CN112100592A - Authority management method, device, electronic equipment and storage medium - Google Patents
Authority management method, device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN112100592A CN112100592A CN202010982726.5A CN202010982726A CN112100592A CN 112100592 A CN112100592 A CN 112100592A CN 202010982726 A CN202010982726 A CN 202010982726A CN 112100592 A CN112100592 A CN 112100592A
- Authority
- CN
- China
- Prior art keywords
- user
- resource
- authority
- organization
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a method and a device for managing authority, electronic equipment and a storage medium, which belong to the technical field of information, and the method comprises the following steps: if the specified operation of the user is monitored, acquiring the organization information to which the user belongs; judging whether the organization of the user is changed according to the organization information; if so, recovering the first resource queue authority of the user, and distributing a second resource queue authority for the user; the first resource queue authority is a resource queue authority corresponding to an original organization of the user, and the second resource queue authority is a resource queue authority corresponding to an existing organization of the user. The method and the device can effectively guarantee the safety of the resources and can enable the resources to be more convenient to manage.
Description
Technical Field
The application belongs to the technical field of information, and particularly relates to a method and a device for authority management, electronic equipment and a storage medium.
Background
All industries pay attention to the safety of self resources. For example, the e-commerce industry utilizes big data resources to carry out accurate marketing, the financial industry determines the equity trading time by means of the big data resources, and the security industry captures criminals by means of the big data resources in the law enforcement process. In any application scenario, a platform for big data management (which may also be referred to as a big data platform or a resource management platform) is usually deployed, and a person with resource-related authority may perform a corresponding operation, such as a person with resource-access authority may access the relevant data. However, the service scenes are complex and changeable, and the service personnel can change frequently, so that the resource-related authority owned by the personnel is difficult to be effectively managed, and for the personnel leaving the office or the personnel moving the office, the safety problems of resource leakage and the like exist.
Disclosure of Invention
In order to overcome the problems in the related art at least to a certain extent, the application provides the authority management method, the authority management device, the electronic equipment and the storage medium, so that the safety of resources can be effectively guaranteed, and the resources can be more conveniently managed.
In order to achieve the purpose, the following technical scheme is adopted in the application:
in a first aspect, the present application provides a rights management method, including: if the specified operation of the user is monitored, acquiring the organization information to which the user belongs; judging whether the organization of the user is changed according to the organization information; if so, recovering the first resource queue authority of the user, and distributing a second resource queue authority for the user; the first resource queue authority is a resource queue authority corresponding to an original organization of the user, and the second resource queue authority is a resource queue authority corresponding to a current organization of the user.
Further, the method further comprises: if an access request of the user for a target resource is received, the access request is sent to a person to which the target resource belongs for approval; and determining the access authority of the user to the target resource according to the approval result of the owner of the target resource.
Further, the step of determining the access right of the user to the target resource according to the approval result of the owner of the target resource includes: if the approval result of the owner of the target resource is a refusal access request, determining that the user does not have the access authority of the target resource; and if the approval result of the owner of the target resource is that the access request is approved, sending the access request to a manager for approval, determining that the user has the access authority of the target resource when the administrator approves, and determining that the user does not have the access authority of the target resource when the administrator approves.
Further, the step of sending the access request to the owner of the target resource for approval includes: searching the belonger of the target resource according to the belonger label corresponding to the target resource; and sending the access request to the searched belonged to the target resource for approval.
Further, the method further comprises: setting an authority group of the appointed resource; adding users having access rights to the specified resource to the rights group; controlling the granularity of the authority of the user on the specified resource through the authority group; wherein the permission granularity size is used for characterizing the access range of the specified resource.
Further, the method further comprises: and if the target user in the current off-duty state is detected, removing the target user from the authority group in which the target user is located.
Further, the authority category corresponding to the authority group includes one or more of a resource addition authority, a resource deletion authority, a resource modification authority, and a resource search authority.
