CN110474910A - A kind of right management method - Google Patents

A kind of right management method Download PDF

Info

Publication number
CN110474910A
CN110474910A CN201910762704.5A CN201910762704A CN110474910A CN 110474910 A CN110474910 A CN 110474910A CN 201910762704 A CN201910762704 A CN 201910762704A CN 110474910 A CN110474910 A CN 110474910A
Authority
CN
China
Prior art keywords
permission levels
role
rank
password
inquiry
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910762704.5A
Other languages
Chinese (zh)
Inventor
牛新民
施强
张育民
李斌
黄登基
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gansu Wanhua Jinhui Polytron Technologies Inc
Original Assignee
Gansu Wanhua Jinhui Polytron Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gansu Wanhua Jinhui Polytron Technologies Inc filed Critical Gansu Wanhua Jinhui Polytron Technologies Inc
Priority to CN201910762704.5A priority Critical patent/CN110474910A/en
Publication of CN110474910A publication Critical patent/CN110474910A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of right management methods, and preset organizational structure figure is obtained from mechanism management module, and wherein organisational chart includes at least one department's information, and department's information includes at least one role's rank;The corresponding Permission Levels of each described role's rank;The Permission Levels number is N, N >=5;The Permission Levels connect back end, say it is that data section is counted as N, each Permission Levels one back end of connection;Say be back end be in-house database in password for inquiry;The information of password for inquiry matching database;When users log on, according to the relation table of role's rank and Permission Levels, the permission of active user is managed.The grade of database and the quantity of Permission Levels are consistent, realize and synchronize classification, cause organizational structure figure to change according to the variation of the manpower of mechanism in this way, and the grade of in-house database, which is worked together, to be changed.

Description

A kind of right management method
Technical field
The invention belongs to computer fields, are related to a kind of right management method.
Background technique
It with the commonly used of IT application in management and rapidly develops, workflow management and process automation is proposed higher It is required that in order to cope with continually changing enterprise's internal and external environment and process demand, the various flow engines for workflow management are continuous It emerges in large numbers.
In the prior art, business process engine is cured, and developer generates business process engine according to demand Functional module, and be packaged functional module to form business process engine.For a user, business process engine is closing , user can only use its function of setting to operate when in use.However, for different enterprises, operation flow is Multifarious, cured business process engine is unable to satisfy the individual demand of different user, uses industry so as to cause user The experience of business flow engine is bad.
Meanwhile as long as being related to workflow examination and approval, the rights management issues that will necessarily be related between users at different levels, current process In engine, user, generally operation maintenance personnel are transferred in rights management mostly, to complete, since an enterprise or universities and colleges can generate Operation flow be it is diversified, this has resulted in the complexity of user right distribution, more than time-consuming and laborious, and once because of fortune The carelessness of dimension personnel leads to authority distribution mistake, is also easy to cause serious consequence.
Summary of the invention
It is an object of the invention to: a kind of right management method is provided, solves the deficiency of the above problem.
The technical solution adopted by the invention is as follows:
A kind of right management method obtains preset organizational structure figure, wherein organisational chart from mechanism management module Including at least one department's information, department's information includes at least one role's rank;Each described role's rank is corresponding One Permission Levels;The Permission Levels number is N, N >=5;The Permission Levels connect back end, say it is that data section points are N, each Permission Levels connect a back end;Say be back end be in-house database in password for inquiry;It looks into Ask the information of password match database;When users log on, according to the relation table of role's rank and Permission Levels, to active user Permission be managed.
The present invention is in order to solve the deficiency of traditional problem, the open agency internal database permission by the way of hierarchical, And the grade of in-house database is determined with password for inquiry;The grade of database and the quantity of Permission Levels are consistent, real Now synchronous classification causes organizational structure figure to change according to the variation of the manpower of mechanism in this way, the grade colleague of in-house database Variation.
Further, as a preferred solution: organization management module connection Role Management interface and personal management interface.
Further, as a preferred solution: the in-house database includes, according to role's rank and Permission Levels Role's rank of foundation and the relation table of Permission Levels;It the Permission Levels established according to the Permission Levels and password for inquiry and looks into Ask the relation table of password.
Further, as a preferred solution: including user account, the user account is logged by way of code entry Enter organization-local net, the heart shows role's rank according to department and name after logging in successfully.
Further, it as a preferred solution: the password of the local area network updated once every 30 days, can use It is mentioned in a kind of key real-time update system and method for CN201510750421.0:
Step 1: key real-time update system carries out enciphering/deciphering using initial key, and starts timer, works as timer After reaching setting time, start the update of key;
Step 2: the sending side equipment A (TX_A) intercepts the key of certain length, set Bit6, encapsulation from PN code sequence New key and handshake are sent to equipment B receiving side (RX_B) into reserved field after Encryption Algorithm encrypts;
Step 3: equipment B receiving side (RX_B) according to the key identification head and verification mode of agreement, to the key received into Row verification, the set Bit5 after verifying successfully issue equipment A by the sending side equipment B (TX_B);
Step 4: after the key reception that equipment A receives equipment B completes mark, clear Bit6, and set Bit7, use Xinmi City After key carries out data encryption, it is sent to equipment B;
Step 5: equipment B is decrypted using new key, set Bit4 after successful decryption, and clear Bit5 is sent out by equipment B Side (TX_B) is sent to issue equipment A;
Step 6: after equipment A receives the successful decryption mark of equipment B, clear Bit7 completes a round key and updates, and opens Dynamic timer starts timing, restarts next update after timing to setting time;
In conclusion by adopting the above-described technical solution, the beneficial effects of the present invention are:
1. the password of local area network updated primary every 30 days in the present invention, security performance is more preferable.
2. in the present invention grade of database and the quantity of Permission Levels it is consistent can preferably each mechanism of maintenance platform Essential information and each mechanism between structural information.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to embodiments, to the present invention It is further elaborated.It should be appreciated that described herein, specific examples are only used to explain the present invention, is not used to limit The fixed present invention, i.e., described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.
It should be noted that the relational terms of term " first " and " second " or the like be used merely to an entity or Operation is distinguished with another entity or operation, and without necessarily requiring or implying between these entities or operation, there are any This actual relationship or sequence.Moreover, the terms "include", "comprise" or its any other variant be intended to it is non-exclusive Property include so that include a series of elements process, method, article or equipment not only include those elements, but also Further include other elements that are not explicitly listed, or further include for this process, method, article or equipment it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described There is also other identical elements in the process, method, article or equipment of element.
A kind of right management method obtains preset organizational structure figure, wherein organisational chart from mechanism management module Including at least one department's information, department's information includes at least one role's rank;Each described role's rank is corresponding One Permission Levels;The Permission Levels number is N, N >=5;The Permission Levels connect back end, say it is that data section points are N, each Permission Levels connect a back end;Say be back end be in-house database in password for inquiry;It looks into Ask the information of password match database;When users log on, according to the relation table of role's rank and Permission Levels, to active user Permission be managed.
When work: the open agency internal database permission by the way of hierarchical, and by in-house database Grade is determined with password for inquiry;The grade of database and the quantity of Permission Levels are consistent, synchronous classification are realized, in this way according to mechanism Manpower variation cause organizational structure figure to change, the grade of in-house database is worked together variation.
Feature and performance of the invention are described in further detail below with reference to embodiment.
Embodiment one
A kind of right management method that present pre-ferred embodiments provide, the organization management module connection Role Management connect Mouth and personal management interface.The in-house database includes the role established according to role's rank and Permission Levels The relation table of rank and Permission Levels;According to the pass of Permission Levels and password for inquiry that the Permission Levels and password for inquiry are established It is table.Including user account, the user account is logged in by way of code entry into organization-local net, after logging in successfully The heart shows role's rank according to department and name.The password of the local area network updated primary every 30 days.
When work: it can be using mentioning in a kind of key real-time update system and method for CN201510750421.0:
Step 1: key real-time update system carries out enciphering/deciphering using initial key, and starts timer, works as timer After reaching setting time, start the update of key;
Step 2: the sending side equipment A (TX_A) intercepts the key of certain length, set Bit6, encapsulation from PN code sequence New key and handshake are sent to equipment B receiving side (RX_B) into reserved field after Encryption Algorithm encrypts;
Step 3: equipment B receiving side (RX_B) according to the key identification head and verification mode of agreement, to the key received into Row verification, the set Bit5 after verifying successfully issue equipment A by the sending side equipment B (TX_B);
Step 4: after the key reception that equipment A receives equipment B completes mark, clear Bit6, and set Bit7, use Xinmi City After key carries out data encryption, it is sent to equipment B;
Step 5: equipment B is decrypted using new key, set Bit4 after successful decryption, and clear Bit5 is sent out by equipment B Side (TX_B) is sent to issue equipment A;
Step 6: after equipment A receives the successful decryption mark of equipment B, clear Bit7 completes a round key and updates, and opens Dynamic timer starts timing, restarts next update after timing to setting time;
Wherein, Bit7: using new key encryption identification, is worth and is encrypted for 1 expression data with new key;Value indicates for 0 with old Key encryption;Bit6: key updating mark, being worth indicates to initiate key updating for 1;Value is that 0 expression key does not update;Bit5: it connects Receiving end receives new key mark, is worth and receives new key for 1 expression receiving end;Value is that 0 expression receiving end does not receive new key; Bit4: receiving end successful decryption mark, being worth indicates that receiving end uses new key successful decryption for 1;Value indicates that receiving end uses for 0 New key decryption error;Bit3~Bit0: being used for cipher key delivery, can arrange the marking head and verification mode of key, realizes close The update of code.
The foregoing is merely illustrative of the preferred embodiments of the present invention, the protection scope being not intended to limit the invention, any Those skilled in the art within the spirit and principles in the present invention made by any modifications, equivalent replacements, and improvements etc., It should all be included in the protection scope of the present invention.

Claims (5)

1. a kind of right management method, it is characterised in that: obtain preset organizational structure figure from mechanism management module, wherein group Stretching frame composition includes at least one department's information, and department's information includes at least one role's rank;Each described role Rank corresponds to a Permission Levels;The Permission Levels number is N, N >=5;
The Permission Levels connect back end, say it is that data section is counted as N, each Permission Levels one data section of connection Point;Say be back end be in-house database in password for inquiry;The information of password for inquiry matching database;When user steps on When record, according to the relation table of role's rank and Permission Levels, the permission of active user is managed.
2. a kind of right management method according to claim 1, it is characterised in that: the organization management module connects role Management interface and personal management interface.
3. a kind of right management method according to claim 1, it is characterised in that: the in-house database includes, According to the relation table of role's rank and Permission Levels that role's rank and Permission Levels are established;According to the Permission Levels and The relation table of Permission Levels and password for inquiry that password for inquiry is established.
4. a kind of right management method according to claim 1, it is characterised in that: including user account, user's account It number is logged in by way of code entry into organization-local net, the heart shows role's grade according to department and name after logging in successfully Not.
5. a kind of right management method according to claim 4, it is characterised in that: the password of the local area network was every 30 days It updates primary.
CN201910762704.5A 2019-08-19 2019-08-19 A kind of right management method Pending CN110474910A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910762704.5A CN110474910A (en) 2019-08-19 2019-08-19 A kind of right management method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910762704.5A CN110474910A (en) 2019-08-19 2019-08-19 A kind of right management method

Publications (1)

Publication Number Publication Date
CN110474910A true CN110474910A (en) 2019-11-19

Family

ID=68511826

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910762704.5A Pending CN110474910A (en) 2019-08-19 2019-08-19 A kind of right management method

Country Status (1)

Country Link
CN (1) CN110474910A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112328712A (en) * 2021-01-04 2021-02-05 清华四川能源互联网研究院 Graph database-based authority management method and device and electronic equipment
CN113505362A (en) * 2021-07-16 2021-10-15 长鑫存储技术有限公司 System authority control method, data center, control device and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004866A (en) * 2009-09-01 2011-04-06 上海杉达学院 Method and device for user identity verification and access control of information system
CN103001803A (en) * 2012-12-10 2013-03-27 上海斐讯数据通信技术有限公司 Method and system for achieving right management in network management
CN103400067A (en) * 2013-03-29 2013-11-20 青岛海信电器股份有限公司 Access control method, system and server
CN103516680A (en) * 2012-06-25 2014-01-15 上海博腾信息科技有限公司 Authority management system of office system and realizing method thereof
CN104753677A (en) * 2013-12-31 2015-07-01 腾讯科技(深圳)有限公司 Password hierarchical control method and system
CN108052526A (en) * 2017-11-07 2018-05-18 深圳云天励飞技术有限公司 Monitoring area right management method, device and storage medium
CN108153799A (en) * 2016-12-06 2018-06-12 阿里巴巴集团控股有限公司 Access and control strategy of database method, apparatus and Database Systems
CN109242420A (en) * 2018-08-22 2019-01-18 中国平安人寿保险股份有限公司 Authority control method, device, electronic equipment and storage medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004866A (en) * 2009-09-01 2011-04-06 上海杉达学院 Method and device for user identity verification and access control of information system
CN103516680A (en) * 2012-06-25 2014-01-15 上海博腾信息科技有限公司 Authority management system of office system and realizing method thereof
CN103001803A (en) * 2012-12-10 2013-03-27 上海斐讯数据通信技术有限公司 Method and system for achieving right management in network management
CN103400067A (en) * 2013-03-29 2013-11-20 青岛海信电器股份有限公司 Access control method, system and server
CN104753677A (en) * 2013-12-31 2015-07-01 腾讯科技(深圳)有限公司 Password hierarchical control method and system
CN108153799A (en) * 2016-12-06 2018-06-12 阿里巴巴集团控股有限公司 Access and control strategy of database method, apparatus and Database Systems
CN108052526A (en) * 2017-11-07 2018-05-18 深圳云天励飞技术有限公司 Monitoring area right management method, device and storage medium
CN109242420A (en) * 2018-08-22 2019-01-18 中国平安人寿保险股份有限公司 Authority control method, device, electronic equipment and storage medium

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112328712A (en) * 2021-01-04 2021-02-05 清华四川能源互联网研究院 Graph database-based authority management method and device and electronic equipment
CN112328712B (en) * 2021-01-04 2021-05-18 清华四川能源互联网研究院 Graph database-based authority management method and device and electronic equipment
CN113505362A (en) * 2021-07-16 2021-10-15 长鑫存储技术有限公司 System authority control method, data center, control device and storage medium
CN113505362B (en) * 2021-07-16 2023-09-22 长鑫存储技术有限公司 System authority management and control method, data center, management and control device and storage medium

Similar Documents

Publication Publication Date Title
CN105103488B (en) By the policy Enforcement of associated data
CN110957025A (en) Medical health information safety management system
CN103078841B (en) The method and system that a kind of preventative electronic data is saved from damage
CN103491093B (en) A kind of smart power grid user access authorization methods
CN105027130A (en) Delayed data access
CN104574176A (en) USBKEY-based secure online tax declaration method
CN102710633A (en) Cloud security management system of security electronic documents and method
CN105933315A (en) Network service security communication method, device and system
CN110474910A (en) A kind of right management method
CN106060073B (en) Channel key machinery of consultation
CN107358122A (en) The access management method and system of a kind of data storage
CN103220141A (en) Sensitive data protecting method and system based on group key strategy
CN109948331A (en) A kind of weak passwurd detection system and method
CN116542637B (en) Government platform safety control method based on computer
CN106326766A (en) HBase data reading control method
CN104125230A (en) Short message authentication service system and authentication method
CN104504079A (en) Drawing and document data outgoing method based on PDM (pulse duration modulation)
CN115270182A (en) Power grid project closed-loop control file management system
AU2019100775A4 (en) Secure Receipt Transfer Protocol: Cryptosystem, Communication Protocol, Systems, Methods and Smartphone Applications for End-To-End Encrypted Transfer of Tamper-Resistant Receipts as an Enabler for Anonymously-Individualized Marketing and Loyalty Management with Preservation of Buyers’ Anonymity and Privacy
CN108377244A (en) A kind of Intranet uniform authentication method
CN109544765A (en) A kind of electric power lock management method and system
CN112131544B (en) Shell script method for user management of springboard machine
CN109903046A (en) User data management and device based on block chain
CN115643573A (en) Privileged account authentication method and system based on dynamic security environment
CN112235368B (en) RFID equipment management system based on alliance block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20191119

RJ01 Rejection of invention patent application after publication