CN115118736A - Authority management method and system - Google Patents
Authority management method and system Download PDFInfo
- Publication number
- CN115118736A CN115118736A CN202210734364.7A CN202210734364A CN115118736A CN 115118736 A CN115118736 A CN 115118736A CN 202210734364 A CN202210734364 A CN 202210734364A CN 115118736 A CN115118736 A CN 115118736A
- Authority
- CN
- China
- Prior art keywords
- encryption
- information
- equipment
- management module
- receiving
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
Abstract
The disclosed embodiment relates to a method and a system for managing authority, which comprises the following steps: receiving request information for logging in a management platform; acquiring list information of encryption equipment synchronized in real time by a management platform; receiving application use information of the first encryption equipment in the list information, and sending the application use information to an administrator; if the administrator selects to pass, establishing communication connection with the equipment management module where the first encryption equipment is located, and receiving the use request information which is sent by the equipment management module and related to the first encryption equipment; and performing data interaction with the first encryption equipment, and after receiving the disconnection instruction information, reconstructing the first encryption equipment. In the embodiment, by applying and using the encryption device on line, the contradiction between the frequent use and the proper management of the encryption device can be well solved, and the possibility that the encryption device is lost after frequent use is also avoided.
Description
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to a method and a system for managing permissions.
Background
With the development of the application of the cloud computing technology, desktop virtualization is applied more and more in various industries in recent years. However, specific to a specific industry, in addition to the remote control requirement of desktop virtualization, the remote control method further has a redirection use requirement for various USB device ends. It can be said that the virtual redirection of the USB device is the key to enrich the usage requirement of the cloud desktop, and specific service operations cannot be satisfied under specific service scenarios without the support of the peripheral devices, for example: various devices such as a U disk, a camera, a high-speed shooting instrument, a printer, a handle and the like play a key role in specific service scenes.
There are devices that are not complex in function but have a high requirement for security because of their special use, such as the various devices like the U shield or the dongle of a bank card. The management of such devices is usually personal, but is subject to various reasons, and there is inconvenience or risk in use. For example, frequent use is contradictory to proper management, and inconvenient use or loss often occurs after use.
Accordingly, there is a need to ameliorate one or more of the problems with the related art solutions described above.
It is noted that this section is intended to provide a background or context to the disclosure as recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.
Disclosure of Invention
An object of the disclosed embodiments is to provide a rights management method and system, which overcome one or more of the problems due to the limitations and disadvantages of the related art, at least to some extent.
The disclosed embodiment first provides a rights management method, including:
receiving request information for logging in a management platform;
acquiring list information of the encryption equipment synchronized by the management platform in real time;
receiving application use information of the first encryption equipment in the list information, judging whether the application use information exceeds access authority or not, and if so, sending the application use information to an administrator;
if the administrator selects to pass, establishing communication connection with an equipment management module where the first encryption equipment is located, and receiving the use request information which is sent by the equipment management module and related to the first encryption equipment;
and performing data interaction with the first encryption equipment, and after receiving the disconnection instruction information, reconstructing the first encryption equipment.
In an embodiment of the present disclosure, the step of establishing a communication connection with a device management module in which the first encryption device is located includes:
receiving parameter information of the equipment management module sent by the management platform;
and calling the equipment management module to connect through the parameter information, and sending the equipment information of the first encryption equipment to the equipment management module.
In an embodiment of the present disclosure, the step of calling the device management module to connect through the parameter information includes:
and a signaling channel is established between the first encryption device and the device management module so as to send the device information of the first encryption device to the device management module through signaling.
In an embodiment of the present disclosure, the step of receiving the information about the request for use of the first encryption device sent by the device management module includes:
and receiving the addition request information sent by the first encryption device, and establishing a data stream channel to transfer the data request information by using the data stream channel.
In an embodiment of the present disclosure, the step of receiving the information about the request for use of the first encryption device sent by the device management module includes:
and receiving the offline request information of the first encryption device sent by the device management module, and releasing the first encryption device.
In an embodiment of the present disclosure, the management platform sets a duration of use of the first encryption device according to a user level, and notifies the device management module when the duration of use of the first encryption device expires, so as to send the offline request information through the device management module.
In an embodiment of the present disclosure, the step of destructuring the first encryption device after the interaction is ended includes:
and receiving request information for quitting the first encryption device, disconnecting the interaction with the first encryption device, and destructuring the first encryption device to finish the return of the first encryption device.
In an embodiment of the present disclosure, the step of performing data interaction with the first encryption device includes:
receiving operation information for stopping the current data interaction, and judging whether the grade of a stopping user is higher than the grade of a user currently carrying out data interaction;
and if the user level is higher than the current user level for data interaction, directly stopping the data interaction with the first encryption equipment.
In an embodiment of the present disclosure, the management platform receives the device management module information registered or unregistered by the administrator, and grasps the plug information of the encryption device in real time through the device management module, so as to synchronize the list information of the encryption device currently online in real time.
An embodiment of the present disclosure further provides a rights management system, including:
the virtual equipment is used for receiving request information for logging in the management platform; the management platform is used for acquiring list information of the encryption equipment synchronized in real time by the management platform; the system comprises a list information receiving unit, a first encryption device and a second encryption device, wherein the list information is used for receiving application use information of the first encryption device in the list information, judging whether the application use information exceeds an access authority, and if the application use information exceeds the access authority, sending the application use information to an administrator; if the administrator selects to pass, the virtual device establishes communication connection with a device management module where the first encryption device is located, and receives the use request information which is sent by the device management module and related to the first encryption device; the virtual equipment performs data interaction with the first encryption equipment, and constructs the first encryption equipment after the interaction is finished;
the management platform is used for receiving the equipment management module information registered or unregistered by the administrator, mastering the plugging and unplugging information of the encryption equipment in real time through the equipment management module, synchronizing the list information of the encryption equipment on line in real time, and sending the list information of the encryption equipment after receiving the request information of the virtual equipment;
the device management module is externally provided with a plurality of encryption devices, synchronizes list information of the encryption devices to the management platform in real time, sends the adding request information of the first encryption device to the virtual device after receiving the calling information of the virtual device, and reports the device information of the first encryption device.
The technical scheme provided by the embodiment of the disclosure can have the following beneficial effects:
according to the authority management method and system in the embodiment of the disclosure, the list information of the encryption equipment synchronized in real time by the management platform is received, and the state information of the encryption equipment is displayed on the virtual equipment, so that a user can check, select and apply the needed encryption equipment, and in the process of applying for the encryption equipment, if the user temporarily uses the encryption equipment without authorization, the encryption equipment can be used only after the approval of an administrator is required, so that the confidentiality of the encryption equipment is further ensured.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty.
FIG. 1 illustrates a flowchart of a method of rights management in an exemplary embodiment of the present disclosure;
fig. 2 shows a diagram of a rights management system in an exemplary embodiment of the present disclosure.
Reference numerals:
100. a virtual device; 200. a management platform; 300. a device management module; 301. an encryption device.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
Furthermore, the drawings are merely schematic illustrations of embodiments of the disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities.
The example embodiment provides a rights management method, which may include:
step S101, receiving request information for logging in the management platform 200;
step S102, acquiring list information of the encryption equipment 301 synchronized in real time by the management platform 200;
step S103, receiving application use information of the first encryption device 301 in the list information, judging whether the application use information exceeds the access authority, and if so, sending the application use information to an administrator;
step S104, if the administrator selects to pass, establishing communication connection with the device management module 300 where the first encryption device 301 is located, and receiving the use request information related to the first encryption device 301 sent by the device management module 300;
step S105, performing data interaction with the first encryption device 301, and after receiving the disconnection instruction information, reconstructing the first encryption device 301.
Specifically, most existing office systems adopt cloud office systems, and may be configured by a virtual desktop, a zero terminal, and a virtual device 100, such as a virtual machine, where the zero terminal is configured to receive an image of the virtual desktop, and reversely transmit local information, such as a mouse and a keyboard, to the virtual device 100, and then the local information is injected into the virtual desktop corresponding to the current zero terminal by the virtual device 100. The virtual appliance 100 is a service process in the cloud virtual operating system. After a user logs in a virtual machine on a virtual desktop, the desktop displays an application icon named as the management platform 200, for example, when the user needs to use a certain encryption device 301 temporarily, the encryption device 301 may be, for example, a bank card U shield or a dongle or a special USB device that needs to be limited, where no specific limitation is made, the user may log in the management platform 200 to view the currently online encryption device 301, the management platform 200 may synchronize list information of the currently online encryption device 301 in real time, that is, parameters and state information of a plurality of encryption devices 301 are displayed in the list, and if the user requests that the first encryption device 301 displays a usable state, the user may initiate a use application. For example, the first encryption device 301 may be right-clicked to select an apply button in a menu bar, which is not particularly limited.
If the application information of the first encryption device 301 operated by the user is in the authority related to the user account, the user can directly use the first encryption device 301 without the consent of the administrator; for example, two parts of content are displayed in the list information of the management platform 200, one part of the content may be device list information in the authority related to the account, and the encryption setting in the device list can be directly used by the user as long as the idle state is displayed; the other part can be the device list information temporarily used without authorization, if the user uses the encryption device without authorization, the use application information operated by the user can be sent to the administrator, and the administrator can select to pass or reject after receiving the application. If the administrator selects to pass, the management platform 200 sends the address information of the device management module 300 where the first encryption device 301 is located to the virtual device 100, and the virtual device 100 calls the device management module 300 to connect after receiving the address information, and sends the device information of the first encryption device 301, which is applied by the user for use, to the device management module 300 through a signaling.
Furthermore, when the virtual device 100 calls the device management module 300, a connection request is sent to the device management module 300, and the information of the first encryption device 301 is sent to the device management module 300 as a filtering policy, after receiving the device request information of the first encryption device 301, the device management module 300 first checks whether the enumerated USB devices are matched, if so, the addition request information of the USB device corresponding to the first encryption device 301 is sent to the virtual device 100, and the device information of the first encryption device 301 is reported to the management platform 200, and the management platform 200 updates the usage state information of the encryption device 301 in real time.
After receiving the addition request information of the encryption device 301, the virtual device 100 establishes a data stream channel of the USB device corresponding to the first encryption device 301, and transmits the relevant USB request block request information using the channel. After normal interaction with the USB equipment is finished, the virtual desktop displays virtual request equipment, and a user can normally use the currently applied equipment through reverse control. When the user finishes using the requested device, the requested device is released, thereby disconnecting the connection, and the virtual device 100 destructs the requesting device to finish returning the requesting device for the next request.
It should be noted that the device management module 300, as a special terminal device, can provide USB device management function, and may be in the form of a multi-port USB HUB (Universal Serial Bus HUB). In addition, the administrator registers or de-registers the device management module 300 in the background and simultaneously issues a white list of the encryption devices 301. In addition, after the device management module 300 registers, it will report all enumerated devices, and if the listed devices conform to the white list of the encryption device 301, the management platform 200 will register the devices, and after that, all the plugging and unplugging device actions of the device management module 300 will submit corresponding information to the management platform 200, so that the management platform 200 can synchronize the encryption device 301 currently online in real time.
In this embodiment, the list information of the encryption device 301 synchronized in real time by the management platform 200 is received, and the status information of the encryption device 301 is displayed on the virtual device, so that the user can view, select and apply the required encryption device 301, and if the user temporarily uses the encryption device without authorization in the process of applying for the encryption device 301, the encryption device can be used only after approval of an administrator, so as to further ensure the confidentiality of the encryption device 301.
Optionally, in some embodiments, step S104 includes step S1041, of receiving parameter information of the device management module 300 sent by the management platform 200; step S1042, calling the device management module 300 to connect through the parameter information, and sending the device information of the first encryption device 301 to the device management module 300.
Specifically, the management platform 200 may send the address information of the device management module 300 where the first encryption device 301 is located to the virtual device 100, and after receiving the address information, the virtual device 100 may call the corresponding device management module 300 to connect, and send the device information of the first encryption device 301, which is applied by the user for use, to the device management module 300 through a signaling. The arrangement can quickly locate the position of the device management module 300 where the first encryption device 301 is located, without traversing each device management module 300 to find the first encryption device 301, thereby improving the connection efficiency.
Optionally, in some embodiments, the step S1042 includes the step S10421 of establishing a signaling channel with the device management module 300, so as to send the device information of the first encryption device 301 to the device management module 300 through signaling.
Specifically, the setting of the signaling channel can detect and reflect the states of the network and the user, so as to ensure the normal operation of the network and improve the operation efficiency, and further ensure the confidentiality of the encryption device 301 in the use process.
Optionally, in some embodiments, the step S104 includes, in step S1043, receiving the addition request information sent by the first encryption device 301, and establishing a data stream channel to use the data stream channel to communicate the data request information.
Specifically, after receiving the add request of the encryption device 301, the virtual device 100 establishes a data stream channel associated with the encryption device 301, and uses the channel to transfer a relevant URB (USB request block) request, where the URB is a basic carrier and a core data structure used in a USB device driver to describe communication with the USB device, and is an encapsulation for transmitting data between the USB host and the device, and can ensure security during data transmission.
Optionally, in some embodiments, the step S104 includes a step S1044 of receiving the offline request information of the first encryption device 301 sent by the device management module 300, and releasing the first encryption device 301.
In particular, the settings of the management platform 200 enable control of the time at which the user uses the encryption device 301. In an example, the management platform 200 sets the usage duration of the first encryption device 301 according to a user level, and notifies the device management module 300 when the usage duration of the first encryption device 301 expires, so as to send the offline request information through the device management module 300. For example, the user can only apply for a usage right of 10 minutes according to his own level, and then after the time of 10 minutes expires, the management platform 200 may notify the device management module 300 that the time of the user using the encryption device 301 expires, the device management module 300 may initiate an offline request of the encryption device 301 to the virtual device 100, and the user may see the popped offline request of the encryption device 301 on the virtual desktop, which may be set to directly release the security device from the virtual device 100 after the end of the countdown time, thereby interrupting the use of the user.
Optionally, in some embodiments, the step S105 includes a step S1051 of receiving request information for exiting the first encryption device 301, disconnecting the interaction with the first encryption device 301, and destructuring the first encryption device 301 to complete the return of the first encryption device 301.
Specifically, after the user uses the encryption device 301, the user may disconnect the encryption device by simulating a pull-out event, the virtual device 100 may release the encryption device 301 and complete the operation of returning the encryption device 301 to wait for the next request, or the management platform 200 receives a corresponding pull-out instruction to complete the return of the encryption device 301, and this setting can ensure that the encryption device 301 is completely released to ensure the confidentiality of the encryption device 301.
Optionally, in some embodiments, step S105 includes step S1052, receiving operation information for suspending the current data interaction, and determining whether a level of a suspension user is higher than a level of a user currently performing the data interaction; step S1053, if the level is higher than the level of the user currently performing data interaction, directly stopping the data interaction with the first encryption device 301.
Specifically, when a user with higher authority sees that a certain encryption device 301 is in a use state, an operation of using a terminal by the encryption device 301 can be initiated, and at this time, the current user is directly forced to interrupt the use of the encryption device 301, so that the encryption device 301 is released for the user with higher authority to use. It should be noted that if the user login management platform 200 of another peer level or a lower level sees that a certain encryption device 301 is in use, it cannot be used.
Also provided in this example embodiment is a rights management system that may include a virtual appliance 100, a management platform 200, and an appliance management module 300.
The virtual device 100 is configured to receive request information for logging in the management platform 200; list information of the encryption device 301 for acquiring real-time synchronization of the management platform 200; the system is used for receiving application use information of the first encryption device 301 in the list information, judging whether the application use information exceeds the access authority or not, and if the application use information exceeds the access authority, sending the application use information to an administrator; if the administrator selects to pass, the virtual device 100 establishes a communication connection with the device management module 300 where the first encryption device 301 is located, and receives the use request information about the first encryption device 301 sent by the device management module 300; the virtual device 100 performs data interaction with the first encryption device 301, and reconstructs the first encryption device 301 after the interaction is finished;
the management platform 200 is configured to receive information of the device management module 300 that the administrator registers or deregisters, and grasp plug and pull information of the encryption device 301 in real time through the device management module 300, so as to synchronize list information of the encryption device 301 that is currently online in real time, and send the list information of the encryption device 301 after receiving request information of the virtual device 100;
the device management module 300 is externally provided with a plurality of encryption devices 301, synchronizes list information of the plurality of encryption devices 301 to the management platform 200 in real time, sends addition request information of the first encryption device 301 to the virtual device 100 after receiving call information of the virtual device, and reports device information of the first encryption device 301.
The right management system is implemented by using the right management method of the above embodiment, and the specific implementation can be understood by referring to the above embodiment, which is not described herein again.
Optionally, in some embodiments, the virtual device 100 is configured to receive parameter information of the device management module 300 sent by the management platform 200; calling the device management module 300 to connect through the parameter information, and sending the device information of the first encryption device 301 to the device management module 300.
Optionally, in some embodiments, a signaling channel is established between the virtual device 100 and the device management module 300, so as to send the device information of the first encryption device 301 to the device management module 300 through signaling.
Optionally, in some embodiments, the virtual device 100 is configured to receive the addition request information sent by the first encryption device 301, and establish a data stream channel to communicate the data request information using the data stream channel.
Optionally, in some embodiments, the virtual device 100 is configured to receive the offline request information of the first encryption device 301 sent by the device management module 300, and release the first encryption device 301.
Optionally, in some embodiments, the management platform 200 sets a usage duration of the first encryption device 301 according to a user level, and notifies the device management module 300 when the usage duration of the first encryption device 301 expires, so as to send the offline request information through the device management module 300.
Optionally, in some embodiments, the virtual device 100 is configured to receive request information for exiting the first encryption device 301, disconnect the interaction with the first encryption device 301, and destruct the first encryption device 301 to complete the return of the first encryption device 301.
Optionally, in some embodiments, the virtual device 100 is configured to receive operation information for suspending the current data interaction, and determine whether a level of a suspension user is higher than a level of a user currently performing the data interaction; if the user level is higher than the current user level for data interaction, the data interaction with the first encryption device 301 is directly suspended.
Optionally, in some embodiments, the management platform 200 receives the device management module 300 information registered or unregistered by the administrator, and grasps the plug information of the encryption device 301 in real time through the device management module 300, so as to synchronize the list information of the encryption device 301 currently online in real time.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present disclosure. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples described in this specification can be combined and combined by those skilled in the art.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
Claims (10)
1. A method of rights management, comprising:
receiving request information for logging in a management platform;
acquiring list information of the encryption equipment synchronized by the management platform in real time;
receiving application use information of the first encryption equipment in the list information, judging whether the application use information exceeds the access authority, and if so, sending the application use information to an administrator;
if the administrator selects to pass, establishing communication connection with an equipment management module where the first encryption equipment is located, and receiving the use request information which is sent by the equipment management module and related to the first encryption equipment;
and performing data interaction with the first encryption equipment, and after receiving the disconnection instruction information, reconstructing the first encryption equipment.
2. The rights management method according to claim 1, wherein the step of establishing a communication connection with a device management module in which the first encryption device is located includes:
receiving parameter information of the equipment management module sent by the management platform;
and calling the equipment management module to connect through the parameter information, and sending the equipment information of the first encryption equipment to the equipment management module.
3. The rights management method of claim 2, wherein the step of calling the device management module for connection through the parameter information comprises:
and a signaling channel is established between the first encryption device and the device management module so as to send the device information of the first encryption device to the device management module through signaling.
4. The rights management method according to claim 1, wherein the step of receiving the usage request information about the first encryption device sent by the device management module includes:
and receiving the addition request information sent by the first encryption equipment, and establishing a data stream channel to use the data stream channel to convey the data request information.
5. The rights management method according to claim 1, wherein the step of receiving the usage request information about the first encryption device sent by the device management module includes:
and receiving the offline request information of the first encryption device sent by the device management module, and releasing the first encryption device.
6. The rights management method of claim 5, wherein the management platform sets a duration of use of the first encryption device according to a user level, and notifies the device management module when the duration of use of the first encryption device expires, so as to send the offline request information through the device management module.
7. The rights management method of claim 1, wherein the step of deconstructing the first encryption device after the interaction is completed comprises:
and receiving request information for quitting the first encryption device, disconnecting the interaction with the first encryption device, and destructuring the first encryption device to finish the return of the first encryption device.
8. The rights management method of claim 1, wherein the step of interacting data with the first encryption device comprises:
receiving operation information for stopping the current data interaction, and judging whether the grade of a stopping user is higher than the grade of a user currently carrying out data interaction;
and if the user level is higher than the current user level for data interaction, directly stopping the data interaction with the first encryption equipment.
9. The rights management method of claim 1, wherein the management platform receives the device management module information registered or unregistered by the administrator, and grasps plug and pull information of the encryption device in real time through the device management module to synchronize list information of the encryption device currently online in real time.
10. A rights management system, comprising:
the virtual equipment is used for receiving request information for logging in the management platform; the management platform is used for acquiring list information of the encryption equipment synchronized in real time by the management platform; the system comprises a list information receiving unit, a first encryption device and a second encryption device, wherein the list information is used for receiving application use information of the first encryption device in the list information, judging whether the application use information exceeds an access authority, and if the application use information exceeds the access authority, sending the application use information to an administrator; if the administrator selects to pass, the virtual device establishes communication connection with a device management module where the first encryption device is located, and receives the use request information which is sent by the device management module and related to the first encryption device; the virtual equipment performs data interaction with the first encryption equipment, and reconstructs the first encryption equipment after the interaction is finished;
the management platform is used for receiving the equipment management module information registered or unregistered by the administrator, mastering the plugging and unplugging information of the encryption equipment in real time through the equipment management module, synchronizing the list information of the encryption equipment on line in real time, and sending the list information of the encryption equipment after receiving the request information of the virtual equipment;
the device management module is externally provided with a plurality of encryption devices, synchronizes list information of the encryption devices to the management platform in real time, sends the adding request information of the first encryption device to the virtual device after receiving the calling information of the virtual device, and reports the device information of the first encryption device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210734364.7A CN115118736A (en) | 2022-06-27 | 2022-06-27 | Authority management method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210734364.7A CN115118736A (en) | 2022-06-27 | 2022-06-27 | Authority management method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115118736A true CN115118736A (en) | 2022-09-27 |
Family
ID=83331259
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210734364.7A Pending CN115118736A (en) | 2022-06-27 | 2022-06-27 | Authority management method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115118736A (en) |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1968101A (en) * | 2006-11-23 | 2007-05-23 | 杭州华为三康技术有限公司 | Method, system and administrative server for front-end equipment control |
| US20090300710A1 (en) * | 2006-02-28 | 2009-12-03 | Haixin Chai | Universal serial bus (usb) storage device and access control method thereof |
| CN102739623A (en) * | 2011-04-15 | 2012-10-17 | 华为终端有限公司 | Authorization method and terminal device |
| CN103020517A (en) * | 2012-11-28 | 2013-04-03 | 福建伊时代信息科技股份有限公司 | Exchange visit method and system for USB virtual desktop equipment |
| JP2013075422A (en) * | 2011-09-30 | 2013-04-25 | Kyocera Document Solutions Inc | Image forming device |
| CN105187362A (en) * | 2014-06-23 | 2015-12-23 | 中兴通讯股份有限公司 | Method and device for connection authentication between desktop cloud client and server-side |
| CN106649772A (en) * | 2016-12-27 | 2017-05-10 | 上海上讯信息技术股份有限公司 | Method and equipment for accessing data |
| CN108632354A (en) * | 2018-04-02 | 2018-10-09 | 新华三云计算技术有限公司 | Physical machine receives pipe method, apparatus and cloud desktop management platform |
| CN109039792A (en) * | 2018-10-30 | 2018-12-18 | 深信服科技股份有限公司 | Management method, device, equipment and the storage medium of network management device |
| CN109067748A (en) * | 2018-08-13 | 2018-12-21 | 北京奇虎科技有限公司 | Access right distribution method, device and the electronic equipment of shared device |
| CN109697107A (en) * | 2018-12-18 | 2019-04-30 | 山东超越数控电子股份有限公司 | A kind of method and realization system of self-service resource bid |
| CN111930653A (en) * | 2020-07-13 | 2020-11-13 | 四川钛阁科技有限责任公司 | Remote distribution use method and device of USB (universal serial bus) equipment |
| CN112347439A (en) * | 2020-11-11 | 2021-02-09 | 西安万像电子科技有限公司 | Method and system for visitor login access |
| CN112463661A (en) * | 2020-12-14 | 2021-03-09 | 西安网虫信息科技有限公司 | USB device management system and management method |
| CN112800399A (en) * | 2021-01-26 | 2021-05-14 | 苏州浪潮智能科技有限公司 | Authority management method, system and related device of Presto query platform |
| CN113254892A (en) * | 2021-06-11 | 2021-08-13 | 西安万像电子科技有限公司 | Access processing method, device, storage medium and electronic equipment |
-
2022
- 2022-06-27 CN CN202210734364.7A patent/CN115118736A/en active Pending
Patent Citations (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090300710A1 (en) * | 2006-02-28 | 2009-12-03 | Haixin Chai | Universal serial bus (usb) storage device and access control method thereof |
| CN1968101A (en) * | 2006-11-23 | 2007-05-23 | 杭州华为三康技术有限公司 | Method, system and administrative server for front-end equipment control |
| CN102739623A (en) * | 2011-04-15 | 2012-10-17 | 华为终端有限公司 | Authorization method and terminal device |
| JP2013075422A (en) * | 2011-09-30 | 2013-04-25 | Kyocera Document Solutions Inc | Image forming device |
| CN103020517A (en) * | 2012-11-28 | 2013-04-03 | 福建伊时代信息科技股份有限公司 | Exchange visit method and system for USB virtual desktop equipment |
| CN105187362A (en) * | 2014-06-23 | 2015-12-23 | 中兴通讯股份有限公司 | Method and device for connection authentication between desktop cloud client and server-side |
| CN106649772A (en) * | 2016-12-27 | 2017-05-10 | 上海上讯信息技术股份有限公司 | Method and equipment for accessing data |
| CN108632354A (en) * | 2018-04-02 | 2018-10-09 | 新华三云计算技术有限公司 | Physical machine receives pipe method, apparatus and cloud desktop management platform |
| CN109067748A (en) * | 2018-08-13 | 2018-12-21 | 北京奇虎科技有限公司 | Access right distribution method, device and the electronic equipment of shared device |
| CN109039792A (en) * | 2018-10-30 | 2018-12-18 | 深信服科技股份有限公司 | Management method, device, equipment and the storage medium of network management device |
| CN109697107A (en) * | 2018-12-18 | 2019-04-30 | 山东超越数控电子股份有限公司 | A kind of method and realization system of self-service resource bid |
| CN111930653A (en) * | 2020-07-13 | 2020-11-13 | 四川钛阁科技有限责任公司 | Remote distribution use method and device of USB (universal serial bus) equipment |
| CN112347439A (en) * | 2020-11-11 | 2021-02-09 | 西安万像电子科技有限公司 | Method and system for visitor login access |
| CN112463661A (en) * | 2020-12-14 | 2021-03-09 | 西安网虫信息科技有限公司 | USB device management system and management method |
| CN113778918A (en) * | 2020-12-14 | 2021-12-10 | 西安网虫信息科技有限公司 | USB device management system and management method |
| CN112800399A (en) * | 2021-01-26 | 2021-05-14 | 苏州浪潮智能科技有限公司 | Authority management method, system and related device of Presto query platform |
| CN113254892A (en) * | 2021-06-11 | 2021-08-13 | 西安万像电子科技有限公司 | Access processing method, device, storage medium and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109471710B (en) | Task request processing method and device, processor, terminal and server | |
| JP7058654B2 (en) | Resource sharing methods, equipment and systems | |
| CN101795269B (en) | Presence information sharing apparatus, method, program and system | |
| GB2289186A (en) | Collaborative working method and system | |
| WO2012169702A1 (en) | Device and method for performing pre-linking activity per application according to android application execution request | |
| WO2010062064A4 (en) | Method and apparatus for controlling access to resources in remote user interface service | |
| EP2945337A2 (en) | Method, system and server for service switching | |
| WO2012144806A2 (en) | Network connection system for sharing data among independent networks | |
| WO2010087829A1 (en) | Selectively communicating data of a peripheral device to plural sending computers | |
| CN112507295A (en) | Data processing method and system | |
| US20130132586A1 (en) | Selective Connection Between Corresponding Communication Components Involved in a Teleconference | |
| CN111586042A (en) | Multi-screen interaction method, terminal and storage medium | |
| WO2014181970A1 (en) | Method and apparatus for managing application data of portable terminal | |
| CN107995295B (en) | Network video application sharing management system based on cell virtualization server | |
| CN115118736A (en) | Authority management method and system | |
| WO2014073760A1 (en) | Set-top box based cloud service method | |
| CN108874699B (en) | Method and device for using MTP (Multi-time transfer protocol) function by multiple systems and electronic equipment | |
| CN112395242B (en) | Multi-chip control method, device, electronic equipment and computer readable storage medium | |
| WO2013125883A1 (en) | Drm/cas service device and method using security context | |
| CN113973132A (en) | USB device sharing method and device, electronic device and storage medium | |
| WO2013027919A1 (en) | Method and apparatus for generating an automatic personal virtualization in a cloud computing environment | |
| CN117544663A (en) | Cloud desktop peripheral connection method and computer readable storage medium | |
| TWM652215U (en) | Software resource sharing system | |
| KR101204502B1 (en) | Security method for data files in mobile | |
| CN115134355B (en) | Desktop cloud data transmission method and related equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |