass system Active CN109347811B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811129506.7A CN109347811B (en) 2018-09-27 2018-09-27 Heterogeneous pass management method and device and unified pass system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811129506.7A CN109347811B (en) 2018-09-27 2018-09-27 Heterogeneous pass management method and device and unified pass system

Publications (2)

Publication Number Publication Date
CN109347811A CN109347811A (en) 2019-02-15
CN109347811B true CN109347811B (en) 2021-08-10

Family

ID=65306815

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811129506.7A Active CN109347811B (en) 2018-09-27 2018-09-27 Heterogeneous pass management method and device and unified pass system

Country Status (1)

Country Link
CN (1) CN109347811B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102209046A (en) * 2010-08-24 2011-10-05 济南聚易信息技术有限公司 Network resource integration system and method
WO2013104143A1 (en) * 2012-01-13 2013-07-18 中兴通讯股份有限公司 Authentication method and system oriented to heterogeneous network
CN103414732A (en) * 2013-09-02 2013-11-27 用友软件股份有限公司 Application integration device and application integration processing method
CN103839138A (en) * 2014-03-08 2014-06-04 成都文昊科技有限公司 System for supporting interaction of multiple heterogeneous systems
CN103888409A (en) * 2012-12-19 2014-06-25 中国电信股份有限公司 Distributed unified authentication method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102209046A (en) * 2010-08-24 2011-10-05 济南聚易信息技术有限公司 Network resource integration system and method
WO2013104143A1 (en) * 2012-01-13 2013-07-18 中兴通讯股份有限公司 Authentication method and system oriented to heterogeneous network
CN103888409A (en) * 2012-12-19 2014-06-25 中国电信股份有限公司 Distributed unified authentication method and system
CN103414732A (en) * 2013-09-02 2013-11-27 用友软件股份有限公司 Application integration device and application integration processing method
CN103839138A (en) * 2014-03-08 2014-06-04 成都文昊科技有限公司 System for supporting interaction of multiple heterogeneous systems

Also Published As

Publication number Publication date
CN109347811A (en) 2019-02-15

Similar Documents

Publication Publication Date Title
US9128862B2 (en) Efficient checksums for shared nothing clustered filesystems
US9426219B1 (en) Efficient multi-part upload for a data warehouse
US20170351991A1 (en) Detecting potential root causes of data quality issues using data lineage graphs
CN107133231B (en) Data acquisition method and device
US9910881B1 (en) Maintaining versions of control plane data for a network-based service control plane
CN106686104B (en) Method and equipment for operation and maintenance of target server
US10305936B2 (en) Security inspection of massive virtual hosts for immutable infrastructure and infrastructure as code
CN106375360B (en) Graph data updating method, device and system
CN112272240B (en) Data cloud method and device
US20220019553A1 (en) Synchronizing storage policies of objects migrated to cloud storage
US10182104B1 (en) Automatic propagation of resource attributes in a provider network according to propagation criteria
CN112487402A (en) Multi-tenant login method, equipment and medium based on ERP system
US10951540B1 (en) Capture and execution of provider network tasks
CN110968560B (en) Configuration method, device and system of log collector
US20190243807A1 (en) Replication of data in a distributed file system using an arbiter
US11093477B1 (en) Multiple source database system consolidation
CN112328363B (en) Cloud hard disk mounting method and device
EP3349416B1 (en) Relationship chain processing method and system, and storage medium
US10078570B2 (en) Determining dynamic statistics based on key value patterns
CN109347811B (en) Heterogeneous pass management method and device and unified pass system
CN107294766B (en) Centralized control method and system
CN112199329B (en) Double-machine operation and maintenance data archiving and cleaning method and device based on fort machine
US11200138B1 (en) Policy-based request tracing using a computer
US11283787B2 (en) Computer resource provisioning
CN110574018A (en) Managing asynchronous analytics operations based on communication exchanges

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant