CN111428205A - Information sharing method and device - Google Patents
Information sharing method and device Download PDFInfo
- Publication number
- CN111428205A CN111428205A CN201910022028.8A CN201910022028A CN111428205A CN 111428205 A CN111428205 A CN 111428205A CN 201910022028 A CN201910022028 A CN 201910022028A CN 111428205 A CN111428205 A CN 111428205A
- Authority
- CN
- China
- Prior art keywords
- package
- shared
- information sharing
- resources
- sharing method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 68
- 238000013475 authorization Methods 0.000 claims description 26
- 238000009434 installation Methods 0.000 claims description 10
- 230000006870 function Effects 0.000 claims description 9
- 230000008859 change Effects 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 12
- 101100328886 Caenorhabditis elegans col-2 gene Proteins 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 230000008520 organization Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses an information sharing method and device, resources added into a packet to be shared are divided into a plurality of independent small resource packets according to granularity, and each small resource packet can set respective authority according to an authority strategy, so that limited use of information is guaranteed, the safety of information sharing is enhanced, and the use of the resources follows the authority of the resources; moreover, unnecessary management overhead is avoided.
Description
Technical Field
The present application relates to, but not limited to, big data technologies, and in particular, to an information sharing method and apparatus.
Background
In a multi-tenant system of a big data computing service, the following method can be roughly adopted for sharing data among tenants: one is to add the user to the item (Project) that needs to share data, which obviously causes confusion of the organization architecture; the other is to set two items needing to share data as items mutually trusted, but the concept of the tenant can be confused; another way is to share data among different projects by using packages (packages), wherein the content in one Package contains all the rights of the content, and as long as the content is authorized to the user in another project to have the rights, the content in one Package is all authorized to all the users sharing in the project of the Package together, so that the minimum authorization principle is violated, and data leakage is caused by over-authorization; when only part of the content in one package is to be shared, the package needs to be re-created, which results in a reduction in authentication efficiency and increases the complexity and cost of managing the package. Project refers to the basic unit of resource organization, isolation, metering and charging. The Package refers to a method for sharing resources among items, and the resources are put in a Package and shared with another plurality of items. The resources include data tables, user-defined functions, and the like.
For example, because the number of employees is large, sharing relations among projects are complex, and because of uncertainty of the employees, for example, some employees are outsourced, some employees are trainees, some employees leave jobs, and the like, if the resources of a project space are simply packaged and shared to another project according to the related technology and then authorized to specific employees in a package unit, although it is suitable and convenient for some employees, there is a possibility of excessive authorization for other employees.
Such as: if a certain employee is a intern, only the usage right of a table or a function in the Package is needed, but according to an inter-item information sharing mode in the related technology, the intern can have the right of the whole Package, so that the intern can have the right to download or view the content which should not have the right, and the data risk is greatly increased.
The following steps are repeated: when data sharing is performed across departments, sensitive information of different levels is often contained in a table, for example, one table may contain columns of employee IDs, mobile phone numbers, fingerprint information and the like, and the sensitive information belongs to different sensitive levels. In data sharing, it may be desirable to only share the employee ID column. However, due to the integrity of the table and the information sharing method among items in the related art, if the information is to be shielded, the source table needs to adjust the schema or share the data in a view creating manner, which inevitably brings a lot of unnecessary management overhead to the source table.
Disclosure of Invention
The application provides an information sharing method and device, which can enhance the safety of information sharing and avoid unnecessary management overhead.
The embodiment of the invention provides a first information sharing method, which comprises the following steps:
Adding resources into a to-be-shared package according to the granularity, and setting the authority of the resources according to an authority strategy;
And the obtained package to be shared is licensed to at least one project.
In one illustrative example, the method further comprises:
And according to the granularity, removing the specified resources from the package to be shared, or deleting the package to be shared.
In one illustrative example, the granularity includes: a database table, a column specified in a table, a custom function, an object in an object store.
In an exemplary instance, the permission includes an operation mode indicating that the resource corresponding to each granularity to be shared is allowed to be operated.
In one illustrative example, the manner of operation includes at least one of: read, write, get, update, delete, insert, modify/change, uninstall.
In one illustrative example, the method is applied to a multi-tenant system.
The application also provides a second information sharing method, which comprises the following steps:
Performing user authorization on resources added according to granularity in a received packet to be shared;
And sharing the resources in the package to be shared to the authorized user according to the authorization result of the user and the authority of the resources.
In one illustrative example, the method further comprises: and recovering the user authorization of the resources in the to-be-shared package.
In one illustrative example, the method further comprises: and unloading the to-be-shared package.
In one illustrative example, the method further comprises:
Viewing the resources in the package to be shared; and/or the presence of a gas in the gas,
And listing resources in the package to be shared and permissions corresponding to the resources, and allowing the installation of the item list of the package to be shared.
In one illustrative example, user authorization includes:
and appointing the package used in the received package to be shared through the privilege attribute, and authorizing the resource in the appointed package to use the user through a syntax of a structured query language SQ L access control list AC L.
The present application further provides a computer-readable storage medium storing computer-executable instructions for performing any one of the above-mentioned first information sharing methods and/or any one of the above-mentioned second information sharing methods.
The present application further provides an apparatus for implementing information sharing, including a memory and a processor, where the memory stores the following instructions executable by the processor: for performing any of the steps of one information sharing method and/or for performing any of the steps of the second information sharing method.
In the implementation scheme of the application package for cross-project space resource sharing through the package, a flexible authority control mode for resources in the package is supported. On one side of a resource user, the limited use of information is ensured, that is, only a user with a use authority, namely an authorized user, can use the resource corresponding to the authorized user according to a user authorization result, the safety of information sharing is enhanced, and the use of the resource follows the authority of the resource; in addition, the method and the device do not need the source table side to adjust the schema or share the data in a view creating mode, and avoid unnecessary management overhead.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The accompanying drawings are included to provide a further understanding of the claimed subject matter and are incorporated in and constitute a part of this specification, illustrate embodiments of the subject matter and together with the description serve to explain the principles of the subject matter and not to limit the subject matter.
Fig. 1 is a schematic flowchart illustrating an embodiment of an information sharing method according to the present application;
Fig. 2 is a schematic diagram illustrating an embodiment of adding resources to a Package in the information sharing method of the present application;
Fig. 3 is a schematic diagram illustrating an embodiment of allowing a project to install resources in the information sharing method according to the present application;
Fig. 4 is a schematic flowchart illustrating an information sharing method according to another embodiment of the present application;
Fig. 5 is a schematic diagram of an embodiment of fine-grained authorization in the information sharing method according to the present application;
Fig. 6 is a schematic structural diagram illustrating an embodiment of an information sharing apparatus according to the present application;
Fig. 7 is a schematic structural diagram of another embodiment of an information sharing apparatus according to the present application.
Detailed Description
To make the objects, technical solutions and advantages of the present application more apparent, embodiments of the present application will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
In one exemplary configuration of the present application, a computing device includes one or more processors (CPUs), input/output interfaces, a network interface, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer readable media does not include non-transitory computer readable media (transient media), such as modulated data signals and carrier waves.
The steps illustrated in the flow charts of the figures may be performed in a computer system such as a set of computer-executable instructions. Also, while a logical order is shown in the flow diagrams, in some cases, the steps shown or described may be performed in an order different than here.
Fig. 1 is a schematic flow diagram of an information sharing method according to the present application, and as shown in fig. 1, a resource provider on one side of a shared resource includes:
Step 100: and adding the resources into the package to be shared according to the granularity, and setting the authority of the resources according to the authority strategy.
the method comprises the following steps of creating (create) the package to be shared, wherein the way of creating a package < pkgnam > can be adopted by taking a structured query language (SQ L) as an example, and the pkgnam represents the name of the package to be shared.
In an exemplary instance, the granularity may be preset, for example, the resource divided by the granularity may be a database table (table), a column specified in the table, a custom function (Udf), an object in an object store, and so on.
In an exemplary example, the permission may represent an operation mode allowing the resource corresponding to each granularity to be shared, such as read (read), write (write), get (select), update (update), delete (delete), insert (insert), modify/change (alter), and the like.
taking SQ L as an example, the following manner can be adopted, wherein add < objectType > < resource > topackage with [ priv | privileges ] < privilelist >, wherein objectType represents the type of the resource such as a table, a column in the table, a custom function (Udf), an object, etc., resource represents the identification of the resource such as a table name, an identification of a column in the table, a Udf name, an object name, etc., and privilegelist represents the allowed operation manner such as read, write, select, update, delete, nsert, alter, etc.
In the application, the resources added to the package to be shared are not added as a whole, but are divided into a plurality of independent small resource packages according to the granularity and then added to the package to be shared, for example: adding a table, a Udf and the like into the package when the package is added, and assigning the table to a table column; moreover, each small resource packet can set respective authority according to a preset authority strategy, so that subsequent resource authorization and resource use are more targeted.
Fig. 2 is a schematic diagram of an embodiment of adding resources to Package in the information sharing method of the present application, and as shown in fig. 2, it is shown that a project a has resources to share, the resources to be shared include Udf1 and a second column (col2) in Table1 and are added in a Package a (Package a), and the authority of sharing Udf1 is set as read, and the authority of col2 in Table1 is set as select.
Step 101: and the obtained package to be shared is licensed to at least one project.
in an exemplary embodiment, taking SQ L as an example, the method may be implemented by allowing (all) the package to be shared to other items in a manner of (all) project < name > to install package < name >, where project < name > indicates a name of an item allowed to install the package to be shared, and may include more than one name of the item, that is, there may be a plurality of items allowed to install the package to be shared, and package < name > indicates a name of the package to be shared.
Fig. 3 is a schematic diagram of an embodiment of allowing a project to install resources in the information sharing method of the present application, and as shown in fig. 3, on the basis of the embodiment shown in fig. 2, resources added to Package a, such as Udf1 with read right and col2 in Table1 with select right, are allowed to be given to project B through this step.
Optionally, in an exemplary example, the information sharing method shown in fig. 1 further includes:
The specified resources are removed from the packet by granularity, or the entire packet is deleted.
After the resource is removed or the packet is deleted, the receiver of the packet, i.e. the resource user, cannot access the resource through the packet.
taking SQ L as an example, a (remove) resource can be removed from a package by removing < objectType > < resource > from package < name >, wherein objectType represents the type of the resource such as a table, a column in a table, a custom function (Udf), an object, etc., resource represents the identity of the resource such as a table name, an identity of a column in a table, a Udf name, an object name, etc., and package < name > represents the name of the package.
taking SQ L as an example, a (delete) package may be deleted in the following manner [ delete | drop ] package < name >, where package < name > represents the name of the package.
The present application further provides a computer-readable storage medium storing computer-executable instructions for performing any one of the information sharing methods shown in fig. 1.
The present application further provides an apparatus for implementing information sharing, including a memory and a processor, where the memory stores therein the steps of any one of the information sharing methods shown in fig. 1.
Fig. 4 is a schematic flowchart of another embodiment of the information sharing method of the present application, and as shown in fig. 4, the method for sharing resources on one side, i.e. a resource user, includes:
Step 400: and performing user authorization on the resources added according to the granularity in the received packet to be shared.
taking SQ L as an example, the following mode can be adopted, wherein the Installpackage < name > represents the name of the received package to be shared.
in an exemplary example, this step may specify a package to be used from the received package to be shared through a Privilege attribute (Privilege Properties), and may authorize (Grant) a resource in the specified package through an SQ L Access Control list (AC L, Access Control L ist) syntax, taking SQ L as an example, the following manner may be adopted:
Grant [ privileges ] ON < objectType > < objectName > TO USER | RO L E < principal name > ", where privileges represent allowed operation modes such as read, write, select, update, delete, nss, alter, etc., and provisiontypes represent types of resources such as tables, columns in tables, Udf, objects, etc., objectName represents the name of a resource, principal name represents the name of an authorized USER, PRIVI L egoppbase (" reject "", where privilexpject "", which represents the degree of an installation of a resource, and if a specific installation is specified, a specific installation is performed only for a specific resource, and if a specific installation is performed, the specific installation is performed.
In the application, limited use of the information is ensured by authorizing each small resource in the to-be-shared package, that is, only a user with a use authority can use the corresponding resource, so that the safety of sharing the information is enhanced; in addition, the method and the device do not need the source table side to adjust the schema or share the data in a view creating mode, and avoid unnecessary management overhead. The method and the device are suitable for being applied to multi-tenant systems, data sharing among cross departments, data sharing among cross company and cross departments, and the like.
Fig. 5 is a schematic diagram of an embodiment of fine-grained authorization in the information sharing method of the present application, as shown in fig. 5, on the side where the item B is located on the basis of the embodiment shown in fig. 3, Udf1 with read right in the received Package a is authorized to the user 1 in the item B through this step, that is, the user 1 is an authorized user of Udf1 with read right in the Package a; col2 in Table1 with select rights in received Package a is authorized to user 2 in item B, i.e., user 2 is an authorized user of col2 in Table1 with select rights in Package a.
Step 401: and sharing the resources in the package to be shared to the authorized user according to the authorization result of the user and the authority of the resources.
Through the processing of step 100 shown in fig. 1 and step 400 shown in fig. 4, in the implementation scheme of performing cross project space resource sharing through a package, a flexible authority management and control mode on resources in the package is supported. On one side of a resource user, the limited use of information is ensured, that is, only a user with a use authority, namely an authorized user, can use the resource corresponding to the authorized user according to a user authorization result, the safety of information sharing is enhanced, and the use of the resource follows the authority of the resource; in addition, the method and the device do not need the source table side to adjust the schema or share the data in a view creating mode, and avoid unnecessary management overhead.
Optionally, in an exemplary example, the information sharing method shown in fig. 4 further includes:
User authorization to reclaim (Revoke) resources in the package.
the method comprises the steps of creating a Package, creating a USER name, creating a list name, creating a rights name, creating a USER name, creating a rights list, creating a rights name, creating a rights, creating a rights.
Optionally, in an exemplary example, after the item in which the received package is located is used to not use the content in the package, the information sharing method shown in fig. 4 further includes:
And unloading the received packet to be shared.
taking SQ L as an example, a Uninstall package may be unloaded in a manner of Uninstall package < name >, where package < name > represents the name of the package.
Optionally, in an exemplary example, the information sharing method shown in fig. 4 further includes:
and viewing (descriptor) the received resource in the package to be shared, taking SQ L as an example, the following mode can be adopted, wherein the descriptor package < packageName >, and the packageName represents the name of the viewed package.
and/or listing (Show) resources in the package to be shared and corresponding rights of the resources, and allowing installation of a project list of the package to be shared, taking SQ L as an example, the following manner can be adopted, wherein objectType represents the type of the resources, such as a table, a column in the table, a custom function (Udf), an object and the like, and objectName represents the name of the resources.
The present application further provides a computer-readable storage medium storing computer-executable instructions for performing any one of the information sharing methods shown in fig. 4.
The present application further provides an apparatus for implementing information sharing, including a memory and a processor, where the memory stores therein the steps of any one of the information sharing methods shown in fig. 4.
In an exemplary instance, in a clouded scenario, both the side sharing the resource, i.e., the resource provider, and the side shared to the resource, i.e., the resource consumer, may be a logical project space. Specifically, the underlying devices of the resource provider and the resource consumer may be resources of a cloud provider, such as arrests, amazon AWS, and the like.
Fig. 6 is a schematic structural diagram of an embodiment of an information sharing apparatus according to the present application, as shown in fig. 6, at least including: the system comprises a first processing module and a permission module; wherein,
The first processing module is used for adding the resources into the to-be-shared package according to the granularity and setting the authority of the resources according to the authority strategy;
And the permission module is used for permitting the obtained package to be shared to at least one project.
In one illustrative example, the first processing module is further configured to: and creating the package to be shared.
In one illustrative example, the first processing module is further configured to: the specified resources are removed from the packet by granularity, or the entire packet is deleted.
In an exemplary instance, the granularity may be preset, for example, the resource divided by the granularity may be a database table (table), a column specified in the table, an object in an object store, and the like.
In an exemplary instance, the permission may represent an operation manner of allowing the resource corresponding to each granularity to be shared, such as one or any combination of the following: read (read), write (write), get (select), update (update), delete (delete), insert (insert), modify/change (alter), unload (uninstantall), and the like.
taking SQ L as an example, add < objectType > < resource > to package with [ priv | privileges ] < privilelist >, where objectType represents the type of the resource such as a table, a column in a table, a custom function (Udf), an object, etc., resource represents the identity of the resource such as a table name, an identity of a column in a table, a Udf name, an object name, etc., and privilegelist represents the allowed manner of operation such as read, write, select, update, delete, nsert, alter, etc.
In the application, the resources added to the package to be shared are not added as a whole, but are divided into a plurality of independent small resource packages according to the granularity and then added to the package to be shared, for example: adding a table, a Udf and the like into the package when the package is added, and assigning the table to a table column; moreover, each small resource packet can set respective authority according to a preset authority strategy, so that subsequent resource authorization and resource use are more targeted.
Fig. 7 is a schematic structural diagram of another embodiment of the information sharing apparatus according to the present application, as shown in fig. 7, the information sharing apparatus at least includes: the authorization module and the second processing module; wherein,
And the authorization module is used for performing user authorization on the resources added into the received packet to be shared according to the granularity.
And the second processing module is used for sharing the resources in the package to be shared to the authorized user according to the user authorization result and the resource authority.
In an exemplary example, the information sharing apparatus shown in fig. 7 further includes: and the installation module is used for installing the received to-be-shared package.
In one illustrative example, the second processing module is further configured to: user authorization of resources in the packet is recovered.
In one illustrative example, the second processing module is further configured to: and unloading the received packet to be shared.
In one illustrative example, the second processing module is further configured to: checking the resources in the received package to be shared; and/or listing resources in the package to be shared and rights corresponding to the resources, and allowing the installation of an item list of the package to be shared.
According to the implementation scheme, the method and the system for cross-project space resource sharing through the package support a flexible authority control mode on resources in the package. On one side of a resource user, the limited use of information is ensured, that is, only a user with a use authority, namely an authorized user, can use the resource corresponding to the authorized user according to a user authorization result, the safety of information sharing is enhanced, and the use of the resource follows the authority of the resource; in addition, the method and the device do not need the source table side to adjust the schema or share the data in a view creating mode, and avoid unnecessary management overhead.
Although the embodiments disclosed in the present application are described above, the descriptions are only for the convenience of understanding the present application, and are not intended to limit the present application. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the disclosure as defined by the appended claims.
Claims (13)
1. An information sharing method, comprising:
Adding resources into a to-be-shared package according to the granularity, and setting the authority of the resources according to an authority strategy;
And the obtained package to be shared is licensed to at least one project.
2. The information sharing method of claim 1, the method further comprising:
And according to the granularity, removing the specified resources from the package to be shared, or deleting the package to be shared.
3. The information sharing method according to claim 1 or 2, wherein the granularity includes: a database table, a column specified in a table, a custom function, an object in an object store.
4. The information sharing method according to claim 1 or 2, wherein the authority includes an operation mode indicating that the resource corresponding to each granularity to be shared is allowed to be operated.
5. The information sharing method according to claim 4, wherein the operation mode includes at least one of: read, write, get, update, delete, insert, modify/change, uninstall.
6. The information sharing method according to any one of claims 1 to 5, wherein the method is applied to a multi-tenant system.
7. An information sharing method, comprising:
Performing user authorization on resources added according to granularity in a received packet to be shared;
And sharing the resources in the package to be shared to the authorized user according to the authorization result of the user and the authority of the resources.
8. The information sharing method of claim 7, the method further comprising:
And recovering the user authorization of the resources in the to-be-shared package.
9. The information sharing method of claim 7, the method further comprising:
And unloading the to-be-shared package.
10. The information sharing method of claim 7, the method further comprising:
Viewing the resources in the package to be shared; and/or the presence of a gas in the gas,
And listing resources in the package to be shared and permissions corresponding to the resources, and allowing the installation of the item list of the package to be shared.
11. The information sharing method according to any one of claims 7 to 10, wherein the performing user authorization includes:
and appointing the package used in the received package to be shared through the privilege attribute, and authorizing the resource in the appointed package to use the user through a syntax of a structured query language SQ L access control list AC L.
12. A computer-readable storage medium storing computer-executable instructions for performing the information sharing method according to any one of claims 1 to 6, and/or the information sharing method according to any one of claims 7 to 11.
13. An apparatus for implementing information sharing, comprising a memory and a processor, wherein the memory has stored therein the following instructions executable by the processor: the method for sharing information according to any one of claims 1 to 6, and/or the method for sharing information according to any one of claims 7 to 11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910022028.8A CN111428205B (en) | 2019-01-10 | 2019-01-10 | Information sharing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910022028.8A CN111428205B (en) | 2019-01-10 | 2019-01-10 | Information sharing method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111428205A true CN111428205A (en) | 2020-07-17 |
| CN111428205B CN111428205B (en) | 2024-03-22 |
Family
ID=71545785
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910022028.8A Active CN111428205B (en) | 2019-01-10 | 2019-01-10 | Information sharing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111428205B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112307510A (en) * | 2020-11-02 | 2021-02-02 | 国网江苏省电力有限公司信息通信分公司 | Data asset authority management method and management system for data center |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1804883A (en) * | 2006-01-10 | 2006-07-19 | 威盛电子股份有限公司 | Authority controlling and managing method and system |
| TW200727171A (en) * | 2006-01-11 | 2007-07-16 | Via Tech Inc | Access control methods and systems |
| EP2672668A1 (en) * | 2012-06-06 | 2013-12-11 | Juniper Networks, Inc. | Creating searchable and global database of user visible process traces |
| CN104065750A (en) * | 2014-07-11 | 2014-09-24 | 中国人民公安大学 | Safety management method and system based on shared data |
| CN104995598A (en) * | 2013-01-22 | 2015-10-21 | 亚马逊技术有限公司 | Use of freeform metadata for access control |
| CN105979294A (en) * | 2015-11-26 | 2016-09-28 | 乐视致新电子科技(天津)有限公司 | Data processing method and device based on users |
| CN106485101A (en) * | 2015-08-24 | 2017-03-08 | 阿里巴巴集团控股有限公司 | The access method of data and device under a kind of cloud computing environment |
| CN108092945A (en) * | 2016-11-22 | 2018-05-29 | 中兴通讯股份有限公司 | Definite method and apparatus, the terminal of access rights |
-
2019
- 2019-01-10 CN CN201910022028.8A patent/CN111428205B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1804883A (en) * | 2006-01-10 | 2006-07-19 | 威盛电子股份有限公司 | Authority controlling and managing method and system |
| TW200727171A (en) * | 2006-01-11 | 2007-07-16 | Via Tech Inc | Access control methods and systems |
| EP2672668A1 (en) * | 2012-06-06 | 2013-12-11 | Juniper Networks, Inc. | Creating searchable and global database of user visible process traces |
| CN104995598A (en) * | 2013-01-22 | 2015-10-21 | 亚马逊技术有限公司 | Use of freeform metadata for access control |
| CN104065750A (en) * | 2014-07-11 | 2014-09-24 | 中国人民公安大学 | Safety management method and system based on shared data |
| CN106485101A (en) * | 2015-08-24 | 2017-03-08 | 阿里巴巴集团控股有限公司 | The access method of data and device under a kind of cloud computing environment |
| CN105979294A (en) * | 2015-11-26 | 2016-09-28 | 乐视致新电子科技(天津)有限公司 | Data processing method and device based on users |
| CN108092945A (en) * | 2016-11-22 | 2018-05-29 | 中兴通讯股份有限公司 | Definite method and apparatus, the terminal of access rights |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112307510A (en) * | 2020-11-02 | 2021-02-02 | 国网江苏省电力有限公司信息通信分公司 | Data asset authority management method and management system for data center |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111428205B (en) | 2024-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9600685B2 (en) | Destruction of sensitive information | |
| KR102157925B1 (en) | Data query method and apparatus | |
| US8832246B2 (en) | Service level mapping method | |
| US10650138B2 (en) | System call policies for containers | |
| US11042654B2 (en) | Using domains for flexible data access in heterogeneous system landscapes | |
| US20150180872A1 (en) | System and method for hierarchical resource permissions and role management in a multitenant environment | |
| US20170257379A1 (en) | Policy management, enforcement, and audit for data security | |
| US20170177892A1 (en) | Multi-domain application execution management | |
| US20180067848A1 (en) | Memory access control method and system | |
| CN110659259B (en) | Database migration method, server and computer storage medium | |
| WO2021208758A1 (en) | Data permissions management | |
| CN106575245A (en) | Distributed workload reassignment following communication failure | |
| CN106951795B (en) | Application data access isolation method and device | |
| CN114254336A (en) | Method, apparatus and system for enforcing data boundaries by using boundary tags | |
| CN111191279A (en) | Big data safe operation space implementation method and system oriented to data sharing service | |
| CN106295265A (en) | A kind of method and device of user authority management | |
| CN110968890A (en) | Operation control method and device based on permission | |
| CN111428205A (en) | Information sharing method and device | |
| CN112506661A (en) | AI (Artificial intelligence) cloud service calling method and device, storage medium and AI cloud service platform | |
| CN116628773A (en) | Data processing method, device, electronic equipment and storage medium | |
| US9785358B2 (en) | Management of extent checking in a storage controller during copy services operations | |
| CN114491495A (en) | Information system authority management device and method | |
| US9754121B2 (en) | System and methods for live masking file system access control entries | |
| CN102868690B (en) | Method and system for WEB service isolation and detection | |
| US20240169085A1 (en) | System and method for role based access control for data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40033549 Country of ref document: HK |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |