CN110472391A - Data access method and device, storage medium, electronic device - Google Patents

Data access method and device, storage medium, electronic device Download PDF

Info

Publication number
CN110472391A
CN110472391A CN201910775340.4A CN201910775340A CN110472391A CN 110472391 A CN110472391 A CN 110472391A CN 201910775340 A CN201910775340 A CN 201910775340A CN 110472391 A CN110472391 A CN 110472391A
Authority
CN
China
Prior art keywords
data
account number
subscribed
subscription
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910775340.4A
Other languages
Chinese (zh)
Inventor
堵新政
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Mininglamp Software System Co ltd
Original Assignee
Beijing Mininglamp Software System Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Mininglamp Software System Co ltd filed Critical Beijing Mininglamp Software System Co ltd
Priority to CN201910775340.4A priority Critical patent/CN110472391A/en
Publication of CN110472391A publication Critical patent/CN110472391A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Automation & Control Theory (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention provides a kind of data access method and device, storage medium, electronic devices, this method comprises: receiving the subscription request that the first account number is sent, wherein subscribe to request for the data to be subscribed to that pull subscription, data to be subscribed to have accessed permission;Request will be subscribed to and be sent to the second account number, wherein the second account number has the permission that request is subscribed in audit;In the case where subscription request audit passes through, the subscription permission of data to be subscribed to is sent to the first account number, so that the first account number is able to access that data to be subscribed to.Through the invention, it solves the problems, such as data access authority, achievees the effect that have secure access to subscription formula data.

Description

Data access method and device, storage medium, electronic device
Technical field
The present invention relates to computer fields, in particular to a kind of data access method and device, storage medium, electricity Sub-device.
Background technique
Data are the information assets of big data era most worthy, how safely and accurately to access and use data, prevent Abuse, misuse data are crucial the producers and consumers of data.And the user of enterprise-level, the data of each department Consumer requires the authority control system of effect from data sharing center request for data resource.Currently, being more under cabling Approval process, the efficiency of each departmental cooperation is very low, while also inflexible.
In view of the above technical problems, it not yet puts forward effective solutions in the related technology.
Summary of the invention
The embodiment of the invention provides a kind of data access method and devices, at least to solve data access in the related technology The problem of permission.
According to one embodiment of present invention, a kind of data access method is provided, comprising: receive what the first account number was sent Subscribe to request, wherein for the data to be subscribed to that pull subscription, above-mentioned data to be subscribed to have accessed power for above-mentioned subscription request Limit;Above-mentioned subscription request is sent to the second account number, wherein above-mentioned second account number has the permission for auditing above-mentioned subscription request; In the case where above-mentioned subscription request audit passes through, the subscription permission of above-mentioned data to be subscribed to is sent to above-mentioned first account number, So that above-mentioned first account number is able to access that above-mentioned data to be subscribed to.
Optionally, before receiving the subscription request that above-mentioned first account number is sent, the above method further include: mark off above-mentioned the The ability permission of one account number and above-mentioned second account number, wherein above-mentioned first account number has the power to above-mentioned data subscription to be subscribed to Limit, above-mentioned second account number have the permission for managing above-mentioned data to be subscribed to, and managing includes examining in the permission of above-mentioned data to be subscribed to The permission of the above-mentioned subscription request of core.
Optionally, before receiving the subscription request that above-mentioned first account number is sent, the above method further include: determine and data are provided The administration authority in source, wherein above-mentioned data resource includes above-mentioned data to be subscribed to, and the administration authority to above-mentioned data resource includes At least one of: to the administration authority of data directory, to the administration authority of metadata, in above-mentioned data directory include it is above-mentioned to The directory information of data is subscribed to, includes the data information of above-mentioned data to be subscribed in above-mentioned metadata.
Optionally, before receiving the subscription request that above-mentioned first account number is sent, the above method further include: determine to using journey The administration authority of sequence interface API service resource, wherein include accessing connecing for above-mentioned data to be subscribed in above-mentioned API service resource Message breath.
Optionally, before receiving the subscription request that above-mentioned first account number is sent, the above method further include: determine to it is above-mentioned to Subscribe to data subscription management permission, wherein the above-mentioned subscription management permission to above-mentioned data to be subscribed to include it is following at least it One: to the condition managing of above-mentioned subscription request, to the workflow management that above-mentioned subscription is requested, to the inquiry pipe of above-mentioned subscription request Reason.
Optionally, after above-mentioned subscription request being sent to the second account number, the above method further include: requested in above-mentioned subscription In the case that the audit fails, the first account number of Xiang Shangshu sends response message, wherein above-mentioned response message is used to indicate above-mentioned the One account number retransmits above-mentioned subscription request.
According to another embodiment of the invention, a kind of data access device is provided, comprising: the first receiving module is used It is requested in receiving the subscription that the first account number is sent, wherein above-mentioned subscription request is above-mentioned wait order for the data to be subscribed to that pull subscription It reads data and has accessed permission;First sending module, for above-mentioned subscription request to be sent to the second account number, wherein on It states the second account number and has the permission for auditing above-mentioned subscription request;Second sending module, for passing through in above-mentioned subscription request audit In the case where, the subscription permission of above-mentioned data to be subscribed to is sent to above-mentioned first account number, so that above-mentioned first account number can visit Ask above-mentioned data to be subscribed to.
According to still another embodiment of the invention, a kind of storage medium is additionally provided, meter is stored in the storage medium Calculation machine program, wherein the computer program is arranged to execute the step in any of the above-described embodiment of the method when operation.
According to still another embodiment of the invention, a kind of electronic device, including memory and processor are additionally provided, it is described Computer program is stored in memory, the processor is arranged to run the computer program to execute any of the above-described Step in embodiment of the method.
Through the invention, due to receive the first account number send subscription request, wherein subscribe to request for pull subscription to Data are subscribed to, data to be subscribed to have accessed permission;Request will be subscribed to and be sent to the second account number, wherein the second account number tool The permission of request is subscribed in standby audit;In the case where subscription request audit passes through, the subscription permission of data to be subscribed to is sent to First account number, so that the first account number is able to access that data to be subscribed to.It may be implemented respective using the first account number and the second account number Permission treats subscription data and is audited and accessed.To increase the safety of data access.Therefore, data access rights be can solve The problem of limit, achievees the effect that have secure access to subscription formula data.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes part of this application, this hair Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is a kind of hardware block diagram of the mobile terminal of data access method of the embodiment of the present invention;
Fig. 2 is the flow chart of data access method according to an embodiment of the present invention;
Fig. 3 is the implementation flow chart in the present embodiment;
Fig. 4 is the structural block diagram of data access device according to an embodiment of the present invention.
Specific embodiment
Hereinafter, the present invention will be described in detail with reference to the accompanying drawings and in combination with Examples.It should be noted that not conflicting In the case of, the features in the embodiments and the embodiments of the present application can be combined with each other.
It should be noted that description and claims of this specification and term " first " in above-mentioned attached drawing, " Two " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.
Embodiment of the method provided by the embodiment of the present application can be in mobile terminal, terminal or similar operation It is executed in device.For running on mobile terminals, Fig. 1 is a kind of mobile end of data access method of the embodiment of the present invention The hardware block diagram at end.As shown in Figure 1, mobile terminal 10 may include one or more (only showing one in Fig. 1) processing Device 102 (processing unit that processor 102 can include but is not limited to Micro-processor MCV or programmable logic device FPGA etc.) and Memory 104 for storing data, optionally, above-mentioned mobile terminal can also include the transmission device for communication function 106 and input-output equipment 108.It will appreciated by the skilled person that structure shown in FIG. 1 is only to illustrate, simultaneously The structure of above-mentioned mobile terminal is not caused to limit.For example, mobile terminal 10 may also include it is more than shown in Fig. 1 or less Component, or with the configuration different from shown in Fig. 1.
Memory 104 can be used for storing computer program, for example, the software program and module of application software, such as this hair The corresponding computer program of data access method in bright embodiment, processor 102 are stored in memory 104 by operation Computer program realizes above-mentioned method thereby executing various function application and data processing.Memory 104 may include High speed random access memory, may also include nonvolatile memory, as one or more magnetic storage device, flash memory or its His non-volatile solid state memory.In some instances, memory 104 can further comprise remotely setting relative to processor 102 The memory set, these remote memories can pass through network connection to mobile terminal 10.The example of above-mentioned network includes but not It is limited to internet, intranet, local area network, mobile radio communication and combinations thereof.
Transmitting device 106 is used to that data to be received or sent via a network.Above-mentioned network specific example may include The wireless network that the communication providers of mobile terminal 10 provide.In an example, transmitting device 106 includes a Network adaptation Device (Network Interface Controller, referred to as NIC), can be connected by base station with other network equipments to It can be communicated with internet.In an example, transmitting device 106 can for radio frequency (Radio Frequency, referred to as RF) module is used to wirelessly be communicated with internet.
A kind of data access method is provided in the present embodiment, and Fig. 2 is data access side according to an embodiment of the present invention The flow chart of method, as shown in Fig. 2, the process includes the following steps:
Step S202 receives the subscription request that the first account number is sent, wherein subscribe to request for pulling subscription to subscription According to data to be subscribed to have accessed permission;
Step S204 will subscribe to request and be sent to the second account number, wherein the second account number has the power that request is subscribed in audit Limit;
The subscription permission of data to be subscribed to is sent to first in the case where subscription request audit passes through by step S206 Account number, so that the first account number is able to access that data to be subscribed to.
Through the above steps, the subscription request sent due to receiving the first account number, wherein subscribe to request for pulling subscription Data to be subscribed to, data to be subscribed to have accessed permission;Request will be subscribed to and be sent to the second account number, wherein the second account number Has the permission that request is subscribed in audit;In the case where subscription request audit passes through, the subscription permission of data to be subscribed to is sent To the first account number, so that the first account number is able to access that data to be subscribed to.It may be implemented to utilize the first account number and the second account number respectively Permission treat subscribe to data audited and accessed.To increase the safety of data access.Therefore, it can solve data access The problem of permission, achievees the effect that have secure access to subscription formula data.
Optionally, the executing subject of above-mentioned steps can be terminal etc., but not limited to this.
Optionally, the present embodiment can be applied in the scene for needing to carry out data access, for example, each account number is from data When data needed for Sharing Center applies, data subscription application, after application approval passes through, account number are initiated using the mode of on-line subscription Accessible and request for utilization data.
Optionally, it subscribes to and requests to include but be not limited to voice, text etc..First account number and the second account number have difference Permission, corresponding to different user roles.First account number is suitable for the user of request data, and the second account number is suitable for examination & approval User.There can be the role of associated rights for its binding according to the division of authority & responsibility of user.User is by subscribing to oneself permission model The data enclosed, after completing approval process, so that it may access and use data.
It is alternatively possible to the present embodiment is integrated in a system, for example, the Data Access Security system based on the formula of subscription System.
It optionally, include but is not limited to the audit of legitimacy to the audit for subscribing to request.
In an alternative embodiment, before receiving the subscription request that the first account number is sent, method further include:
S1 marks off the ability permission of the first account number and the second account number, wherein the first account number have treat subscribe to data order The permission read, the second account number have the permission for managing data to be subscribed to, and managing in the permission of data to be subscribed to includes that audit is subscribed to The permission of request.
Optionally, in the present embodiment, the ability permission for marking off the first account number and the second account number, which belongs to, to be weighed to role The information of first account number and the second account number is added to target application (for example, the data safety based on the formula of subscription is visited by the management of limit Ask system) in, the permission for subscribing to request will be sent and bound with the first account number.By the management and the progress of the second account number to data Binding.
Optionally, the first account number and the second account number correspond to different ranks, and the grade of the second account number is higher than the first account number Grade.
Through this embodiment, by authorizing different operating rights to without the account number of rank, data access can be increased Safety.
In an alternative embodiment, before receiving the subscription request that the first account number is sent, method further include:
S1 determines the administration authority to data resource, wherein data resource includes data to be subscribed to, to data resource Administration authority includes at least one of: to the administration authority of data directory, to the administration authority of metadata, being wrapped in data directory The directory information of data to be subscribed to is included, includes the data information of data to be subscribed in metadata.
Optionally, in the present embodiment, data directory and metadata can be divided into data resource.Wherein, including logarithm According to the maintenance (addition is deleted, modification, inquiry, publication etc.) of catalogue, (addition deletes, is modification, inquiry, same for the management of metadata Step, publication etc.).
It is alternatively possible to by the administration authority to data resource in conjunction with the administration authority of account number.
Through this embodiment, by the rights management to data resource, the safety of data access can be increased.
In an alternative embodiment, before receiving the subscription request that the first account number is sent, method further include:
S1 determines the administration authority to application programming interfaces API service resource, wherein includes access in API service resource The interface message of data to be subscribed to.
Optionally, in the present embodiment, include the generation of API service to the administration authority of API service resource, delete, repair The functions such as change, inquire, issuing.API service resource includes the chained address of data to be subscribed to.
In an alternative embodiment, before receiving the subscription request that the first account number is sent, method further include:
S1, determine treat subscribe to data subscription management permission, wherein treat subscribe to data subscription management permission include At least one of: to the condition managing for subscribing to request, to the workflow management requested is subscribed to, to the searching and managing for subscribing to request.
It optionally, in the present embodiment, include subscribing to request and whether being reviewed, audit to be to the condition managing for subscribing to request It is no to pass through.It include the status tracking etc. for subscribing to request to the workflow management for subscribing to request.To the searching and managing packet for subscribing to request Include the status inquiry for subscribing to request.
Through this embodiment, it by the determination to the subscription management permission for subscribing to data, has standardized to treat and has subscribed to data Management.
Optionally, it will subscribe to after requesting to be sent to the second account number, method further include:
S1 sends response message to the first account number, wherein response message in the case where the audit fails for subscription request It is used to indicate the first account number and retransmits subscription request.
Optionally, for example, retransmitting in the case that subscription request is illegal request and subscribing to request, meet in transmission pre- In the case where determining number, ending request.
In an alternative embodiment, it will subscribe to before requesting to be sent to the second account number, method further include:
The ability permission of second account number and the permission of data to be subscribed to are associated by S1 so that the second account number have it is careful Core subscribes to the ability of request.
Optionally, the ability permission of the second account number is associated with the permission of data to be subscribed to, and can increase the pipe to data Reason.
The present invention will be described combined with specific embodiments below:
The present embodiment is illustrated by taking the Data Access Security system based on the formula of subscription as an example, and the system is unified by establishing Account right management system, resource (Api Service Source, data resource, menu resource) is licensed into role, according to account number Division of authority & responsibility has the role of associated rights for its binding.Account number is completed to examine by the data of oneself extent of competence of subscription After process, so that it may access and use data.
The Data Access Security system of subscription formula includes system administration, resource management, subscription management.System administration: including Account Administration, Role Management, role authorization.Account Administration: the maintenance to account (addition is deleted, modification, inquiry).Angle The functions such as color binding management (binding, modification binding are cancelled in binding).
Role Management: the maintenance (addition is deleted, modification, inquiry) to role, role is divided into account number role and data angle Color.Account number role is different according to account number power and responsibility, is that account number is associated with corresponding menu permission, basic account number role includes system pipes Reason person, subscribes to examination & approval person, common account number at data administrator;Data role is that relevant account number may have access to data resource and API money The permission in source.
Role authorization: to the account number role for not having to rank, different menu operation permissions is authorized;According to data use scope Difference, authorize corresponding data resource and API access authorization for resource to data role.
Resource management: including data resource management and API service resource management.
Data resource management: data resource is divided into Resource TOC and metadata.Including to Resource TOC maintenance (addition, Deletion, modification, inquiry, publication etc.), the management (addition, deletion, modification, inquiry, synchronous, publication etc.) of metadata.
API service resource management: the functions such as generation, deletion, modification, inquiry, publication including API service.
Subscription management: including subscribing to applications management and subscribing to examination & approval management.
Subscribe to applications management: including initiating subscription, query of subscription, subscription status tracking, revocation application etc., account number is according to industry Business needs, and can apply for API service resource and data resource (Resource TOC, metadata).
Subscribe to examination & approval management: including inquiring, auditing subscription request slip.
For example, it is assumed that there is system manager A, while data administrator B account number is created, examination & approval person C account number is subscribed to, commonly orders It reads account number N, may have access to and use resource S, data role R;System manager A establishes the relevant information of resource C, and issues out It goes;Role R is tied to common subscribe on account number N by system manager A;Data administrator B authorizes access and uses and provides to role R The permission of source S;Subscription application common to subscribe to account number N, that access is initiated to resource S and is used;Examination & approval person C is subscribed to subscription account number The request slip of N is audited, and legal application is confirmed as, and audit passes through;The permission that account number N was accessed and used resource S is subscribed to, Can resource S be accessed and be used.Complete Publish-subscribe-audit-consumption process of entire data.
Fig. 3 is the implementation flow chart in the present embodiment, as shown in Figure 3, comprising the following steps:
S301: system manager creates basic account number (there are management data and audit to subscribe to the account number of application), basic Role (account number role and data role) commonly subscribes to account number (consumers of data), goes to S302 and S303;
S302: system manager has the role of corresponding authority to each account number binding, goes to S304;
S303: system manager's establishing resource information, and resource is released;Go to S304;
S304: data administrator authorizes corresponding permission to each role, and account number role authorizes corresponding menu permission, number Corresponding data permission is authorized according to role, goes to S305;
S305: common account number of subscribing to initiates the data resource that can be accessed and use to subscribe to application, goes to S306;
S306: it subscribes to examination & approval person and request slip is audited, legal application approval is passed through, S307 is gone to;It is illegal Application, goes to S308;
S307: the accessible data resource with request for utilization of account number is subscribed to, is terminated;
S308: it subscribes to account number and the application of rejection is chosen whether to apply again, if applied again, go to S305;It is no Then, terminate;
New addition account number repeats S301-S308;New subscription application repeats S305-S308.
In conclusion data access and use based on the formula of subscription, on all processes all cablings, are guaranteeing data sharing Under the premise of, data utilization efficiency and business collaboration efficiency are provided significantly.Meanwhile by the control of data permission, also guarantee number According to the safety used.Subscriber can not only subscribe to data resource, also support subscription service, be truly realized data and service Theory, to greatest extent utilize data, create value.
Through the above description of the embodiments, those skilled in the art can be understood that according to above-mentioned implementation The method of example can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but it is very much In the case of the former be more preferably embodiment.Based on this understanding, technical solution of the present invention is substantially in other words to existing The part that technology contributes can be embodied in the form of software products, which is stored in a storage In medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that a terminal device (can be mobile phone, calculate Machine, server or network equipment etc.) execute method described in each embodiment of the present invention.
A kind of data access device is additionally provided in the present embodiment, and the device is real for realizing above-described embodiment and preferably Mode is applied, the descriptions that have already been made will not be repeated.As used below, the soft of predetermined function may be implemented in term " module " The combination of part and/or hardware.Although device described in following embodiment is preferably realized with software, hardware, or The realization of the combination of software and hardware is also that may and be contemplated.
Fig. 4 is the structural block diagram of data access device according to an embodiment of the present invention, as shown in figure 4, the device includes:
First receiving module 42, for receiving the subscription request of the first account number transmission, wherein subscribe to request and ordered for requesting Data to be subscribed to are read, data to be subscribed to have accessed permission;
First sending module 44 is sent to the second account number for that will subscribe to request, wherein the second account number has audit and subscribes to The permission of request;
Second sending module 46, for subscribe to request audit pass through in the case where, by the subscription permission of data to be subscribed to It is sent to the first account number, so that the first account number is able to access that data to be subscribed to.
Optionally, above-mentioned apparatus further include:
First division module marks off the first account number and second before the subscription request for receiving the transmission of the first account number The ability permission of account number, wherein the first account number has the permission treated and subscribe to data subscription, and the second account number, which has, to be managed wait subscribe to The permission of data, managing in the permission of data to be subscribed to includes that the permission requested is subscribed in audit.
Optionally, above-mentioned apparatus further include:
First determining module determines the management to data resource before the subscription request for receiving the transmission of the first account number Permission, wherein data resource includes data to be subscribed to, and the administration authority to data resource includes at least one of: to data The administration authority of catalogue, includes the directory information of data to be subscribed to the administration authority of metadata, in data directory, in metadata Data information including data to be subscribed to.
Optionally, above-mentioned apparatus further include:
Second determining module determines before the subscription request for receiving the transmission of the first account number to application programming interfaces API The administration authority of Service Source, wherein include the interface message for accessing data to be subscribed in API service resource.
Optionally, above-mentioned apparatus further include:
Third determining module determines to treat and subscribes to ordering for data before the subscription request for receiving the transmission of the first account number Read administration authority, wherein treating and subscribing to the subscription management permission of data includes at least one of: to the state pipe for subscribing to request Reason, the workflow management to request is subscribed to, to the searching and managing for subscribing to request.
Optionally, above-mentioned apparatus further include:
Third sending module, for that will subscribe to after request is sent to the second account number, subscribing to request, the audit fails In the case of, response message is sent to the first account number, wherein response message is used to indicate the first account number and retransmits subscription request.
Optionally, above-mentioned apparatus further include: relating module, for that will subscribe to before request is sent to the second account number, by the The ability permission and the permission of data to be subscribed to of two account numbers are associated, so that the second account number has the energy that request is subscribed in audit Power.
It should be noted that above-mentioned modules can be realized by software or hardware, for the latter, Ke Yitong Following manner realization is crossed, but not limited to this: above-mentioned module is respectively positioned in same processor;Alternatively, above-mentioned modules are with any Combined form is located in different processors.
The embodiments of the present invention also provide a kind of storage medium, computer program is stored in the storage medium, wherein The computer program is arranged to execute the step in any of the above-described embodiment of the method when operation.
Optionally, in the present embodiment, above-mentioned storage medium can be set to store by executing based on following steps Calculation machine program:
S1 receives the subscription request that the first account number is sent, wherein subscribe to request for the data to be subscribed to that pull subscription, to It subscribes to data and has accessed permission;
S2 will subscribe to request and be sent to the second account number, wherein the second account number has the permission that request is subscribed in audit;
The subscription permission of data to be subscribed to is sent to the first account number in the case where subscription request audit passes through by S3, with The first account number is set to be able to access that data to be subscribed to.
Optionally, in the present embodiment, above-mentioned storage medium can include but is not limited to: USB flash disk, read-only memory (Read- Only Memory, referred to as ROM), it is random access memory (Random Access Memory, referred to as RAM), mobile hard The various media that can store computer program such as disk, magnetic or disk.
The embodiments of the present invention also provide a kind of electronic device, including memory and processor, stored in the memory There is computer program, which is arranged to run computer program to execute the step in any of the above-described embodiment of the method Suddenly.
Optionally, above-mentioned electronic device can also include transmission device and input-output equipment, wherein the transmission device It is connected with above-mentioned processor, which connects with above-mentioned processor.
Optionally, in the present embodiment, above-mentioned processor can be set to execute following steps by computer program:
S1 receives the subscription request that the first account number is sent, wherein subscribe to request for the data to be subscribed to that pull subscription, to It subscribes to data and has accessed permission;
S2 will subscribe to request and be sent to the second account number, wherein the second account number has the permission that request is subscribed in audit;
The subscription permission of data to be subscribed to is sent to the first account number in the case where subscription request audit passes through by S3, with The first account number is set to be able to access that data to be subscribed to.
Optionally, the specific example in the present embodiment can be with reference to described in above-described embodiment and optional embodiment Example, details are not described herein for the present embodiment.
Obviously, those skilled in the art should be understood that each module of the above invention or each step can be with general Computing device realize that they can be concentrated on a single computing device, or be distributed in multiple computing devices and formed Network on, optionally, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored It is performed by computing device in the storage device, and in some cases, it can be to be different from shown in sequence execution herein Out or description the step of, perhaps they are fabricated to each integrated circuit modules or by them multiple modules or Step is fabricated to single integrated circuit module to realize.In this way, the present invention is not limited to any specific hardware and softwares to combine.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field For art personnel, the invention may be variously modified and varied.It is all within principle of the invention, it is made it is any modification, etc. With replacement, improvement etc., should all be included in the protection scope of the present invention.

Claims (9)

1. a kind of data access method characterized by comprising
Receive the subscription request of the first account number transmission, wherein subscriptions is requested for the data to be subscribed to that pull subscription, it is described to It subscribes to data and has accessed permission;
Subscription request is sent to the second account number, wherein second account number, which has, audits the permission for subscribing to request;
In the case where subscription request audit passes through, the subscription permission of the data to be subscribed to is sent to first account Number, so that first account number is able to access that the data to be subscribed to.
2. the method according to claim 1, wherein before receiving the subscription request that first account number is sent, The method also includes:
Mark off the ability permission of first account number and second account number, wherein first account number have to it is described to The permission of data subscription is subscribed to, second account number has the permission for managing the data to be subscribed to, and management is described to subscription According to permission in include audit it is described subscribe to request permission.
3. the method according to claim 1, wherein before receiving the subscription request that first account number is sent, The method also includes:
Determine the administration authority to data resource, wherein the data resource includes the data to be subscribed to, and is provided to the data The administration authority in source includes at least one of: to the administration authority of data directory, to the administration authority of metadata, the data Include the directory information of the data to be subscribed in catalogue, includes the data information of the data to be subscribed in the metadata.
4. the method according to claim 1, wherein before receiving the subscription request that first account number is sent, The method also includes:
Determine the administration authority to application programming interfaces API service resource, wherein include access institute in the API service resource State the interface message of data to be subscribed to.
5. the method according to claim 1, wherein before receiving the subscription request that first account number is sent, The method also includes:
Determine the subscription management permission to the data to be subscribed to, wherein the subscription management to the data to be subscribed to is weighed Limit includes at least one of: being ordered to the workflow management for subscribing to request to described to the condition managing for subscribing to request Read the searching and managing of request.
6. the method according to claim 1, wherein the subscription is requested after being sent to the second account number, institute State method further include:
In the case where the audit fails for subscription request, the first account number of Xiang Suoshu sends response message, wherein the response Message is used to indicate first account number and retransmits the subscription request.
7. a kind of data access device characterized by comprising
First receiving module, for receiving the subscription request of the first account number transmission, wherein the subscription request is for pulling subscription Data to be subscribed to, the data to be subscribed to have accessed permission;
First sending module, for subscription request to be sent to the second account number, wherein second account number has audit institute State the permission for subscribing to request;
Second sending module, in the case where subscription request audit passes through, the subscription of the data to be subscribed to be weighed Limit is sent to first account number, so that first account number is able to access that the data to be subscribed to.
8. a kind of storage medium, which is characterized in that be stored with computer program in the storage medium, wherein the computer Program is arranged to execute method described in any one of claim 1 to 6 when operation.
9. a kind of electronic device, including memory and processor, which is characterized in that be stored with computer journey in the memory Sequence, the processor are arranged to run the computer program to execute side described in any one of claim 1 to 6 Method.
CN201910775340.4A 2019-08-21 2019-08-21 Data access method and device, storage medium, electronic device Pending CN110472391A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910775340.4A CN110472391A (en) 2019-08-21 2019-08-21 Data access method and device, storage medium, electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910775340.4A CN110472391A (en) 2019-08-21 2019-08-21 Data access method and device, storage medium, electronic device

Publications (1)

Publication Number Publication Date
CN110472391A true CN110472391A (en) 2019-11-19

Family

ID=68513261

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910775340.4A Pending CN110472391A (en) 2019-08-21 2019-08-21 Data access method and device, storage medium, electronic device

Country Status (1)

Country Link
CN (1) CN110472391A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111859443A (en) * 2020-06-11 2020-10-30 上海简苏网络科技有限公司 Account level block chain privacy data access authority control method and system
CN113518089A (en) * 2021-07-15 2021-10-19 杭州华橙软件技术有限公司 Management method and device of access equipment, storage medium and electronic device
CN113872940A (en) * 2021-09-02 2021-12-31 华中科技大学 Access control method, device and equipment based on NC-Link

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8224873B1 (en) * 2008-05-22 2012-07-17 Informatica Corporation System and method for flexible security access management in an enterprise
CN105306498A (en) * 2014-06-12 2016-02-03 中国电信股份有限公司 Method and system of user for accessing third party application and cloud platform
CN106445824A (en) * 2016-09-30 2017-02-22 南京途牛科技有限公司 Interface comprehensiveness management system based on character
CN107368683A (en) * 2017-07-19 2017-11-21 郑州云海信息技术有限公司 One kind is based on cloud management platform case history storehouse shared system
CN108074068A (en) * 2016-11-14 2018-05-25 北京航天长峰科技工业集团有限公司 A kind of government affairs division data manages system
CN108549664A (en) * 2018-03-20 2018-09-18 北京道至易科技有限公司 A kind of document file management system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8224873B1 (en) * 2008-05-22 2012-07-17 Informatica Corporation System and method for flexible security access management in an enterprise
CN105306498A (en) * 2014-06-12 2016-02-03 中国电信股份有限公司 Method and system of user for accessing third party application and cloud platform
CN106445824A (en) * 2016-09-30 2017-02-22 南京途牛科技有限公司 Interface comprehensiveness management system based on character
CN108074068A (en) * 2016-11-14 2018-05-25 北京航天长峰科技工业集团有限公司 A kind of government affairs division data manages system
CN107368683A (en) * 2017-07-19 2017-11-21 郑州云海信息技术有限公司 One kind is based on cloud management platform case history storehouse shared system
CN108549664A (en) * 2018-03-20 2018-09-18 北京道至易科技有限公司 A kind of document file management system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111859443A (en) * 2020-06-11 2020-10-30 上海简苏网络科技有限公司 Account level block chain privacy data access authority control method and system
CN113518089A (en) * 2021-07-15 2021-10-19 杭州华橙软件技术有限公司 Management method and device of access equipment, storage medium and electronic device
CN113872940A (en) * 2021-09-02 2021-12-31 华中科技大学 Access control method, device and equipment based on NC-Link

Similar Documents

Publication Publication Date Title
CN103283186B (en) The system of shared digital content is provided for managing, store shared digital content the user in the group that customer relationship limits in multiplatform environments
CN103399530B (en) Method, system and control platform and control terminal that intelligent appliance is uniformly controlled
US10084790B2 (en) Peer to peer enterprise file sharing
CN104054321B (en) For the safety management of cloud service
CN109144961A (en) Authority sharing method and device
CN109286632B (en) Block chain-based big data authorization and evidence-storing method and system
CN115719265A (en) Method and system for realizing block chain
CN110472391A (en) Data access method and device, storage medium, electronic device
JP6934921B2 (en) A method and device for managing registration certificates by relaying between ECA and DCM in a security authentication management system for V2X communication.
CN108881108A (en) The method and apparatus of rights management
CN107211007A (en) Selective access to resource is provided
CN105991514B (en) A kind of service request authentication method and device
CN107579958A (en) Data managing method, apparatus and system
US9886685B2 (en) Distributed digital rights-managed file transfer and access control
CN105871821A (en) Device binding method
CN103366304B (en) A kind of usufructuary assignment method of virtual goods, device and equipment
CN101647219A (en) Mechanism for secure rehosting of licenses
CN110636057B (en) Application access method and device and computer readable storage medium
CN105933322B (en) Plug-in services acquisition methods, plug-in services providing method and device
CN113704210A (en) Data sharing method and electronic equipment
KR20090007954A (en) Method and system for downloading drm content
US20220067125A1 (en) Method for distributing certificate of right to use digital content, and computer program stored in medium in order to carry out method
CN113783829B (en) Method and device for realizing equipment access across platforms
CN108230052A (en) A kind of invoice issuing and method for uploading and system
CN113271289A (en) Method, system and computer storage medium for resource authorization and access

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20191119

RJ01 Rejection of invention patent application after publication