CN112311782A - Access control method, device, processor and storage medium - Google Patents
Access control method, device, processor and storage medium Download PDFInfo
- Publication number
- CN112311782A CN112311782A CN202011150203.0A CN202011150203A CN112311782A CN 112311782 A CN112311782 A CN 112311782A CN 202011150203 A CN202011150203 A CN 202011150203A CN 112311782 A CN112311782 A CN 112311782A
- Authority
- CN
- China
- Prior art keywords
- api
- time range
- request
- access
- access control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 238000001514 detection method Methods 0.000 claims abstract description 22
- 230000015654 memory Effects 0.000 claims description 29
- 239000008186 active pharmaceutical agent Substances 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 6
- 238000005516 engineering process Methods 0.000 abstract description 6
- 230000000694 effects Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 5
- 238000003672 processing method Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000005034 decoration Methods 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 239000002699 waste material Substances 0.000 description 2
- 238000013500 data storage Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses an access control method, an access control device, a processor and a storage medium. Wherein, the method comprises the following steps: receiving an Application Program Interface (API) access request; determining the request time of the API request; detecting whether the request time is within a preset time range, wherein the preset time range is a time range allowing the API to be accessed; and in the case that the detection result is yes, allowing the access to the API. The invention solves the technical problem that network congestion cannot be properly solved due to the lack of an effective strategy for limiting the current of the application program interface API in the related technology.
Description
Technical Field
The invention relates to the field of internet, in particular to an access control method, an access control device, a processor and a storage medium.
Background
In the running process of the network system, if some activities are met, the number of people accessing the network system can be increased in an instant implosion, so that the instant pressure of the server is increased, and the system is overloaded. In the related art, the most direct solution is to add a server to share the stress, but the disadvantages of this method include: firstly, a certain time is needed for configuration of the server, and emergency situations are difficult to deal with; secondly, the cost of the system is increased by adding the server; moreover, adding servers to deal with a particular activity wastes resources of those servers after the activity is completed. In other solutions, the application program interface may also be throttled, thereby relieving server stress. But existing throttling strategies, for example, control the number of concurrencies of a service interface or control the number of requests per unit of time. However, the above current limiting methods all have disadvantages, for example, controlling the concurrent number of the service interfaces may affect the service processing flow of the user performing the service normally; the method for controlling the number of requests in unit time cannot avoid the malicious consumption of service access times by people, so that users with normal service requirements cannot access the services.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides an access control method, an access control device, a processor and a storage medium, which are used for at least solving the technical problem that network congestion cannot be properly solved due to the fact that an effective strategy for limiting the current of an Application Program Interface (API) is lacked in the related technology.
According to an aspect of an embodiment of the present invention, there is provided an access control method including: receiving an Application Program Interface (API) access request; determining a request time of the API request; detecting whether the request time is within a preset time range, wherein the preset time range is a time range allowing the API to be accessed; and in the case that the detection result is yes, allowing the access to the API.
Optionally, before detecting whether the request time is within the predetermined time range, the method further includes: and acquiring a preset time range corresponding to the API, wherein the preset time range corresponding to the API is determined according to the type of the API.
Optionally, the predetermined time range includes a plurality.
Optionally, the accuracy of the predetermined time range comprises at least one of: minutes, hours, weeks, days, months, quarters.
Optionally, the predetermined time range is characterized in a predetermined time format.
Optionally, in a case where the API is plural, the predetermined time range in which the plural APIs allow access is different.
Optionally, in a case that the detection result is negative, sending a prompt message, where the prompt message is used to prompt that access to the API is not allowed in the current time period.
According to another aspect of the embodiments of the present invention, there is also provided an access control apparatus, including: the receiving module is used for receiving an Application Program Interface (API) access request; a determining module, configured to determine a request time of the API request; the detection module is used for detecting whether the request time is within a preset time range, wherein the preset time range is a time range allowing the API to be accessed; and the control module is used for allowing the API to be accessed under the condition that the detection result is yes.
According to still another aspect of the embodiments of the present invention, there is also provided a storage medium including: the storage medium includes a stored program, and when the program runs, the storage medium controls a device on which the storage medium is located to execute any one of the access control methods.
According to still another aspect of the embodiments of the present invention, there is also provided a gateway, including: a memory and a processor, the memory storing a computer program; the processor is configured to execute the computer program stored in the memory, and when the computer program runs, the processor is enabled to execute any one of the access control methods.
In the embodiment of the invention, the method for receiving the API access request of the application program interface is adopted, whether the time of the API request is within the preset time range is determined and detected, and the API is allowed to be accessed under the condition that the detection result is yes, so that the aim of limiting the flow of the API access request according to the preset time range is fulfilled, the technical effect of solving the network congestion through an effective API access request flow limiting strategy is realized, and the technical problem that the network congestion cannot be properly solved due to the lack of the effective strategy for limiting the flow of the API of the application program interface in the related technology is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
fig. 1 shows a hardware configuration block diagram of a computer terminal for implementing an access control method;
fig. 2 is a flowchart of an access control method according to embodiment 1 of the present invention;
FIG. 3 is a schematic view of an access control flow according to a preferred embodiment of the present invention;
fig. 4 is a block diagram of the structure of an access control apparatus according to embodiment 2 of the present invention;
fig. 5 is a block diagram of a computer terminal according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
First, some terms or terms appearing in the description of the embodiments of the present application are applicable to the following explanations:
current limiting, the purpose of which is to protect the system by limiting concurrent access/requests, or limiting the rate of requests within a time window, which may be handled as a denial of service, queuing or waiting, downgrading, etc., once the limited rate is reached.
Application Programming Interface (API), which is a predefined function or a contract for the connection of different components of a software system. The operating system provides the programmer with a "program-to-operating system interface," which is a set of definitions, programs, and protocols used by the programmer in programming, and enables intercommunication between computer software via the API interface.
Example 1
In accordance with an embodiment of the present invention, there is provided a method embodiment of access control, it being noted that the steps illustrated in the flowchart of the figure may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different than here.
The method provided by the embodiment 1 of the present application can be executed in a mobile terminal, a computer terminal or a similar computing device. Fig. 1 shows a hardware configuration block diagram of a computer terminal (or mobile device) for implementing a data processing method. As shown in fig. 1, the computer terminal 10 (or mobile device) may include one or more (shown as 102a, 102b, … …, 102 n) processors 102 (the processors 102 may include, but are not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA, etc.), memories 104 for storing data, and a transmission device for communication functions. Besides, the method can also comprise the following steps: a display, an input/output interface (I/O interface), a Universal Serial BUS (USB) port (which may be included as one of the ports of the BUS), a network interface, a power source, and/or a camera. It will be understood by those skilled in the art that the structure shown in fig. 1 is only an illustration and is not intended to limit the structure of the electronic device. For example, the computer terminal 10 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
It should be noted that the one or more processors 102 and/or other data processing circuitry described above may be referred to generally herein as "data processing circuitry". The data processing circuitry may be embodied in whole or in part in software, hardware, firmware, or any combination thereof. Further, the data processing circuit may be a single stand-alone processing module, or incorporated in whole or in part into any of the other elements in the computer terminal 10 (or mobile device). As referred to in the embodiments of the application, the data processing circuit acts as a processor control (e.g. selection of a variable resistance termination path connected to the interface).
The memory 104 may be used to store software programs and modules of application software, such as program instructions/data storage devices corresponding to the data processing method in the embodiment of the present invention, and the processor 102 executes various functional applications and data processing by running the software programs and modules stored in the memory 104, that is, implementing the vulnerability detection method of the application program. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to the computer terminal 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device is used for receiving or transmitting data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the computer terminal 10. In one example, the transmission device includes a Network adapter (NIC) that can be connected to other Network devices through a base station to communicate with the internet. In one example, the transmission device may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
The display may be, for example, a touch screen type Liquid Crystal Display (LCD) that may enable a user to interact with a user interface of the computer terminal 10 (or mobile device).
Under the above operating environment, the present application provides an access control method as shown in fig. 2. Fig. 2 is a flowchart of an access control method according to embodiment 1 of the present invention, and as shown in fig. 2, the flowchart includes the following steps:
step S202, receiving an Application Program Interface (API) access request;
step S204, determining the request time of the API request;
step S206, detecting whether the request time is in a preset time range, wherein the preset time range is a time range allowing the API to be accessed;
in step S208, if the detection result is yes, access to the API is permitted.
Through the steps, the method for receiving the API access request of the application program interface is adopted, whether the time of the API request is within the preset time range is determined and detected, if the detection result is yes, the API is allowed to be accessed, and the purpose of limiting the flow of the API access request according to the preset time range is achieved, so that the technical effect of solving the network congestion through an effective API access request flow limiting strategy is achieved, and the technical problem that the network congestion cannot be properly solved due to the fact that the effective strategy for limiting the flow of the API of the application program interface is lacked in the related technology is solved.
Optionally, before detecting whether the request time is within the predetermined time range, a predetermined time range corresponding to the API may also be obtained, where the predetermined time range corresponding to the API is determined according to the type of the API. As a preferred embodiment of the present invention, a predetermined time range corresponding to different types of APIs may be set in advance, and a user is allowed to access the APIs within the time range. The type of API referred to herein may be the type of service corresponding to the API. For example, the program interface type may be e-commerce type, network game type, search engine type, and the like. Timed access control provides time-range based access control, setting in advance what time range the API interface allows access. The preset basis can be historical flow information of the interface, or a prediction of future activities, for example, if it is predicted that the API will receive a large number of access requests within a certain future time range, the corresponding current limiting parameter can be set in advance for the API interface of the time range.
Alternatively, the API may set a plurality of predetermined time ranges. For example, there may be a plurality of predetermined time ranges of a time period, for example, the time range corresponding to the API is set as: 8 to 9 am, and 11 to 12 am. The predetermined time range may be the same time period of each day, or may be a plurality of time periods of a certain day. The setting of a specific predetermined time range may be scheduled with reference to the type of access of the API and future associated activities.
Optionally, the accuracy of the predetermined time range comprises at least one of: minutes, hours, weeks, days, months, quarters. According to the types and the access requirements of different APIs, the precision of the API access time range can be flexibly adjusted. For example, the access time range may be accurate to minutes with a minimum interval of 1 minute.
Optionally, the predetermined time range is characterized in a predetermined time format. Normal users can interact with the gateway in advance, and through the interaction of information, the time range of the API allowed to be accessed is characterized in a specific time format. For example, the specific time format may be:
{ \\ \ startTime \ ": 08:00\", \\ \ endTime \': 12:00\ ", \\ \ week \" [ \ monday \ ", \ wednesday \", \ "friday \ }, { \\" startTime \ ": 14:00\", \\\ \ endTime \ 18:00\ ",": week \ "[ \ tuesday \", "thursday" \ ", and.
Alternatively, in the case where there are a plurality of APIs, the predetermined time ranges in which the plurality of APIs allow access are different. Since APIs may have different types and take on different functions, a uniform access permission predetermined time range may cause some APIs to well bypass access pressure through current limiting, but some APIs do not have access pressure and are still affected by a current limiting policy, which brings inconvenience to a user for processing services. By setting a plurality of different preset time ranges allowing access for a plurality of APIs, access resources can be allocated more reasonably and efficiently, only the API with higher access pressure is subjected to current limiting operation, and other APIs can still be used for normal processing of the service of the user under the condition of low access pressure.
As an alternative embodiment, after detecting whether the request time is within the predetermined time range, and in case that the detection result is no, issuing a prompt message, wherein the prompt message is used for prompting that the current time period is not allowed to access the API. According to the prompt information, the user can know that the user can not access the mobile terminal currently, and the meaningless time waste caused by waiting of the user is avoided.
Fig. 3 is a schematic view of an access control flow according to a preferred embodiment of the present invention, and as shown in fig. 3, the flow for implementing access control according to the preferred embodiment of the present invention can be divided into the following steps:
1) the gateway obtains the API access request.
2) And the gateway acquires the current API request time period control configuration data information.
3) The gateway controls configuration data information according to the API request time period, judges whether the API is opened for time range current limiting, and if the result is 'yes', the step 4) is carried out; and if the result is 'no', performing the step 5).
4) The gateway judges whether the time of the current API access request is within a preset time range allowed to be accessed by the API according to the API request time period control configuration data information, namely whether the time of the current access request is matched with time period current limiting configuration data, and if the result is 'yes', the step 5) is carried out; and if the result is 'no', entering the step 6).
5) The API interface data is successfully returned to the consumer.
6) And returning the information that the API refuses the access to the consumer.
It should be noted that the foregoing method embodiments are described as a series of acts or combinations for simplicity in explanation, but it should be understood by those skilled in the art that the present invention is not limited by the order of acts or acts described, as some steps may occur in other orders or concurrently in accordance with the invention. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required by the invention.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
Example 2
According to an embodiment of the present invention, there is further provided an access control apparatus for implementing the access control method, and fig. 4 is a block diagram of a structure of an access control apparatus according to embodiment 2 of the present invention, and as shown in fig. 4, the access control apparatus 40 includes: the access control device 40 includes a receiving module 42, a determining module 44, a detecting module 46, and a control module 48, which are described below.
A receiving module 42, configured to receive an application program interface API access request;
a determining module 44, connected to the receiving module 42, for determining a request time of the API request;
a detecting module 46, connected to the determining module 44, for detecting whether the request time is within a predetermined time range, where the predetermined time range is a time range allowing access to the API;
and a control module 48, connected to the detection module 46, for allowing access to the API if the detection result is yes.
It should be noted that the receiving module 42, the determining module 44, the detecting module 46 and the control module 48 correspond to steps S202 to S208 in embodiment 1, and the modules are the same as the corresponding steps in the implementation example and the application scenario, but are not limited to the disclosure in embodiment 1. It should be noted that the above modules may be operated in the computer terminal 10 provided in embodiment 1 as a part of the apparatus.
Example 3
The embodiment of the invention can provide a computer terminal which can be any computer terminal device in a computer terminal group. Optionally, in this embodiment, the computer terminal may also be replaced with a terminal device such as a mobile terminal.
Optionally, in this embodiment, the computer terminal may be located in at least one network device of a plurality of network devices of a computer network.
In this embodiment, the computer terminal may execute program codes of the following steps in the data processing method of the application program: receiving an Application Program Interface (API) access request; determining the request time of the API request; detecting whether the request time is within a preset time range, wherein the preset time range is a time range allowing the API to be accessed; and in the case that the detection result is yes, allowing the access to the API.
Alternatively, fig. 5 is a block diagram of a computer terminal according to an embodiment of the present invention. As shown in fig. 5, the computer terminal may include: one or more (only one shown) processors 52, memory 54, and the like.
The memory may be configured to store software programs and modules, such as program instructions/modules corresponding to the data processing method and apparatus in the embodiments of the present invention, and the processor executes various functional applications and data processing by running the software programs and modules stored in the memory, so as to implement the data processing method. The memory may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory may further include memory located remotely from the processor, and these remote memories may be connected to the computer terminal through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The processor may call the information stored in the memory and the application program through the transmission device to execute the program code of the following steps: receiving an Application Program Interface (API) access request; determining the request time of the API request; detecting whether the request time is within a preset time range, wherein the preset time range is a time range allowing the API to be accessed; and in the case that the detection result is yes, allowing the access to the API.
Optionally, the processor may further execute the program code of the following steps: and before detecting whether the request time is within a preset time range, acquiring the preset time range corresponding to the API, wherein the preset time range corresponding to the API is determined according to the type of the API.
Optionally, the processor may further execute the program code of the following steps: the predetermined time range includes a plurality.
Optionally, the processor may further execute the program code of the following steps: the accuracy of the predetermined time range includes at least one of: minutes, hours, weeks, days, months, quarters.
Optionally, the processor may further execute the program code of the following steps: the predetermined time range is characterized by a predetermined time format.
Optionally, the processor may further execute the program code of the following steps: in the case where there are a plurality of APIs, the predetermined time ranges in which the plurality of APIs allow access are different.
Optionally, the processor may further execute the program code of the following steps: and sending prompt information under the condition that the detection result is negative, wherein the prompt information is used for prompting that the current time period is not allowed to access the API.
The embodiment of the invention provides an access control method. By adopting the mode of receiving the API access request of the application program interface, whether the time of the API request is within the preset time range is determined and detected, and if the detection result is yes, the API is allowed to be accessed, so that the aim of limiting the flow of the API access request according to the preset time range is fulfilled, the technical effect of solving the network congestion through an effective API access request flow limiting strategy is achieved, and the technical problem that the network congestion cannot be properly solved due to the fact that the effective strategy for limiting the flow of the API of the application program interface is lacked in the related technology is solved.
It can be understood by those skilled in the art that the structure shown in fig. 5 is only an illustration, and the computer terminal may also be a terminal device such as a smart phone (e.g., an Android phone, an iOS phone, etc.), a tablet computer, a palmtop computer, a Mobile Internet Device (MID), a PAD, and the like. Fig. 5 is a diagram illustrating a structure of the electronic device. For example, the computer terminal may also include more or fewer components (e.g., network interfaces, display devices, etc.) than shown in FIG. 5, or have a different configuration than shown in FIG. 5.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by a program instructing hardware associated with the terminal device, where the program may be stored in a computer-readable storage medium, and the storage medium may include: flash disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.
Example 4
The embodiment of the invention also provides a storage medium. Optionally, in this embodiment, the storage medium may be configured to store the program code executed by the access control method provided in embodiment 1.
Optionally, in this embodiment, the storage medium may be located in any one of computer terminals in a computer terminal group in a computer network, or in any one of mobile terminals in a mobile terminal group.
Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: receiving an Application Program Interface (API) access request; determining the request time of the API request; detecting whether the request time is within a preset time range, wherein the preset time range is a time range allowing the API to be accessed; and in the case that the detection result is yes, allowing the access to the API.
Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: and before detecting whether the request time is within a preset time range, acquiring the preset time range corresponding to the API, wherein the preset time range corresponding to the API is determined according to the type of the API.
Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: the predetermined time range includes a plurality.
Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: the accuracy of the predetermined time range includes at least one of: minutes, hours, weeks, days, months, quarters.
Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: the predetermined time range is characterized by a predetermined time format.
Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: in the case where there are a plurality of APIs, the predetermined time ranges in which the plurality of APIs allow access are different.
Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: and sending prompt information under the condition that the detection result is negative, wherein the prompt information is used for prompting that the current time period is not allowed to access the API.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (10)
1. An access control method, comprising:
receiving an Application Program Interface (API) access request;
determining a request time of the API request;
detecting whether the request time is within a preset time range, wherein the preset time range is a time range allowing the API to be accessed;
and in the case that the detection result is yes, allowing the access to the API.
2. The method of claim 1, further comprising, prior to detecting whether the requested time is within the predetermined time range:
and acquiring a preset time range corresponding to the API, wherein the preset time range corresponding to the API is determined according to the type of the API.
3. The method of claim 1, wherein the predetermined time range comprises a plurality.
4. The method of claim 1, wherein the accuracy of the predetermined time range comprises at least one of: minutes, hours, weeks, days, months, quarters.
5. The method of claim 1, wherein the predetermined time range is characterized in a predetermined time format.
6. The method according to any one of claims 1 to 5, wherein, in the case where the API is plural, the predetermined time ranges in which the plural APIs allow access are different.
7. The method of claim 6, further comprising:
and sending prompt information under the condition that the detection result is negative, wherein the prompt information is used for prompting that the current time period is not allowed to access the API.
8. An access control apparatus, comprising:
the receiving module is used for receiving an Application Program Interface (API) access request;
a determining module, configured to determine a request time of the API request;
the detection module is used for detecting whether the request time is within a preset time range, wherein the preset time range is a time range allowing the API to be accessed;
and the control module is used for allowing the API to be accessed under the condition that the detection result is yes.
9. A storage medium comprising a stored program, wherein the apparatus on which the storage medium is located is controlled to perform the access control method of any one of claims 1 to 7 when the program is executed.
10. A gateway, comprising: a memory and a processor, wherein the processor is capable of,
the memory stores a computer program;
the processor configured to execute a computer program stored in the memory, the computer program when executed causing the processor to perform the access control method of any one of claims 1 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011150203.0A CN112311782A (en) | 2020-10-23 | 2020-10-23 | Access control method, device, processor and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011150203.0A CN112311782A (en) | 2020-10-23 | 2020-10-23 | Access control method, device, processor and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112311782A true CN112311782A (en) | 2021-02-02 |
Family
ID=74327250
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011150203.0A Pending CN112311782A (en) | 2020-10-23 | 2020-10-23 | Access control method, device, processor and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112311782A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114327899A (en) * | 2021-12-29 | 2022-04-12 | 中国电信股份有限公司 | Method and device for responding to access request, nonvolatile storage medium and processor |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101627608A (en) * | 2007-03-07 | 2010-01-13 | 高通股份有限公司 | Systems and methods for controlling service access on a wireless communication device |
CN103313343A (en) * | 2012-03-13 | 2013-09-18 | 百度在线网络技术(北京)有限公司 | Method and equipment for implementing user access control |
CN108702360A (en) * | 2016-02-15 | 2018-10-23 | 思科技术公司 | Use the digital asset Preservation tactics of dynamic network attribute |
CN109274547A (en) * | 2018-08-17 | 2019-01-25 | 中国平安人寿保险股份有限公司 | Service blowout method, device, equipment and storage medium based on network security |
CN110535777A (en) * | 2019-08-12 | 2019-12-03 | 新华三大数据技术有限公司 | Access request control method, device, electronic equipment and readable storage medium storing program for executing |
CN111695112A (en) * | 2019-03-15 | 2020-09-22 | 北京数聚鑫云信息技术有限公司 | Method and device for dynamically controlling access authority |
-
2020
- 2020-10-23 CN CN202011150203.0A patent/CN112311782A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101627608A (en) * | 2007-03-07 | 2010-01-13 | 高通股份有限公司 | Systems and methods for controlling service access on a wireless communication device |
CN103313343A (en) * | 2012-03-13 | 2013-09-18 | 百度在线网络技术(北京)有限公司 | Method and equipment for implementing user access control |
CN108702360A (en) * | 2016-02-15 | 2018-10-23 | 思科技术公司 | Use the digital asset Preservation tactics of dynamic network attribute |
CN109274547A (en) * | 2018-08-17 | 2019-01-25 | 中国平安人寿保险股份有限公司 | Service blowout method, device, equipment and storage medium based on network security |
CN111695112A (en) * | 2019-03-15 | 2020-09-22 | 北京数聚鑫云信息技术有限公司 | Method and device for dynamically controlling access authority |
CN110535777A (en) * | 2019-08-12 | 2019-12-03 | 新华三大数据技术有限公司 | Access request control method, device, electronic equipment and readable storage medium storing program for executing |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114327899A (en) * | 2021-12-29 | 2022-04-12 | 中国电信股份有限公司 | Method and device for responding to access request, nonvolatile storage medium and processor |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3334127B1 (en) | Message pushing method and apparatus thereof | |
US11250434B2 (en) | Payment method and device | |
CN106155780A (en) | A kind of time-based node electoral machinery and device | |
CN104009892A (en) | Monitoring method and device for traffic of mobile terminal and client side | |
CN110933698A (en) | Monitoring management method, device and equipment for Internet of things card | |
CN111953648A (en) | Data processing method and device based on block chain prediction machine and electronic equipment | |
CN110688146A (en) | Method, device and storage medium for dynamically configuring monitoring system | |
CN105204949A (en) | Method and device for actively triggering system broadcast | |
CN109347938B (en) | Traffic monitoring method, telephone watch, mobile terminal and server | |
CN104052779A (en) | Information recommendation method, system thereof and intelligent terminal | |
CN114338159A (en) | Access limiting method, device, nonvolatile storage medium and processor | |
CN114691390A (en) | User mode program processing method and device, storage medium and processor | |
CN105281965A (en) | Traffic acquisition method and traffic acquisition device based on IOS | |
CN112311782A (en) | Access control method, device, processor and storage medium | |
CN109657485B (en) | Authority processing method and device, terminal equipment and storage medium | |
CN105488678A (en) | Payment behavior information acquisition method and system | |
CN111132132A (en) | Traffic management method and device and terminal equipment | |
CN114567600A (en) | Traffic management method and related equipment | |
CN109240790B (en) | Multi-window management method and system and android terminal | |
CN111131324A (en) | Login method and device of business system, storage medium and electronic device | |
CN114385647B (en) | Alliance link-out block method, alliance link-out block device, electronic equipment and medium | |
US20150172464A1 (en) | Call processing method and device | |
CN113133072B (en) | Method and device for controlling terminal, terminal and storage medium | |
CN110597574A (en) | Account matching method and device and storage medium | |
CN109327382B (en) | Method, device and storage medium for voice call |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210202 |