CN109472151A - A kind of method and server of data access - Google Patents

A kind of method and server of data access Download PDF

Info

Publication number
CN109472151A
CN109472151A CN201811289218.8A CN201811289218A CN109472151A CN 109472151 A CN109472151 A CN 109472151A CN 201811289218 A CN201811289218 A CN 201811289218A CN 109472151 A CN109472151 A CN 109472151A
Authority
CN
China
Prior art keywords
server
books
authorization code
token
data access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811289218.8A
Other languages
Chinese (zh)
Inventor
杨政
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kingdee Software China Co Ltd
Original Assignee
Kingdee Software China Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kingdee Software China Co Ltd filed Critical Kingdee Software China Co Ltd
Priority to CN201811289218.8A priority Critical patent/CN109472151A/en
Publication of CN109472151A publication Critical patent/CN109472151A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/12Accounting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Abstract

The embodiment of the present application discloses method, server, computer storage medium and the computer program product of a kind of data access, for in access set of books data procedures, the id information of access authority information and set of books is carried using token, characteristic based on token technology, to improve the safety in user's access set of books data procedures.The embodiment of the present application method includes: that server receives the data access request that electronic equipment is sent, and the data access request includes the first token;The server determines corresponding first set of books and the first authorization code according to first token;The server carries out data access operation according to first set of books and the first authorization code.

Description

A kind of method and server of data access
Technical field
This application involves data processing field more particularly to a kind of method of data access, server, computer storage Jie Matter and computer program product.
Background technique
Set of books is one group of independent, complete and data acquisition system that is mutually related, and refers to the institute of storage business accounting object There is the general name of accounting event data file.Specifically, set of books can be the cost of a certain period enterprise, expense, income, expenditure with And the data of economic activity occur in routine work and summarize.Each enterprise can have multiple sets of books according to different requirements, Multiple sets of books can be all stored in a server, can also be saved respectively in different servers.
When being saved respectively due to set of books, the server that enterprise needs is more, higher cost is caused, so having at present in enterprise It when multiple sets of books, mostly uses and multiple sets of books is deployed on a server, when data of the user to set of books access behaviour When making, by indicating that the unique parameters of set of books, such as the identity (identification, ID) of set of books come to multiple sets of books It distinguishes.In addition, there is multi-group data under each set of books, the data of difference group use different application programming interfaces (application progr amming interface, API) access.User (enterprise or individual) sets by electronics Standby reconciliation sets of data accesses when operating, and needs to send access authority file to the server for saving set of books data, that is, indicates Addressable data, and the unique parameter information of set of books for needing to access, so that server can be according to access authority to the account Pack into the access operation of row data.
Currently, user requires the unique parameters for sending the set of books in each access, if in transmission process, it should Unique parameters leakage, then be likely to result in user's information leakage, cause information security accident.
Summary of the invention
The embodiment of the present application discloses method, server, computer storage medium and the computer journey of a kind of data access Sequence product, for carrying the id information of access authority information and set of books using token in access set of books data procedures, based on order The characteristic of board technology, to improve the safety in user's access set of books data procedures.
In a first aspect, a kind of method for present embodiments providing data access, may include:
Server receives the data access request that electronic equipment is sent, which may include the first token;
The server determines corresponding first set of books and the first authorization code according to first token;
The server carries out data access operation according to first set of books and the first authorization code.
Optionally, in some embodiments of the present application, which receives the data access request that electronic equipment is sent Before, this method can also include:
The server determines the identity of first set of books;
The identity of first set of books and the first mapping relations of at least one authorization code is arranged in the server.
Optionally, in some embodiments of the present application,
At least one authorization code may include the first authorization code, and this method can also include:
Second mapping relations of first authorization code Yu at least one access authority are arranged in the server.
Optionally, in some embodiments of the present application, this method can also include:
Identity and first authorization code of the server according to first set of books, generate the first token;
The server sends first token to the electronic equipment, which carries out data visit for the electronic equipment It asks.
Optionally, in some embodiments of the present application,
The server carries out data access operation according to first set of books and the first authorization code, may include:
The server is determined according to first set of books, the first authorization code, first mapping relations and second mapping relations The corresponding access authority of first authorization code;
The server carries out data access operation according to the corresponding access authority of the first authorization code.
Second aspect, the embodiment of the present application provide a kind of server, may include:
Receiving unit, for receiving the data access request of electronic equipment transmission, which may include the One token;
Determination unit, for determining corresponding first set of books and the first authorization code according to first token;
Execution unit, for carrying out data access operation according to first set of books and the first authorization code.
Optionally, in some embodiments of the present application,
The determination unit is also used to determine the identity of first set of books;
The server can also include:
Setting unit, for the identity of first set of books and the first mapping relations of at least one authorization code to be arranged.
Optionally, in some embodiments of the present application,
At least one authorization code may include the first authorization code;
The setting unit is also used to be arranged second mapping relations of first authorization code Yu at least one access authority.
Optionally, in some embodiments of the present application, which can also include:
Generation unit, for generating the first token according to the identity of first set of books and first authorization code;
Transmission unit, for sending first token to the electronic equipment, which carries out for the electronic equipment Data access.
Optionally, in some embodiments of the present application,
The execution unit, specifically for according to first set of books, the first authorization code, first mapping relations and this second reflect Relationship is penetrated, determines the corresponding access authority of the first authorization code;According to the corresponding access authority of the first authorization code, data are carried out Access operation.
The third aspect, the embodiment of the present application provide a kind of server, and the server includes: processor, memory and defeated Enter/output equipment.The input-output apparatus is for sending and receiving instruction;The memory is for storing instruction;The place Reason device is used to execute described instruction in the memory, so that the server executes such as aforementioned first aspect and any optional Method described in implementation.
Fourth aspect, the embodiment of the present application provide a kind of computer program product, when run on a computer, so that Computer executes the method as described in aforementioned first aspect and any optional implementation.
5th aspect, the embodiment of the present application provides a kind of computer storage medium, including instruction, when it is transported on computers When row, so that computer executes the method as described in aforementioned first aspect and any optional implementation.
The computer storage medium include: USB flash disk, mobile hard disk, read-only memory (read-only memory, ROM), with Machine accesses various Jie that can store program code such as memory (random access memory, RAM), magnetic or disk Matter.
6th aspect, this application provides a kind of chip system, which includes processor, for supporting that terminal is real Function involved in existing above-mentioned aspect, for example, for example sending or handling data and/or information involved in the above method.
In a kind of possible design, the chip system further includes memory, and the memory must for saving terminal The program instruction and data wanted.The chip system, can be made of chip, also may include chip and other discrete devices.
As can be seen from the above technical solutions, the embodiment of the present application has the advantage that
When user is covered using electronic equipment reconciliation carries out access number according to operation, server receives what electronic equipment was sent Data access request, the data access request include the first token (token), and server determines corresponding according to first token First set of books and the first authorization code, and according to first set of books and the access operation of the first authorization code progress data.Exist Reconciliation sets of data accesses when operating, using the operable set of books information of token instruction user and access authority information. Since token is as a kind of technology for ensureing user security login system, the operable set of books information of user is indicated using token And access authority information, avoid when reconciliation sets of data accesses and operates, the operable set of books information of user and The plaintext of access authority information is shown, to improve the information security of the user when reconciliation sets of data accesses and operates.
Detailed description of the invention
Fig. 1 is one embodiment schematic diagram of the method for data access in the embodiment of the present application;
Fig. 2 is one embodiment schematic diagram of server in the embodiment of the present application;
Fig. 3 is another embodiment schematic diagram of server in the embodiment of the present application;
Fig. 4 is another embodiment schematic diagram of server in the embodiment of the present application;
Fig. 5 is another embodiment schematic diagram of server in the embodiment of the present application.
Specific embodiment
Set of books is one group of independent, complete and data acquisition system that is mutually related, and refers to the institute of storage business accounting object There is the general name of accounting event data file, for example, these data may include cost, expense, income, the branch of a certain period enterprise Summarizing for the data of economic activity occurs out and in routine work.Each enterprise can have multiple according to different requirements, Set of books, multiple sets of books can be all stored in a server, can also be saved respectively in different servers.
Api interface, i.e. application programming interface are some functions predetermined, it is therefore an objective to provide application program with Developer is able to the ability of one group of routine of access based on certain software or hardware, and without accessing source code, or the internal work of understanding Make the details of mechanism.In a computer, api interface can be distinguished by title.
Set of books data in the server are saved, user can be made using electronic equipment, pass through different api interfaces It accesses to the data in set of books.The operator of server can set on the server, each api interface can be with Access the data of one or more classifications.Wherein, access operation includes reading, be written or modifying data.Api interface and may have access to Data category as the following table 1 citing shown in:
Interface name Access data category
A interface Fixed assets data
B interface Net profit data
C interface Debt ratio data
…… ……
Table 1
When user needs to access the set of books data on a server, if preserving multiple set of books numbers on the server According to the ID and access authority of the set of books for then needing to indicate that needs are accessed in access, access authority instigate user that can visit The data category asked.
Currently, having used token technology in the scene for much needing verifying authorization, such as have existed when user's benefit When being accessed with electronic equipment reconciliation sets of data, the technology for the Authority Verification that accessed by the way of token.Wherein, it utilizes To token technology be a kind of for verifying user identity, provide special login virtual encoder for user, ensure that user pacifies The technology of full login system is the code key of computer identity certification.Its working principle is that: according to its distinctive value and time point, A unforeseen coding is generated when in use.And the token of server and the user share a root, one small Token coded is generated in period.The coding generated by server and the coding of user's input compare, if matching, is used The identity at family is confirmed, and current user operation is allowed otherwise not allow current user operation then.In electronic equipment and service When data are transmitted between device, transmission is encoded to a unpredictable coding, causes in addition to the electronic equipment and the server Except other equipment be difficult to get the information of user by the coding, ensured the information security of user.
The embodiment of the present application discloses method, server, computer storage medium and the computer journey of a kind of data access Sequence product, for carrying the id information of access authority information and set of books using token in access set of books data procedures, based on order The characteristic of board technology, to improve the safety in user's access set of books data procedures.
It is below one embodiment schematic diagram of the method for data access in the embodiment of the present application referring in particular to Fig. 1, Fig. 1, May include:
101, server determines the identity of the first set of books.
In the present embodiment, the ID of set of books refers to for uniquely indicating the parameter of a set of books, specifically can be a string Perhaps other forms are for example digital or all-character combining form for number and monogram.When needing to increase set of books data When user, server can respond the operation of current operator, and the ID for determining the first set of books is inquired from server local, or Person, server receive the access request that user is sent by electronic equipment, and server determines user's according to access request Identity determines the ID of corresponding first set of books in systems.
102, the identity of the first set of books and the first mapping relations of at least one authorization code is arranged in server.
In the present embodiment, after server determines the ID of the first set of books, server generates at least one authorization code, and authorization code can To be string number combination, at least one authorization code is according to the ID of the first set of books generation.The first set of books of server is corresponding to be awarded After weighted code, it is arranged and saves the identity of the first set of books and the first mapping relations of at least one authorization code, first mapping Relationship is authorization code scheme table.Specifically, shown in authorization code scheme table can illustrate such as the following table 2:
The ID of set of books Authorization code
5b48n90c980h 220111,550189,530362
78gh34jk12bh 344545,263797,567283,784603
563g356k89BJ 316748,454567
Table 2
103, the second mapping relations of server setting the first authorization code and at least one access authority.
In the present embodiment, as shown in Table 1, such as the ID of the first set of books is 5b48n90c980h, and server is according to the ID It determines corresponding authorization code, and the second mapping relations of the first authorization code and at least one access authority is set, first authorization Code is corresponding with the ID of first set of books, which is that authorization code permission corresponds to table.Specifically, authorization code permission pair Answer table can be as shown in the following table 3 citing:
Title Authorization code Access authority Access data permission
First authorization code 220111 Interface A, interface B Fixed assets, net profit
Second authorization code 550189 Interface B Expenditure
Third authorization code 530362 Interface A, interface B, interface C Fixed assets, net profit, debt ratio
Table 3
As shown in table 3, each access authority refers to the api interface that can be called, and corresponding each api interface is can to visit Ask data permission.
It generates after the authorization code permission corresponds to table, which can be corresponded to table and be stored in the first set of books by server Database in, for being called when data access later.
104, when user needs to carry out data access, user sends the first authorization to server by electronic equipment Code.
In the present embodiment, server set the first authorization code and at least one access authority the second mapping relations it Afterwards, which can be sent to the electronic equipment of user, to indicate that the user accesses the access right of set of books data Limit.When user needs to access set of books data, the first authorization code is sent to server by electronic equipment first.
The electronic equipment can be mobile phone, tablet computer, personal digital assistant (personal digital Assistant, PDA), any terminal such as vehicle-mounted computer, may include the entities such as terminal device or chip.
105, identity and first authorization code of the server according to the first set of books generates the first token.
In the present embodiment, after server receives the first authorization code, solved according to the first authorization code received corresponding The ID of first set of books, then by symmetric encipherment algorithm (data encryption Standard, DES) according to the ID of the first set of books With the first authorization code, the first token is generated.Wherein, the D ES Encryption Algorithm for needing to illustrate is a kind of relatively common encryption side When carrying out the transmission and processing of information, cryptographic calculation, decryption operation are used by formula, the sender of information and the recipient of information Be same key, thus must to hold the key jointly (referred to as symmetrical close by the sender of information and the recipient of information Code).Des encryption algorithm is Encryption Algorithm common at present, and specific details are not described herein again.
Optionally, in some possible implementations, authorization can also be added to during generating the first token Temporal information, the validity that authorization temporal information is used to indicate first token has time restriction, i.e., within the authorization time It comes into force, outside the authorization time, then fails.For example, can set the authorization time to 10 minutes, i.e., the user is when away from current Between in 10 minutes, user can be used first token access the first set of books database, if more than 10 minutes, first order Board failure, needs user to retransmit authorization code, generates the token of update.
106, server sends the first token to electronic equipment.
In the present embodiment, after server generates the first token, first token is sent to electronic equipment, which can With the identification and access authority being used to indicate when the electronic equipment carries out data access.
It should be noted that step 101 to step 106 is optional step.
107, server receives the data access request that electronic equipment is sent, and data access request includes the first token.
In the present embodiment, after carrying out data access, server receives the data access request that electronic equipment is sent, the number It include the first token according to access request.
Optionally, it in some possible implementations, if not carrying the first token in data access request, services Device stops current data and accesses process, and sends access failed message to electronic equipment.
108, server determines corresponding first set of books and the first authorization code according to the first token.
In the present embodiment, after server receives data access request, the first token of carrying is extracted, and calculate using DES Operation is decrypted to the token in method, and parsing obtains the ID of corresponding first authorization code and the first set of books.
Optionally, in some possible implementations, if carrying authorization temporal information in the first token, to After the parsing of one token, whether server analyzes the authorization temporal information that parsing obtains first expired, if authorizing the time-out phase, Server sends failed message to electronic equipment, and instruction electronic equipment retransmits the first authorization code, verifies identity.For example, if The authorization time is 14:00-14:10, if current time is 14:05, the first token is effective, should if current time is 14:14 The failure of first token, server send access failed message to electronic equipment.
109, server determines first according to the first set of books, the first authorization code, the first mapping relations and the second mapping relations The corresponding access authority of authorization code.
In the present embodiment, after server determines the first set of books and the first authorization code, server is according to first set of books ID search corresponding authorization code permission from first set of books and correspond to table, and it is corresponding from authorization code permission according to the first authorization code Inquiry obtains the corresponding access authority of the first authorization code in table, that is, allows to carry out the api interface of data access.
110, server carries out data access operation according to the corresponding access authority of the first authorization code.
In the present embodiment, after server determines the first set of books and access authority, to the access authority pair in first set of books The data type answered accesses operation, the access operation include read, write-in or modification operation.Later, server can be to Electronic equipment sends operation response, the result of designation date access.
As can be seen from the above technical solutions, the embodiment of the present application has the advantage that
When user is covered using electronic equipment reconciliation carries out access number according to operation, server receives what electronic equipment was sent Data access request, the data access request include the first token, and server determines corresponding first account according to first token Set and the first authorization code, and according to first set of books and the access operation of the first authorization code progress data.I.e. to set of books Data access when operating, using the operable set of books information of token instruction user and access authority information.Due to enabling Board is as a kind of technology for ensureing user security login system, using the operable set of books information of token instruction user and visit It asks authority information, avoids when reconciliation sets of data accesses and operates, the operable set of books information of user and access right The plaintext of limit information is shown, to improve the information security of the user when reconciliation sets of data accesses and operates.
In addition, it should be noted that, the prior art that compares, the technical program by way of token, using token plus Close form carries the access authority information of user and the id information of the first set of books, does not need in access set of books data every time When, the id information of set of books is also carried, is disappeared to reduce in data transmission procedure to server and electronic equipment operation resource Consumption.
It is below one embodiment schematic diagram of server in the embodiment of the present application referring in particular to Fig. 2, Fig. 2, may include:
Receiving unit 201, for receiving the data access request of electronic equipment transmission, which may include First token;
Determination unit 202, for determining corresponding first set of books and the first authorization code according to first token;
Execution unit 203, for carrying out data access operation according to first set of books and the first authorization code.
It optionally, is server in the embodiment of the present application referring in particular to Fig. 3, Fig. 3 in some embodiments of the present application Another embodiment schematic diagram, the server can also include:
Determination unit 202 is also used to determine the identity of first set of books;
Setting unit 204, for the identity of first set of books and the first mapping pass of at least one authorization code to be arranged System.
Optionally, in some embodiments of the present application,
At least one authorization code may include the first authorization code;
Setting unit 204 is also used to be arranged second mapping relations of first authorization code Yu at least one access authority.
It optionally, is server in the embodiment of the present application referring in particular to Fig. 4, Fig. 4 in some embodiments of the present application Another embodiment schematic diagram, the server can also include:
Generation unit 205, for generating the first token according to the identity of first set of books and first authorization code;
Transmission unit 206, for sending first token to the electronic equipment, first token for the electronic equipment into Row data access.
Optionally, in some embodiments of the present application,
Execution unit 203, be specifically used for according to first set of books, the first authorization code, first mapping relations and this second Mapping relations determine the corresponding access authority of the first authorization code;According to the corresponding access authority of the first authorization code, counted According to access operation.
A kind of server is also provided in the embodiment of the present application, as shown in figure 5, Fig. 5 is server in the embodiment of the present application Another embodiment schematic diagram may include:
Processor 501, memory 502 and input-output apparatus 503;
Input-output apparatus 503, for sending and receiving instruction;
Memory 502, for storing instruction;
Processor 501, for executing the described instruction in memory 502, so that the server executes following function:
The data access request that electronic equipment is sent is received, the data access request includes the first token;
Corresponding first set of books and the first authorization code are determined according to first token;
Data access operation is carried out according to first set of books and the first authorization code.
Optionally, in some embodiments of the present application,
Processor 501 is also used to determine the identity of first set of books;The identity of first set of books is set With the first mapping relations of at least one authorization code.
Optionally, in some embodiments of the present application,
At least one described authorization code includes the first authorization code,
Processor 501 is also used to be arranged the second mapping relations of first authorization code Yu at least one access authority.
Optionally, in some embodiments of the present application,
Processor 501 is also used to identity and first authorization code according to first set of books, generates first and enables Board;First token is sent to the electronic equipment, first token carries out data access for the electronic equipment.
Optionally, in some embodiments of the present application,
Processor 501 is specifically used for according to first set of books, the first authorization code, first mapping relations and described Second mapping relations determine the corresponding access authority of first authorization code;According to the corresponding access right of first authorization code Limit carries out data access operation.
The embodiment of the present application also provides a kind of computer program products, when run on a computer, so that calculating Machine executes method described in embodiment as illustrated in the foregoing fig. 1 and any optional implementation.
The embodiment of the present application also provides a kind of computer storage mediums, including instruction, when run on a computer, So that computer executes method described in embodiment as illustrated in the foregoing fig. 1 and any optional implementation.
A kind of chip system is also provided in the embodiment of the present application, which includes processor, for supporting that terminal is real Function involved in existing aforementioned embodiment illustrated in fig. 1 and any optional implementation.For example, for example sending or handling above-mentioned side Data and/or information involved in method.
In a kind of possible design, the chip system further includes memory, and the memory must for saving terminal The program instruction and data wanted.The chip system, can be made of chip, also may include chip and other discrete devices.
The computer storage medium include: USB flash disk, mobile hard disk, read-only memory, random access memory, magnetic disk or The various media that can store program code such as CD.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed system, device and method can be with It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, for example, the unit It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit It closes or communicates to connect, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.
It, can also be in addition, each functional unit in each embodiment of the application can integrate in one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product When, it can store in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially The all or part of the part that contributes to existing technology or the technical solution can body in the form of software products in other words Reveal and, which is stored in a storage medium, including some instructions are with so that a computer is set Standby (can be personal computer, server or the network equipment etc.) executes the whole of each embodiment the method for the application Or part steps.And storage medium above-mentioned include: USB flash disk, mobile hard disk, read-only memory, random access memory, magnetic disk or The various media that can store program code such as person's CD.
The above, above embodiments are only to illustrate the technical solution of the application, rather than its limitations;Although referring to before Embodiment is stated the application is described in detail, those skilled in the art should understand that: it still can be to preceding Technical solution documented by each embodiment is stated to modify or equivalent replacement of some of the technical features;And these It modifies or replaces, the spirit and scope of each embodiment technical solution of the application that it does not separate the essence of the corresponding technical solution.

Claims (10)

1. a kind of method of data access characterized by comprising
Server receives the data access request that electronic equipment is sent, and the data access request includes the first token;
The server determines corresponding first set of books and the first authorization code according to first token;
The server carries out data access operation according to first set of books and the first authorization code.
2. the method according to claim 1, wherein the server receives the data access that electronic equipment is sent Before request, the method also includes:
The server determines the identity of first set of books;
The identity of first set of books and the first mapping relations of at least one authorization code is arranged in the server.
3. according to the method described in claim 2, it is characterized in that, at least one described authorization code includes the first authorization code, institute State method further include:
The second mapping relations of first authorization code Yu at least one access authority are arranged in the server.
4. according to the method described in claim 3, it is characterized in that, the method also includes:
Identity and first authorization code of the server according to first set of books generate the first token;
The server sends first token to the electronic equipment, and first token is carried out for the electronic equipment Data access.
5. according to the method described in claim 3, it is characterized in that, the server is awarded according to first set of books and first Weighted code carries out data access operation, comprising:
The server according to first set of books, the first authorization code, first mapping relations and second mapping relations, Determine the corresponding access authority of first authorization code;
The server carries out data access operation according to the corresponding access authority of first authorization code.
6. a kind of server characterized by comprising
Receiving unit, for receiving the data access request of electronic equipment transmission, the data access request includes the first token;
Determination unit, for determining corresponding first set of books and the first authorization code according to first token;
Execution unit, for carrying out data access operation according to first set of books and the first authorization code.
7. server according to claim 6, which is characterized in that
The determination unit is also used to determine the identity of first set of books;
The server further include:
Setting unit, for the identity of first set of books and the first mapping relations of at least one authorization code to be arranged.
8. a kind of server characterized by comprising
Processor, memory and input-output apparatus;
The memory, the input-output apparatus and the processor are connected by bus;
The input-output apparatus with the device except the server for being communicated;
The memory is for storing instruction;
The processor is executed as described in any one of claims 1 to 5 for calling described instruction from the memory Method.
9. a kind of computer storage medium, including instruction, when run on a computer, so that computer is executed as right is wanted Method described in asking any one of 1 to 5.
10. a kind of computer program product, including instruction, when run on a computer, so that computer executes such as right It is required that method described in any one of 1 to 5.
CN201811289218.8A 2018-10-31 2018-10-31 A kind of method and server of data access Pending CN109472151A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811289218.8A CN109472151A (en) 2018-10-31 2018-10-31 A kind of method and server of data access

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811289218.8A CN109472151A (en) 2018-10-31 2018-10-31 A kind of method and server of data access

Publications (1)

Publication Number Publication Date
CN109472151A true CN109472151A (en) 2019-03-15

Family

ID=65666258

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811289218.8A Pending CN109472151A (en) 2018-10-31 2018-10-31 A kind of method and server of data access

Country Status (1)

Country Link
CN (1) CN109472151A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023065969A1 (en) * 2021-10-20 2023-04-27 华为技术有限公司 Access control method, apparatus, and system
CN110033361B (en) * 2019-03-26 2023-08-08 创新先进技术有限公司 Method and device for transferring out resources based on virtual account cover
CN117331964A (en) * 2023-12-01 2024-01-02 成都明途科技有限公司 Data query method, device, equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103428235A (en) * 2012-05-15 2013-12-04 上海博路信息技术有限公司 Data exchange system
CN103460215A (en) * 2011-03-08 2013-12-18 电话有限公司 A method for providing authorized access to a service application in order to use a protected resource of an end user
CN107483485A (en) * 2017-09-13 2017-12-15 深圳市屯奇尔科技有限公司 Generation method, authorization method, relevant apparatus and the terminal device of authorization code

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103460215A (en) * 2011-03-08 2013-12-18 电话有限公司 A method for providing authorized access to a service application in order to use a protected resource of an end user
CN103428235A (en) * 2012-05-15 2013-12-04 上海博路信息技术有限公司 Data exchange system
CN107483485A (en) * 2017-09-13 2017-12-15 深圳市屯奇尔科技有限公司 Generation method, authorization method, relevant apparatus and the terminal device of authorization code

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110033361B (en) * 2019-03-26 2023-08-08 创新先进技术有限公司 Method and device for transferring out resources based on virtual account cover
WO2023065969A1 (en) * 2021-10-20 2023-04-27 华为技术有限公司 Access control method, apparatus, and system
CN117331964A (en) * 2023-12-01 2024-01-02 成都明途科技有限公司 Data query method, device, equipment and storage medium
CN117331964B (en) * 2023-12-01 2024-02-27 成都明途科技有限公司 Data query method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
US20210084052A1 (en) Identity verification and login methods, apparatuses, and computer devices
US20220027348A1 (en) Cross-shard private atomic commit
CN112131316B (en) Data processing method and device applied to block chain system
CN108734028B (en) Data management method based on block chain, block chain link point and storage medium
WO2019032089A1 (en) Blockchain architecture with record security
CN109992285B (en) Independent updating method and device for block chain code block and electronic equipment
CN101960464A (en) Information processing device
CN109379336A (en) A kind of uniform authentication method, distributed system and computer readable storage medium
CN109472151A (en) A kind of method and server of data access
CN111492355B (en) Method and control system for controlling and/or monitoring a device
CN107944291A (en) Information acquisition method, system and computer-readable recording medium
CN111566647A (en) Identity recognition system based on block chain
US20200042679A1 (en) Policy based adaptive identity proofing
CN112600830B (en) Service data processing method and device, electronic equipment and storage medium
CN113221165A (en) User element authentication method and device based on block chain
CN103559430B (en) application account management method and device based on Android system
CN116645061A (en) Customs clearance data processing method based on block chain system and consensus node
CN110662210A (en) Block chain-based secondary or repeated mobile phone number identification method, system and equipment
CN116263834A (en) Multi-issuer anonymous credentials for licensed blockchains
CN115632774A (en) Threshold signature-based distributed type language prediction machine implementation method and system
CN113541965B (en) Communication authorization method, device, equipment and storage medium based on blockchain
CN115131029A (en) Block chain-based digital file signing method and device
WO2018093618A1 (en) Dynamic linking of messaging groups and organisational information
KR20210109767A (en) A method for providing asset backup services based on blockchain monitoring
CN116757857B (en) Block chain-based business insurance data management method, system, terminal and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190315

RJ01 Rejection of invention patent application after publication