CN113688364B - Big data resource accurate access control system - Google Patents
Big data resource accurate access control system Download PDFInfo
- Publication number
- CN113688364B CN113688364B CN202110976874.0A CN202110976874A CN113688364B CN 113688364 B CN113688364 B CN 113688364B CN 202110976874 A CN202110976874 A CN 202110976874A CN 113688364 B CN113688364 B CN 113688364B
- Authority
- CN
- China
- Prior art keywords
- authentication
- module
- information
- identity information
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000000034 method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention is applicable to the field of accurate access control of resources, and provides a big data accurate access control system which comprises a user login module, an identity authentication module, an accurate resource access module and an information acquisition module, wherein the user login module is connected with the identity authentication module, the identity authentication module is connected with the authentication module, the authentication module is connected with the accurate resource access module, and the accurate resource access module is connected with the information acquisition module. The big data resource accurate access control system realizes multi-layer authentication of user identity information, and improves the security of the access system; and the access authority of the user is limited, so that the privacy protection of the large data resource information is improved.
Description
Technical Field
The invention belongs to the field of accurate access control of resources, and particularly relates to an accurate access control system of big data resources.
Background
Big data, IT industry terminology, refers to a data set that cannot be captured, managed and processed with conventional software tools within a certain time frame, is a massive, high growth rate and diversified information asset that requires a new processing mode to have stronger decision making, insight discovery and process optimization capabilities. Access control is a technique that limits the user's access to certain information items, or the use of certain control functions, by the identity of the user and by some defined group to which it belongs.
The existing big data resource accurate access control system cannot accurately access the big data resource according to the access authority of a user, the identity authentication program is simple, and the access system cannot perform safety control.
Therefore, in view of the above situation, there is an urgent need to develop a system for precisely controlling access to large data resources to overcome the shortcomings in the current practical application.
Disclosure of Invention
The embodiment of the invention aims to provide a big data resource accurate access control system, which aims to solve the problems set forth in the background technology.
The embodiment of the invention is realized in such a way that the big data resource accurate access control system comprises a user login module, an identity authentication module, an authentication module, a resource accurate access module and an information acquisition module:
the user login module is connected with the identity authentication module and is used for inputting identity information by a user to perform login authentication;
the identity authentication module is connected with the authentication module and is used for carrying out matching authentication on the identity information of the user;
the authentication module is connected with the resource accurate access module and is used for carrying out access right matching on the user identity information;
the resource accurate access module is connected with the information acquisition module and is used for users to accurately access the data resources;
the information acquisition module is used for acquiring information of the accurately accessed information.
The further technical scheme comprises a data black box, wherein the data black box is respectively connected with the identity authentication module, the resource accurate access module and the information acquisition module, and the data black box is used for storing information.
According to a further technical scheme, the identity authentication module comprises an identification unit, an identity information acquisition unit and an identity information matching unit, wherein the output end of the identification unit is connected with the identity information acquisition unit, the output end of the identity information acquisition unit is connected with the identity information matching unit, and the output end of the identity information matching unit is connected with the authentication module.
According to a further technical scheme, the output ends of the identity information acquisition unit and the identity information matching unit are respectively connected with the data black box, and the identity information matching unit is used for carrying out matching authentication on the identity information of the user.
According to a further technical scheme, the identification unit comprises a face identification unit, a password identification unit and a fingerprint identification unit, and the face identification unit, the password identification unit and the fingerprint identification unit can be used for carrying out independent identification or joint identification on user identity information.
According to a further technical scheme, the authentication module comprises an authentication information acquisition unit and an authentication information matching unit, the output end of the authentication information acquisition unit is connected with the authentication information matching unit, and the output end of the authentication information matching unit is connected with the resource accurate access module.
According to a further technical scheme, the output ends of the authentication information acquisition unit and the authentication information matching unit are respectively connected with the data black box, and the authentication information matching unit is used for carrying out authentication comparison on the access rights of the user information.
Compared with the prior art, the invention has the beneficial effects that:
1) The information provided by the user can be identified in a multi-level manner through the identification unit in the identity authentication module, the identified information is matched through the identity matching unit, and when the information is not matched, the user is forbidden to access the resource; when the identity information is matched and matched, entering the entered identity information into an authentication module for access authority authentication;
2) The authentication information acquisition unit in the authentication module acquires the input identity information, the authentication information matching unit compares the information in the authentication information base, and the access authority level of the user is identified, so that the user can conveniently access the big data resource, and the privacy protection of the big data resource information is improved;
the big data resource accurate access control system provided by the embodiment of the invention realizes the multi-layer authentication of the user identity information and improves the security of the access system; and the access authority of the user is limited, so that the privacy protection of the large data resource information is improved.
Drawings
Fig. 1 is an overall flowchart of a big data resource accurate access control system provided by an embodiment of the present invention.
Fig. 2 is an authentication flow chart of the identity authentication module of fig. 1.
Fig. 3 is an authentication flow chart of the authentication module of fig. 1.
In the figure: the system comprises a 1-user login module, a 2-identity authentication module, a 21-recognition unit, a 211-face recognition unit, a 212-password recognition unit, a 213-fingerprint recognition unit, a 22-identity information acquisition unit, a 23-identity information matching unit, a 3-authentication module, a 31-authentication information acquisition unit, a 32-authentication information matching unit, a 4-resource accurate access module, a 5-information acquisition module and a 6-data black box.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Specific implementations of the invention are described in detail below in connection with specific embodiments.
As shown in fig. 1 to 3, the big data resource accurate access control system provided by an embodiment of the present invention includes a user login module 1, an identity authentication module 2, an authentication module 3, a resource accurate access module 4, and an information acquisition module 5:
the user login module 1 is connected with the identity authentication module 2, and the user login module 1 is used for inputting identity information by a user and performing login authentication;
the identity authentication module 2 is connected with the authentication module 3, and the identity authentication module 2 is used for carrying out matching authentication on the identity information of the user;
the authentication module 3 is connected with the resource accurate access module 4, and the authentication module 3 is used for carrying out access right matching on the user identity information;
the resource accurate access module 4 is connected with the information acquisition module 5, and the resource accurate access module 4 is used for accurately accessing the data resource by a user;
the information acquisition module 5 is used for acquiring information of the accurately accessed information.
As shown in fig. 1, as a preferred embodiment of the present invention, the system further includes a data black box 6, where the data black box 6 is respectively connected to the identity authentication module 2, the authentication module, the resource precision access module 4 and the information acquisition module 5, and the data black box 6 is used for storing information.
As shown in fig. 1 and 2, as a preferred embodiment of the present invention, the identity authentication module 2 includes an identification unit 21, an identity information obtaining unit 22, and an identity information matching unit 23, wherein an output end of the identification unit 21 is connected to the identity information obtaining unit 22, an output end of the identity information obtaining unit 22 is connected to the identity information matching unit 23, and an output end of the identity information matching unit 23 is connected to the authentication module 3.
As shown in fig. 1 and 2, as a preferred embodiment of the present invention, the output ends of the identity information acquiring unit 22 and the identity information matching unit 23 are respectively connected to the data black box 6, and the identity information matching unit 23 is used for performing matching authentication on the identity information of the user.
As shown in fig. 2, the identification unit 21 includes a face recognition unit 212, a password identification unit 212, and a fingerprint identification unit 213 as a preferred embodiment of the present invention, and the face recognition unit 212, the password identification unit 212, and the fingerprint identification unit 213 can identify user identity information individually or in combination.
The user inputs identity information through the user login module 1, performs multi-layer identification authentication through the identification unit 21 in the identity authentication module 2, acquires the identified identity information through the identity information acquisition unit 22, and performs matching authentication on the acquired identity information and the identity information stored in the identity information library through the identity information matching unit 23; if the entered identity information is not matched with the information in the identity information library, the system prohibits the user from accessing the big data resource; if the entered identity information is matched with the information in the identity information library, the entered identity information is transmitted to the authentication module 3 for access right authentication.
As shown in fig. 1 and 3, as a preferred embodiment of the present invention, the authentication module 3 includes an authentication information acquiring unit 31 and an authentication information matching unit 32, an output end of the authentication information acquiring unit 31 is connected to the authentication information matching unit 32, and an output end of the authentication information matching unit 32 is connected to the resource-accurate access module 4.
As shown in fig. 1 and 3, as a preferred embodiment of the present invention, the output ends of the authentication information obtaining unit 31 and the authentication information matching unit 32 are respectively connected to the data black box 6, and the authentication information matching unit 32 is used for performing authentication comparison on the access rights of the user information.
The authentication information acquisition unit 31 acquires the user identity information transmitted by the identity authentication module 2, the authentication information matching unit 32 compares and matches the acquired user identity information with the information in the authentication information base, the access rights of the user are identified, the access rights of the user are reduced in a hierarchical manner, and the access rights of the user are reduced in a hierarchical manner from unlimited right access to minimum right access; and the user accesses the data resource in the access system according to the access authority level of the user.
The working flow of the invention is as follows:
the user inputs identity information through the user login module 1, performs multi-layer identification authentication through the identification unit 21 in the identity authentication module 2, acquires the identified identity information through the identity information acquisition unit 22, and performs matching authentication on the acquired identity information and the identity information stored in the identity information library through the identity information matching unit 23; if the entered identity information is not matched with the information in the identity information library, the system prohibits the user from accessing the big data resource; if the entered identity information is matched with the information in the identity information library, the entered identity information is transmitted to the authentication module 3 for access right authentication;
the authentication information acquisition unit 31 acquires the user identity information transmitted by the identity authentication module 2, the authentication information matching unit 32 compares and matches the acquired user identity information with the information in the authentication information base, the access rights of the user are identified, the access rights of the user are reduced in a hierarchical manner, and the access rights of the user are reduced in a hierarchical manner from unlimited right access to minimum right access;
the user accesses the big data resources in the accurate access module 4 according to the access authority of the user, and the user acquires the needed big data resources through the information acquisition module 5, which is the workflow of the accurate access control system for the big data resources.
The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the invention.
Claims (1)
1. The utility model provides a big accurate access control system of data resource, includes user login module, authentication module, accurate access module of resource and information acquisition module, still includes the data black box, the data black box is connected with authentication module, accurate access module of resource and information acquisition module respectively, the data black box is used for storing its characterized in that to the information:
the user login module is connected with the identity authentication module and is used for inputting identity information by a user to perform login authentication;
the identity authentication module is connected with the authentication module and is used for carrying out matching authentication on the identity information of the user;
the identity authentication module comprises an identification unit, an identity information acquisition unit and an identity information matching unit, wherein the output end of the identification unit is connected with the identity information acquisition unit, the output end of the identity information acquisition unit is connected with the identity information matching unit, and the output end of the identity information matching unit is connected with the authentication module;
the output ends of the identity information acquisition unit and the identity information matching unit are respectively connected with the data black box, and the identity information matching unit is used for carrying out matching authentication on the identity information of the user;
the identification unit comprises a face identification unit, a password identification unit and a fingerprint identification unit, wherein the face identification unit, the password identification unit and the fingerprint identification unit can be used for carrying out independent identification or joint identification on user identity information;
the authentication module is connected with the resource accurate access module and is used for carrying out access right matching on the user identity information;
the authentication module comprises an authentication information acquisition unit and an authentication information matching unit, wherein the output end of the authentication information acquisition unit is connected with the authentication information matching unit, and the output end of the authentication information matching unit is connected with the resource accurate access module;
the output ends of the authentication information acquisition unit and the authentication information matching unit are respectively connected with the data black box, and the authentication information matching unit is used for carrying out authentication comparison on the access rights of the user information;
the resource accurate access module is connected with the information acquisition module and is used for users to accurately access the data resources;
the information acquisition module is used for acquiring information of the accurately accessed information;
the user inputs identity information through the user login module, multi-layer identification authentication is performed through an identification unit in the identity authentication module, the identity information after identification is acquired through an identity information acquisition unit, and the acquired identity information is matched and authenticated with the identity information stored in the identity information library through an identity information matching unit; if the entered identity information is not matched with the information in the identity information library, the system prohibits the user from accessing the big data resource; if the entered identity information is matched with the information in the identity information library, the entered identity information is transmitted to an authentication module for access right authentication;
the authentication information acquisition unit acquires the user identity information transmitted by the identity authentication module, the authentication information matching unit compares and matches the acquired user identity information with information in an authentication information base, the access authority of the user is identified, the access authority of the user is reduced in a hierarchical manner, and the access authority of the user is reduced in a hierarchical manner from unlimited authority access to minimum authority access level;
the user accesses the big data resources in the resource accurate access module according to the access authority of the user, and the user acquires the needed big data resources through the information acquisition module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110976874.0A CN113688364B (en) | 2021-08-24 | 2021-08-24 | Big data resource accurate access control system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110976874.0A CN113688364B (en) | 2021-08-24 | 2021-08-24 | Big data resource accurate access control system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113688364A CN113688364A (en) | 2021-11-23 |
| CN113688364B true CN113688364B (en) | 2024-01-19 |
Family
ID=78582201
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110976874.0A Active CN113688364B (en) | 2021-08-24 | 2021-08-24 | Big data resource accurate access control system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113688364B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117395079B (en) * | 2023-12-06 | 2024-04-12 | 深圳优道科技有限公司 | Identity authentication system based on big data information management |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101764742A (en) * | 2009-12-30 | 2010-06-30 | 福建星网锐捷网络有限公司 | Network resource visit control system and method |
| CN105847305A (en) * | 2016-06-21 | 2016-08-10 | 新昌县七星街道明盛模具厂 | Safe processing and accessing method of cloud resource |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
-
2021
- 2021-08-24 CN CN202110976874.0A patent/CN113688364B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101764742A (en) * | 2009-12-30 | 2010-06-30 | 福建星网锐捷网络有限公司 | Network resource visit control system and method |
| CN105847305A (en) * | 2016-06-21 | 2016-08-10 | 新昌县七星街道明盛模具厂 | Safe processing and accessing method of cloud resource |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113688364A (en) | 2021-11-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7526794B2 (en) | Data perspectives in controller system and production management systems | |
| CN104573457B (en) | A kind of intelligent accelerator control system and its control method based on cloud platform | |
| WO2022021696A1 (en) | Multi-information source-based whole-process blockchain system | |
| EP0944980A1 (en) | Method and system for improving security in network applications | |
| CN1971581A (en) | Identify authentication system and method employing wireless RF card and fingerprint recognition | |
| CN113688364B (en) | Big data resource accurate access control system | |
| CN104933341A (en) | Authority management method, and terminal | |
| CN111931140A (en) | Authority management method, resource access control method and device and electronic equipment | |
| CN111510489A (en) | Internet of things data acquisition and analysis system based on artificial intelligence | |
| CN110648673A (en) | Voice recognition method and system for intelligent stamping machine | |
| Xu | Application Research Based on Machine Learning in Network Privacy Security | |
| CN103532956A (en) | Biological information-based authentication method in cloud operation system | |
| CN116437355A (en) | Radio frequency fingerprint-based wireless equipment identity authentication method and device | |
| CN114360129A (en) | Access control management method, system and equipment, and storage medium | |
| TWI701930B (en) | Method, device and computer storage medium for managing password | |
| Yu et al. | An apriori-based knowledge mining method for product configuration design | |
| CN110851808A (en) | Identity authentication method and device, electronic equipment and computer readable storage medium | |
| CN117633756A (en) | Identity recognition authentication method | |
| CN108537061A (en) | A kind of financial data security system | |
| CN112115446B (en) | Skyline query biological feature-based identity authentication method and system | |
| CN111241516B (en) | Information safety protection method and system for intelligent manufacturing system | |
| CN117077210B (en) | Financial data query method and system | |
| CN117278334B (en) | Intelligent operation and maintenance management method and system for Internet of things | |
| CN114969802A (en) | Big data platform security assessment method | |
| Jiang et al. | Research on the Design of Power System Business Risk Control System Based on Device Fingerprint under Network Technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |