CN109818935A - User authority control method and device, storage medium, computer equipment - Google Patents
User authority control method and device, storage medium, computer equipment Download PDFInfo
- Publication number
- CN109818935A CN109818935A CN201811645260.9A CN201811645260A CN109818935A CN 109818935 A CN109818935 A CN 109818935A CN 201811645260 A CN201811645260 A CN 201811645260A CN 109818935 A CN109818935 A CN 109818935A
- Authority
- CN
- China
- Prior art keywords
- user
- authority
- resource
- authority information
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Abstract
This application discloses a kind of user authority control method and device, storage medium, computer equipments, this method comprises: the log-on message of the user obtained when according to user's registration terminal equipment, generates authority acquiring request;Sending permission acquisition request is to Intranet right management server, so that Intranet right management server determines the authority information of user according to authority acquiring request;Receive the authority information of Intranet right management server feedback;According to authority information, the resource access request that user submits on the terminal device is handled.The application obtains the authority information of the user according to the log-on message of user from Intranet right management server, to be terminal equipment configuration access right, realize the resource access request submitted on the terminal device according to the authority information processing user of user, make user that can only access its resource for having permission on the terminal device, it prevents user from arbitrarily checking, the resource in using terminal equipment, ensures information security.
Description
Technical field
This application involves field of information security technology, particularly with regard to a kind of user authority control method and device, deposit
Storage media, computer equipment.
Background technique
With the rapid development of the communication technology, computer technology, the privacy problem of information becomes increasingly serious.Therefore, right
It needs to carry out permission control in the acquisition and use of information.Currently, enterprise is in order to ensure information security, it will usually to computer into
Row management, makes different computers have different permissions, such as the computer of Finance Department's staffing can check company
Financial information, and the computer of personnel department's staffing can not check corporate financial information.
This mode for assigning different computer different application permissions, although improving company information peace to a certain extent
Entirely, but the different user of same computer may be engaged in different work, therefore their moneys for needing to check at work
Material, software of operation etc. are also different, and in the prior art method, they can arbitrarily check the money in computer
Material, the arbitrarily software in operation computer, this just causes threat to the information security of enterprise.
Summary of the invention
In view of this, this application provides a kind of user authority control method and device, storage medium, computer equipment,
Make user that can only access its resource for having permission on the terminal device, prevents user from arbitrarily checking, in using terminal equipment
Resource ensures information security.
According to the one aspect of the application, a kind of user authority control method is provided, comprising:
The log-on message of the user obtained when according to user's registration terminal equipment generates authority acquiring request;
The authority acquiring request is sent to Intranet right management server, so that the Intranet right management server root
The authority information of the user is determined according to the authority acquiring request;
Receive the authority information of the Intranet right management server feedback;
According to the authority information, the resource access request that the user submits on the terminal device is handled.
According to the another aspect of the application, a kind of user right control device is provided, comprising:
Log-on message acquiring unit, the log-on message of the user obtained when for according to user's registration terminal equipment,
Generate authority acquiring request;
Authority acquiring request transmission unit, for sending the authority acquiring request to Intranet right management server, with
The Intranet right management server is set to determine the authority information of the user according to the authority acquiring request;
Authority information receiving unit, for receiving the authority information of the Intranet right management server feedback;
Resource access request processing unit, for handling the user in the terminal device according to the authority information
The resource access request of upper submission.
According to the application another aspect, a kind of storage medium is provided, computer program, described program are stored thereon with
Above-mentioned user authority control method is realized when being executed by processor.
According to the application another aspect, a kind of computer equipment is provided, including storage medium, processor and be stored in
On storage medium and the computer program that can run on a processor, the processor realize above-mentioned user when executing described program
Authority control method.
By above-mentioned technical proposal, a kind of user authority control method provided by the present application and device, storage medium, calculating
Machine equipment generates authority acquiring request according to the log-on message of user and is sent to Intranet power in user's registration terminal equipment
It limits in management server, receives the authority information for the user that Intranet right management server is fed back according to authority acquiring request, from
And it is terminal equipment configuration access right, the resource that user submits on the terminal device is handled according to the authority information of user and is accessed
Request, makes user that can only access its resource for having permission on the terminal device, prevents user from arbitrarily checking, using terminal equipment
On resource, ensure information security.
Above description is only the general introduction of technical scheme, in order to better understand the technological means of the application,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects, features and advantages of the application can
It is clearer and more comprehensible, below the special specific embodiment for lifting the application.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present application, constitutes part of this application, this Shen
Illustrative embodiments and their description please are not constituted an undue limitation on the present application for explaining the application.In the accompanying drawings:
Fig. 1 shows a kind of flow diagram of user authority control method provided by the embodiments of the present application;
Fig. 2 shows the flow diagrams of another user authority control method provided by the embodiments of the present application;
Fig. 3 shows a kind of structural schematic diagram of user right control device provided by the embodiments of the present application;
Fig. 4 shows the structural schematic diagram of another user right control device provided by the embodiments of the present application.
Specific embodiment
The application is described in detail below with reference to attached drawing and in conjunction with the embodiments.It should be noted that not conflicting
In the case of, the features in the embodiments and the embodiments of the present application can be combined with each other.
A kind of user authority control method is provided in the present embodiment, as shown in Figure 1, this method comprises:
The log-on message of the user obtained when step 101, according to user's registration terminal equipment generates authority acquiring request.
In order to guarantee the information security of terminal device, use of the different user to device resource is limited, is somebody's turn to do when user logs in
When terminal device, the log-on message of user is obtained, log-on message can determine unique subscriber for the employee number etc. of user
The information of identity generates authority acquiring request, according to the log-on message of user to obtain the authority information of the user.
Wherein, terminal device can be computer equipment, such as laptop, desktop computer, tablet computer.
Step 102, sending permission acquisition request is to Intranet right management server, so that Intranet right management server root
The authority information of user is determined according to authority acquiring request.
Authority acquiring request is sent to Intranet right management server, is stored in advance in Intranet right management server
The authority information of different user, thus when receiving authority acquiring request, it can be according to included in authority acquiring request
The log-on messages such as employee number determine the authority information that the user has.
For example, the permission that has of user that employee number is 123 be stored in advance in Intranet right management server including
Use the softwares such as Word, PPT, Excel;And the permission that has of user that employee number is 456 include using Word, PPT,
The softwares such as Excel and use printer.
Step 103, the authority information of Intranet right management server feedback is received.
It is after Intranet right management server determines the authority information of user according to authority acquiring request, the user is corresponding
Authority information feeds back to terminal device, so that terminal device can receive the permission from Intranet right management server feedback
Information.The authority information can be used for limiting operation of the user on the terminal device, such as whether determine user
It can star certain software, whether can modify to the file in terminal device.
Step 104, according to authority information, the resource access request that user submits on the terminal device is handled.
When operating after user's registration terminal equipment to terminal device, equipment can generate resource visit depending on the user's operation
Ask request, in order to guarantee the information security of terminal device, the permission of the user sent at this time according to Intranet right management server
Information, the resource access request submitted to user are handled.
It should be noted that the resource in terminal device can specifically be divided into locked resource and non-protected resource,
When the resource access request that user submits is to access non-protected resource, equipment can directly ring the access request of user
It answers, and when the resource access request that user submits is access locked resource, terminal device handles the money according to authority information
Source access request.To not only ensure that the safety of resource, the working efficiency of user is also improved.
Technical solution by applying this embodiment, it is raw according to the log-on message of user in user's registration terminal equipment
It at authority acquiring request and is sent in Intranet right management server, receives Intranet right management server according to authority acquiring
The authority information of the user of feedback is requested, to be terminal equipment configuration access right, is handled and is used according to the authority information of user
The resource access request that family is submitted on the terminal device makes user that can only access its resource for having permission on the terminal device,
It prevents user from arbitrarily checking, the resource in using terminal equipment, ensures information security.
Further, as the refinement and extension of above-described embodiment specific embodiment, in order to completely illustrate the present embodiment
Specific implementation process, provide another user authority control method, as shown in Fig. 2, this method comprises:
Step 201, terminal device sends the resource information in terminal device to Intranet right management server, so that Intranet
Right management server according to the position hierarchy of each user, respectively each user distribute corresponding personal authority information and
For the corresponding public authority information of each sector disrtibution, wherein personal authority information includes the resource that user has access authority
Information, public authority information include the publicly-owned resource information for having access authority of the department.
It in the above-described embodiments, further include the personal authority for configuring each user in Intranet right management server in advance
The step of information and the public permission information of each department, is specifically believed the resource for including in equipment by terminal device
Breath is sent in Intranet right management server, and resource information can specifically include executable file such as document, table, picture
Deng can runs software such as QQ, browser etc..Then determine each user have access authority resource information and each
The publicly-owned access authority for the resource information that all users of department have establishes authority information library and saves visit of the user to each resource
It asks permission, i.e., the personal authority information of user and saves the publicly-owned access authority and portion that each department has each resource
The public permission information of door.
Wherein, when distributing permission for each user can according to the department of user, user position priority etc. because
Element is allocated, such as has the common employee of finance of colleges and universities to the access authority of A class resource, and Finance Department
Manager also has the access authority to softwares such as QQ, wechat and browsers in addition to having to the access authority of A class resource.
In addition, can also be allocated according to the attribute of file when allocation of access rights, such as financial statement is by user
What first was established, user's first has access authority to finance registration.It should be noted that those skilled in the art can be according to reality
Border needs to select above-mentioned the access authority method of salary distribution or other methods of salary distribution, and the application is it is not limited here.
Step 202, when user's registration terminal equipment, the log-on message of user and the mark letter of terminal device are obtained
Breath.
When user's registration terminal equipment, the mark letter for the terminal device that the log-on message and user for obtaining user are logged in
Breath, wherein unique user can be determined according to the log-on message of user, can be determined only according to the identification information of terminal device
One terminal device.
Step 203, according to log-on message and identification information, authority acquiring request is generated.
According to the log-on message of user and the identification information of terminal device, authority acquiring request is generated, so as to according to power
Limit acquisition request is from obtaining access authority of the user on this terminal device in Intranet right management server.
Step 204, sending permission acquisition request is to Intranet right management server, so that Intranet right management server root
The authority information of user is determined according to authority acquiring request.
In the above-described embodiments, specifically, Intranet right management server determines the power of user according to authority acquiring request
The step of limit information, is as follows:
Step 2041, Intranet right management server is according to the identification information judgment terminal device in authority acquiring request
No is public terminals equipment.
Intranet right management server is first set according to the terminal in authority acquiring request after receiving authority acquiring request
Whether the standby identification information judgment terminal device is public terminals equipment.For example, the ordinary user of personnel department uses oneself
Exclusive computer equipment can complete most work for example using office software, and least a portion of work is for example beaten
Print material etc. needs user to complete using public terminals equipment, to increase operating cost, the time cost of user's printed material, keeps away
Exempt to waste print paper.To which Intranet right management server judges whether terminal device is Ke Yigen after public terminals equipment
According to different types of terminal device, the access authority of user on the device is determined.
Step 2042, if terminal device is public terminals equipment, Intranet right management server is asked according to authority acquiring
Log-on message in asking determines the corresponding public authority information of the corresponding personal authority information of user and user department.
If being public terminals equipment according to the identification information judgment of the terminal device terminal device, illustrate that user needs
Work is completed in public terminals equipment, then Intranet right management server is according to the log-on message of user, in pre-stored power
The personal authority information of user is inquired in limit information library, and the department of user is determined according to the log-on message of user, into
And determine the corresponding public authority information of the department.
Step 2043, personal authority information and public authority information are merged, generates the authority information of user.
If user logs in public terminals equipment, illustrate that user needs to complete work in public terminals equipment, this
When the corresponding public authority information of the personal authority information of user and user department is merged, generate the user herein
Authority information on terminal device.To which terminal device can be carried out according to access operation of the authority information got to user
Limitation guarantees the resource security of enterprise terminal equipment on the basis of guaranteeing that user can complete office duties.
For example, the personal authority information of certain user includes access A class resource, uses office office software etc., the user
The public authority information of department includes using printing tools, then user is after the login of public terminals equipment, Intranet permission pipe
Reason server merges the public authority information of the personal authority information of user and department, generates the permission letter of user
Breath, the user right information for merging generation includes access A class resource, using office office software, also includes using printing work
Tool.The user then can open A class resource by office office software, complete printing after public terminals equipment.
Step 2044, if terminal device is not public terminals equipment, Intranet right management server is according to authority acquiring
Log-on message in request determines the authority information of user, wherein the authority information of user is the corresponding personal authority letter of user
Breath.
If the terminal device that user logs in is not public terminals equipment, illustrate that the user is not needed at this time using public permission
Office, then be determined as user in the authority information of registration terminal equipment for the personal authority information of the user.To terminal device
It can be limited according to access operation of the authority information got to user, office duties can be completed in guarantee user
On the basis of, it prevents user from arbitrarily checking in equipment, using resource, guarantees the resource security of enterprise terminal equipment.
Step 205, the authority information of Intranet right management server feedback is received.
After Intranet right management server determines the authority information of user according to the authority acquiring request that terminal device is sent,
The authority information of the user is sent to terminal device, the access of user on the device is controlled according to the authority information to realize
Permission, to improve the safety of corporate resources.
Step 206, the local cache of terminal device is emptied, authority information is stored.
After receiving the authority information that Intranet right management server is sent, the local cache in terminal device is emptied
Processing prevents the safety to resource in equipment from impacting to remove some history resources access record in the equipment, then
The permissions data of the user is stored in terminal device, consequently facilitating user can be according to correspondence when using the terminal device
Authority information access resource.
Step 207, the resource access request that user submits is intercepted, resource access request includes resource identification.
After user's registration terminal equipment, when user starts the software in terminal device, checks etc. to file
When operation, terminal device generates resource access request, terminal device is to resource access request according to the resource of the estimated access of user
It is intercepted, to control access operation of the user in terminal device.Wherein, including in resource access request can be with
Determine the resource identification of unique resource type, such as the corresponding resource identification of A class document is Adoc.
Step 208, according to resource identification, search access right information whether include resource corresponding with resource identification access right
Limit.
According to resource identification, the corresponding resource information of the resource identification is determined, and then be in the authority information of inquiry user
No includes the access authority to the corresponding resource of the resource identification, to realize the access operation to user in terminal device
Control.
Step 209, if authority information includes the access authority to resource, receive resource access request.
If authority information includes the access authority to above-mentioned resource, illustrate that the user has access authority to the resource,
Intercepted resource access request is then executed, to guarantee that user may only be to the resource for having access authority in terminal device
It accesses, realizes the permission control to user, guarantee the safety of resource.
For example, the resource access authority of the user intercepted is access A document, then judging that user has to A document
After access authority, the access operation to A document is executed.
Step 210, if authority information does not include the access authority to resource, refuse resource access request.
And if authority information does not include the access authority to above-mentioned resource, illustrate that user does not have access right to the resource
Limit, then refuse the resource access request of user, furthermore it is also possible to user be prompted, since user does not have the access to the resource
Permission can not access to the resource.To prevent user from accessing the resource that it does not have access authority, improves terminal and set
The safety of standby resource.
Technical solution by applying this embodiment, according to the log-on message of user and the identification information of terminal device,
From authority information of the user on this terminal device is obtained in Intranet right management server, realizes user right information and exist
Distribution on terminal device.And then when user submits resource access request, first resource access request is intercepted, and is sentencing
The permission of disconnected user include the resource access request is executed to after the corresponding permission of resource access request, thus realize to
The control of family permission on the terminal device prevents user from arbitrarily accessing the resource in equipment and generates security risk, promotes enterprise
The safety of resource.
Further, the specific implementation as Fig. 1 method, the embodiment of the present application provide a kind of user right control dress
It sets, as shown in figure 3, the device includes: that log-on message acquiring unit 31, authority acquiring request transmission unit 32, authority information connect
Receive unit 33, resource access request processing unit 34.
Log-on message acquiring unit 31, the log-on message of the user obtained when for according to user's registration terminal equipment are raw
At authority acquiring request;
Authority acquiring request transmission unit 32, for sending permission acquisition request to Intranet right management server, so that
Intranet right management server determines the authority information of user according to authority acquiring request;
Authority information receiving unit 33, for receiving the authority information of Intranet right management server feedback;
Resource access request processing unit 34, for handling the money that user submits on the terminal device according to authority information
Source access request.
In specific application scenarios, as shown in figure 4, log-on message acquiring unit 31, specifically includes: log-on message obtains
Subelement 311, authority acquiring request transmission unit 312.
Log-on message obtains subelement 311, for when user's registration terminal equipment, obtain user log-on message and
The identification information of terminal device;
Authority acquiring request transmission unit 312, for generating authority acquiring and asking according to log-on message and identification information
It asks.
Intranet right management server, for according to the identification information judgment terminal device in authority acquiring request whether be
Public terminals equipment;
If terminal device is public terminals equipment, Intranet right management server is according to the login in authority acquiring request
Information determines the corresponding public authority information of the corresponding personal authority information of user and user department;
Personal authority information and public authority information are merged, the authority information of user is generated;
If terminal device is not public terminals equipment, Intranet right management server is according to stepping in authority acquiring request
Information is recorded, determines the authority information of user, wherein the authority information of user is the corresponding personal authority information of user.
In specific application scenarios, as shown in figure 4, resource access request processing unit 34, specifically includes: resource access
Interception unit 341, authority information query unit 342, first resource access request processing subelement 343, Secondary resource is requested to be visited
Ask request processing subelement 344.
Resource access request interception unit 341, for intercepting the resource access request of user's submission, resource access request packet
Include resource identification;
Authority information query unit 342, for according to resource identification, search access right information whether include and resource identification pair
The access authority for the resource answered;
First resource access request processing subelement 343 connects if including the access authority to resource for authority information
By resource access request;
Secondary resource access request handles subelement 344, if for authority information not including the access authority to resource,
Refuse resource access request.
In specific application scenarios, as shown in figure 4, the device further include: caching empties unit 35.
Caching empties unit 35, after the authority information for receiving Intranet right management server feedback, empties terminal
The local cache of equipment stores authority information.
In specific application scenarios, as shown in figure 4, the device further include: resource information transmission unit 36.
Resource information transmission unit 36, the log-on message of the user obtained when for according to user's registration terminal equipment are raw
Before authority acquiring request, terminal device sends the resource information in terminal device to Intranet right management server, so that
Intranet right management server distributes corresponding personal authority information according to the position hierarchy of each user, respectively each user
It and is the corresponding public authority information of each sector disrtibution, wherein personal authority information includes that user has access authority
Resource information, public authority information include the publicly-owned resource information for having access authority of department.
It should be noted that each functional unit involved by a kind of user right control device provided by the embodiments of the present application
Other are accordingly described, can be with reference to the corresponding description in Fig. 1 and Fig. 2, and details are not described herein.
Based on above-mentioned method as depicted in figs. 1 and 2, correspondingly, the embodiment of the present application also provides a kind of storage medium,
On be stored with computer program, which realizes above-mentioned user right controlling party as depicted in figs. 1 and 2 when being executed by processor
Method.
Based on this understanding, the technical solution of the application can be embodied in the form of software products, which produces
Product can store in a non-volatile memory medium (can be CD-ROM, USB flash disk, mobile hard disk etc.), including some instructions
With so that computer equipment (can be personal computer, server or the network equipment an etc.) execution the application is each
Method described in implement scene.
Based on above-mentioned method as shown in Figure 1 and Figure 2 and Fig. 3, virtual bench embodiment shown in Fig. 4, in order to realize
Above-mentioned purpose, the embodiment of the present application also provides a kind of computer equipments, are specifically as follows personal computer, server, network
Equipment etc., the computer equipment include storage medium and processor;Storage medium, for storing computer program;Processor is used
In execution computer program to realize above-mentioned user authority control method as depicted in figs. 1 and 2.
Optionally, which can also include user interface, network interface, camera, radio frequency (Radio
Frequency, RF) circuit, sensor, voicefrequency circuit, WI-FI module etc..User interface may include display screen
(Display), input unit such as keyboard (Keyboard) etc., optional user interface can also connect including USB interface, card reader
Mouthful etc..Network interface optionally may include standard wireline interface and wireless interface (such as blue tooth interface, WI-FI interface).
It will be understood by those skilled in the art that a kind of computer equipment structure provided in this embodiment is not constituted to the meter
The restriction for calculating machine equipment, may include more or fewer components, perhaps combine certain components or different component layouts.
It can also include operating system, network communication module in storage medium.Operating system is management and preservation computer
The program of device hardware and software resource supports the operation of message handling program and other softwares and/or program.Network communication
Module is for realizing the communication between each component in storage medium inside, and between other hardware and softwares in the entity device
Communication.
Through the above description of the embodiments, those skilled in the art can be understood that the application can borrow
Help software that the mode of necessary general hardware platform is added to realize, it can also be by hardware realization in user's registration terminal equipment
When, authority acquiring request is generated according to the log-on message of user and is sent in Intranet right management server, Intranet power is received
The authority information for the user that limit management server is fed back according to authority acquiring request, thus be terminal equipment configuration access right,
The resource access request that user submits on the terminal device is handled according to the authority information of user, makes user can only be in terminal device
Upper its resource for having permission of access, prevents user from arbitrarily checking, the resource in using terminal equipment, ensures information security.
The embodiment of the invention provides following technical schemes:
A1, a kind of user authority control method, comprising:
The log-on message of the user obtained when according to user's registration terminal equipment generates authority acquiring request;
The authority acquiring request is sent to Intranet right management server, so that the Intranet right management server root
The authority information of the user is determined according to the authority acquiring request;
Receive the authority information of the Intranet right management server feedback;
According to the authority information, the resource access request that the user submits on the terminal device is handled.
A2, method according to a1, the login letter for the user that when registration terminal equipment according to user obtains
Breath generates authority acquiring request, specifically includes:
When the user logs in the terminal device, obtain the user log-on message and the terminal device
Identification information;
According to the log-on message and the identification information, the authority acquiring request is generated.
A3, the method according to A2, the Intranet right management server are true according to the authority acquiring request
The authority information of the fixed user, specifically includes:
The Intranet right management server is whole according to the identification information judgment in the authority acquiring request
Whether end equipment is public terminals equipment;
If the terminal device is the public terminals equipment, the Intranet right management server is according to the permission
The log-on message in acquisition request determines the corresponding personal authority information of the user and the user department pair
The public authority information answered;
The personal authority information and the public authority information are merged, the permission letter of the user is generated
Breath.
A4, method according to a3, further includes:
If the terminal device is not the public terminals equipment, the Intranet right management server is according to the power
The log-on message in acquisition request is limited, determines the authority information of the user, wherein the authority information of the user is institute
State the corresponding personal authority information of user.
A5, method according to a1, it is described according to the authority information, the user is handled on the terminal device
The resource access request of submission, specifically includes:
The resource access request that the user submits is intercepted, the resource access request includes resource identification;
According to the resource identification, inquire the authority information whether include resource corresponding with the resource identification visit
Ask permission;
If the authority information includes the access authority to the resource, receive the resource access request;
If the authority information does not include the access authority to the resource, refuse the resource access request.
A6, the method according to any one of A1 to A5, it is described to receive what the Intranet right management server was fed back
After the authority information, further includes:
The local cache for emptying the terminal device stores the authority information.
A7, the method according to any one of A1 to A5, described in when registration terminal equipment according to user obtains
The log-on message of user, generate authority acquiring request before, further includes:
The terminal device sends the resource information in the terminal device to the Intranet right management server, so that
For the Intranet right management server according to the position hierarchy of each user, the respectively described each user distributes corresponding individual
Authority information and be the corresponding public authority information of each sector disrtibution, wherein the personal authority information includes the use
Family has the resource information of access authority, and the public authority information includes the publicly-owned resource for having access authority of the department
Information.
B8, a kind of user right control device, comprising:
Log-on message acquiring unit, the log-on message of the user obtained when for according to user's registration terminal equipment,
Generate authority acquiring request;
Authority acquiring request transmission unit, for sending the authority acquiring request to Intranet right management server, with
The Intranet right management server is set to determine the authority information of the user according to the authority acquiring request;
Authority information receiving unit, for receiving the authority information of the Intranet right management server feedback;
Resource access request processing unit, for handling the user in the terminal device according to the authority information
The resource access request of upper submission.
B9, the device according to A8, the log-on message acquiring unit, specifically include:
Log-on message obtains subelement, for obtaining stepping on for the user when the user logs in the terminal device
Record the identification information of information and the terminal device;
Authority acquiring request transmission unit, for generating the power according to the log-on message and the identification information
Limit acquisition request.
B10, the device according to B9, the Intranet right management server, for according to the authority acquiring request
In the identification information judgment described in terminal device whether be public terminals equipment;
If the terminal device is the public terminals equipment, the Intranet right management server is according to the permission
The log-on message in acquisition request determines the corresponding personal authority information of the user and the user department pair
The public authority information answered;
The personal authority information and the public authority information are merged, the permission letter of the user is generated
Breath.
B11, device according to b10, the Intranet right management server, if being also used to the terminal device is not
The public terminals equipment, then the Intranet right management server is believed according to the login in the authority acquiring request
Breath, determines the authority information of the user, wherein the authority information of the user is the corresponding personal authority letter of the user
Breath.
B12, the device according to B8, the resource access request processing unit, specifically include:
Resource access request interception unit, the resource access request submitted for intercepting the user, the resource access
Request includes resource identification;
Authority information query unit, for according to the resource identification, inquire the authority information whether include with it is described
The access authority of the corresponding resource of resource identification;
First resource access request handles subelement, if including the access right to the resource for the authority information
Limit, then receive the resource access request;
Secondary resource access request handles subelement, if not including the access right to the resource for the authority information
Limit, then refuse the resource access request.
B13, the device according to any one of B8 to B12, described device further include:
Caching empties unit, after the authority information for receiving the Intranet right management server feedback, clearly
The local cache of the empty terminal device, stores the authority information.
B14, the device according to any one of B8 to B12, described device further include:
Resource information transmission unit, the log-on message of the user obtained when for according to user's registration terminal equipment,
Before generating authority acquiring request, the terminal device is sent in the terminal device to the Intranet right management server
Resource information, so that position hierarchy of the Intranet right management server according to each user, respectively described each user
Distribute corresponding personal authority information and for the corresponding public authority information of each sector disrtibution, wherein the personal authority
Information includes the resource information that the user has access authority, and the public authority information, which includes that the department is publicly-owned, to be had
The resource information of access authority.
C15, a kind of storage medium, are stored thereon with computer program, realize A1 extremely when described program is executed by processor
User authority control method described in any one of A7.
D16, a kind of computer equipment, including storage medium, processor and storage are on a storage medium and can be in processor
The computer program of upper operation, the processor realize user right control described in any one of A1 to A7 when executing described program
Method processed.
It will be appreciated by those skilled in the art that the accompanying drawings are only schematic diagrams of a preferred implementation scenario, module in attached drawing or
Process is not necessarily implemented necessary to the application.It will be appreciated by those skilled in the art that the mould in device in implement scene
Block can according to implement scene describe be distributed in the device of implement scene, can also carry out corresponding change be located at be different from
In one or more devices of this implement scene.The module of above-mentioned implement scene can be merged into a module, can also be into one
Step splits into multiple submodule.
Above-mentioned the application serial number is for illustration only, does not represent the superiority and inferiority of implement scene.Disclosed above is only the application
Several specific implementation scenes, still, the application is not limited to this, and the changes that any person skilled in the art can think of is all
The protection scope of the application should be fallen into.
Claims (10)
1. a kind of user authority control method characterized by comprising
The log-on message of the user obtained when according to user's registration terminal equipment generates authority acquiring request;
The authority acquiring request is sent to Intranet right management server, so that the Intranet right management server is according to institute
State the authority information that authority acquiring request determines the user;
Receive the authority information of the Intranet right management server feedback;
According to the authority information, the resource access request that the user submits on the terminal device is handled.
2. the method according to claim 1, wherein described in being obtained when the registration terminal equipment according to user
The log-on message of user generates authority acquiring request, specifically includes:
When the user logs in the terminal device, the log-on message of the user and the mark of the terminal device are obtained
Information;
According to the log-on message and the identification information, the authority acquiring request is generated.
3. according to the method described in claim 2, it is characterized in that, the Intranet right management server is according to the power
Limit acquisition request determines the authority information of the user, specifically includes:
Intranet right management server terminal according to the identification information judgment in the authority acquiring request is set
Whether standby be public terminals equipment;
If the terminal device is the public terminals equipment, the Intranet right management server is according to the authority acquiring
The log-on message in request determines that the corresponding personal authority information of the user and the user department are corresponding
Public authority information;
The personal authority information and the public authority information are merged, the authority information of the user is generated.
4. according to the method described in claim 3, it is characterized in that, the method also includes:
If the terminal device is not the public terminals equipment, the Intranet right management server is obtained according to the permission
The log-on message in request is taken, determines the authority information of the user, wherein the authority information of the user is the use
The corresponding personal authority information in family.
5. handling the user and existing the method according to claim 1, wherein described according to the authority information
The resource access request submitted on the terminal device, specifically includes:
The resource access request that the user submits is intercepted, the resource access request includes resource identification;
According to the resource identification, inquire the authority information whether include resource corresponding with the resource identification access right
Limit;
If the authority information includes the access authority to the resource, receive the resource access request;
If the authority information does not include the access authority to the resource, refuse the resource access request.
6. the method according to any one of claims 1 to 5, which is characterized in that described to receive the Intranet rights management
After the authority information of server feedback, further includes:
The local cache for emptying the terminal device stores the authority information.
7. the method according to any one of claims 1 to 5, which is characterized in that described according to user's registration terminal equipment
When the log-on message of the user that obtains, before generating authority acquiring request, further includes:
The terminal device sends the resource information in the terminal device to the Intranet right management server, so that described
For Intranet right management server according to the position hierarchy of each user, the respectively described each user distributes corresponding personal authority
Information and be the corresponding public authority information of each sector disrtibution, wherein the personal authority information includes user tool
The resource information of standby access authority, the public authority information include the publicly-owned resource letter for having access authority of the department
Breath.
8. a kind of user right control device characterized by comprising
Log-on message acquiring unit, the log-on message of the user obtained when for according to user's registration terminal equipment generate
Authority acquiring request;
Authority acquiring request transmission unit, for sending the authority acquiring request to Intranet right management server, so that institute
State the authority information that Intranet right management server determines the user according to the authority acquiring request;
Authority information receiving unit, for receiving the authority information of the Intranet right management server feedback;
Resource access request processing unit, for handling the user and above being mentioned in the terminal device according to the authority information
The resource access request of friendship.
Realized 9. a kind of storage medium is stored thereon with computer program, when described program is executed by processor claim 1 to
User authority control method described in any one of 7.
10. a kind of computer equipment, including storage medium, processor and storage can be run on a storage medium and on a processor
Computer program, the processor realizes user right control described in any one of claims 1 to 7 when executing described program
Method processed.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810420369.6A CN108683652A (en) | 2018-05-04 | 2018-05-04 | A kind of method and device of the processing attack of Behavior-based control permission |
| CN2018104203696 | 2018-05-04 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109818935A true CN109818935A (en) | 2019-05-28 |
Family
ID=63802917
Family Applications (9)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810420369.6A Pending CN108683652A (en) | 2018-05-04 | 2018-05-04 | A kind of method and device of the processing attack of Behavior-based control permission |
| CN201811645263.2A Active CN109714350B (en) | 2018-05-04 | 2018-12-29 | Permission control method and device of application program, storage medium and computer equipment |
| CN201811640613.6A Active CN109831420B (en) | 2018-05-04 | 2018-12-29 | Method and device for determining kernel process permission |
| CN201811640217.3A Active CN109873804B (en) | 2018-05-04 | 2018-12-29 | Behavior-based service identification method, behavior-based service identification device, behavior-based service identification equipment and readable storage medium |
| CN201811645260.9A Pending CN109818935A (en) | 2018-05-04 | 2018-12-29 | User authority control method and device, storage medium, computer equipment |
| CN201811646168.4A Pending CN109818937A (en) | 2018-05-04 | 2018-12-29 | For the control method of Android permission, device and storage medium, electronic device |
| CN201811640611.7A Active CN109831419B (en) | 2018-05-04 | 2018-12-29 | Method and device for determining permission of shell program |
| CN201811640216.9A Active CN109873803B (en) | 2018-05-04 | 2018-12-29 | Permission control method and device of application program, storage medium and computer equipment |
| CN201811640483.6A Active CN109743315B (en) | 2018-05-04 | 2018-12-29 | Behavior identification method, behavior identification device, behavior identification equipment and readable storage medium for website |
Family Applications Before (4)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810420369.6A Pending CN108683652A (en) | 2018-05-04 | 2018-05-04 | A kind of method and device of the processing attack of Behavior-based control permission |
| CN201811645263.2A Active CN109714350B (en) | 2018-05-04 | 2018-12-29 | Permission control method and device of application program, storage medium and computer equipment |
| CN201811640613.6A Active CN109831420B (en) | 2018-05-04 | 2018-12-29 | Method and device for determining kernel process permission |
| CN201811640217.3A Active CN109873804B (en) | 2018-05-04 | 2018-12-29 | Behavior-based service identification method, behavior-based service identification device, behavior-based service identification equipment and readable storage medium |
Family Applications After (4)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811646168.4A Pending CN109818937A (en) | 2018-05-04 | 2018-12-29 | For the control method of Android permission, device and storage medium, electronic device |
| CN201811640611.7A Active CN109831419B (en) | 2018-05-04 | 2018-12-29 | Method and device for determining permission of shell program |
| CN201811640216.9A Active CN109873803B (en) | 2018-05-04 | 2018-12-29 | Permission control method and device of application program, storage medium and computer equipment |
| CN201811640483.6A Active CN109743315B (en) | 2018-05-04 | 2018-12-29 | Behavior identification method, behavior identification device, behavior identification equipment and readable storage medium for website |
Country Status (1)
| Country | Link |
|---|---|
| CN (9) | CN108683652A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110930234A (en) * | 2019-11-18 | 2020-03-27 | 河南城建学院 | Financial management method with remote access function |
| CN112738100A (en) * | 2020-12-29 | 2021-04-30 | 北京天融信网络安全技术有限公司 | Authentication method, device, authentication equipment and authentication system for data access |
| CN115118476A (en) * | 2022-06-21 | 2022-09-27 | 拉扎斯网络科技(上海)有限公司 | User permission verification method and device, electronic equipment and readable storage medium |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108683652A (en) * | 2018-05-04 | 2018-10-19 | 北京奇安信科技有限公司 | A kind of method and device of the processing attack of Behavior-based control permission |
| WO2020132877A1 (en) * | 2018-12-25 | 2020-07-02 | 奇安信安全技术(珠海)有限公司 | Operation detection method and system, and electronic device |
| CN110990844B (en) * | 2019-10-25 | 2022-04-08 | 浙江大华技术股份有限公司 | Cloud data protection method based on kernel, cloud server and system |
| CN110781491B (en) * | 2019-10-25 | 2022-02-18 | 苏州浪潮智能科技有限公司 | Method and device for controlling process to access file |
| JP7424028B2 (en) * | 2019-12-16 | 2024-01-30 | 株式会社デンソーウェーブ | robot operation terminal |
| CN111444118B (en) * | 2020-03-23 | 2022-04-05 | 数网金融有限公司 | Process protection method, device, terminal equipment and storage medium |
| CN111783082A (en) * | 2020-06-08 | 2020-10-16 | Oppo广东移动通信有限公司 | Process tracing method, device, terminal and computer readable storage medium |
| CN112003835B (en) * | 2020-08-03 | 2022-10-14 | 奇安信科技集团股份有限公司 | Security threat detection method and device, computer equipment and storage medium |
| CN114237630A (en) * | 2020-09-09 | 2022-03-25 | 中国电信股份有限公司 | Privacy permission detection method and device |
| CN112689002B (en) * | 2020-12-18 | 2023-06-20 | 北京易车互联信息技术有限公司 | app behavior monitoring system |
| CN113190836A (en) * | 2021-03-29 | 2021-07-30 | 贵州电网有限责任公司 | Web attack behavior detection method and system based on local command execution |
| CN113505351A (en) * | 2021-06-23 | 2021-10-15 | 湖南惠而特科技有限公司 | Identity authentication-based process industry white list access method and system |
| CN113672974A (en) * | 2021-07-29 | 2021-11-19 | 北京奇艺世纪科技有限公司 | Authority management method, device, equipment and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917448A (en) * | 2010-08-27 | 2010-12-15 | 山东中创软件工程股份有限公司 | Control method for realizing RBAC access permission in application on basis of.NET |
| CN103516680A (en) * | 2012-06-25 | 2014-01-15 | 上海博腾信息科技有限公司 | Authority management system of office system and realizing method thereof |
| CN103617381A (en) * | 2013-11-21 | 2014-03-05 | 北京奇虎科技有限公司 | Permission configuration method and permission configuration system of equipment |
| CN104125219A (en) * | 2014-07-07 | 2014-10-29 | 四川中电启明星信息技术有限公司 | Centralized identity and management method aiming at electric power information system |
| CN106228059A (en) * | 2016-07-22 | 2016-12-14 | 南京航空航天大学 | Based on three Yuans management and the role access control method of expansion |
| US9614851B1 (en) * | 2014-02-27 | 2017-04-04 | Open Invention Network Llc | Security management application providing proxy for administrative privileges |
| CN106603509A (en) * | 2016-11-29 | 2017-04-26 | 中科曙光信息技术无锡有限公司 | Enterprise document management method |
| CN106778345A (en) * | 2016-12-19 | 2017-05-31 | 网易(杭州)网络有限公司 | The treating method and apparatus of the data based on operating right |
Family Cites Families (41)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1763710A (en) * | 2004-10-22 | 2006-04-26 | 中国人民解放军国防科学技术大学 | Privilege minimizing method based on capability |
| US8286243B2 (en) * | 2007-10-23 | 2012-10-09 | International Business Machines Corporation | Blocking intrusion attacks at an offending host |
| CN101246536A (en) * | 2008-03-06 | 2008-08-20 | 北京鼎信高科信息技术有限公司 | Method for encrypting and decrypting computer files based on process monitoring |
| CN101504604A (en) * | 2009-03-13 | 2009-08-12 | 张昊 | Authority management validation application method |
| CN101872397B (en) * | 2010-06-08 | 2012-05-23 | 用友软件股份有限公司 | Authorization role succession method |
| CN101997912A (en) * | 2010-10-27 | 2011-03-30 | 苏州凌霄科技有限公司 | Mandatory access control device based on Android platform and control method thereof |
| CN102542182A (en) * | 2010-12-15 | 2012-07-04 | 苏州凌霄科技有限公司 | Device and method for controlling mandatory access based on Windows platform |
| CN102147845A (en) * | 2011-04-18 | 2011-08-10 | 北京思创银联科技股份有限公司 | Process monitoring method |
| WO2013111331A1 (en) * | 2012-01-27 | 2013-08-01 | 株式会社日立製作所 | Computer system |
| CN102663318B (en) * | 2012-03-22 | 2015-04-08 | 百度在线网络技术(北京)有限公司 | Browser Process Privilege control method |
| CN102915417A (en) * | 2012-09-18 | 2013-02-06 | 鸿富锦精密工业(深圳)有限公司 | Application monitoring system and application monitoring method |
| CN102930205A (en) * | 2012-10-10 | 2013-02-13 | 北京奇虎科技有限公司 | Monitoring unit and method |
| CN103812958B (en) * | 2012-11-14 | 2019-05-07 | 中兴通讯股份有限公司 | Processing method, NAT device and the BNG equipment of NAT technology |
| CN102970299B (en) * | 2012-11-27 | 2015-06-03 | 西安电子科技大学 | File safe protection system and method thereof |
| CN103268451B (en) * | 2013-06-08 | 2017-12-05 | 上海斐讯数据通信技术有限公司 | A kind of dynamic permission management system based on mobile terminal |
| CN103679007B (en) * | 2013-12-19 | 2017-01-04 | 深圳全智达通信股份有限公司 | A kind of manage the method for application program authority, device and mobile device |
| CN103778006B (en) * | 2014-02-12 | 2017-02-08 | 成都卫士通信息安全技术有限公司 | Method for controlling progress of operating system |
| CN104008337B (en) * | 2014-05-07 | 2019-08-23 | 广州华多网络科技有限公司 | A kind of active defense method and device based on linux system |
| CN103927476B (en) * | 2014-05-07 | 2017-09-15 | 上海联彤网络通讯技术有限公司 | Realize the intelligence system and method for application program rights management |
| US9916475B2 (en) * | 2014-08-11 | 2018-03-13 | North Carolina State University | Programmable interface for extending security of application-based operating system |
| US9026840B1 (en) * | 2014-09-09 | 2015-05-05 | Belkin International, Inc. | Coordinated and device-distributed detection of abnormal network device operation |
| CN105516055B (en) * | 2014-09-23 | 2020-07-14 | 腾讯科技(深圳)有限公司 | Data access method, access device, target device and management server |
| CN104268470B (en) * | 2014-09-26 | 2018-02-13 | 酷派软件技术(深圳)有限公司 | Method of controlling security and safety control |
| CN104484594B (en) * | 2014-11-06 | 2017-10-31 | 中国科学院信息工程研究所 | A kind of franchise distribution method of the Linux system based on capability mechanism |
| CN104484599B (en) * | 2014-12-16 | 2017-12-12 | 北京奇虎科技有限公司 | A kind of behavior treating method and apparatus based on application program |
| CN104503880A (en) * | 2014-12-16 | 2015-04-08 | 新余兴邦信息产业有限公司 | Method and device for realizing MySQL database monitoring option script |
| KR101619414B1 (en) * | 2015-01-06 | 2016-05-10 | 한국인터넷진흥원 | System for detecting abnomal behaviors using personalized early use behavior pattern analsis |
| CN104820791B (en) * | 2015-05-19 | 2017-12-15 | 大唐网络有限公司 | The authority control method and system of application software |
| CN105049592B (en) * | 2015-05-27 | 2020-02-14 | 中国科学院信息工程研究所 | Mobile intelligent terminal voice safety protection method and system |
| CN106650438A (en) * | 2015-11-04 | 2017-05-10 | 阿里巴巴集团控股有限公司 | Method and device for detecting baleful programs |
| CN105491063A (en) * | 2015-12-30 | 2016-04-13 | 深圳市深信服电子科技有限公司 | Network intrusion prevention method and device |
| AU2016381499A1 (en) * | 2015-12-31 | 2018-08-09 | Cyber 2.0 (2015) Ltd. | Monitoring traffic in a computer network |
| CN106127031A (en) * | 2016-06-23 | 2016-11-16 | 北京金山安全软件有限公司 | Method and device for protecting process and electronic equipment |
| CN106650418A (en) * | 2016-12-21 | 2017-05-10 | 天津大学 | Android access control system and method based onmulti-strategy |
| CN106650435A (en) * | 2016-12-28 | 2017-05-10 | 郑州云海信息技术有限公司 | Method and apparatus of protecting system |
| CN107018140B (en) * | 2017-04-24 | 2021-06-04 | 深信服科技股份有限公司 | Authority control method and system |
| CN113328861B (en) * | 2017-08-23 | 2022-11-01 | 重庆京像微电子有限公司 | Authority verification method, device and system |
| CN107506646B (en) * | 2017-09-28 | 2021-08-10 | 努比亚技术有限公司 | Malicious application detection method and device and computer readable storage medium |
| CN107832590A (en) * | 2017-11-06 | 2018-03-23 | 珠海市魅族科技有限公司 | Terminal control method and device, terminal and computer-readable recording medium |
| CN108280349A (en) * | 2018-01-10 | 2018-07-13 | 维沃移动通信有限公司 | Protect method, mobile terminal and the computer readable storage medium of system kernel layer |
| CN108683652A (en) * | 2018-05-04 | 2018-10-19 | 北京奇安信科技有限公司 | A kind of method and device of the processing attack of Behavior-based control permission |
-
2018
- 2018-05-04 CN CN201810420369.6A patent/CN108683652A/en active Pending
- 2018-12-29 CN CN201811645263.2A patent/CN109714350B/en active Active
- 2018-12-29 CN CN201811640613.6A patent/CN109831420B/en active Active
- 2018-12-29 CN CN201811640217.3A patent/CN109873804B/en active Active
- 2018-12-29 CN CN201811645260.9A patent/CN109818935A/en active Pending
- 2018-12-29 CN CN201811646168.4A patent/CN109818937A/en active Pending
- 2018-12-29 CN CN201811640611.7A patent/CN109831419B/en active Active
- 2018-12-29 CN CN201811640216.9A patent/CN109873803B/en active Active
- 2018-12-29 CN CN201811640483.6A patent/CN109743315B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917448A (en) * | 2010-08-27 | 2010-12-15 | 山东中创软件工程股份有限公司 | Control method for realizing RBAC access permission in application on basis of.NET |
| CN103516680A (en) * | 2012-06-25 | 2014-01-15 | 上海博腾信息科技有限公司 | Authority management system of office system and realizing method thereof |
| CN103617381A (en) * | 2013-11-21 | 2014-03-05 | 北京奇虎科技有限公司 | Permission configuration method and permission configuration system of equipment |
| US9614851B1 (en) * | 2014-02-27 | 2017-04-04 | Open Invention Network Llc | Security management application providing proxy for administrative privileges |
| CN104125219A (en) * | 2014-07-07 | 2014-10-29 | 四川中电启明星信息技术有限公司 | Centralized identity and management method aiming at electric power information system |
| CN106228059A (en) * | 2016-07-22 | 2016-12-14 | 南京航空航天大学 | Based on three Yuans management and the role access control method of expansion |
| CN106603509A (en) * | 2016-11-29 | 2017-04-26 | 中科曙光信息技术无锡有限公司 | Enterprise document management method |
| CN106778345A (en) * | 2016-12-19 | 2017-05-31 | 网易(杭州)网络有限公司 | The treating method and apparatus of the data based on operating right |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110930234A (en) * | 2019-11-18 | 2020-03-27 | 河南城建学院 | Financial management method with remote access function |
| CN110930234B (en) * | 2019-11-18 | 2024-03-12 | 河南城建学院 | Financial management method with remote access function |
| CN112738100A (en) * | 2020-12-29 | 2021-04-30 | 北京天融信网络安全技术有限公司 | Authentication method, device, authentication equipment and authentication system for data access |
| CN112738100B (en) * | 2020-12-29 | 2023-09-01 | 北京天融信网络安全技术有限公司 | Authentication method, device, authentication equipment and authentication system for data access |
| CN115118476A (en) * | 2022-06-21 | 2022-09-27 | 拉扎斯网络科技(上海)有限公司 | User permission verification method and device, electronic equipment and readable storage medium |
| CN115118476B (en) * | 2022-06-21 | 2023-02-28 | 拉扎斯网络科技(上海)有限公司 | User permission verification method and device, electronic equipment and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109714350B (en) | 2021-11-23 |
| CN109873804A (en) | 2019-06-11 |
| CN109873803B (en) | 2021-07-20 |
| CN109714350A (en) | 2019-05-03 |
| CN108683652A (en) | 2018-10-19 |
| CN109831419A (en) | 2019-05-31 |
| CN109831419B (en) | 2021-10-01 |
| CN109831420B (en) | 2021-10-22 |
| CN109743315B (en) | 2021-10-22 |
| CN109818937A (en) | 2019-05-28 |
| CN109831420A (en) | 2019-05-31 |
| CN109873803A (en) | 2019-06-11 |
| CN109873804B (en) | 2021-07-23 |
| CN109743315A (en) | 2019-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109818935A (en) | User authority control method and device, storage medium, computer equipment | |
| EP3805961B1 (en) | Systems and method for authenticating users of a data processing platform from multiple identity providers | |
| US11290446B2 (en) | Access to data stored in a cloud | |
| CN100511203C (en) | Database access control method, database access controller, agent processing server | |
| US10445524B2 (en) | Compromise free cloud data encryption and security | |
| US20130061335A1 (en) | Method, Apparatus, Computer Readable Media for a Storage Virtualization Middleware System | |
| EP1975820A1 (en) | Web services intermediary for sharing a single key | |
| CN1292116A (en) | Per-method designation of security requirements | |
| CN107852412A (en) | For phishing and the system and method for brand protection | |
| US9996686B2 (en) | Password retrieval system and method involving token usage without prior knowledge of the password | |
| US11063922B2 (en) | Virtual content repository | |
| US10721236B1 (en) | Method, apparatus and computer program product for providing security via user clustering | |
| Bidgoli | Successful introduction of Cloud Computing into your organization: a six-step conceptual model | |
| CN111339177A (en) | SAP platform-based data export method and system | |
| US20190227985A1 (en) | Method and system for using dynamic content types | |
| WO2022133811A1 (en) | Protecting sensitive data using conversational history | |
| US11050818B2 (en) | Coordinating an action between devices | |
| AU2019477233A1 (en) | Systems and methods for automated application launching | |
| CN109784073A (en) | Data access method and device, storage medium, computer equipment | |
| US10970408B2 (en) | Method for securing a digital document | |
| JP6747047B2 (en) | Information processing system, login method, information processing device, and program | |
| CN109800561A (en) | Drive authority control method, client, system and storage medium | |
| EP3834110A1 (en) | Global sign-out on shared devices | |
| US20230368191A1 (en) | Database representation of a public trust ledger | |
| US11916914B2 (en) | At least one information processing apparatus, information processing system, and permission granting method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 519085 No. 501, 601, building 14, kechuangyuan, Gangwan No. 1, Jintang Road, Tangjiawan Town, high tech Zone, Zhuhai City, Guangdong Province Applicant after: Qianxin Safety Technology (Zhuhai) Co.,Ltd. Applicant after: Qianxin Technology Group Co.,Ltd. Address before: 519085 No. 501, 601, building 14, kechuangyuan, Gangwan No. 1, Jintang Road, Tangjiawan Town, high tech Zone, Zhuhai City, Guangdong Province Applicant before: 360 ENTERPRISE SECURITY TECHNOLOGY (ZHUHAI) Co.,Ltd. Applicant before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190528 |