CN110474910A - A kind of right management method - Google Patents
A kind of right management method Download PDFInfo
- Publication number
- CN110474910A CN110474910A CN201910762704.5A CN201910762704A CN110474910A CN 110474910 A CN110474910 A CN 110474910A CN 201910762704 A CN201910762704 A CN 201910762704A CN 110474910 A CN110474910 A CN 110474910A
- Authority
- CN
- China
- Prior art keywords
- permission levels
- role
- rank
- password
- inquiry
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of right management methods, and preset organizational structure figure is obtained from mechanism management module, and wherein organisational chart includes at least one department's information, and department's information includes at least one role's rank;The corresponding Permission Levels of each described role's rank;The Permission Levels number is N, N >=5;The Permission Levels connect back end, say it is that data section is counted as N, each Permission Levels one back end of connection;Say be back end be in-house database in password for inquiry;The information of password for inquiry matching database;When users log on, according to the relation table of role's rank and Permission Levels, the permission of active user is managed.The grade of database and the quantity of Permission Levels are consistent, realize and synchronize classification, cause organizational structure figure to change according to the variation of the manpower of mechanism in this way, and the grade of in-house database, which is worked together, to be changed.
Description
Technical field
The invention belongs to computer fields, are related to a kind of right management method.
Background technique
It with the commonly used of IT application in management and rapidly develops, workflow management and process automation is proposed higher
It is required that in order to cope with continually changing enterprise's internal and external environment and process demand, the various flow engines for workflow management are continuous
It emerges in large numbers.
In the prior art, business process engine is cured, and developer generates business process engine according to demand
Functional module, and be packaged functional module to form business process engine.For a user, business process engine is closing
, user can only use its function of setting to operate when in use.However, for different enterprises, operation flow is
Multifarious, cured business process engine is unable to satisfy the individual demand of different user, uses industry so as to cause user
The experience of business flow engine is bad.
Meanwhile as long as being related to workflow examination and approval, the rights management issues that will necessarily be related between users at different levels, current process
In engine, user, generally operation maintenance personnel are transferred in rights management mostly, to complete, since an enterprise or universities and colleges can generate
Operation flow be it is diversified, this has resulted in the complexity of user right distribution, more than time-consuming and laborious, and once because of fortune
The carelessness of dimension personnel leads to authority distribution mistake, is also easy to cause serious consequence.
Summary of the invention
It is an object of the invention to: a kind of right management method is provided, solves the deficiency of the above problem.
The technical solution adopted by the invention is as follows:
A kind of right management method obtains preset organizational structure figure, wherein organisational chart from mechanism management module
Including at least one department's information, department's information includes at least one role's rank;Each described role's rank is corresponding
One Permission Levels;The Permission Levels number is N, N >=5;The Permission Levels connect back end, say it is that data section points are
N, each Permission Levels connect a back end;Say be back end be in-house database in password for inquiry;It looks into
Ask the information of password match database;When users log on, according to the relation table of role's rank and Permission Levels, to active user
Permission be managed.
The present invention is in order to solve the deficiency of traditional problem, the open agency internal database permission by the way of hierarchical,
And the grade of in-house database is determined with password for inquiry;The grade of database and the quantity of Permission Levels are consistent, real
Now synchronous classification causes organizational structure figure to change according to the variation of the manpower of mechanism in this way, the grade colleague of in-house database
Variation.
Further, as a preferred solution: organization management module connection Role Management interface and personal management interface.
Further, as a preferred solution: the in-house database includes, according to role's rank and Permission Levels
Role's rank of foundation and the relation table of Permission Levels;It the Permission Levels established according to the Permission Levels and password for inquiry and looks into
Ask the relation table of password.
Further, as a preferred solution: including user account, the user account is logged by way of code entry
Enter organization-local net, the heart shows role's rank according to department and name after logging in successfully.
Further, it as a preferred solution: the password of the local area network updated once every 30 days, can use
It is mentioned in a kind of key real-time update system and method for CN201510750421.0:
Step 1: key real-time update system carries out enciphering/deciphering using initial key, and starts timer, works as timer
After reaching setting time, start the update of key;
Step 2: the sending side equipment A (TX_A) intercepts the key of certain length, set Bit6, encapsulation from PN code sequence
New key and handshake are sent to equipment B receiving side (RX_B) into reserved field after Encryption Algorithm encrypts;
Step 3: equipment B receiving side (RX_B) according to the key identification head and verification mode of agreement, to the key received into
Row verification, the set Bit5 after verifying successfully issue equipment A by the sending side equipment B (TX_B);
Step 4: after the key reception that equipment A receives equipment B completes mark, clear Bit6, and set Bit7, use Xinmi City
After key carries out data encryption, it is sent to equipment B;
Step 5: equipment B is decrypted using new key, set Bit4 after successful decryption, and clear Bit5 is sent out by equipment B
Side (TX_B) is sent to issue equipment A;
Step 6: after equipment A receives the successful decryption mark of equipment B, clear Bit7 completes a round key and updates, and opens
Dynamic timer starts timing, restarts next update after timing to setting time;
In conclusion by adopting the above-described technical solution, the beneficial effects of the present invention are:
1. the password of local area network updated primary every 30 days in the present invention, security performance is more preferable.
2. in the present invention grade of database and the quantity of Permission Levels it is consistent can preferably each mechanism of maintenance platform
Essential information and each mechanism between structural information.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to embodiments, to the present invention
It is further elaborated.It should be appreciated that described herein, specific examples are only used to explain the present invention, is not used to limit
The fixed present invention, i.e., described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.
It should be noted that the relational terms of term " first " and " second " or the like be used merely to an entity or
Operation is distinguished with another entity or operation, and without necessarily requiring or implying between these entities or operation, there are any
This actual relationship or sequence.Moreover, the terms "include", "comprise" or its any other variant be intended to it is non-exclusive
Property include so that include a series of elements process, method, article or equipment not only include those elements, but also
Further include other elements that are not explicitly listed, or further include for this process, method, article or equipment it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described
There is also other identical elements in the process, method, article or equipment of element.
A kind of right management method obtains preset organizational structure figure, wherein organisational chart from mechanism management module
Including at least one department's information, department's information includes at least one role's rank;Each described role's rank is corresponding
One Permission Levels;The Permission Levels number is N, N >=5;The Permission Levels connect back end, say it is that data section points are
N, each Permission Levels connect a back end;Say be back end be in-house database in password for inquiry;It looks into
Ask the information of password match database;When users log on, according to the relation table of role's rank and Permission Levels, to active user
Permission be managed.
When work: the open agency internal database permission by the way of hierarchical, and by in-house database
Grade is determined with password for inquiry;The grade of database and the quantity of Permission Levels are consistent, synchronous classification are realized, in this way according to mechanism
Manpower variation cause organizational structure figure to change, the grade of in-house database is worked together variation.
Feature and performance of the invention are described in further detail below with reference to embodiment.
Embodiment one
A kind of right management method that present pre-ferred embodiments provide, the organization management module connection Role Management connect
Mouth and personal management interface.The in-house database includes the role established according to role's rank and Permission Levels
The relation table of rank and Permission Levels;According to the pass of Permission Levels and password for inquiry that the Permission Levels and password for inquiry are established
It is table.Including user account, the user account is logged in by way of code entry into organization-local net, after logging in successfully
The heart shows role's rank according to department and name.The password of the local area network updated primary every 30 days.
When work: it can be using mentioning in a kind of key real-time update system and method for CN201510750421.0:
Step 1: key real-time update system carries out enciphering/deciphering using initial key, and starts timer, works as timer
After reaching setting time, start the update of key;
Step 2: the sending side equipment A (TX_A) intercepts the key of certain length, set Bit6, encapsulation from PN code sequence
New key and handshake are sent to equipment B receiving side (RX_B) into reserved field after Encryption Algorithm encrypts;
Step 3: equipment B receiving side (RX_B) according to the key identification head and verification mode of agreement, to the key received into
Row verification, the set Bit5 after verifying successfully issue equipment A by the sending side equipment B (TX_B);
Step 4: after the key reception that equipment A receives equipment B completes mark, clear Bit6, and set Bit7, use Xinmi City
After key carries out data encryption, it is sent to equipment B;
Step 5: equipment B is decrypted using new key, set Bit4 after successful decryption, and clear Bit5 is sent out by equipment B
Side (TX_B) is sent to issue equipment A;
Step 6: after equipment A receives the successful decryption mark of equipment B, clear Bit7 completes a round key and updates, and opens
Dynamic timer starts timing, restarts next update after timing to setting time;
Wherein, Bit7: using new key encryption identification, is worth and is encrypted for 1 expression data with new key;Value indicates for 0 with old
Key encryption;Bit6: key updating mark, being worth indicates to initiate key updating for 1;Value is that 0 expression key does not update;Bit5: it connects
Receiving end receives new key mark, is worth and receives new key for 1 expression receiving end;Value is that 0 expression receiving end does not receive new key;
Bit4: receiving end successful decryption mark, being worth indicates that receiving end uses new key successful decryption for 1;Value indicates that receiving end uses for 0
New key decryption error;Bit3~Bit0: being used for cipher key delivery, can arrange the marking head and verification mode of key, realizes close
The update of code.
The foregoing is merely illustrative of the preferred embodiments of the present invention, the protection scope being not intended to limit the invention, any
Those skilled in the art within the spirit and principles in the present invention made by any modifications, equivalent replacements, and improvements etc.,
It should all be included in the protection scope of the present invention.
Claims (5)
1. a kind of right management method, it is characterised in that: obtain preset organizational structure figure from mechanism management module, wherein group
Stretching frame composition includes at least one department's information, and department's information includes at least one role's rank;Each described role
Rank corresponds to a Permission Levels;The Permission Levels number is N, N >=5;
The Permission Levels connect back end, say it is that data section is counted as N, each Permission Levels one data section of connection
Point;Say be back end be in-house database in password for inquiry;The information of password for inquiry matching database;When user steps on
When record, according to the relation table of role's rank and Permission Levels, the permission of active user is managed.
2. a kind of right management method according to claim 1, it is characterised in that: the organization management module connects role
Management interface and personal management interface.
3. a kind of right management method according to claim 1, it is characterised in that: the in-house database includes,
According to the relation table of role's rank and Permission Levels that role's rank and Permission Levels are established;According to the Permission Levels and
The relation table of Permission Levels and password for inquiry that password for inquiry is established.
4. a kind of right management method according to claim 1, it is characterised in that: including user account, user's account
It number is logged in by way of code entry into organization-local net, the heart shows role's grade according to department and name after logging in successfully
Not.
5. a kind of right management method according to claim 4, it is characterised in that: the password of the local area network was every 30 days
It updates primary.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910762704.5A CN110474910A (en) | 2019-08-19 | 2019-08-19 | A kind of right management method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910762704.5A CN110474910A (en) | 2019-08-19 | 2019-08-19 | A kind of right management method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110474910A true CN110474910A (en) | 2019-11-19 |
Family
ID=68511826
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910762704.5A Pending CN110474910A (en) | 2019-08-19 | 2019-08-19 | A kind of right management method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110474910A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112328712A (en) * | 2021-01-04 | 2021-02-05 | 清华四川能源互联网研究院 | Graph database-based authority management method and device and electronic equipment |
CN113505362A (en) * | 2021-07-16 | 2021-10-15 | 长鑫存储技术有限公司 | System authority control method, data center, control device and storage medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102004866A (en) * | 2009-09-01 | 2011-04-06 | 上海杉达学院 | Method and device for user identity verification and access control of information system |
CN103001803A (en) * | 2012-12-10 | 2013-03-27 | 上海斐讯数据通信技术有限公司 | Method and system for achieving right management in network management |
CN103400067A (en) * | 2013-03-29 | 2013-11-20 | 青岛海信电器股份有限公司 | Access control method, system and server |
CN103516680A (en) * | 2012-06-25 | 2014-01-15 | 上海博腾信息科技有限公司 | Authority management system of office system and realizing method thereof |
CN104753677A (en) * | 2013-12-31 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Password hierarchical control method and system |
CN108052526A (en) * | 2017-11-07 | 2018-05-18 | 深圳云天励飞技术有限公司 | Monitoring area right management method, device and storage medium |
CN108153799A (en) * | 2016-12-06 | 2018-06-12 | 阿里巴巴集团控股有限公司 | Access and control strategy of database method, apparatus and Database Systems |
CN109242420A (en) * | 2018-08-22 | 2019-01-18 | 中国平安人寿保险股份有限公司 | Authority control method, device, electronic equipment and storage medium |
-
2019
- 2019-08-19 CN CN201910762704.5A patent/CN110474910A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102004866A (en) * | 2009-09-01 | 2011-04-06 | 上海杉达学院 | Method and device for user identity verification and access control of information system |
CN103516680A (en) * | 2012-06-25 | 2014-01-15 | 上海博腾信息科技有限公司 | Authority management system of office system and realizing method thereof |
CN103001803A (en) * | 2012-12-10 | 2013-03-27 | 上海斐讯数据通信技术有限公司 | Method and system for achieving right management in network management |
CN103400067A (en) * | 2013-03-29 | 2013-11-20 | 青岛海信电器股份有限公司 | Access control method, system and server |
CN104753677A (en) * | 2013-12-31 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Password hierarchical control method and system |
CN108153799A (en) * | 2016-12-06 | 2018-06-12 | 阿里巴巴集团控股有限公司 | Access and control strategy of database method, apparatus and Database Systems |
CN108052526A (en) * | 2017-11-07 | 2018-05-18 | 深圳云天励飞技术有限公司 | Monitoring area right management method, device and storage medium |
CN109242420A (en) * | 2018-08-22 | 2019-01-18 | 中国平安人寿保险股份有限公司 | Authority control method, device, electronic equipment and storage medium |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112328712A (en) * | 2021-01-04 | 2021-02-05 | 清华四川能源互联网研究院 | Graph database-based authority management method and device and electronic equipment |
CN112328712B (en) * | 2021-01-04 | 2021-05-18 | 清华四川能源互联网研究院 | Graph database-based authority management method and device and electronic equipment |
CN113505362A (en) * | 2021-07-16 | 2021-10-15 | 长鑫存储技术有限公司 | System authority control method, data center, control device and storage medium |
CN113505362B (en) * | 2021-07-16 | 2023-09-22 | 长鑫存储技术有限公司 | System authority management and control method, data center, management and control device and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105103488B (en) | By the policy Enforcement of associated data | |
CN110957025A (en) | Medical health information safety management system | |
CN103078841B (en) | The method and system that a kind of preventative electronic data is saved from damage | |
CN103491093B (en) | A kind of smart power grid user access authorization methods | |
CN105027130A (en) | Delayed data access | |
CN104574176A (en) | USBKEY-based secure online tax declaration method | |
CN102710633A (en) | Cloud security management system of security electronic documents and method | |
CN105933315A (en) | Network service security communication method, device and system | |
CN110474910A (en) | A kind of right management method | |
CN106060073B (en) | Channel key machinery of consultation | |
CN107358122A (en) | The access management method and system of a kind of data storage | |
CN103220141A (en) | Sensitive data protecting method and system based on group key strategy | |
CN109948331A (en) | A kind of weak passwurd detection system and method | |
CN116542637B (en) | Government platform safety control method based on computer | |
CN106326766A (en) | HBase data reading control method | |
CN104125230A (en) | Short message authentication service system and authentication method | |
CN104504079A (en) | Drawing and document data outgoing method based on PDM (pulse duration modulation) | |
CN115270182A (en) | Power grid project closed-loop control file management system | |
AU2019100775A4 (en) | Secure Receipt Transfer Protocol: Cryptosystem, Communication Protocol, Systems, Methods and Smartphone Applications for End-To-End Encrypted Transfer of Tamper-Resistant Receipts as an Enabler for Anonymously-Individualized Marketing and Loyalty Management with Preservation of Buyers’ Anonymity and Privacy | |
CN108377244A (en) | A kind of Intranet uniform authentication method | |
CN109544765A (en) | A kind of electric power lock management method and system | |
CN112131544B (en) | Shell script method for user management of springboard machine | |
CN109903046A (en) | User data management and device based on block chain | |
CN115643573A (en) | Privileged account authentication method and system based on dynamic security environment | |
CN112235368B (en) | RFID equipment management system based on alliance block chain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191119 |
|
RJ01 | Rejection of invention patent application after publication |