CN111753287B - Authority control method and device - Google Patents
Authority control method and device Download PDFInfo
- Publication number
- CN111753287B CN111753287B CN202010596579.8A CN202010596579A CN111753287B CN 111753287 B CN111753287 B CN 111753287B CN 202010596579 A CN202010596579 A CN 202010596579A CN 111753287 B CN111753287 B CN 111753287B
- Authority
- CN
- China
- Prior art keywords
- authority
- mode
- functions
- enterprise
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Abstract
The invention provides a permission control method and a device, which relate to the technical field of system safety, and the method comprises the following steps: acquiring authority mode parameters, and determining a target authority mode according to the authority mode parameters; loading a plurality of target functions according to the target permission mode; acquiring login channel information and authentication mode information of an enterprise operator; determining an authority function in a plurality of target functions according to the login channel information and the authentication mode information; and generating the authority control information according to the authority function so that the enterprise operator can access the system according to the authority control information. The invention can provide a plurality of authority modes, and further authority control is carried out in the authority modes according to the login channel information and the authentication mode information, thereby improving the safety of the enterprise operator in using the system.
Description
Technical Field
The invention relates to the technical field of system security, in particular to a permission control method and device.
Background
In a banking channel system, an enterprise user typically has multiple operators. In order to ensure the security of the enterprise user to access the system, the authority of the operator is required to be controlled. Without the authority control, it is not guaranteed that the enterprise operator will only operate functions within the scope of the responsibilities. For different enterprise users, due to different service types, the required authority control modes are different for different authority control scenes. The existing authority control process only provides a single authority mode, and cannot meet the authority control requirements of various enterprise clients, and in the existing authority control scheme, an operator can access the system according to the authority mode after the authority mode is determined, so that the safety needs to be improved.
Disclosure of Invention
The invention provides an authority control method and device, which can meet the authority control of enterprise customers on the use of a bank system by enterprise operators and can improve the safety of the use of the bank channel system by the enterprise operators.
In a first aspect, an embodiment of the present invention provides an authority control method, where the method includes: acquiring authority mode parameters, and determining a target authority mode according to the authority mode parameters; loading a plurality of target functions according to the target permission mode; acquiring login channel information and authentication mode information of an enterprise operator; determining an authority function in the plurality of target functions according to the login channel information and the authentication mode information; generating authority control information according to the authority function so that the enterprise operator can access the system according to the authority control information
In a second aspect, an embodiment of the present invention further provides an authorization control apparatus, where the apparatus includes: the parameter module is used for acquiring authority mode parameters and determining a target authority mode according to the authority mode parameters; the loading module is used for loading a plurality of target functions according to the target permission mode; the information module is used for acquiring login channel information and authentication mode information of an enterprise operator; the determining module is used for determining an authority function in the target functions according to the login channel information and the authentication mode information; and the generating module is used for generating the authority control information according to the authority function so that the enterprise operator can access the system according to the authority control information.
In a third aspect, an embodiment of the present invention further provides a computer device, which includes a memory, a processor, and a computer program that is stored in the memory and is executable on the processor, where the processor implements the above-mentioned authorization control method when executing the computer program.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, where a computer program for executing the above-mentioned right control method is stored in the computer-readable storage medium.
The embodiment of the invention brings the following beneficial effects: the embodiment of the invention provides an authority control scheme, which comprises the steps of firstly obtaining authority mode parameters, determining a target authority mode according to the authority mode parameters, then loading a plurality of corresponding target functions according to the determined target authority mode, determining the authority function of an enterprise operator in the plurality of target functions according to login channel information and authentication mode information when the login channel information and the authentication mode information of the enterprise operator are obtained, and then generating authority control information according to the authority function, so that the enterprise operator can access a system according to the authority control information. The embodiment of the invention can provide a plurality of authority modes, and further authority control is carried out in the authority modes according to the login channel information and the authentication mode information, so that the safety of using the system by enterprise operators is improved.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of an authority control method according to an embodiment of the present invention;
fig. 2 is a schematic data flow diagram of an authorization control method according to an embodiment of the present invention;
fig. 3 is a block diagram of an authority control device according to an embodiment of the present invention;
FIG. 4 is a block diagram of another privilege control apparatus according to an embodiment of the present invention;
fig. 5 is a block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
At present, the existing authority control scheme usually provides single authority control and cannot meet the authority control requirements of some enterprise clients; and the authority control is not set for the login channel and the login authentication mode, so that the safety use of the system by an enterprise operator cannot be ensured.
Based on this, the method and the device for controlling the authority, provided by the embodiment of the invention, can provide a plurality of authority modes and basically meet the authority control requirements of enterprise clients; the enterprise operators have different login channels and authentication modes, and after the enterprise operators log in, the function accessibility is different, so that the safety of accessing the system by the users is improved.
For the convenience of understanding the embodiment, a detailed description will be given to an authority control method disclosed in the embodiment of the present invention.
The embodiment of the invention provides an authority control method, which can be applied to a bank channel system and comprises the following steps:
step S102, obtaining the authority mode parameter, and determining the target authority mode according to the authority mode parameter.
In the embodiment of the invention, the permission mode parameters can be selected according to the permission control requirements of the enterprise client. The permission mode parameter may be used to determine the target permission mode, for example, the parameter a, the corresponding permission mode is a, the parameter B, the corresponding permission mode is B, the parameter C, and the corresponding permission mode is C, and then when the acquired permission mode parameter is B, the target permission mode may be determined to be B according to the permission mode parameter B.
And step S104, loading a plurality of target functions according to the target authority mode.
In the embodiment of the invention, different authority modes correspond to different functions. After the target authority mode is selected, a plurality of target functions corresponding to the target authority mode are loaded.
For example, for three authority modes, single-person, role, and flexible, the enterprise client selects one authority mode as the target authority mode, and signs a bank product required by the enterprise. Under the single-person mode, the enterprise operator can call the functions corresponding to all bank products signed by the enterprise client. The role mode comprises management, authorization and inquiry roles, and each role corresponds to different management, authorization and inquiry functions of bank products. Under the role mode, one or more roles are configured for enterprise operators, and the enterprise operators can call the functions of the bank products signed by the clients corresponding to the enterprise configuration roles. The mode is suitable for the situation that enterprises arrange different employees to use bank products according to the process and the authorization flow. In the flexible mode, the enterprise customer signs a contract for a bank product, and the enterprise operator can configure different functions of the signed bank product. The method is most flexible and is suitable for different bank products signed under enterprises and scenes that the functions of the bank products are used by operators of different enterprises.
And step S106, obtaining login channel information and authentication mode information of the enterprise operator.
In the embodiment of the invention, different enterprise operators, login channels and authentication modes may be different. For example, the login channel may include a WEB (World Wide WEB) login or an APP (Application, mobile phone software) login. The authentication mode can include various modes, for a WEB login channel, the authentication mode includes password authentication, enterprise certificate authentication, dynamic password generator authentication and the like, and for an APP login channel, the authentication mode also includes biological identification authentication, such as face identification or fingerprint identification and the like. And when the enterprise operator accesses the system, acquiring login channel information and authentication mode information of the enterprise operator.
And step S108, determining authority functions in the plurality of target functions according to the login channel information and the authentication mode information.
In the embodiment of the invention, after the login channel information and the authentication mode information are acquired, the functions which can be accessed by an enterprise operator are determined in a plurality of target functions based on the login channel information and the authentication mode information, and the functions which the enterprise operator has the authority to access are taken as the authority functions.
And step S110, generating authority control information according to the authority function so that an enterprise operator can access the system according to the authority control information.
In the embodiment of the invention, the authority control information is generated according to the authority function, and the authority control information can be used for refusing or allowing an enterprise operator to access the system, thereby realizing the control of the authority of the enterprise operator and ensuring the safety of the system access.
It should be noted that, when the enterprise operator accesses the bank channel system, the system checks whether the enterprise operator has the right to access the currently used bank channel system according to the currently registered accessible function of the enterprise operator, if the enterprise operator does not have the right to access the currently used bank channel system, the system denies the access of the enterprise operator according to the right control information, and if the enterprise operator has the right, the system allows the enterprise operator to access the corresponding function in the system according to the right control information.
The embodiment of the invention provides an authority control scheme, which comprises the steps of firstly obtaining authority mode parameters, determining a target authority mode according to the authority mode parameters, then loading a plurality of corresponding target functions according to the determined target authority mode, determining the authority function of an enterprise operator in the plurality of target functions according to login channel information and authentication mode information when the login channel information and the authentication mode information of the enterprise operator are obtained, and then generating authority control information according to the authority function, so that the enterprise operator can access a system according to the authority control information. The embodiment of the invention can provide a plurality of authority modes, and further authority control is carried out in the authority modes according to the login channel information and the authentication mode information, so that the safety of using the system by enterprise operators is improved.
In consideration of improving the processing efficiency of the data related to the authority control, the following steps may be further performed before acquiring the authority mode parameter and determining the target authority mode according to the authority mode parameter.
A plurality of rights mode data are configured.
In embodiments of the present invention, the privilege mode data is used to determine the target functionality that the enterprise operator may access. Multiple privilege mode data may be configured according to the needs of the enterprise client, including, but not limited to, single-person privilege mode, role privilege mode, or flexible privilege mode, for example.
In order to improve the accuracy of the authority control, the authority function is determined in the multiple target functions according to the login channel information and the authentication mode information, and the method can be executed according to the following steps:
determining the risk level of an enterprise operator according to the login channel information and the authentication mode information; an authority function is determined among the plurality of target functions according to the risk level.
In the embodiment of the invention, the risk level of the enterprise operator is determined according to the login channel information and the authentication mode information, for example, the risk level is low risk, medium risk or high risk, different authority ranges are preset for different risk levels, after the risk level is determined, the risk level is matched with the preset authority range, and the target function which can be accessed by the enterprise operator is obtained, namely, the authority function is determined.
In order to facilitate the enterprise operator to acquire the authority control information, the authority control information is generated according to the authority function, and the method can be executed according to the following steps:
determining an interface of each authority function; and taking a plurality of authority functions and interfaces corresponding to each authority function as authority control information.
In the embodiment of the invention, according to the functions, the transaction mode, the interface list corresponding table, the login channel of the enterprise operator and the transaction mode corresponding to the authentication mode, the functions which can be operated under the current login of the operator and the interface list corresponding to the functions are filtered.
The method is described below with a specific example.
Firstly, an enterprise client selects an authority mode to sign a required bank product. The enterprise operator configures either roles or functions according to the privilege mode selected by the enterprise client. When the enterprise operator logs in, the authority loading module configures a loading function according to the authority of the enterprise operator, and after the loading function is completed, if the enterprise operator cannot access the current login channel in the corresponding transaction mode in the authentication mode, the authority is not in the accessible authority range of the enterprise operator in the current login. When the enterprise operator accesses the functions of the system, the authority verification module verifies whether the operator has authority to access.
The enterprise client selects an authority mode, single person, role or flexible mode, to sign the needed bank product. If the enterprise client selects the single-person mode, the authority of the enterprise operator is configured to all functions under bank products signed by the enterprise client. And if the enterprise client selects the role mode, configuring the corresponding role combination according to the function scope of the enterprise operator. And if the flexible mode is selected by the enterprise client, configuring the corresponding function combination according to the function range of the enterprise operator.
And when the enterprise operator logs in, loading all the functions signed by the enterprise operator according to the authority mode of the enterprise client. And filtering the functions which can be operated under the current logging of the operator and the interface list corresponding to the functions according to the functions, the transaction modes, the interface list corresponding table and the transaction modes corresponding to the login channels and the authentication modes of the enterprise operator.
When the enterprise operator accesses the bank channel system, whether the enterprise operator has the authority to access the currently used bank channel system or not is verified according to the function which can be accessed when the enterprise operator is currently registered.
The embodiment of the invention provides an authority control method and an authority control device, and refers to a data flow schematic diagram of the authority control method shown in fig. 2.
The embodiment of the invention also provides an authority control device, which is described in the following embodiment. Because the principle of the device for solving the problems is similar to that of the authority control method, the implementation of the device can refer to the implementation of the authority control method, and repeated parts are not described again. Referring to a block diagram of an authorization control device shown in fig. 3, the device includes:
a parameter module 71, configured to obtain an authority mode parameter, and determine a target authority mode according to the authority mode parameter; a loading module 72, configured to load a plurality of target functions according to the target permission mode; an information module 73, configured to obtain login channel information and authentication mode information of an enterprise operator; a determining module 74, configured to determine, according to the login channel information and the authentication manner information, an authority function among the multiple target functions; and a generating module 75, configured to generate the authority control information according to the authority function, so that the enterprise operator accesses the system according to the authority control information.
In one embodiment, referring to another block diagram of the rights control device shown in fig. 4, the device further includes a configuration module 76 for: configuring multiple authority mode data; the privilege mode data is used to determine the target functionality that the enterprise operator may access.
In an embodiment, the determining module is specifically configured to: determining the risk level of an enterprise operator according to the login channel information and the authentication mode information; an authority function is determined among the plurality of target functions according to the risk level.
In one embodiment, the generating module is specifically configured to: determining an interface of each authority function; and taking a plurality of authority functions and interfaces corresponding to each authority function as authority control information.
An embodiment of the present invention further provides a computer device, referring to the schematic block diagram of the structure of the computer device shown in fig. 5, the computer device includes a memory 81, a processor 82, and a computer program stored in the memory and capable of running on the processor, and when the processor executes the computer program, the steps of any one of the above-mentioned authorization control methods are implemented.
It can be clearly understood by those skilled in the art that, for convenience and simplicity of description, the specific working process of the computer device described above may refer to the corresponding process in the foregoing method embodiment, and details are not described herein again.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program for executing any one of the above-mentioned right control methods is stored in the computer-readable storage medium.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it should be understood by those skilled in the art that the following descriptions are only illustrative and not restrictive, and that the scope of the present invention is not limited to the above embodiments: those skilled in the art can still make modifications or changes to the embodiments described in the foregoing embodiments, or make equivalent substitutions for some features, within the scope of the disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (6)
1. An authority control method, comprising:
acquiring authority mode parameters, and determining a target authority mode according to the authority mode parameters;
loading a plurality of target functions according to the target permission mode;
acquiring login channel information and authentication mode information of an enterprise operator;
determining an authority function in the plurality of target functions according to the login channel information and the authentication mode information;
generating authority control information according to the authority function so that the enterprise operator can access a system according to the authority control information;
determining an authority function in the plurality of target functions according to the login channel information and the authentication mode information, wherein the authority function comprises the following steps:
determining the risk level of the enterprise operator according to the login channel information and the authentication mode information;
setting different authority ranges for different risk levels in advance, matching the risk levels with the preset authority ranges after the risk levels are determined, and determining authority functions in the multiple target functions;
generating authority control information according to the authority function, including:
determining an interface of each authority function;
taking a plurality of authority functions and an interface corresponding to each authority function as authority control information;
when an enterprise operator logs in, loading all functions signed by the enterprise operator according to the authority mode of an enterprise client, and filtering the functions which can be operated under the current logging of the operator and an interface list corresponding to the functions according to the functions, the transaction mode, the interface list corresponding table, the logging channels of the enterprise operator and the transaction mode corresponding to the authentication mode;
when the enterprise operator accesses the bank channel system, whether the enterprise operator has the authority to access the currently used bank channel system or not is verified according to the accessible function currently registered by the enterprise operator.
2. The method of claim 1, wherein before obtaining the privilege mode parameters and determining the target privilege mode according to the privilege mode parameters, further comprising:
configuring multiple authority mode data; the privilege mode data is used to determine the target functionality that the enterprise operator may access.
3. An authorization control device, comprising:
the parameter module is used for acquiring authority mode parameters and determining a target authority mode according to the authority mode parameters;
the loading module is used for loading a plurality of target functions according to the target authority mode;
the information module is used for acquiring login channel information and authentication mode information of an enterprise operator;
the determining module is used for determining an authority function in the target functions according to the login channel information and the authentication mode information;
the generating module is used for generating authority control information according to the authority function so that the enterprise operator can access the system according to the authority control information;
the determining module is specifically configured to:
determining the risk level of the enterprise operator according to the login channel information and the authentication mode information;
setting different authority ranges for different risk levels in advance, matching the risk levels with the preset authority ranges after the risk levels are determined, and determining authority functions in the multiple target functions;
the generation module is specifically configured to:
determining an interface for each of the permission functions;
taking a plurality of authority functions and an interface corresponding to each authority function as authority control information;
when an enterprise operator logs in, loading all functions signed by the enterprise operator according to the authority mode of an enterprise client, and filtering the functions which can be operated when the operator logs in at present and an interface list corresponding to the functions according to the functions, a transaction mode, an interface list corresponding table, a login channel of the enterprise operator and a transaction mode corresponding to an authentication mode;
when the enterprise operator accesses the bank channel system, whether the enterprise operator has the authority to access the currently used bank channel system or not is verified according to the function which can be accessed when the enterprise operator is currently registered.
4. The apparatus of claim 3, further comprising a configuration module to:
configuring multiple authority mode data; the privilege mode data is used to determine the target functionality that the enterprise operator may access.
5. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of claims 1 to 2 when executing the computer program.
6. A computer-readable storage medium, characterized in that it stores a computer program for performing the method of any of claims 1 to 2.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010596579.8A CN111753287B (en) | 2020-06-28 | 2020-06-28 | Authority control method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010596579.8A CN111753287B (en) | 2020-06-28 | 2020-06-28 | Authority control method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111753287A CN111753287A (en) | 2020-10-09 |
CN111753287B true CN111753287B (en) | 2022-07-22 |
Family
ID=72677502
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010596579.8A Active CN111753287B (en) | 2020-06-28 | 2020-06-28 | Authority control method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111753287B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102804200A (en) * | 2010-10-05 | 2012-11-28 | 株式会社希爱思异 | Two-factor user authentication system, and method therefor |
CN105574378A (en) * | 2015-12-09 | 2016-05-11 | 小米科技有限责任公司 | Terminal control method and terminal control device |
CN105718772A (en) * | 2016-01-20 | 2016-06-29 | 广东欧珀移动通信有限公司 | Permission mode selection method and device |
CN106998318A (en) * | 2016-01-22 | 2017-08-01 | 广东福地新视野光电技术有限公司 | A kind of PACS authority control method and system |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9202026B1 (en) * | 2011-11-03 | 2015-12-01 | Robert B Reeves | Managing real time access management to personal information |
US9582659B2 (en) * | 2014-11-20 | 2017-02-28 | International Business Machines Corporation | Implementing extent granularity authorization and deauthorization processing in CAPI adapters |
CN106779700B (en) * | 2016-11-15 | 2021-03-30 | 中国银行股份有限公司 | Cross-bank transaction authority control method and device |
CN109543372A (en) * | 2018-10-26 | 2019-03-29 | 深圳壹账通智能科技有限公司 | Service authority data processing method, device, computer equipment and storage medium |
CN110311899A (en) * | 2019-06-17 | 2019-10-08 | 平安医疗健康管理股份有限公司 | Multiservice system access method, device and server |
-
2020
- 2020-06-28 CN CN202010596579.8A patent/CN111753287B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102804200A (en) * | 2010-10-05 | 2012-11-28 | 株式会社希爱思异 | Two-factor user authentication system, and method therefor |
CN105574378A (en) * | 2015-12-09 | 2016-05-11 | 小米科技有限责任公司 | Terminal control method and terminal control device |
CN105718772A (en) * | 2016-01-20 | 2016-06-29 | 广东欧珀移动通信有限公司 | Permission mode selection method and device |
CN106998318A (en) * | 2016-01-22 | 2017-08-01 | 广东福地新视野光电技术有限公司 | A kind of PACS authority control method and system |
Also Published As
Publication number | Publication date |
---|---|
CN111753287A (en) | 2020-10-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109510849B (en) | Cloud-storage account authentication method and device | |
US10652235B1 (en) | Assigning policies for accessing multiple computing resource services | |
RU2691211C2 (en) | Technologies for providing network security through dynamically allocated accounts | |
US10650156B2 (en) | Environmental security controls to prevent unauthorized access to files, programs, and objects | |
US8931061B2 (en) | Techniques for providing access to data in dynamic shared accounts | |
US20120159590A1 (en) | Methods, systems, and computer program products for authenticating an identity of a user by generating a confidence indicator of the identity of the user based on a combination of multiple authentication techniques | |
US20140189781A1 (en) | Mobile enterprise server and client device interaction | |
CN105187362A (en) | Method and device for connection authentication between desktop cloud client and server-side | |
CN103139182B (en) | A kind of method that user of permission accesses, client, server and system | |
CN108259422A (en) | A kind of multi-tenant access control method and device | |
CN113360882A (en) | Cluster access method, device, electronic equipment and medium | |
CN103020501B (en) | Access control method and access control device of user data | |
CN111258721A (en) | Cloud host operating system user management method, device, equipment and storage medium | |
CN112019543A (en) | Multi-tenant permission system based on BRAC model | |
CN107483477B (en) | Account management method and account management system | |
US9268917B1 (en) | Method and system for managing identity changes to shared accounts | |
CN110138798B (en) | Cloud desktop management method, device and equipment and readable storage medium | |
CN106933605B (en) | Intelligent process identification control method and system | |
US20150381593A1 (en) | Privileged access gateway for accessing systems and/or applications | |
CN114218539A (en) | Multi-identity switching method and device | |
CN111753287B (en) | Authority control method and device | |
CN109726187B (en) | Hadoop-oriented adaptive permission control method and device | |
WO2023224756A1 (en) | Threat detection for cloud applications | |
CN109861982A (en) | A kind of implementation method and device of authentication | |
EP3455769B1 (en) | Virtual smart cards with audit capability |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |