CN112003724A - Network management method and device - Google Patents
Network management method and device Download PDFInfo
- Publication number
- CN112003724A CN112003724A CN202010692082.6A CN202010692082A CN112003724A CN 112003724 A CN112003724 A CN 112003724A CN 202010692082 A CN202010692082 A CN 202010692082A CN 112003724 A CN112003724 A CN 112003724A
- Authority
- CN
- China
- Prior art keywords
- management
- user
- authorized
- information
- cloud platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Abstract
The application provides a network management method and a device, wherein the method is applied to a cloud platform and comprises the following steps: receiving authorization management information input by a first user needing to authorize a management network on an authorization management page provided by a cloud platform, wherein the authorization management information at least comprises identification information of an authorized second user and a management operation validation strategy; according to a preset notification mode, notifying a second user corresponding to the identification information to log in an authorized operation page provided by the cloud platform for network management, wherein the authorized operation page is determined by the cloud platform according to the authorized management information; and when the management operation information input by the second user on the authorized operation page is received, according to the management operation validation strategy, validating the management operation corresponding to the management operation information. The embodiment of the application can improve the safety of the network.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a network management method and apparatus.
Background
Currently, many manufacturers have their own cloud platforms, which support management of multiple types of network devices, such as switches, Access Controllers (ACs), Access Points (APs), intelligent terminals, and the like.
The user has the cloud platform account number, can directly log in the cloud platform to create the network, registers the network equipment in the network, and configures and manages the network equipment in the network.
However, due to reasons such as technical background, some users will authorize some management contents of the network to other users for management, and these users usually directly authorize the cloud platform account to other users, and the other users log in the cloud platform using the corresponding cloud platform account to perform related management. In this way, other users can see other management content, which in turn leads to poor security of the network.
Disclosure of Invention
In order to overcome the problems in the related art, the application provides a network management method and a network management device.
According to a first aspect of embodiments of the present application, there is provided a network management method, where the method is applied to a cloud platform, and the method includes:
receiving authorization management information input by a first user needing to authorize and manage a network on an authorization management page provided by the cloud platform, wherein the authorization management information at least comprises identification information of an authorized second user and a management operation validation policy;
notifying a second user corresponding to the identification information to log in an authorized operation page provided by the cloud platform for network management according to a preset notification mode, wherein the authorized operation page is determined by the cloud platform according to the authorized management information;
and when receiving the management operation information input by the second user on the authorized operation page, taking the management operation corresponding to the management operation information into effect according to the management operation taking-in policy.
According to a second aspect of the embodiments of the present application, there is provided a network management apparatus, where the apparatus is applied to a cloud platform, the apparatus including:
the system comprises a receiving module, a processing module and a management module, wherein the receiving module is used for receiving authorization management information input by a first user needing to authorize and manage a network on an authorization management page provided by the cloud platform, and the authorization management information at least comprises identification information of an authorized second user and a management operation validation strategy;
the notification module is used for notifying a second user corresponding to the identification information to log in an authorized operation page provided by the cloud platform for network management according to a preset notification mode, wherein the authorized operation page is determined by the cloud platform according to the authorized management information;
and the validation module is used for validating the management operation corresponding to the management operation information according to the management operation validation strategy when the management operation information input by the second user on the authorized operation page is received.
The technical scheme provided by the embodiment of the application can have the following beneficial effects:
in the embodiment of the application, when a user needs to authorize and manage a network, the cloud platform account number of the user is not directly authorized to an authorized user, authorization management information is input on an authorization management page provided by a cloud platform, the cloud platform informs the authorized user to perform network management on a corresponding authorization operation page, and a subsequent cloud platform takes the corresponding management operation of the management operation information input by the authorized user on the authorization operation page according to a management operation taking-in policy included by the authorization management information, so that the management mode can improve the security of the network.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic flowchart of a network management method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a network management device according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Next, examples of the present application will be described in detail.
An embodiment of the present application provides a network management method, which is applied to a cloud platform, and as shown in fig. 1, the method may include the following steps:
and S11, receiving authorization management information input by a first user needing to authorize the management network on an authorization management page provided by the cloud platform.
Specifically, for the first user, when the network needs to be authorized to manage, the first user may log in to an authorization management page provided by the cloud platform by using the own cloud platform account to input authorization management information. This authorization management information may include identification information of the authorized second user, a management operation validation policy, authorization management authority, authorization management confirmation time, authorization management execution time, and the like.
When the second user has the cloud platform account, the identification information of the second user may be the cloud platform account of the second user; when the second user does not have a cloud platform account, the identification information of the second user may be a mobile phone number of the second user, or may be custom information that uniquely identifies the user and is agreed by both parties (i.e., the first user and the second user), for example, the identification information may be an account of a temporary user used on the cloud platform.
The management operation validation policy may indicate when the cloud platform validates the management operation of the second user, and specific content will be described in a subsequent process; the authorization management authority can comprise a configuration page, operation data and the like of authorization management; the authorization management confirmation time refers to the longest time limit for the second user to accept authorization management; the entitlement management execution time refers to the longest time limit that allows the second user to manage the network.
And S12, notifying a second user corresponding to the identification information to log in an authorized operation page provided by the cloud platform for network management according to a preset notification mode.
Specifically, in this step, the authorization operation page is actually determined by the cloud platform according to the authorization management information.
The cloud platform may notify the second user to log on to an authorized operation page provided by the cloud platform by:
in a first mode, the cloud platform can generate a two-dimensional code used for indicating a second user to log in an authorized operation page provided by the cloud platform; and pushing the two-dimensional code to a second user to inform the second user of logging in the authorized operation page.
For example, the cloud platform may push the two-dimensional code to the second user through a wechat server, a mail server, or the like.
In a second manner, the cloud platform may generate address information for instructing a second user to log in to an authorized operation page provided by the cloud platform; and pushing the address information to the second user to inform the second user of logging in the authorized operation page. Here, the address information may be presented in a Uniform Resource Locator (URL).
For example, the cloud platform may push the address information to the second user through a mail server, a short message server, and the like.
It should be noted that, regardless of which notification method is adopted, the cloud platform may perform identity authentication on the second user through the existing multiple push methods in order to ensure network security, and regardless of which notification method is adopted, in the process that the second user logs in to the authorized operation page.
And S13, when the management operation information input by the second user on the authorized operation page is received, according to the management operation validation strategy, validating the management operation corresponding to the management operation information.
Specifically, in this step, the cloud platform takes effect of the management operation corresponding to the management operation information in the following manner:
if the management operation validation strategy is in immediate validation, the management operation corresponding to the management operation information is in immediate validation;
if the management operation validation strategy is validated after the first user confirms, the management operation information is displayed to the first user for confirmation; and after the confirmation of the first user, regenerating the management operation corresponding to the management operation information.
In the embodiment of the application, the second user can voluntarily abandon the management before the authorized management execution time is reached, and the first user is notified through the cloud platform. For example, the second user may select a "abandon management" button displayed on the management operation page, and be notified to the second user by the cloud platform.
Further, in the embodiment of the application, the first user can retrieve the authorization or modify the authorization content at any time through the cloud platform, and the cloud platform does not need to generate a new two-dimensional code or a new URL. For example, the first user inputs the modified authorization information on the authorization management page, the cloud platform changes the related authorization content on the authorization operation page according to the modified authorization information, and the subsequent second user can perform related management operation according to the new authorization content when logging in again.
In the whole authorization management process, the cloud platform can record all operation logs of the cloud platform so as to facilitate follow-up tracing.
The network management method is described in detail below with reference to specific embodiments.
Assuming that a user 1 with a cloud platform account is a user needing to authorize and manage a network; user 2 is a user designated by user 1 to assist in managing the network, i.e., an authorized user, and user 2 does not have a cloud platform account.
The specific network management process is as follows:
the cloud platform receives authorization management information input by the user 1 on an authorization management page provided by the cloud platform.
The authorization management information includes the mobile phone number of the user 2, a management operation validation policy, authorization management confirmation time, authorization management execution time, and authorization management authority.
Specifically, the management operation validation policy is specifically an immediate validation; the authorization management confirmation time is 24 hours; the execution time of the authorized management is one month; granting access rights is to manage the wireless configuration page.
The cloud platform stores the authorization management information, and determines that the wireless configuration page is an authorization operation page according to the authorization management information.
And then, the cloud platform generates a two-dimensional code for indicating the user 2 to log on the wireless configuration page, and pushes the two-dimensional code to the user 2 through the WeChat server. The two-dimensional code can guide the user 2 to use the mobile phone number to generate a temporary account number to log in the wireless configuration page. In the process of guiding login, the user 2 can be prompted to turn into a formal user or clear the account after the execution time of the authorized management expires.
After the user 2 logs in the wireless configuration page, the user can confirm the authorization management according to the authorization management confirmation time prompted on the wireless configuration page, and perform related management operations according to the authorization management authority and the authorization management execution time prompted on the wireless configuration page.
And if the cloud platform receives the management operation information input by the user 2 on the wireless configuration page, the management operation corresponding to the management operation information is directly validated according to the management operation validation strategy.
According to the technical scheme, in the embodiment of the application, when a user needs to authorize a management network, the user does not directly authorize the cloud platform account to the authorized user, authorization management information is input on an authorization management page provided by the cloud platform, the cloud platform informs the authorized user of performing network management on the corresponding authorization operation page, and the subsequent cloud platform takes the management operation corresponding to the management operation information input by the authorized user on the authorization operation page according to a management operation validation policy included by the authorization management information, so that the management mode can improve the security of the network.
Based on the same inventive concept, the present application further provides a network management device, which is applied to a cloud platform, and a schematic structural diagram of the device is shown in fig. 2, and specifically includes:
a receiving module 21, configured to receive authorization management information input by a first user who needs to authorize and manage a network on an authorization management page provided by the cloud platform, where the authorization management information at least includes identification information of an authorized second user and a management operation validation policy;
the notification module 22 is configured to notify, according to a preset notification manner, that a second user corresponding to the identification information logs in an authorized operation page provided by the cloud platform to perform network management, where the authorized operation page is determined by the cloud platform according to the authorized management information;
the validation module 23 is configured to validate the management operation corresponding to the management operation information according to the management operation validation policy when receiving the management operation information input by the second user on the authorized operation page.
Preferably, the notification module 22 is specifically configured to:
generating a two-dimensional code for indicating the second user to log on an authorized operation page provided by the cloud platform;
and pushing the two-dimensional code to the second user to inform the second user of logging in the authorized operation page.
Preferably, the notification module 22 is specifically configured to:
generating address information used for indicating the second user to log in an authorized operation page provided by the cloud platform;
and pushing the address information to the second user to inform the second user of logging in the authorized operation page.
Preferably, the validation module 23 is specifically configured to:
if the management operation validation strategy is in immediate validation, the management operation corresponding to the management operation information is in immediate validation;
if the management operation effective strategy is effective after the confirmation of the first user, the management operation information is displayed to the first user for confirmation;
and after the first user confirms, taking the management operation corresponding to the management operation information into effect.
Preferably, the authorization management information further includes authorization management authority, authorization management confirmation time, and authorization management execution time.
According to the technical scheme, in the embodiment of the application, when a user needs to authorize a management network, the user does not directly authorize the cloud platform account to the authorized user, authorization management information is input on an authorization management page provided by the cloud platform, the cloud platform informs the authorized user of performing network management on the corresponding authorization operation page, and the subsequent cloud platform takes the management operation corresponding to the management operation information input by the authorized user on the authorization operation page according to a management operation validation policy included by the authorization management information, so that the management mode can improve the security of the network.
An electronic device is further provided in the embodiments of the present application, as shown in fig. 3, including a processor 31 and a machine-readable storage medium 32, where the machine-readable storage medium 32 stores machine-executable instructions that can be executed by the processor 31, and the processor 31 is caused by the machine-executable instructions to: and implementing the steps of the network management method.
The machine-readable storage medium may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Alternatively, the machine-readable storage medium may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
In yet another embodiment provided by the present application, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the above network management method.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.
Claims (10)
1. A network management method is applied to a cloud platform and comprises the following steps:
receiving authorization management information input by a first user needing to authorize and manage a network on an authorization management page provided by the cloud platform, wherein the authorization management information at least comprises identification information of an authorized second user and a management operation validation policy;
notifying a second user corresponding to the identification information to log in an authorized operation page provided by the cloud platform for network management according to a preset notification mode, wherein the authorized operation page is determined by the cloud platform according to the authorized management information;
and when receiving the management operation information input by the second user on the authorized operation page, taking the management operation corresponding to the management operation information into effect according to the management operation taking-in policy.
2. The method of claim 1, wherein the second user is notified to log on to an authorized operations page provided by the cloud platform by:
generating a two-dimensional code for indicating the second user to log on an authorized operation page provided by the cloud platform;
and pushing the two-dimensional code to the second user to inform the second user of logging in the authorized operation page.
3. The method of claim 1, wherein the second user is notified to log on to an authorized operations page provided by the cloud platform by:
generating address information used for indicating the second user to log in an authorized operation page provided by the cloud platform;
and pushing the address information to the second user to inform the second user of logging in the authorized operation page.
4. The method according to claim 1, wherein the taking the management operation corresponding to the management operation information into effect according to the management operation taking-in policy specifically includes:
if the management operation validation strategy is in immediate validation, the management operation corresponding to the management operation information is in immediate validation;
if the management operation effective strategy is effective after the confirmation of the first user, the management operation information is displayed to the first user for confirmation;
and after the first user confirms, taking the management operation corresponding to the management operation information into effect.
5. The method of claim 1, wherein the entitlement management information further comprises entitlement management rights, entitlement management confirmation time, and entitlement management execution time.
6. A network management device, wherein the device is applied to a cloud platform, and the device comprises:
the system comprises a receiving module, a processing module and a management module, wherein the receiving module is used for receiving authorization management information input by a first user needing to authorize and manage a network on an authorization management page provided by the cloud platform, and the authorization management information at least comprises identification information of an authorized second user and a management operation validation strategy;
the notification module is used for notifying a second user corresponding to the identification information to log in an authorized operation page provided by the cloud platform for network management according to a preset notification mode, wherein the authorized operation page is determined by the cloud platform according to the authorized management information;
and the validation module is used for validating the management operation corresponding to the management operation information according to the management operation validation strategy when the management operation information input by the second user on the authorized operation page is received.
7. The apparatus of claim 6, wherein the notification module is specifically configured to:
generating a two-dimensional code for indicating the second user to log on an authorized operation page provided by the cloud platform;
and pushing the two-dimensional code to the second user to inform the second user of logging in the authorized operation page.
8. The apparatus of claim 6, wherein the notification module is specifically configured to:
generating address information used for indicating the second user to log in an authorized operation page provided by the cloud platform;
and pushing the address information to the second user to inform the second user of logging in the authorized operation page.
9. The apparatus according to claim 6, wherein the validation module is specifically configured to:
if the management operation validation strategy is in immediate validation, the management operation corresponding to the management operation information is in immediate validation;
if the management operation effective strategy is effective after the confirmation of the first user, the management operation information is displayed to the first user for confirmation;
and after the first user confirms, taking the management operation corresponding to the management operation information into effect.
10. The apparatus of claim 6, wherein the authorization management information further comprises authorization management authority, authorization management confirmation time, and authorization management execution time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010692082.6A CN112003724B (en) | 2020-07-17 | 2020-07-17 | Network management method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010692082.6A CN112003724B (en) | 2020-07-17 | 2020-07-17 | Network management method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112003724A true CN112003724A (en) | 2020-11-27 |
| CN112003724B CN112003724B (en) | 2022-07-12 |
Family
ID=73467258
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010692082.6A Active CN112003724B (en) | 2020-07-17 | 2020-07-17 | Network management method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112003724B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105227321A (en) * | 2015-10-28 | 2016-01-06 | 腾讯科技(深圳)有限公司 | Information processing method, server and client |
| CN105337974A (en) * | 2015-10-28 | 2016-02-17 | 腾讯科技(深圳)有限公司 | Account authorization method, account login method, account authorization device and client end |
| CN105426743A (en) * | 2015-10-28 | 2016-03-23 | 腾讯科技(深圳)有限公司 | Account permission authorization method, account login method, server and client |
| US9509672B1 (en) * | 2013-11-08 | 2016-11-29 | Ca, Inc. | Providing seamless and automatic access to shared accounts |
| CN106790126A (en) * | 2016-12-27 | 2017-05-31 | 努比亚技术有限公司 | A kind of method of the account mandate of application program, device and terminal |
| US20180091583A1 (en) * | 2016-09-26 | 2018-03-29 | Amazon Technologies, Inc. | Multi-party updates to distributed systems |
-
2020
- 2020-07-17 CN CN202010692082.6A patent/CN112003724B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9509672B1 (en) * | 2013-11-08 | 2016-11-29 | Ca, Inc. | Providing seamless and automatic access to shared accounts |
| CN105227321A (en) * | 2015-10-28 | 2016-01-06 | 腾讯科技(深圳)有限公司 | Information processing method, server and client |
| CN105337974A (en) * | 2015-10-28 | 2016-02-17 | 腾讯科技(深圳)有限公司 | Account authorization method, account login method, account authorization device and client end |
| CN105426743A (en) * | 2015-10-28 | 2016-03-23 | 腾讯科技(深圳)有限公司 | Account permission authorization method, account login method, server and client |
| US20180091583A1 (en) * | 2016-09-26 | 2018-03-29 | Amazon Technologies, Inc. | Multi-party updates to distributed systems |
| CN106790126A (en) * | 2016-12-27 | 2017-05-31 | 努比亚技术有限公司 | A kind of method of the account mandate of application program, device and terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112003724B (en) | 2022-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109033774B (en) | Method and device for acquiring and feeding back user resources and electronic equipment | |
| WO2021003751A1 (en) | Single-account multi-identity login method and apparatus, server, and storage medium | |
| CN108200050A (en) | Single logging-on server, method and computer readable storage medium | |
| US20140052638A1 (en) | Method and system for providing a card payment service using a mobile phone number | |
| KR20160006185A (en) | Two factor authentication | |
| CN111343168B (en) | Identity authentication method and device, computer equipment and readable storage medium | |
| CN107682336B (en) | Geographic position-based identity authentication method and device | |
| CN104954322A (en) | Account binding method, device and system | |
| CN111369242A (en) | Method for recovering block chain assets through intelligent contracts, wallet and block chain link points | |
| CN108647501A (en) | Multiple utility program shares password unlocking method, device, equipment and storage medium | |
| CN111885043B (en) | Internet account login method, system, equipment and storage medium | |
| US9455972B1 (en) | Provisioning a mobile device with a security application on the fly | |
| CN107679383B (en) | Identity verification method and device based on geographic position and touch area | |
| CN113761498A (en) | Third party login information hosting method, system, equipment and storage medium | |
| CN111447178B (en) | Access control method, system and computing device | |
| CN103559430B (en) | application account management method and device based on Android system | |
| CN112003724B (en) | Network management method and device | |
| CN105656856A (en) | Resource management method and device | |
| CN112016074A (en) | Reverse authorization login method, device and medium | |
| CN108156071B (en) | Method for adding members to community, terminal device and computer readable storage medium | |
| CN111063061A (en) | Method, equipment and storage medium for using temporary password for intelligent door lock | |
| CN107679865B (en) | Identity verification method and device based on touch area | |
| CN105913247A (en) | Space management method for ESIM card and space management device | |
| CN110351719A (en) | A kind of wireless network management method, system and electronic equipment and storage medium | |
| CN111680279B (en) | Login verification method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230615 Address after: 310052 11th Floor, 466 Changhe Road, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: H3C INFORMATION TECHNOLOGY Co.,Ltd. Address before: 310052 Changhe Road, Binjiang District, Hangzhou, Zhejiang Province, No. 466 Patentee before: NEW H3C TECHNOLOGIES Co.,Ltd. |
|
| TR01 | Transfer of patent right |