In a second aspect, the present application provides a rights management device, comprising: the information acquisition module is used for acquiring organization information to which a user belongs if the specified operation of the user is monitored; the judging module is used for judging whether the organization of the user is changed according to the organization information; the authority distribution module is used for recovering the first resource queue authority of the user and distributing a second resource queue authority to the user when the judgment result of the judgment module is yes; the first resource queue authority is a resource queue authority corresponding to an original organization of the user, and the second resource queue authority is a resource queue authority corresponding to a current organization of the user.
In a third aspect, the present application provides an electronic device, comprising: a processor and a storage device; the storage means has stored thereon a computer program which, when executed by the processor, performs the method of any of the first aspects.
In a fourth aspect, the present application provides a storage medium having stored thereon a computer program for performing the steps of the method of any of the first aspect described above when the computer program is executed by a processor.
According to the authority management method, the authority management device, the electronic equipment and the storage medium, when the appointed operation of the user is monitored, the organization information to which the user belongs is obtained, whether the organization to which the user belongs is changed or not is judged according to the organization information, if yes, the first resource queue authority of the user is recovered, and the second resource queue authority is distributed to the user; the first resource queue authority is a resource queue authority corresponding to an original organization of the user, and the second resource queue authority is a resource queue authority corresponding to an existing organization of the user. By the method, the resource queue authority can be automatically adjusted for the user with changed organization, the safety of the resource can be effectively guaranteed, and the resource can be more conveniently managed.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flow diagram illustrating a method of rights management in accordance with an exemplary embodiment;
FIG. 2 is a flow diagram illustrating a resource application in accordance with an illustrative embodiment;
FIG. 3 is a schematic flow diagram illustrating automatic authorization and recovery of rights, according to an example embodiment;
fig. 4 is a block diagram illustrating a structure of a rights management apparatus according to an exemplary embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail below. It is to be understood that the embodiments described are only a few embodiments of the present application and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the examples given herein without making any creative effort, shall fall within the protection scope of the present application.
In consideration of the problems that service scenes are complex and changeable, service personnel can change frequently, and accordingly the related rights of resources owned by the personnel are difficult to manage effectively, and safety problems such as resource leakage exist, the application provides a rights management method, a device, an electronic device and a storage medium, the security of the resources can be guaranteed effectively, the resources can be managed more conveniently, and the application is introduced in detail in the following for understanding.
Referring first to a flowchart of a rights management method shown in fig. 1, the method mainly includes the following steps S102 to S106:
and step S102, if the specified operation of the user is monitored, obtaining the organization information of the user. The specified operation may be, for example, a login operation of a user for a platform (such as a resource management system) where the resource is located, and then, according to identity information (such as an account number, a mailbox, and the like) input by the user at the time of login, organization information to which the user belongs is acquired. In a specific embodiment, in order to guarantee resource security, any user triggers execution of the rights management method when performing a specified operation such as a login operation.
The organization information may specifically be information of an organization to which the user belongs, such as information of a department or department in which the user is located, and may also be referred to as organization architecture information.
Step S104, judging whether the organization of the user is changed according to the organization information; if yes, step S106 is performed, and if no, step S108 is performed.
For example, user a originally organized to develop one room for the big data center, then turned off to develop two rooms for the big data center, or dispatched to other parts, it can be understood that the organization where user a is located has changed. In practical application, the organization information of the user when logging in last time and the organization information of the user when logging in this time can be called, and whether the organization of the user is changed or not can be judged by comparing the two organization information.
Step S106, recovering the first resource queue authority of the user and distributing a second resource queue authority to the user; the first resource queue authority is a resource queue authority corresponding to an original organization of the user, and the second resource queue authority is a resource queue authority corresponding to an existing organization of the user.
The programs that need to be run when the user accesses the big data resource generally need certain computing resources, the resource queue can provide the computing resources for the programs, and the specific implementation manner of the resource queue can refer to the resource scheduler, which is not described herein again. The resource queues corresponding to different organizations have different permissions, and correspondingly, the size of the sharable computing resources is different. In practical application, a corresponding resource queue may be allocated to each organization in advance, and each organization may be bound to the corresponding resource queue. When detecting that the organization where the user is located changes, namely, proving that the resource queue authority of the user changes, the resource queue available to the user needs to be determined again.
For each organization, only users belonging to the organization have access to the organization's bound resource queue and submit tasks using the organization's bound resource queue, such as on the resource queue bound to the organization. When the organization where the user is located changes, the user cannot submit the tasks on the original resource queue, and can only submit the tasks on the resource queue corresponding to the changed organization. In practical application, the method can also be used for quickly positioning the resource queue corresponding to the existing organization of the user when the user fails to submit the task on the resource queue corresponding to the original organization.
Step S108, keeping the first resource queue authority of the user.
When the organization of the user is detected to be unchanged, the resource queue authority of the user is unchanged, and the size of the sharable computing resource is unchanged.
By the method, the resource queue authority can be automatically adjusted for the user with changed organization, the safety of resources can be effectively guaranteed, and the resources can be more conveniently managed.
In order to further ensure the access security of the resource, the embodiment may further refer to the following steps a and b for the user applying for the resource access:
step a, if an access request of a user for a target resource is received, the access request is sent to a person belonging to the target resource for examination and approval.
In an implementation manner, the owner of the target resource can be searched according to the owner tag corresponding to the target resource; and sending the access request to the found belonger of the target resource for approval. In practical applications, the owner of the resource may be predetermined, and a label is attached to the owner of the resource (or the publisher of the resource), so as to directly find the owner of the resource based on the label.
And b, determining the access authority of the user to the target resource according to the approval result of the owner of the target resource. Sensitive data resources can be effectively controlled and the data security is improved by examining and approving the target resources which are applied for access by the user by the owner of the target resources.
In one implementation, the user may be determined to have access rights to the target resource by passing the approval result of the owner of the target resource.
In another implementation manner, after the approval result of the owner of the target resource passes, the administrator at the upper level may submit the approval result to further approval. That is, if the approval result of the owner of the target resource is the refusal access request, determining that the user does not have the access authority of the target resource; and if the approval result of the owner of the target resource is that the access request is approved, further sending the access request to a manager for approval, determining that the user has the access authority of the target resource when the administrator approves, and determining that the user does not have the access authority of the target resource when the administrator approves.
For convenience of understanding, based on the above steps a and b, the present embodiment provides a specific implementation example, and refer to a resource application flowchart shown in fig. 2, where the resource application flowchart mainly includes the following steps S202 to S220:
step S202: and (4) logging in by the user. Such as a user logging into a resource management system of a big data platform.
Step S204: and the user applies for the cluster account.
Step S206: and judging whether the account application request passes the approval. If yes, executing step S208 and/or step S210; if not, go to step S218; in practical application, part of resources can be accessed by a user as long as the user applies for a cluster account, further examination and approval are not needed, so that the smoothness of the service is guaranteed, the part of resources is high in safety, the part of resources can be accessed by going through an examination and approval process, so that the safety of data is guaranteed, and the smoothness of the service and the safety of the data can be effectively balanced by the method.
Step S208: and automatically opening related resources for the user according to the organization information of the user.
Step S210: and the user applies for cluster resources.
Step S212: and judging whether the resource owner passes the approval. If yes, go to step S214, if no, go to step S220;
step S214: and judging whether the administrator passes the approval. If yes, go to step S216, if no, go to step S220;
step S216: upon termination, the user may access the requested resource.
Step S218: terminating, the user cannot access any resources.
Step S220: and ending, wherein the user cannot access the applied resource.
In addition, the thickness granularity of the resource access right in the prior art cannot be dynamically adjusted, so that the smoothness of the service and the security of the data cannot be well balanced, for example, a user accesses the hive warehouse data, can access the data of the whole library, and can only access the data of a certain table or can only access the data of a certain field. If the granularity of the authority is coarse, all people can check the data resource, so that the smoothness of the service is ensured, but the safety of the data cannot be ensured; if the granularity of the authority is fine, each person only has the access authority of the field level, the safety of the data is guaranteed, but the fluency of the service is greatly reduced. To improve this problem, the present application may further perform the following steps 1 to 3:
step 1: setting an authority group of the appointed resource; the authority types corresponding to the authority groups comprise one or more of resource adding authority, resource deleting authority, resource modifying authority and resource searching authority. A permission group may be understood as a division of a certain permission to specify a resource into the permission group, as long as the users in the permission group all have that kind of permission to specify the resource.
Step 2: and adding the users with the access right to the specified resource into the right group. In practical application, the users joining the authority group can be flexibly determined, and the users joining the authority group can be dynamically adjusted. The user may be only a single individual, or may be all members of a certain project group or all members of a certain department, and may be specifically set according to actual conditions.
And step 3: the authority granularity of the user to the appointed resource is controlled through the authority group; wherein, the authority granularity size is used for representing the access range of the specified resource. For example, coarse-grained permissions characterize large access ranges and fine-grained permissions characterize small access ranges. For example, the authority control can be performed on the whole library, and the authority control can also be performed on the table and the field.
By dynamically adjusting the authority thickness granularity of the authority group, the flow of the service and the safety of the data can be balanced according to the actual situation.
The method and the device further provide an automatic permission recovery mechanism, and if the target user in the current off-duty state is detected, the target user is removed from the permission group where the target user is located, so that the resource safety is effectively guaranteed, and illegal operation of illegal personnel is prevented. The system can periodically inquire the states of all users, take the users in the leaving state as target users, and automatically remove and recover all permissions from the permission group by the target users, so that the leaving users are prevented from still using resources, or other people are prevented from stealing account numbers of leaving personnel to operate data, data leakage is avoided, and data safety is effectively improved.
For easy understanding, reference may be made to the schematic flow chart of automatic authorization and recovery of rights shown in fig. 3, referring to the following steps S302 to S316:
step S302: setting resource authority types of addition, deletion, modification, check and the like;
step S310: granting the resource permission to the permission group;
step S312: adding users meeting the conditions to the permission group;
step S314: automatically inquiring the users who are out of work in the cluster at regular intervals;
step S316: and removing the user who is out of work from all the existing authority groups to recycle all the authority of the user.
The above steps can be implemented by referring to the related steps of the foregoing embodiments, and are not described herein again.
It can be understood that the existing large data platform generally has many components, such as components with hive, kafka, hbase, etc., the flow architecture is complex, and the rights management has no unified entry and is difficult to manage. The embodiment of the application can enable platform components such as hive, hbase and the like to be connected with a unified authority management entrance, and the authority management method of the application is executed through the authority management entrance.
Corresponding to the foregoing right management method, the present application further provides a right management apparatus, referring to a structural block diagram of the right management apparatus shown in fig. 4, which mainly includes the following modules:
an information obtaining module 402, configured to obtain organization information to which a user belongs if a specified operation of the user is monitored;
a judging module 404, configured to judge whether an organization where the user is located changes according to the organization information;
the authority allocation module 406 is configured to, when the determination result of the determination module is yes, recover the first resource queue authority of the user, and allocate a second resource queue authority to the user; the first resource queue authority is a resource queue authority corresponding to an original organization of the user, and the second resource queue authority is a resource queue authority corresponding to an existing organization of the user.
By the device, the resource queue authority can be automatically adjusted for the user with changed organization, the safety of resources can be effectively guaranteed, and the resources can be more conveniently managed.
In one embodiment, the apparatus further includes an approval module and a permission determination module, wherein:
the approval module is used for sending the access request to the belonger of the target resource for approval if the access request of the user for the target resource is received;
and the permission determining module is used for determining the access permission of the user to the target resource according to the approval result of the owner of the target resource.
In a specific embodiment, the permission determination module is further configured to: if the approval result of the owner of the target resource is the refusal access request, determining that the user does not have the access authority of the target resource; and if the approval result of the owner of the target resource is that the access request is approved, sending the access request to the manager for approval, determining that the user has the access authority of the target resource when the administrator approves, and determining that the user does not have the access authority of the target resource when the administrator approves.
In a specific embodiment, the approval module is further configured to: searching an owner of the target resource according to the owner label corresponding to the target resource; and sending the access request to the found belonger of the target resource for approval.
In a specific embodiment, the apparatus further comprises:
the permission group setting module is used for setting a permission group of the appointed resource;
the authority group adding module is used for adding users with access authority to the specified resources into the authority group;
the authority group control module is used for controlling the authority granularity of the user to the specified resources through the authority groups; wherein, the authority granularity size is used for representing the access range of the specified resource.
In a specific embodiment, the apparatus further comprises: and the removing module is used for removing the target user from the authority group in which the target user is located if the target user in the current off-duty state is detected.
In a specific embodiment, the permission type corresponding to the permission group includes one or more of a resource addition permission, a resource deletion permission, a resource modification permission, and a resource search permission.
Further, the present embodiment also provides an electronic device, including: a processor and a storage device; wherein the storage device has stored thereon a computer program which, when executed by the processor, performs the aforementioned rights management method.
Further, the present embodiment also provides a storage medium, where a computer program is stored on the storage medium, and the computer program is executed by a processor to execute the above-mentioned rights management method.
It is understood that the same or similar parts in the above embodiments may be mutually referred to, and the same or similar parts in other embodiments may be referred to for the content which is not described in detail in some embodiments.
It should be noted that, in the description of the present application, the terms "first", "second", etc. are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. In addition, in the description of the present application, the meaning of "plurality" means at least two unless otherwise specified.
It will be understood that when an element is referred to as being "secured to" or "disposed on" another element, it can be directly on the other element or intervening elements may also be present; when an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present, and further, as used herein, connected may include wirelessly connected; the term "and/or" is used to include any and all combinations of one or more of the associated listed items.
Any process or method descriptions in flow charts or otherwise described herein may be understood as: represents modules, segments or portions of code which include one or more executable instructions for implementing specific logical functions or steps of a process, and the scope of the preferred embodiments of the present application includes other implementations in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the embodiments of the present application.
It should be understood that portions of the present application may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present application have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present application, and that variations, modifications, substitutions and alterations may be made to the above embodiments by those of ordinary skill in the art within the scope of the present application.
Claims (10)
1. A method of rights management, comprising:
if the specified operation of the user is monitored, acquiring the organization information to which the user belongs;
judging whether the organization of the user is changed according to the organization information;
if so, recovering the first resource queue authority of the user, and distributing a second resource queue authority for the user; the first resource queue authority is a resource queue authority corresponding to an original organization of the user, and the second resource queue authority is a resource queue authority corresponding to a current organization of the user.
2. The method of claim 1, further comprising:
if an access request of the user for a target resource is received, the access request is sent to a person to which the target resource belongs for approval;
and determining the access authority of the user to the target resource according to the approval result of the owner of the target resource.
3. The method according to claim 2, wherein the step of determining the access right of the user to the target resource according to the approval result of the owner of the target resource comprises:
if the approval result of the owner of the target resource is a refusal access request, determining that the user does not have the access authority of the target resource;
and if the approval result of the owner of the target resource is that the access request is approved, sending the access request to a manager for approval, determining that the user has the access authority of the target resource when the administrator approves, and determining that the user does not have the access authority of the target resource when the administrator approves.
4. The method of claim 2, wherein the step of sending the access request to the owner of the target resource for approval comprises:
searching the belonger of the target resource according to the belonger label corresponding to the target resource;
and sending the access request to the searched belonged to the target resource for approval.
5. The method of claim 1, further comprising:
setting an authority group of the appointed resource;
adding users having access rights to the specified resource to the rights group;
controlling the granularity of the authority of the user on the specified resource through the authority group; wherein the permission granularity size is used for characterizing the access range of the specified resource.
6. The method of claim 5, further comprising:
and if the target user in the current off-duty state is detected, removing the target user from the authority group in which the target user is located.
7. The method of claim 5, wherein the permission types corresponding to the permission groups include one or more of resource addition permission, resource deletion permission, resource modification permission, and resource search permission.
8. A rights management device, comprising:
the information acquisition module is used for acquiring organization information to which a user belongs if the specified operation of the user is monitored;
the judging module is used for judging whether the organization of the user is changed according to the organization information;
the authority distribution module is used for recovering the first resource queue authority of the user and distributing a second resource queue authority to the user when the judgment result of the judgment module is yes; the first resource queue authority is a resource queue authority corresponding to an original organization of the user, and the second resource queue authority is a resource queue authority corresponding to a current organization of the user.
9. An electronic device, comprising: a processor and a storage device;
the storage device has stored thereon a computer program which, when executed by the processor, performs the method of any one of claims 1 to 7.
10. A storage medium having a computer program stored thereon, wherein the computer program is adapted to perform the steps of the method according to any of the claims 1 to 7 when executed by a processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010982726.5A CN112100592A (en) | 2020-09-17 | 2020-09-17 | Authority management method, device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010982726.5A CN112100592A (en) | 2020-09-17 | 2020-09-17 | Authority management method, device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112100592A true CN112100592A (en) | 2020-12-18 |
Family
ID=73760423
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010982726.5A Pending CN112100592A (en) | 2020-09-17 | 2020-09-17 | Authority management method, device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112100592A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113505362A (en) * | 2021-07-16 | 2021-10-15 | 长鑫存储技术有限公司 | System authority control method, data center, control device and storage medium |
| CN115174956A (en) * | 2022-07-06 | 2022-10-11 | 海南乾唐视联信息技术有限公司 | Video resource allocation method and device, electronic equipment and readable storage medium |
-
2020
- 2020-09-17 CN CN202010982726.5A patent/CN112100592A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113505362A (en) * | 2021-07-16 | 2021-10-15 | 长鑫存储技术有限公司 | System authority control method, data center, control device and storage medium |
| CN113505362B (en) * | 2021-07-16 | 2023-09-22 | 长鑫存储技术有限公司 | System authority management and control method, data center, management and control device and storage medium |
| CN115174956A (en) * | 2022-07-06 | 2022-10-11 | 海南乾唐视联信息技术有限公司 | Video resource allocation method and device, electronic equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10585698B2 (en) | Template-driven multi-tenant workflow processing | |
| US8255355B2 (en) | Adaptive method and system with automatic scanner installation | |
| CN108399101B (en) | Method, device and system for scheduling resources | |
| US9799003B2 (en) | Context-dependent transactional management for separation of duties | |
| CN109889517B (en) | Data processing method, permission data set creating device and electronic equipment | |
| US9813450B1 (en) | Metadata-based verification of artifact quality policy compliance | |
| US11645423B1 (en) | Method and apparatus for distributing policies for authorizing APIs | |
| US11075979B2 (en) | Optimized resource provisioning | |
| US20080301807A1 (en) | System and Method for Controlling On-Demand Security | |
| US10176017B2 (en) | Configuration management for a shared pool of configurable computing resources | |
| CN112100592A (en) | Authority management method, device, electronic equipment and storage medium | |
| US11966728B2 (en) | Intelligent provisioning management | |
| US20170331920A1 (en) | Jointly managing a cloud and non-cloud environment | |
| US11750619B2 (en) | Modify assigned privilege levels and limit access to resources | |
| US9082085B2 (en) | Computing environment climate dependent policy management | |
| CN113407973B (en) | Software function authority management method, system, server and storage medium | |
| US9998498B2 (en) | Cognitive authentication with employee onboarding | |
| US9330276B2 (en) | Conditional role activation in a database | |
| US10831904B2 (en) | Automatically discovering attribute permissions | |
| CN114462069B (en) | Multi-level tenant resource access management method, system, intelligent terminal and storage medium | |
| CN114065254A (en) | Data processing method, device, electronic equipment, medium and product | |
| EP1298514A1 (en) | A computer system and a method for managing access of an user to resources | |
| US20200106670A1 (en) | Efficient rule processing for device management data evaluation | |
| US10771586B1 (en) | Custom access controls | |
| US20230017468A1 (en) | Machine learning based server for privacy protection level adjustment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |