CN113688364A - Accurate access control system for big data resources - Google Patents
Accurate access control system for big data resources Download PDFInfo
- Publication number
- CN113688364A CN113688364A CN202110976874.0A CN202110976874A CN113688364A CN 113688364 A CN113688364 A CN 113688364A CN 202110976874 A CN202110976874 A CN 202110976874A CN 113688364 A CN113688364 A CN 113688364A
- Authority
- CN
- China
- Prior art keywords
- module
- authentication
- information
- unit
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000003247 decreasing effect Effects 0.000 description 4
- 238000000034 method Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention is suitable for the field of accurate access control of resources, and provides a large data resource accurate access control system which comprises a user login module, an identity authentication module, an accurate resource access module and an information acquisition module, wherein the user login module is connected with the identity authentication module, the identity authentication module is connected with the authentication module, the authentication module is connected with the accurate resource access module, and the accurate resource access module is connected with the information acquisition module. The big data resource accurate access control system realizes multi-layer authentication on user identity information and improves the safety of the access system; and the access authority of the user is limited, and the privacy protection of the big data resource information is improved.
Description
Technical Field
The invention belongs to the field of accurate access control of resources, and particularly relates to an accurate access control system for big data resources.
Background
Big data, an IT industry term, refers to a data set that cannot be captured, managed, and processed with a conventional software tool within a certain time range, and is a massive, high-growth-rate, and diversified information asset that needs a new processing mode to have stronger decision-making power, insight discovery power, and process optimization capability. Access control is a technique for restricting a user's access to certain information items, or for restricting the use of certain control functions, per a defined set of user identities and to which they belong.
The existing accurate access control system for the big data resources cannot accurately access the big data resources according to the access authority of the user, the identity authentication procedure is simple, and the access system cannot perform safety control.
Therefore, in view of the above situation, it is urgently needed to develop a precise access control system for large data resources to overcome the shortcomings in the current practical application.
Disclosure of Invention
An object of the embodiments of the present invention is to provide a system for controlling accurate access to big data resources, which aims to solve the problems in the foregoing background art.
The embodiment of the invention is realized in such a way that a big data resource accurate access control system comprises a user login module, an identity authentication module, an authentication module, a resource accurate access module and an information acquisition module:
the user login module is connected with the identity authentication module and is used for inputting identity information by a user and performing login authentication;
the identity authentication module is connected with the authentication module and is used for matching and authenticating the identity information of the user;
the authentication module is connected with the accurate resource access module and is used for carrying out access authority matching on user identity information;
the resource accurate access module is connected with the information acquisition module and is used for a user to accurately access data resources;
and the information acquisition module is used for acquiring the information of the accurate access.
The further technical scheme includes that the system further comprises a data black box, the data black box is respectively connected with the identity authentication module, the accurate resource access module and the information acquisition module, and the data black box is used for storing information.
According to a further technical scheme, the identity authentication module comprises an identification unit, an identity information acquisition unit and an identity information matching unit, wherein the output end of the identification unit is connected with the identity information acquisition unit, the output end of the identity information acquisition unit is connected with the identity information matching unit, and the output end of the identity information matching unit is connected with the authentication module.
According to the further technical scheme, the output ends of the identity information acquisition unit and the identity information matching unit are respectively connected with the data black box, and the identity information matching unit is used for matching and authenticating the identity information of the user.
According to the further technical scheme, the identification unit comprises a face identification unit, a password identification unit and a fingerprint identification unit, and the face identification unit, the password identification unit and the fingerprint identification unit can be used for carrying out individual identification or combined identification on user identity information.
According to a further technical scheme, the authentication module comprises an authentication information acquisition unit and an authentication information matching unit, wherein the output end of the authentication information acquisition unit is connected with the authentication information matching unit, and the output end of the authentication information matching unit is connected with the accurate resource access module.
In a further technical scheme, the output ends of the authentication information acquisition unit and the authentication information matching unit are respectively connected with a data black box, and the authentication information matching unit is used for identifying and comparing the access authority of the user information.
Compared with the prior art, the invention has the beneficial effects that:
1) the information provided by the user can be identified in multiple layers by the identification unit in the identity authentication module, the identified information is matched by the identity matching unit, and when the information matching is not accordant, the user is prohibited from accessing the resources; when the identity information is matched and authenticated, the input identity information enters an authentication module to carry out access authority authentication;
2) the authentication information acquisition unit in the authentication module acquires the input identity information, and the authentication information matching unit compares the information in the authentication information base to identify the access authority level of the user, so that the user can conveniently access the big data resources, and the privacy protection of the big data resource information is improved;
the big data resource accurate access control system provided by the embodiment of the invention realizes multi-layer authentication on user identity information and improves the security of an access system; and the access authority of the user is limited, and the privacy protection of the big data resource information is improved.
Drawings
Fig. 1 is an overall flowchart of a big data resource accurate access control system according to an embodiment of the present invention.
Fig. 2 is an authentication flow chart of the identity authentication module in fig. 1.
Fig. 3 is an authentication flow diagram of the authentication module of fig. 1.
In the figure: the system comprises a 1-user login module, a 2-identity authentication module, a 21-identification unit, a 211-face identification unit, a 212-password identification unit, a 213-fingerprint identification unit, a 22-identity information acquisition unit, a 23-identity information matching unit, a 3-authentication module, a 31-authentication information acquisition unit, a 32-authentication information matching unit, a 4-resource precise access module, a 5-information acquisition module and a 6-data black box.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Specific implementations of the present invention are described in detail below with reference to specific embodiments.
As shown in fig. 1 to 3, an accurate access control system for big data resources provided in an embodiment of the present invention includes a user login module 1, an identity authentication module 2, an authentication module 3, an accurate resource access module 4, and an information acquisition module 5:
the system comprises a user login module 1, an identity authentication module 2 and a user authentication module, wherein the user login module 1 is connected with the identity authentication module 2 and is used for inputting identity information by a user to perform login authentication;
the identity authentication module 2 is connected with the authentication module 3, and the identity authentication module 2 is used for matching and authenticating the identity information of the user;
the authentication module 3 is connected with the resource accurate access module 4, and the authentication module 3 is used for carrying out access authority matching on user identity information;
the resource accurate access module 4 is connected with the information acquisition module 5, and the resource accurate access module 4 is used for a user to accurately access data resources;
and the information acquisition module 5 is used for acquiring the information of the accurate access.
As shown in fig. 1, as a preferred embodiment of the present invention, the present invention further includes a data black box 6, where the data black box 6 is respectively connected to the identity authentication module 2, the authentication module, the precise resource access module 4, and the information acquisition module 5, and the data black box 6 is used to store information.
As shown in fig. 1 and 2, as a preferred embodiment of the present invention, the identity authentication module 2 includes an identification unit 21, an identity information obtaining unit 22, and an identity information matching unit 23, an output end of the identification unit 21 is connected to the identity information obtaining unit 22, an output end of the identity information obtaining unit 22 is connected to the identity information matching unit 23, and an output end of the identity information matching unit 23 is connected to the authentication module 3.
As shown in fig. 1 and 2, as a preferred embodiment of the present invention, the output ends of the identity information obtaining unit 22 and the identity information matching unit 23 are respectively connected to the data black box 6, and the identity information matching unit 23 is configured to perform matching authentication on user identity information.
As shown in fig. 2, as a preferred embodiment of the present invention, the identification unit 21 includes a face identification unit 212, a password identification unit 212, and a fingerprint identification unit 213, and the face identification unit 212, the password identification unit 212, and the fingerprint identification unit 213 can individually identify or jointly identify the user identity information.
A user inputs identity information through the user login module 1, multi-layer identification authentication is carried out through the identification unit 21 in the identity authentication module 2, the identity information acquisition unit 22 acquires the identified identity information, and the acquired identity information is matched and authenticated with the identity information stored in the identity information base through the identity information matching unit 23; if the input identity information is not matched with the information in the identity information base, the system forbids the user to access the big data resource; if the input identity information matches and conforms to the information in the identity information base, the input identity information is transmitted to the authentication module 3 for access authority identification.
As shown in fig. 1 and 3, as a preferred embodiment of the present invention, the authentication module 3 includes an authentication information obtaining unit 31 and an authentication information matching unit 32, an output end of the authentication information obtaining unit 31 is connected to the authentication information matching unit 32, and an output end of the authentication information matching unit 32 is connected to the resource precision access module 4.
As shown in fig. 1 and 3, as a preferred embodiment of the present invention, the output ends of the authentication information obtaining unit 31 and the authentication information matching unit 32 are respectively connected to the data black box 6, and the authentication information matching unit 32 is configured to perform authentication comparison on the access right of the user information.
The authentication information acquisition unit 31 acquires the user identity information transmitted by the identity authentication module 2, the authentication information matching unit 32 compares and matches the acquired user identity information with the information in the authentication information base, the access authority of the user is identified, the access authority of the user is gradually decreased in layers, and the access authority is gradually decreased from the access without limit authority to the access with minimum authority; and the user accesses the data resource in the access system according to the access authority level of the user.
The working process of the invention is as follows:
a user inputs identity information through the user login module 1, multi-layer identification authentication is carried out through the identification unit 21 in the identity authentication module 2, the identity information acquisition unit 22 acquires the identified identity information, and the acquired identity information is matched and authenticated with the identity information stored in the identity information base through the identity information matching unit 23; if the input identity information is not matched with the information in the identity information base, the system forbids the user to access the big data resource; if the input identity information matches and conforms to the information in the identity information base, the input identity information is transmitted to the authentication module 3 for access authority identification;
the authentication information acquisition unit 31 acquires the user identity information transmitted by the identity authentication module 2, the authentication information matching unit 32 compares and matches the acquired user identity information with the information in the authentication information base, the access authority of the user is identified, the access authority of the user is gradually decreased in layers, and the access authority is gradually decreased from the access without limit authority to the access with minimum authority;
the user accesses the big data resource in the resource accurate access module 4 according to the access authority of the user, and the user acquires the needed big data resource through the information acquisition module 5, which is the work flow of the big data resource accurate access control system.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (7)
1. The utility model provides an accurate access control system of big data resource, includes user login module, identity authentication module, accurate access module of resource and information acquisition module, its characterized in that:
the user login module is connected with the identity authentication module and is used for inputting identity information by a user and performing login authentication;
the identity authentication module is connected with the authentication module and is used for matching and authenticating the identity information of the user;
the authentication module is connected with the accurate resource access module and is used for carrying out access authority matching on user identity information;
the resource accurate access module is connected with the information acquisition module and is used for a user to accurately access data resources;
and the information acquisition module is used for acquiring the information of the accurate access.
2. The big data resource accurate access control system according to claim 1, further comprising a data black box, the data black box is respectively connected to the identity authentication module, the resource accurate access module and the information acquisition module, and the data black box is used for storing information.
3. The big data resource accurate access control system according to claim 1, wherein the identity authentication module comprises an identification unit, an identity information acquisition unit and an identity information matching unit, an output end of the identification unit is connected with the identity information acquisition unit, an output end of the identity information acquisition unit is connected with the identity information matching unit, and an output end of the identity information matching unit is connected with the authentication module.
4. The big data resource accurate access control system according to claim 3, wherein the output ends of the identity information obtaining unit and the identity information matching unit are respectively connected to a data black box, and the identity information matching unit is configured to perform matching authentication on the user identity information.
5. The big data resource accurate access control system according to claim 3, wherein the identification unit comprises a face identification unit, a password identification unit and a fingerprint identification unit, and the face identification unit, the password identification unit and the fingerprint identification unit can individually identify or jointly identify the user identity information.
6. The big data resource accurate access control system according to claim 1, wherein the authentication module comprises an authentication information obtaining unit and an authentication information matching unit, an output end of the authentication information obtaining unit is connected with the authentication information matching unit, and an output end of the authentication information matching unit is connected with the resource accurate access module.
7. The big data resource accurate access control system according to claim 6, wherein the output ends of the authentication information obtaining unit and the authentication information matching unit are respectively connected to a data black box, and the authentication information matching unit is used for identifying and comparing the access authority of the user information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110976874.0A CN113688364B (en) | 2021-08-24 | 2021-08-24 | Big data resource accurate access control system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110976874.0A CN113688364B (en) | 2021-08-24 | 2021-08-24 | Big data resource accurate access control system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113688364A true CN113688364A (en) | 2021-11-23 |
| CN113688364B CN113688364B (en) | 2024-01-19 |
Family
ID=78582201
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110976874.0A Active CN113688364B (en) | 2021-08-24 | 2021-08-24 | Big data resource accurate access control system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113688364B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117395079A (en) * | 2023-12-06 | 2024-01-12 | 长春市联心花信息科技有限公司 | Identity authentication system based on big data information management |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101764742A (en) * | 2009-12-30 | 2010-06-30 | 福建星网锐捷网络有限公司 | Network resource visit control system and method |
| CN105847305A (en) * | 2016-06-21 | 2016-08-10 | 新昌县七星街道明盛模具厂 | Safe processing and accessing method of cloud resource |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
-
2021
- 2021-08-24 CN CN202110976874.0A patent/CN113688364B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101764742A (en) * | 2009-12-30 | 2010-06-30 | 福建星网锐捷网络有限公司 | Network resource visit control system and method |
| CN105847305A (en) * | 2016-06-21 | 2016-08-10 | 新昌县七星街道明盛模具厂 | Safe processing and accessing method of cloud resource |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117395079A (en) * | 2023-12-06 | 2024-01-12 | 长春市联心花信息科技有限公司 | Identity authentication system based on big data information management |
| CN117395079B (en) * | 2023-12-06 | 2024-04-12 | 深圳优道科技有限公司 | Identity authentication system based on big data information management |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113688364B (en) | 2024-01-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hu et al. | Fog computing based face identification and resolution scheme in internet of things | |
| CN104573473B (en) | A kind of method and authenticating device for unlocking administration authority | |
| Abd Razak et al. | Data anonymization using pseudonym system to preserve data privacy | |
| CN105227307A (en) | Auth method and system and server data processing method and server | |
| CN104933341A (en) | Authority management method, and terminal | |
| CN1971581A (en) | Identify authentication system and method employing wireless RF card and fingerprint recognition | |
| CN113688364A (en) | Accurate access control system for big data resources | |
| CN109410397B (en) | Unlocking method, unlocking system, intelligent terminal and intelligent terminal storage medium | |
| CN107742141B (en) | Intelligent identity information acquisition method and system based on RFID technology | |
| CN113779568A (en) | Abnormal behavior user identification method, device, equipment and storage medium | |
| CN110826038B (en) | Data encryption and decryption method and device | |
| CN110430207B (en) | Multi-point remote cross-network interaction collaborative authentication method for smart power grid | |
| Jaikla et al. | A secure four-factor attendance system for smartphone device | |
| Xu | Application Research Based on Machine Learning in Network Privacy Security | |
| CN115913762A (en) | Dynamic URL authentication method based on SpringSecurity | |
| CN113205632B (en) | Internet of things equipment security access method suitable for electric power operation field | |
| CN105072609A (en) | Internet-of-Things realization method based on intelligent terminal | |
| EP3764257A1 (en) | Document management system having context-based access control and related methods | |
| CN114996681A (en) | Knocking force analysis system for computer document management | |
| CN106656986A (en) | Method and device for biological feature authentication | |
| Han et al. | Security Analysis of Intelligent System Based on Edge Computing | |
| CN112966235A (en) | Big data component access control method and system of intelligent education platform | |
| CN110851808A (en) | Identity authentication method and device, electronic equipment and computer readable storage medium | |
| CN106888199B (en) | Role-driven demand response secure access method in smart grid | |
| CN109409059A (en) | A kind of block chain right management method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |