CN112905918A - Data service convergence engine and management method thereof - Google Patents
Data service convergence engine and management method thereof Download PDFInfo
- Publication number
- CN112905918A CN112905918A CN202110248530.8A CN202110248530A CN112905918A CN 112905918 A CN112905918 A CN 112905918A CN 202110248530 A CN202110248530 A CN 202110248530A CN 112905918 A CN112905918 A CN 112905918A
- Authority
- CN
- China
- Prior art keywords
- data service
- access
- module
- client
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 36
- 230000036541 health Effects 0.000 claims abstract description 18
- 238000012544 monitoring process Methods 0.000 claims abstract description 12
- 238000012545 processing Methods 0.000 claims abstract description 5
- 238000013523 data management Methods 0.000 claims description 10
- 238000012986 modification Methods 0.000 claims description 9
- 230000004048 modification Effects 0.000 claims description 9
- 238000000034 method Methods 0.000 claims description 5
- 238000013507 mapping Methods 0.000 claims description 4
- 238000013475 authorization Methods 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 230000003862 health status Effects 0.000 description 4
- 239000012190 activator Substances 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/957—Browsing optimisation, e.g. caching or content distillation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Data Mining & Analysis (AREA)
- Software Systems (AREA)
- Automation & Control Theory (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
A data service convergence engine and a management method thereof comprise the following steps: a data service access module: for collecting and recording access information for the data service; a data service monitoring module: the system is used for enabling each data service to provide self health condition; the dynamic routing module: a data service for forwarding the management request to the backend through the address of the gateway; client registration empowerment module: the platform is used for providing a client registration function and distributing an ID and a password; a client request module: for processing a request of a requestor; the dynamic authority management module: the data service convergence engine and the management method thereof are used for managing the access authority required by the data service, and can unify the access and access modes of a plurality of systems in an enterprise, so that the use efficiency of the systems in the enterprise is improved.
Description
The technical field is as follows:
the invention relates to the technical field of multi-platform big data management, in particular to a data service convergence engine and a management method thereof.
Background
At present, with the development of the internet, there are various systems for providing data in an enterprise, including but not limited to ERP systems (golden butterfly, friends, etc.), WMS-hotel management system, HR systems, access control systems, and systems for collecting data of various internet of things devices, and applications in the enterprise are originally independent from each other, and exist in a form similar to an information island, and objectively, data in various places need to be gathered together, but the number of internal systems in a large enterprise is large, access modes are different, and authority requirements are strict, and it is not simple to put some functional interfaces together to meet requirements,
therefore, it is urgently needed to provide a unified entry and access mode, and have unified authority, management measures such as monitoring and the like.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides the data service convergence engine and the management method thereof, so that a plurality of systems in an enterprise can be uniformly accessed and accessed, and the use efficiency of the systems in the enterprise is improved.
The technical scheme adopted by the invention is as follows: a data service convergence engine comprising:
a data service access module: for collecting and recording access information for the data service;
a data service monitoring module: the system is used for enabling each data service to provide self health condition;
the dynamic routing module: a data service for forwarding the management request to the backend through the address of the gateway;
client registration empowerment module: the platform is used for providing a client registration function and distributing an ID and a password;
a client request module: for processing a request of a requestor;
the dynamic authority management module: for managing the access rights required for the data service.
Further, the access information includes domain name, IP address, port, access protocol, API document address, and health monitoring address information.
Further, the health status includes UP/DOWN status of data service, and the health data is directly provided by Spring Boot activator interface of each service.
Further, the dynamic routing module comprises routing initial data management and routing dynamic modification data management, and an initial routing mapping relation of the initial data management is written in a configuration file of a Spring boot and configured for a gateway component zuul; the management of the routing dynamic modification data comprises the steps that the platform provides an interface for modifying routing rules, routing rule modification data are freely added, and a gateway is informed of obtaining the latest routing data.
Further, the client registration authorization module registers a new client through a client registration system administrator and allocates an ID and a password.
The invention also provides a management method of the data service convergence engine, which comprises the following steps:
s1, the requester logs in the authentication service interface through the client by using the user ID and the password, and generates an access token (access _ token) after the login is successful, wherein the token encrypts and stores the user ID, the role list and the token expiration time;
s2, forwarding the request of IP address of the requester meeting the condition to the data service access module through the gateway by the dynamic route management;
s3: the data service access module collects and records the domain name, IP address, port, access protocol, API document address and health monitoring address information of the requester;
s4, the service gateway analyzes and checks whether the value of token exists, whether the value is legal or overdue, analyzes the user ID and the role information role list and puts the user ID and the role information role list into an http header, and the data service access module can directly obtain the user ID and the role information role list;
s5, system administrator registers new client, distributes ID and password, informs request party by mail/short message, the client authenticates ID and password generated by the step;
s6, adopting dynamic management access authority to specify the authority granularity to an HTTP Method of URL;
and S7, recording the access record by the service gateway, intercepting the request of the client by the ZuuUlter after the request of the client arrives at the gateway, and recording the URL accessed by the client and the value of the result HTTP response status code.
Compared with the prior art, the invention has the beneficial effects that: multiple systems in an enterprise are unified in entry and access modes, and the use efficiency of the systems in the enterprise is improved.
Drawings
FIG. 1 is a flow chart of a data service convergence engine and a management method thereof according to the present invention;
fig. 2 is an architecture diagram of a data service convergence engine and a management method thereof according to the present invention.
Detailed Description
The present invention will be further described with reference to the accompanying drawings, it being understood that the terms "first", "second" and the like are used for descriptive purposes only and are not intended to indicate or imply relative importance or to implicitly indicate the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. In the description of the invention, "a plurality" means two or more unless specifically limited otherwise.
The invention provides a data service convergence engine, which comprises:
a data service access module: for collecting and recording access information for the data service;
a data service monitoring module: the system is used for enabling each data service to provide self health condition;
the dynamic routing module: a data service for forwarding the management request to the backend through the address of the gateway; client registration empowerment module: the platform is used for providing a client registration function and distributing an ID and a password;
a client request module: for processing a request of a requestor;
the dynamic authority management module: for managing the access rights required for the data service.
A data service access module: the system is used for collecting and recording access information of data services, wherein the access information comprises a domain name, an IP address, a port, an access protocol (HTTP or HTTPS), an API document address and health monitoring address information, an API document is generated by a Swagger API management tool, necessary dependence needs to be introduced into a project, a developer explains functions of an interface through annotation and inputs and outputs requirements of parameters, the API information generated by the tool can be obtained through a URL (uniform resource locator), and each data service can be brought into the management range of the platform through collecting and recording the access information of the data service.
A data service monitoring module: the health status management system is used for enabling each data service to provide the health status of the data service, the health status comprises the UP/DOWN state of the data service, the health data is directly provided by a Spring Boot actor interface of each service, and the interface address format is http:// { ip }: port }/activator/health
Interface return data sample
{
"status":"UP"
}
For data services that do not have the above interface conditions, the health check URL itself is provided at the time of access, and the normal state is obtained as long as HTTP Response status code is returned to 2XX after access.
The dynamic routing module: the data service for managing the request to be forwarded to the back end through the address of the gateway, because the functions of authority management, record access and the like need to be provided, the client cannot directly access each data service of the back end.
All accesses must pass through the service gateway of the platform, which requires the mapping relationship management of an access path, namely routing management, the dynamic routing module comprises routing initial data management and routing dynamic modification data management, the initial routing mapping relationship of the initial data management is written in a configuration file of a Spring boot and configured for a gateway component zuul; examples are as follows
zuul:
sslHostnameValidationEnabled:false
routes:
reading:
url:http://localhost:8080
path:/gw/reading/**
httpbin:
url:http://httpbin.org
path:/gw/httpbin/**
The URLs to be forwarded are all in lower case, the general format is'/gw/service name/specific path ], and the service name is globally unique.
Suppose the local 8809 port starts the platform and sends it to
http:// localhost: 8809/gw/httpsin/ip request will be forwarded to
http://httpbin.org/ip
The path matching adopts a Spring AntPath Matcher rule, and wildcards are described as follows:
- "? "match a character
- "" match 0 to n characters
- ". matches the directory in 0 to n paths
For example, the following steps are carried out:
-/user-service/? It can match/user-service/path of splicing a character later, such as: a/user-service/a,/user-service/b,
/user-service/c
-user-service/. it can match/user-service/. the path followed by any number of characters, such as: a/user-service/a,/user-service/aaa,
A user-service/bbb. But it cannot match/user-service/a/b
It may match the multi-level directory path in the form of/user-service/a/b, in addition to the contents it contains.
The management of the routing dynamic modification data comprises the steps that the platform provides an interface for modifying routing rules, routing rule modification data are freely added, and a gateway is informed of obtaining the latest routing data.
Client registration empowerment module: the platform is used for providing a client registration function and distributing an ID and a password; and the client registration authorization module registers a new client through a client registration system administrator and distributes an ID and a password.
A client request module: for processing a request of a requestor; the client logs in at the authentication service interface by using the user ID and the password, an access Token (access _ Token) is generated after the login is successful, the user ID, the role list and the Token expiration time are stored in the Token in an encrypted mode, the Token mechanism does not need to store session information at the server, the Token self contains the related information of all users, and meanwhile, when the Token is verified, the user does not need to access a database or remote service for authority verification, so that the performance can be improved. The access _ token is uniformly contained in the http header in the request of the client later as the mark of the own identity, the service gateway can analyze and check whether the value of the token exists, whether the value is legal, whether the value is overdue and the like, analyze out the user ID and the role information role list and put the user ID and the role information role list into the http header, and the back-end service can be directly obtained.
The dynamic authority management module: for managing the access rights required for the data service. The exemplary data is configured using an HTTP Method that dynamically manages access rights to specify the granularity of rights to URLs:
[
"/gw/be/swagger.json:GET:ANONYMOUS",
"/gw/be/health:GET:ANONYMOUS",
"/gw/be/health/deep:GET:ANONYMOUS",
"/gw/be/**:*:SYS_ADMIN,ADMIN",
"/gw/httpbin/**:GET:SYS_ADMIN,ADMIN"
]
the first row shows that there is a backend service named httpsin, and the role that the client needs to have is SYS _ ADMIN or ADMIN to access via GET request/gw/httpsin/. or
The goal of flexibly setting the authority of the sub-functions in the service can be achieved by reasonably arranging the path of the url. For example:
/gw/svc1/func1/**
/gw/svc1/func2/**
care is taken to avoid that one request conforms to an address in multiple rights records.
The special role ANONYMOUS is agreed to indicate that any client (including one that has not logged in) can access this address.
Meanwhile, the authority rules can also be maintained on the page by an administrator and take effect immediately after being modified. The invention also provides a management method of the data service convergence engine, which comprises the following steps:
s1, the requester logs in the authentication service interface through the client by using the user ID and the password, and generates an access token (access _ token) after the login is successful, wherein the token encrypts and stores the user ID, the role list and the token expiration time;
s2, forwarding the request of IP address of the requester meeting the condition to the data service access module through the gateway by the dynamic route management;
s3: the data service access module collects and records the domain name, IP address, port, access protocol, API document address and health monitoring address information of the requester;
s4, the service gateway analyzes and checks whether the value of token exists, whether the value is legal or overdue, analyzes the user ID and the role information role list and puts the user ID and the role information role list into an http header, and the data service access module can directly obtain the user ID and the role information role list;
s5, system administrator registers new client, distributes ID and password, informs request party by mail/short message, the client authenticates ID and password generated by the step;
s6, adopting dynamic management access authority to specify the authority granularity to an HTTP Method of URL;
and S7, recording the access records by the service gateway, and intercepting the request of the client by the ZuuUlter each time after the request of the client reaches the gateway.
The above embodiments are merely illustrative of the technical ideas and features of the present invention, and the purpose of the embodiments is to enable those skilled in the art to understand the contents of the present invention and implement the present invention, and not to limit the protection scope of the present invention. It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof, and it is therefore intended that the present embodiments be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.
Claims (6)
1. A data service convergence engine, comprising:
a data service access module: for collecting and recording access information for the data service;
a data service monitoring module: the system is used for enabling each data service to provide self health condition;
the dynamic routing module: a data service for forwarding the management request to the backend through the address of the gateway;
client registration empowerment module: the platform is used for providing a client registration function and distributing an ID and a password;
a client request module: for processing a request of a requestor;
the dynamic authority management module: for managing the access rights required for the data service.
2. A data service convergence engine as claimed in claim 1 wherein: the access information comprises domain name, IP address, port, access protocol, API document address and health monitoring address information.
3. A data service convergence engine as claimed in claim 1 wherein: the health condition comprises the UP/DOWN state of the data service, and the health data is directly provided by a Spring Boot actor interface of each service.
4. A data service convergence engine as claimed in claim 1 wherein: the dynamic routing module comprises routing initial data management and routing dynamic modification data management, wherein the initial routing mapping relation of the initial data management is written in a configuration file of a Spring boot and configured aiming at a gateway component zuul; the management of the routing dynamic modification data comprises the steps that the platform provides an interface for modifying routing rules, routing rule modification data are freely added, and a gateway is informed of obtaining the latest routing data.
5. A data service convergence engine as claimed in claim 1 wherein: and the client registration authorization module registers a new client through a client registration system administrator and distributes an ID and a password.
6. A management method of a data service convergence engine is characterized in that: the method comprises the following steps:
s1, the requester logs in the authentication service interface through the client by using the user ID and the password, and generates an access token (access _ token) after the login is successful, wherein the token encrypts and stores the user ID, the role list and the token expiration time;
s2, forwarding the request of IP address of the requester meeting the condition to the data service access module through the gateway by the dynamic route management;
s3: the data service access module collects and records the domain name, IP address, port, access protocol, API document address and health monitoring address information of the requester;
s4, the service gateway analyzes and checks whether the value of token exists, whether the value is legal or overdue, analyzes the user ID and the role information role list and puts the user ID and the role information role list into an http header, and the data service access module can directly obtain the user ID and the role information role list;
s5, system administrator registers new client, distributes ID and password, informs request party by mail/short message, the client authenticates ID and password generated by the step;
s6, adopting dynamic management access authority to specify the authority granularity to an HTTP Method of URL;
and S7, recording the access record by the service gateway, intercepting the request of the client by the ZuuUlter after the request of the client arrives at the gateway, and recording the URL accessed by the client and the value of the result HTTP response status code.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110248530.8A CN112905918A (en) | 2021-03-06 | 2021-03-06 | Data service convergence engine and management method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110248530.8A CN112905918A (en) | 2021-03-06 | 2021-03-06 | Data service convergence engine and management method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112905918A true CN112905918A (en) | 2021-06-04 |
Family
ID=76108291
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110248530.8A Pending CN112905918A (en) | 2021-03-06 | 2021-03-06 | Data service convergence engine and management method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112905918A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113973017A (en) * | 2021-10-26 | 2022-01-25 | 北京华品博睿网络技术有限公司 | Business intelligent platform data processing system and method |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108712329A (en) * | 2018-05-02 | 2018-10-26 | 山东汇贸电子口岸有限公司 | A kind of gateway and log recording retrieval device based on Elasticsearch |
| CN110781505A (en) * | 2019-10-11 | 2020-02-11 | 南京医基云医疗数据研究院有限公司 | System construction method and device, retrieval method and device, medium and equipment |
| CN111142971A (en) * | 2019-12-30 | 2020-05-12 | 中科星图股份有限公司 | Cloud platform application readiness checking method suitable for traditional application clouding |
| CN111178837A (en) * | 2019-12-26 | 2020-05-19 | 武汉华工赛百数据系统有限公司 | Intelligent manufacturing information system based on micro-service architecture |
| CN111181727A (en) * | 2019-12-16 | 2020-05-19 | 北京航天智造科技发展有限公司 | Open API full life cycle management method based on micro service |
| CN111314141A (en) * | 2020-02-21 | 2020-06-19 | 腾讯云计算(北京)有限责任公司 | Route updating method and device |
| CN111427613A (en) * | 2020-03-12 | 2020-07-17 | 北京明略软件系统有限公司 | Application program interface API management method and device |
| CN111444500A (en) * | 2020-03-02 | 2020-07-24 | 深圳壹账通智能科技有限公司 | Authentication method, device, equipment and readable storage medium |
| CN111586030A (en) * | 2020-04-30 | 2020-08-25 | 武汉时波网络技术有限公司 | Interface authentication and permission verification method and system based on micro-service multi-tenant |
| CN111614550A (en) * | 2020-04-23 | 2020-09-01 | 国网湖北省电力有限公司信息通信公司 | Optimized integrated gateway of electric power marketing service system |
| CN111884917A (en) * | 2020-07-28 | 2020-11-03 | 浪潮云信息技术股份公司 | Gateway system based on micro service and gateway dynamic routing method |
| US20210029110A1 (en) * | 2019-07-22 | 2021-01-28 | Boe Technology Group Co., Ltd. | Service providing method and apparatus and electronic device |
-
2021
- 2021-03-06 CN CN202110248530.8A patent/CN112905918A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108712329A (en) * | 2018-05-02 | 2018-10-26 | 山东汇贸电子口岸有限公司 | A kind of gateway and log recording retrieval device based on Elasticsearch |
| US20210029110A1 (en) * | 2019-07-22 | 2021-01-28 | Boe Technology Group Co., Ltd. | Service providing method and apparatus and electronic device |
| CN110781505A (en) * | 2019-10-11 | 2020-02-11 | 南京医基云医疗数据研究院有限公司 | System construction method and device, retrieval method and device, medium and equipment |
| CN111181727A (en) * | 2019-12-16 | 2020-05-19 | 北京航天智造科技发展有限公司 | Open API full life cycle management method based on micro service |
| CN111178837A (en) * | 2019-12-26 | 2020-05-19 | 武汉华工赛百数据系统有限公司 | Intelligent manufacturing information system based on micro-service architecture |
| CN111142971A (en) * | 2019-12-30 | 2020-05-12 | 中科星图股份有限公司 | Cloud platform application readiness checking method suitable for traditional application clouding |
| CN111314141A (en) * | 2020-02-21 | 2020-06-19 | 腾讯云计算(北京)有限责任公司 | Route updating method and device |
| CN111444500A (en) * | 2020-03-02 | 2020-07-24 | 深圳壹账通智能科技有限公司 | Authentication method, device, equipment and readable storage medium |
| CN111427613A (en) * | 2020-03-12 | 2020-07-17 | 北京明略软件系统有限公司 | Application program interface API management method and device |
| CN111614550A (en) * | 2020-04-23 | 2020-09-01 | 国网湖北省电力有限公司信息通信公司 | Optimized integrated gateway of electric power marketing service system |
| CN111586030A (en) * | 2020-04-30 | 2020-08-25 | 武汉时波网络技术有限公司 | Interface authentication and permission verification method and system based on micro-service multi-tenant |
| CN111884917A (en) * | 2020-07-28 | 2020-11-03 | 浪潮云信息技术股份公司 | Gateway system based on micro service and gateway dynamic routing method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113973017A (en) * | 2021-10-26 | 2022-01-25 | 北京华品博睿网络技术有限公司 | Business intelligent platform data processing system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230315903A1 (en) | Method and system for securing cloud storage and databases from insider threats and optimizing performance | |
| US7685206B1 (en) | Authorization and access control service for distributed network resources | |
| Wessels | Web caching | |
| US9674180B2 (en) | Using identity/resource profile and directory enablers to support identity management | |
| US8141138B2 (en) | Auditing correlated events using a secure web single sign-on login | |
| US7594256B2 (en) | Remote interface for policy decisions governing access control | |
| US7231661B1 (en) | Authorization services with external authentication | |
| US8825855B2 (en) | Non-intrusive single sign-on mechanism in cloud services | |
| US7251732B2 (en) | Password synchronization in a sign-on management system | |
| US7330971B1 (en) | Delegated administration of namespace management | |
| US9100398B2 (en) | Enhancing directory service authentication and authorization using contextual information | |
| CN102394885B (en) | Information classification protection automatic verification method based on data stream | |
| US20050005094A1 (en) | System and method for unified sign-on | |
| US20040073629A1 (en) | Method of accessing internet resources through a proxy with improved security | |
| US20080010287A1 (en) | Method and system for distributed retrieval of data objects using tagged artifacts within federated protocol operations | |
| US7308498B1 (en) | System and method for automating a request for access to a restricted computer accessible resource | |
| US20060143189A1 (en) | Database access control method, database access controller, agent processing server, database access control program, and medium recording the program | |
| JPH10326256A (en) | Method and device for multilevel security port and computer program product | |
| US9059987B1 (en) | Methods and systems of using single sign-on for identification for a web server not integrated with an enterprise network | |
| Damiani et al. | Securing SOAP e-services | |
| CN112468481A (en) | Single-page and multi-page web application identity integrated authentication method based on CAS | |
| JP2008525880A (en) | Apparatus and method for controlling personal data | |
| KR20090058536A (en) | Client-based pseudonyms | |
| JP2008015733A (en) | Log management computer | |
| JP4932154B2 (en) | Method and system for providing user authentication to a member site in an identity management network, method for authenticating a user at a home site belonging to the identity management network, computer readable medium, and system for hierarchical distributed identity management |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210604 |