CN110598388A - Method for controlling login access of authority system - Google Patents

Method for controlling login access of authority system Download PDF

Info

Publication number
CN110598388A
CN110598388A CN201910810084.8A CN201910810084A CN110598388A CN 110598388 A CN110598388 A CN 110598388A CN 201910810084 A CN201910810084 A CN 201910810084A CN 110598388 A CN110598388 A CN 110598388A
Authority
CN
China
Prior art keywords
user
login
control method
terminal
administrator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910810084.8A
Other languages
Chinese (zh)
Inventor
向科
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dajiang Network Technology (shanghai) Co Ltd
Original Assignee
Dajiang Network Technology (shanghai) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dajiang Network Technology (shanghai) Co Ltd filed Critical Dajiang Network Technology (shanghai) Co Ltd
Priority to CN201910810084.8A priority Critical patent/CN110598388A/en
Publication of CN110598388A publication Critical patent/CN110598388A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a login access control method of an authority system, which comprises a manager terminal and a user management module, wherein the manager terminal is connected with an internal local area network, the internal local area network is respectively connected with a firewall and a router, the manager terminal is also respectively connected with a user terminal, a data sharing server and a data exchange server, the user management module is connected with a user terminal, the user terminal enters a login entrance through CA certificate authentication, the login entrance logs in a body system through a certificate authentication module, the user terminal can also enter the login entrance through password authentication, and the login entrance logs in the body system through the password authentication module. The control method is simple, convenient to operate and convenient for users to quickly log in and control the access authority.

Description

Method for controlling login access of authority system
Technical Field
The invention relates to the technical field of authority systems, in particular to a login access control method of an authority system.
Background
The authority management generally refers to that a user can access and only can access authorized resources, not much, according to security rules or security policies set by a system. Rights management occurs within almost any system, as long as there is a system of users and passwords. System management is typically a module of the system. And the module typically also contains a rights management submodule.
In order to solve the problems that many existing systems, especially systems adopting hard coding modes, have many system bugs and login management is complex, the method for controlling login access of the authority system is provided in the application.
Disclosure of Invention
Objects of the invention
In order to solve the technical problems in the background technology, the invention provides a login access control method of an authority system.
(II) technical scheme
In order to solve the problems, the invention provides a login access control method of an authority system, which comprises a manager terminal and a user management module, wherein the manager terminal is connected with an internal local area network, the internal local area network is respectively connected with a firewall and a router, the manager terminal is also respectively connected with a user terminal, a data sharing server and a data exchange server, the user management module is connected with the user terminal, the user terminal enters a login entrance through CA certificate authentication, the login entrance logs in a body system through a certificate authentication module, the user terminal can also enter the login entrance through password authentication, and the login entrance logs in the body system through the password authentication module.
Preferably, the manager terminal is connected with a data acquisition device, and the data acquisition device acquires data files.
Preferably, the manager terminal is connected to the local system, the user management module and the input/output device.
Preferably, the user management module matches a third party with an illegal user, and prevents the illegal user from logging in.
Preferably, the user management module comprises a general user and an administrator.
Preferably, the administrator includes a general administrator and a super administrator.
Preferably, the general administrator can inquire personal information and inquire all user information.
Preferably, the super administrator may query personal information, query the user information, modify the user information, add the user information, and delete the user information.
The technical scheme of the invention has the following beneficial technical effects: the invention utilizes CA certificate authentication and password authentication to facilitate the login of the user authority system, improves the safety of the system, improves the operation efficiency of the system through the setting of a third party, an illegal user, a common user and an administrator user in the user management module, has simple control method and convenient operation, and facilitates the quick login and the control of the access authority of the user.
Drawings
Fig. 1 is a block diagram of a login access control method of a rights system according to the present invention.
Fig. 2 is a block diagram of a login access control method of a rights system according to the present invention.
Fig. 3 is a block diagram of a login access control method of a rights system according to the present invention.
Fig. 4 is a block diagram of a login access control method of a rights system according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings in conjunction with the following detailed description. It should be understood that the description is intended to be exemplary only, and is not intended to limit the scope of the present invention. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present invention.
As shown in fig. 1-2, the method for controlling login access of an authorization system according to the present invention includes a manager terminal and a user management module, wherein the manager terminal is connected to an internal local area network, the internal local area network is respectively connected to a firewall and a router, the manager terminal is further respectively connected to a user terminal, a data sharing server and a data exchange server, the user management module is connected to the user terminal, the user terminal enters a login entry through CA certificate authentication, the login entry logs in the body system through the certificate authentication module, the user terminal can also enter the login entry through password authentication, and the login entry logs in the body system through the password authentication module.
In an optional embodiment, the administrator terminal is connected to a data acquisition device, and the data acquisition device acquires a data file.
In an alternative embodiment, the administrator terminal is connected to the local system, the user management module and the input/output device.
In an optional embodiment, the user management module matches a third party with an illegal user, and prevents the illegal user from logging in.
In an alternative embodiment, the user management module includes a general user and an administrator.
In an alternative embodiment, the administrators include a general administrator and a super administrator.
In an alternative embodiment, the general administrator may query for personal information and query for all user information.
In an alternative embodiment, the hypervisor may query for personal information, query for the user information, modify user information, add user information, and delete user information.
It should be noted that, the invention utilizes CA certificate authentication and password authentication to facilitate the login of the user authority system, improve the security of the system, and through the settings of the third party, illegal user, common user and administrator user in the user management module, improve the operating efficiency of the system.
It is to be understood that the above-described embodiments of the present invention are merely illustrative of or explaining the principles of the invention and are not to be construed as limiting the invention. Therefore, any modification, equivalent replacement, improvement and the like made without departing from the spirit and scope of the present invention should be included in the protection scope of the present invention. Further, it is intended that the appended claims cover all such variations and modifications as fall within the scope and boundaries of the appended claims or the equivalents of such scope and boundaries.

Claims (8)

1. The method for controlling login access of the authority system comprises a manager terminal and a user management module, and is characterized in that the manager terminal is connected with an internal local area network, the internal local area network is respectively connected with a firewall and a router, the manager terminal is also respectively connected with a user terminal, a data sharing server and a data exchange server, the user management module is connected with the user terminal, the user terminal enters a login entrance through CA certificate authentication, the login entrance logs in the body system through a certificate authentication module, the user terminal can also enter the login entrance through password authentication, and the login entrance logs in the body system through the password authentication module.
2. The privilege system login access control method as claimed in claim 1, wherein the administrator terminal is connected to a data collection device, and the data collection device collects data files.
3. The privilege system login access control method of claim 1, wherein the administrator terminal is connected to a local system, a user management module and an input/output device.
4. The privilege system login access control method as claimed in claim 1, wherein the user management module matches a third party and an illegal user to block the illegal user from logging in.
5. The privilege system login access control method of claim 1, wherein the user management module comprises a common user and an administrator.
6. The privilege system login access control method of claim 5, wherein the administrator comprises a general administrator and a super administrator.
7. The privilege system login access control method as claimed in claim 6, wherein the general administrator can query personal information and query all user information.
8. The privilege system login access control method of claim 1, wherein the hypervisor can query personal information, query the user information, modify user information, add user information, and delete user information.
CN201910810084.8A 2019-08-29 2019-08-29 Method for controlling login access of authority system Pending CN110598388A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910810084.8A CN110598388A (en) 2019-08-29 2019-08-29 Method for controlling login access of authority system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910810084.8A CN110598388A (en) 2019-08-29 2019-08-29 Method for controlling login access of authority system

Publications (1)

Publication Number Publication Date
CN110598388A true CN110598388A (en) 2019-12-20

Family

ID=68856362

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910810084.8A Pending CN110598388A (en) 2019-08-29 2019-08-29 Method for controlling login access of authority system

Country Status (1)

Country Link
CN (1) CN110598388A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111614669A (en) * 2020-05-20 2020-09-01 北京金山云网络技术有限公司 Method, device and equipment for processing user information operation request and storage medium
CN112765629A (en) * 2021-01-25 2021-05-07 山西青峰软件股份有限公司 Method and system for preventing unauthorized access of education system
CN116342295A (en) * 2022-12-27 2023-06-27 北京汇易达数字科技有限公司 Back-end management method and system of double-record system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN2891503Y (en) * 2006-04-26 2007-04-18 北京华科广通信息技术有限公司 Security protection system for information system or equipment
CN101064717A (en) * 2006-04-26 2007-10-31 北京华科广通信息技术有限公司 Safety protection system of information system or equipment and its working method
CN101441734A (en) * 2007-11-19 2009-05-27 上海久隆电力科技有限公司 Unite identification authentication system
CN101860517A (en) * 2009-04-08 2010-10-13 北京博越世纪科技有限公司 Method for precisely controlling system user authority
CN102103735A (en) * 2010-12-22 2011-06-22 山东省电力学校 Computer automatic management system for teaching load

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN2891503Y (en) * 2006-04-26 2007-04-18 北京华科广通信息技术有限公司 Security protection system for information system or equipment
CN101064717A (en) * 2006-04-26 2007-10-31 北京华科广通信息技术有限公司 Safety protection system of information system or equipment and its working method
CN101441734A (en) * 2007-11-19 2009-05-27 上海久隆电力科技有限公司 Unite identification authentication system
CN101860517A (en) * 2009-04-08 2010-10-13 北京博越世纪科技有限公司 Method for precisely controlling system user authority
CN102103735A (en) * 2010-12-22 2011-06-22 山东省电力学校 Computer automatic management system for teaching load

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111614669A (en) * 2020-05-20 2020-09-01 北京金山云网络技术有限公司 Method, device and equipment for processing user information operation request and storage medium
CN112765629A (en) * 2021-01-25 2021-05-07 山西青峰软件股份有限公司 Method and system for preventing unauthorized access of education system
CN116342295A (en) * 2022-12-27 2023-06-27 北京汇易达数字科技有限公司 Back-end management method and system of double-record system

Similar Documents

Publication Publication Date Title
US10523656B2 (en) Session migration between network policy servers
US20210314312A1 (en) System and method for transferring device identifying information
AU2019206006B2 (en) System and method for biometric protocol standards
US9635029B2 (en) Role-based access control permissions
US9723007B2 (en) Techniques for secure debugging and monitoring
US20070157313A1 (en) Autonomic self-healing network
CN110598388A (en) Method for controlling login access of authority system
KR20050026624A (en) Integration security system and method of pc using secure policy network
CN116319024B (en) Access control method and device of zero trust system and zero trust system
CN114338105B (en) Zero trust based system for creating fort
US20240259383A1 (en) Multi factor authentication
CN111970232A (en) Safe access system of intelligent service robot of electric power business hall
Zeng et al. Building a zero-trust security protection system in the environment of the power Internet of Things
CN104918248A (en) Enterprise mobile safety gateway method of application flow management, application acceleration and safety
KR101404537B1 (en) A server access control system by automatically changing user passwords and the method thereof
US11663325B1 (en) Mitigation of privilege escalation
US20220311777A1 (en) Hardening remote administrator access
KR101277507B1 (en) System for security smart phone
TWI468979B (en) System and method for integrating access control and information facilities
US12107845B2 (en) Remote access computer security
CN101820438B (en) Computer starting method in local area network (LAN) and LAN
Basu et al. Strengthening Authentication within OpenStack Cloud Computing System through Federation with ADDS System
Su et al. Study of Cloud Computing Security Service Model
KR101400709B1 (en) System and method for the terminal service access control in a cloud computing environment
Bouazza et al. Surveing the challenges and requirements for identity in the cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20191220