CN115967579A - Monitoring method and device for access data, terminal equipment and storage medium - Google Patents
Monitoring method and device for access data, terminal equipment and storage medium Download PDFInfo
- Publication number
- CN115967579A CN115967579A CN202211742968.2A CN202211742968A CN115967579A CN 115967579 A CN115967579 A CN 115967579A CN 202211742968 A CN202211742968 A CN 202211742968A CN 115967579 A CN115967579 A CN 115967579A
- Authority
- CN
- China
- Prior art keywords
- access
- data
- level
- levels
- supervision
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method and a device for supervising access data, terminal equipment and a storage medium, wherein the method for supervising the access data comprises the following steps: when an access request for accessing data is received, performing real-time uplink supervision on access information corresponding to the access request according to a block chain, and acquiring an access level of the access data and performing real-time uplink supervision on the access level according to the block chain, wherein the access level comprises a plurality of stages of access levels; sequentially confirming whether at least one authorizing party of each of the multiple stage access levels authorizes the access request according to the level sequence of the multiple stage access levels, and carrying out real-time uplink supervision on the authorizing process of each authorizing party on the access request according to the block chain; and if the authorization of each authorizing party of the access levels of the multiple stages for accessing the data is successful, allowing the access to the data. Therefore, the situation that data access is not in compliance or is abused is prevented, and the safety of data access is improved.
Description
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a method and an apparatus for supervising access data, a terminal device, and a computer storage medium.
Background
With the development of communication networks, big data analysis, data management, big data application or big data storage has huge development potential in the field of supply chains, and in the practice of practical data application, the access authority of data is different according to practical application scenes, so that scenes that the data can be accessed without authorization exist, scenes that the data can be accessed only after being authorized by a single authorized party also exist, and meanwhile, scenes that a plurality of authorized parties can access the data after being authorized by all the authorized parties exist.
However, in the case of "common" data between two adjacent levels of providers, joint authorization is required to view the data, that is, in the case of accessing the data after authorization by multiple authorized parties, the privacy protection of the data is high, disputes are much, and situations of non-compliance data access or misuse of data access are easy to occur.
In summary, a new technical solution is needed to solve the problem of poor security of data authorization and access.
Disclosure of Invention
The invention mainly aims to provide a method for supervising access data, terminal equipment and a computer storage medium, aiming at realizing multilevel authorization management aiming at the access data and carrying out real-time supervision aiming at access information and each authorized access node, thereby preventing the conditions that the data access is not compliant or the data access is abused and further improving the security of the access data.
In order to achieve the above object, the present invention provides a method for supervising access data, wherein the method for supervising access data comprises the following steps:
when an access request for accessing data is received, performing real-time uplink supervision on access information corresponding to the access request according to a block chain, and acquiring an access level of the access data and performing real-time uplink supervision on the access level according to the block chain, wherein the access level comprises a plurality of stages of access levels;
sequentially confirming whether at least one authorizing party of each of the multiple stage access levels authorizes the access request according to the level sequence of the multiple stage access levels, and performing real-time uplink supervision on the authorizing process of the access request by aiming at each authorizing party according to the block chain;
and if the authorization of each authorizing party of the plurality of stage access levels to the access data is successful, allowing the access data to be accessed.
Optionally, the access information includes: the visitor accesses the data content, the access account and the access time;
the step of performing real-time uplink supervision on the access information corresponding to the access request according to the block chain includes:
and performing real-time uplink storage on the visitor, the access data content, the access account and the access time corresponding to the access request according to the blockchain, so that a preset supervisor can perform inquiry and supervision.
Optionally, the authorization process includes: authorization records and authorization results of a plurality of said phase access levels, and authorization records and authorization results of each of said authorized parties;
the step of performing real-time uplink supervision on the authorization process of the access request by each authorizer according to the blockchain includes:
and performing real-time uplink storage according to the authorization records and authorization results of the blockchain aiming at the access levels of the plurality of stages and the authorization records and authorization results of each authorizer so as to allow the administrator to perform inquiry and supervision.
Optionally, the step of sequentially confirming whether at least one authorizer of each of the multiple phase access levels authorizes the access request according to the level order of the multiple phase access levels includes;
confirming whether at least one authorized party of the ith stage access level authorizes the access request according to the level sequence of the plurality of stage access levels;
and when all the authorized parties of the ith stage access level are confirmed to authorize the access request, whether at least one authorized party of the (i + 1) th stage access level authorizes the access request or not is confirmed according to the level sequence.
Optionally, after the step of sequentially confirming whether at least one authorizer of each of the plurality of phase access levels authorizes the access request according to the level order of the plurality of phase access levels, the method further includes;
and if the target authorized party in each authorized party does not authorize the access to the access data, confirming that the phase access level is not authorized successfully, and confirming that the access data is not allowed to be accessed, wherein the number of the target authorized parties is greater than or equal to 1.
Optionally, after the step of confirming that the phase access level is not authorized successfully and confirming that the access data is not allowed to be accessed, the method further comprises:
confirming an access unauthorized record according to the access data, the access information, the access level and the target authorized party;
and sending the access unauthorized record to a preset supervisor.
Optionally, before the step of obtaining the access level of the access data when receiving the access request of the access data, the method further includes:
setting a total access level of a preset database and an authorized party of the access level of each stage of the total access level through preset setting operation;
and setting the access levels of all the access data in the preset database through preset setting operation.
In order to achieve the above object, the present invention further provides an access data monitoring apparatus, including:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for carrying out real-time uplink supervision on access information corresponding to an access request according to a block chain when the access request of access data is received, acquiring the access grade of the access data and carrying out real-time uplink supervision on the access grade according to the block chain, and the access grade comprises a plurality of stages of access grades;
the request module is used for sequentially confirming whether at least one authorizing party of each of the multiple stage access levels authorizes the access request according to the level sequence of the multiple stage access levels, and carrying out real-time uplink supervision on the authorizing process of the access request by aiming at each authorizing party according to the block chain;
and the access permission module is used for allowing the access data to be accessed if the authorization of each authorizing party of the plurality of the stage access levels to the access data is successful.
In order to achieve the above object, the present invention further provides a terminal device, including: a memory, a processor and a supervisor of access data stored on said memory and executable on said processor, said supervisor access data program when executed by said processor implementing the steps of the supervisory access data method as described above.
Furthermore, to achieve the above object, the present invention further provides a computer readable storage medium, on which a supervisory program of access data is stored, which when executed by a processor implements the steps of the method for supervising access data as described above.
The invention provides a method and a device for supervising access data, terminal equipment and a computer readable storage medium, wherein the method for supervising the access data comprises the following steps: when an access request for accessing data is received, acquiring the access level of the access data; according to the sequence of the access levels, sequentially confirming whether the access level of each stage of the access levels is authorized successfully; if all the access levels of each stage are successfully authorized, allowing access to the access data; and real-time uplink supervision is carried out according to the access grade, the access information of the access data and the authorization process of the block chain.
According to the technical scheme, when an access request for accessing data is received, the access level of the access data is confirmed, each stage access level of the access level is confirmed, whether each stage access level is successfully authorized or not is sequentially confirmed according to the access level, if all the stage access levels are successfully authorized, the access data is allowed to be accessed, and the access level, the access information of the access data and the authorization process are subjected to uplink supervision in real time according to a block chain.
Different from the traditional monitoring mode of access data, the method confirms whether the access level of each stage is successfully authorized or not according to the access level of the access data when receiving the access request of the access data, if the access level of each stage is successfully authorized, the access data is confirmed to be allowed to access, and meanwhile, the access information and the authorization process real-time uplink monitoring aiming at the access data are monitored through a block chain, namely, the method combines the block chain monitoring and the hierarchical joint authorization access data aiming at a scene needing one or more authorized parties to access certain data, so that the whole process of the hierarchical joint authorization access data is subjected to real-time uplink monitoring, namely, the method realizes the multi-stage authorization management aiming at the access data, and carries out the real-time monitoring aiming at the access information and each authorized access node, thereby preventing the condition that the data access is not in compliance or the data access is misused, and further greatly improving the security of the access data.
Drawings
Fig. 1 is a schematic structural diagram of the hardware operation of a terminal device according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating an embodiment of a method for supervising access data according to the present invention;
FIG. 3 is a diagram illustrating a multi-level application scenario according to another embodiment of a method for supervising access to data;
fig. 4 is a schematic view of an application scenario of access data according to another embodiment of the supervision method for access data of the present invention;
fig. 5 is a schematic structural relationship diagram of a device for monitoring access data according to the present invention.
The objects, features and advantages of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
As shown in fig. 1, fig. 1 is a schematic structural diagram of a hardware operating environment related to a terminal device according to an embodiment of the present invention.
It should be noted that, the terminal device in the embodiment of the present invention may be a device for supervising access data, and the terminal device may specifically be a mobile terminal, a data storage control terminal, a PC, a portable computer, or other terminal.
As shown in fig. 1, the terminal device may include: a processor 1001, e.g. a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a non-volatile memory (e.g., flash memory), a high-speed RAM memory, or a non-volatile memory (e.g., a disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the terminal device configuration shown in fig. 1 is not intended to be limiting of the terminal device and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
As shown in fig. 1, the memory 1005, which is a type of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and a hypervisor to access data. Among these, the operating system is a program that manages and controls the hardware and software resources of the sample terminal device, supports the execution of supervisory programs and other software or programs that access the data.
In the terminal apparatus shown in fig. 1, the user interface 1003 is mainly used for data communication with each terminal; the network interface 1004 is mainly used for connecting a background server and performing data communication with the background server; and the processor 1001 may be configured to invoke a hypervisor on the access data stored in the memory 1005 and perform the following operations:
when an access request for accessing data is received, performing real-time uplink supervision on access information corresponding to the access request according to a block chain, and acquiring an access level of the access data and performing real-time uplink supervision on the access level according to the block chain, wherein the access level comprises a plurality of stages of access levels;
sequentially confirming whether at least one authorizing party of each of the multiple stage access levels authorizes the access request according to the level sequence of the multiple stage access levels, and performing real-time uplink supervision on the authorizing process of the access request by aiming at each authorizing party according to the block chain;
and if the authorization of each authorizing party of the plurality of stage access levels to the access data is successful, allowing the access data to be accessed.
Further, the access information includes: the visitor accesses the data content, the access account and the access time; the operation of performing real-time uplink supervision on the access information corresponding to the access request according to the block chain comprises:
and performing real-time uplink storage on the visitor, the access data content, the access account and the access time corresponding to the access request according to the blockchain, so that a preset supervisor can perform inquiry supervision.
Further, the authorization process includes: authorization records and authorization results of a plurality of said phase access levels, and authorization records and authorization results of each of said authorized parties;
the operation of performing real-time uplink supervision on the authorization process of the access request by each authorizer according to the blockchain comprises:
and performing real-time uplink storage according to the authorization records and authorization results of the blockchain aiming at the access levels of the plurality of stages and the authorization records and authorization results of each authorizer so as to allow the administrator to perform inquiry and supervision.
Further, the operation of sequentially confirming whether at least one authorized party of each of the plurality of the phase access levels authorizes the access request according to the level sequence of the plurality of the phase access levels includes;
confirming whether at least one authorizing party of the ith stage access level authorizes the access request according to the level sequence of the plurality of stage access levels;
and when all the authorized parties of the ith stage access level are confirmed to authorize the access request, whether at least one authorized party of the (i + 1) th stage access level authorizes the access request or not is confirmed according to the level sequence.
Further, after the step of sequentially confirming whether at least one authorized party of each of the multiple phase access levels authorizes the access request according to the level order of the multiple phase access levels, the processor 1001 may be configured to invoke a hypervisor of the access data stored in the memory 1005, and perform the following operations:
and if the target authorized party in each authorized party does not authorize the access to the access data, confirming that the phase access level is not authorized successfully, and confirming that the access data is not allowed to be accessed, wherein the number of the target authorized parties is greater than or equal to 1.
Further, after the step of confirming that the phase access level is not authorized successfully and confirming that the access data is not allowed to be accessed, the processor 1001 may be configured to call a hypervisor for accessing data stored in the memory 1005, and perform the following operations:
confirming an access unauthorized record according to the access data, the access information, the access level and the target authorized party;
and sending the access unauthorized record to a preset supervisor.
Further, prior to the step of obtaining the access level of the access data upon receiving an access request to access the data, the processor 1001 may be configured to call a hypervisor for accessing the data stored in the memory 1005, and perform the following operations:
setting a total access level of a preset database and an authorized party of the access level of each stage of the total access level through preset setting operation;
and setting the access level of all the access data in the preset database through preset setting operation.
Based on the terminal device, the embodiments of the supervision method for the access data are provided.
Referring to fig. 2, fig. 2 is a flowchart illustrating a monitoring method for access data according to a first embodiment of the present invention. In a first embodiment of the method for supervising access data of the present invention, the method for supervising access data of the present invention includes:
step S10, when an access request of access data is received, performing real-time uplink supervision on access information corresponding to the access request according to a block chain, and acquiring an access grade of the access data and performing real-time uplink supervision on the access grade according to the block chain, wherein the access grade comprises a plurality of stages of access grades;
in a feasible embodiment, when receiving an access request for accessing data, a terminal device performs real-time uplink supervision on access information corresponding to the access request according to a block chain, and obtains an access level of the access data and performs real-time uplink supervision on the access level of the access data according to the block chain, where the access level includes multiple-stage access levels.
It should be noted that, as shown in fig. 4, the access data scenario according to an embodiment of the method for supervising access data includes a scenario in which data can be accessed without authorization, a scenario in which data can be accessed without authorization by a single authorizer, a scenario in which data can be accessed without authorization by multiple authorizers, and a scenario in which data can be accessed without authorization by multiple authorizers, that is, some access data can be accessed without authorization by multiple authorizers, but different access data may not be viewed by some of the multiple authorizers according to actual scenario requirements.
In a specific embodiment, the access level of the access data may be 0 level, when the azimuth level of the access data is 0 level, the application scenario of the access data is a scenario in which the data can be accessed without authorization, when the azimuth level of the access data is 1 level, the application scenario of the access data is a scenario in which a plurality of authorized parties are required to authorize the access data, and the data can be accessed as long as the plurality of authorized parties are authorized, or when only one authorized party is provided for the access authorized party at level 1, the application scenario of the access data is a scenario in which the data can be accessed as long as a single authorized party is required to authorize the access data, and the data can be accessed as long as one authorized party is authorized.
It should be noted that, as shown in fig. 3, in a multi-level application scenario diagram related to another embodiment of the method for supervising access data, when receiving an access request for accessing data, a terminal device performs real-time uplink supervision on access information corresponding to the access request according to a blockchain, then obtains an access level of the access data, and if the access level is 3 levels, performs real-time uplink supervision on 3 levels of access levels of the access data according to the blockchain, where the 3 levels of access levels include a level 1 access level, a level 2 access level, and a level 3 access level, and it should be understood that the level 1 access level, the level 2 access level, and the level 3 access level are multiple stage access levels of the level 3 access level.
It should be noted that, as shown in fig. 3, a schematic view of a multi-level application scenario related to another embodiment of the method for supervising access data, where fig. 3 illustrates that the access level of the access data is level 2, the authorizer 1, the authorizer 2, and the authorizer N are authorizers of the level 1 access level, the authorizers that are joined into all 1, the authorizers that are joined into all 2, and the authorizers that are joined into all N into the level 2 access level, it should be understood that each process of the data access request and the authorization is subjected to uplink saving in real time through a preset blockchain.
Optionally, in some possible embodiments, the access information includes: the step of accessing data content, access account, and access time, and performing real-time uplink supervision on the access information corresponding to the access request according to the blockchain in step S10 may further include the following steps:
step S101, performing real-time uplink storage on the visitor, the access data content, the access account and the access time corresponding to the access request according to the block chain, so that a preset supervisor can perform inquiry and supervision.
In some possible embodiments, when receiving an access request for accessing data, the terminal device performs uplink storage on an accessor, access data content, an access account and access time corresponding to the access request according to the blockchain, so as to allow a preset supervisor to perform inquiry supervision.
It should be noted that the administrator may be an authorizer other than the access level of the access data, that is, if the total access level of the preset database is 3 levels and the access data requested to be accessed is 2 levels, the authorizer of the 3 rd level may be a preset administrator, that is, the authorizer of the 3 rd level may be used as the administrator to administer the access information of the access data, such as the visitor, the content of the access data, the access account, and the access time, and the administrator may also be a preset administrative system or a preset administrator to manage the access information of the access data.
Optionally, in some possible embodiments, before step S10, the method for supervising access data of the present invention further includes the following steps:
step S40, setting the total access level of a preset database and an authorized party of the access level of each stage of the total access level through preset setting operation;
in a feasible implementation mode, a user managing the database sets the total access level of the database in advance according to different access authorities of the database, and the number of the authorized parties corresponding to the access level of each stage of the total access level and the number of the authorized parties.
In a specific embodiment, the total access level of the database is set to be 3 levels through a preset setting operation, the 3 levels of access levels include a level 1 access level, a level 2 access level and a level 3 access level, the number of the authorized parties of the level 1 access level is set to be 5 and respectively to be an authorized party a, an authorized party B, an authorized party C, an authorized party D and an authorized party E, then the number of the authorized parties of the level 2 access level is set to be 2 and respectively to be an authorized party E and an authorized party F, and finally, the number of the authorized parties of the level 3 access level is set to be 3 and respectively to be an authorized party G, an authorized party H and an authorized party I.
And S50, setting the access levels of all the access data in the preset database through preset setting operation.
In a feasible embodiment, the terminal device sets a preset total access level of the database and an authorized party of the access level of each stage of the total access level through a preset setting operation, and then sets the access levels of all access data in the database through the preset setting operation.
In a specific embodiment, during actual application operation, a user managing the database sets an access level of each access data, if the access level of the access data is level 2, authorization of an authorizer a, an authorizer B, an authorizer C, an authorizer D, and an authorizer E of the level 1 access level needs to be obtained first, and then an authorizer E and an authorizer F of the level 2 access level need to be obtained, if the security level of some access data is very high, the access level of the access data is set to level 3, and the access data can be allowed only if authorization of the level 3 authorization needs to be obtained in addition to authorization of the authorizer of the level 2.
Step S20, whether at least one authorizing party of each of the multiple stage access levels authorizes the access request is sequentially confirmed according to the level sequence of the multiple stage access levels, and real-time uplink supervision is performed on the authorizing process of the access request by each authorizing party according to the block chain;
in a feasible embodiment, when receiving an access request for accessing data, a terminal device performs real-time uplink supervision on access information corresponding to the access request according to a block chain, acquires an access level of the access data and performs real-time uplink supervision on the access level of the access data according to the block chain, where the access level includes multiple stage access levels, sequentially confirms whether at least one authorizer of each of the multiple stage access levels authorizes the access request for accessing data according to a level sequence of the multiple stage access levels, and performs real-time uplink supervision on an authorization process of the access request for each authorizer of the multiple stage access levels according to the block chain.
Optionally, in some possible embodiments, the authorization process includes: the step of "performing uplink supervision on the authorization process of the access request for each authorizer according to the blockchain" in step S20 may further include the following steps:
step S201, performing real-time uplink storage according to the authorization records and authorization results of the blockchain for multiple access levels of the stages and the authorization records and authorization results of each authorizer, so that the administrator performs inquiry and supervision.
In some possible embodiments, the terminal device sequentially confirms whether at least one authorizer of each of the multiple stage access levels authorizes the access request for accessing the data according to a level sequence of the multiple stage access levels, and performs real-time uplink storage on the authorization records and authorization results of the multiple stage access levels and the authorization records and authorization results of each authorizer according to the block chain, so as to allow the administrator to perform inquiry and supervision.
It should be noted that, if the access level of the access data acquired by the terminal device is level 2, it is first determined whether all the authorizers a, B, C, D, and E with level 1 access level authorize the access data, and then it is determined whether all the authorizers E and F with level 2 access level authorize the access data, and at the same time, according to the authorization records and authorization results of the authorizers a, B, C, D, and E according to the block chain, the cochain is stored for the supervisors to inquire and supervise, and the supervisors are the same as the preset supervisors, and are not described one by one.
Optionally, in some possible embodiments, the step of "sequentially confirming whether at least one authorized party of each of the multiple phase access levels authorizes the access request according to the rank order of the multiple phase access levels" in step S20 may include the following steps:
step S202, confirming whether at least one authorization party of each ith stage access level authorizes the access request according to the level sequence of the plurality of stage access levels;
in some possible embodiments, when receiving an access request for accessing data, a terminal device performs real-time uplink supervision on access information corresponding to the access request according to a blockchain, acquires an access level of the access data, and performs real-time uplink supervision on the access level of the access data according to the blockchain, where the access level includes multiple-stage access levels, and then determines whether at least one authorizer of each of the ith-stage access level authorizes the access request.
Here, the term "i" refers to any one of a plurality of access levels in a plurality of stages of the access level.
Step S203, when all the authorization parties of the ith stage access level authorize the access request, whether at least one authorization party of the (i + 1) th stage access level authorizes the access request is determined according to the level sequence.
In some possible embodiments, when it is confirmed that all the authorizers of the i-th stage access level authorize the access request, the terminal device confirms whether at least one authorizer of the i + 1-th stage access level authorizes the access request according to the level sequence until it is confirmed whether at least one authorizer of the last stage access level authorizes the access request.
In a specific implementation manner, when the access level of the access data obtained by the terminal device is 3 levels, it is first determined whether all the authorizers a, B, C, D, and E with the level 1 access level authorize the access data, if it is determined that all the authorizers a, B, C, D, and E with the level 1 access level authorize the access data, it is further determined whether all the authorizers E and F with the level 2 access level authorize the access data, and if it is determined that all the authorizers E and F with the level 2 access level authorize the access data, it is further determined whether all the authorizers G, H, and I with the level 3 access level authorize the access data.
Step S30, if it is confirmed that each of the authorizers of the multiple phase access levels successfully authorizes the access data, allowing access to the access data.
In a feasible embodiment, the terminal device sequentially confirms whether at least one authorizer of each of the multiple stage access levels authorizes the access request for accessing the data according to a level sequence of the multiple stage access levels, and after performing real-time uplink supervision on an authorization process of the access request for each authorizer of the multiple stage access levels according to the block chain, if each authorizer of the multiple stage access levels of the access levels succeeds in authorization for the access data, the terminal device allows access to the access data.
Thus, in this embodiment, when receiving an access request for accessing data, the terminal device performs real-time uplink supervision on access information corresponding to the access request according to a blockchain, and obtains an access level of the access data and performs real-time uplink supervision on the access level of the access data according to the blockchain, where the access level includes multiple-stage access levels; then, when receiving an access request for accessing data, the terminal device performs real-time uplink supervision on access information corresponding to the access request according to a blockchain, acquires an access level of the access data and performs real-time uplink supervision on the access level of the access data according to the blockchain, and after the access level comprises a plurality of stage access levels, sequentially confirms whether at least one authorizer of each of the plurality of stage access levels authorizes the access request for accessing data according to the level sequence of the plurality of stage access levels, and performs real-time uplink supervision on the authorization process of the access request for each authorizer of the plurality of stage access levels according to the blockchain; and finally, the terminal equipment sequentially confirms whether at least one authorizing party of each stage access grade authorizes the access request of the access data according to the grade sequence of the stage access grades, and after performing real-time uplink supervision on the authorizing process of the access request aiming at each authorizing party of the stage access grades according to the block chain, if the authorizing party of each stage access grade of the access grade is successful aiming at the access data, the terminal equipment allows the access data.
Different from the traditional monitoring mode of access data, the method confirms whether the access level of each stage is successfully authorized or not according to the access level of the access data when receiving the access request of the access data, if the access level of each stage is successfully authorized, the access data is confirmed to be allowed to access, and meanwhile, the access information and the authorization process real-time uplink monitoring aiming at the access data are monitored through a block chain, namely, the method combines the block chain monitoring and the hierarchical joint authorization access data aiming at a scene needing one or more authorized parties to access certain data, so that the whole process of the hierarchical joint authorization access data is subjected to real-time uplink monitoring, namely, the method realizes the multi-stage authorization management aiming at the access data, and carries out the real-time monitoring aiming at the access information and each authorized access node, thereby preventing the condition that the data access is not in compliance or the data access is misused, and further greatly improving the security of the access data.
Further, based on the first embodiment described above, a second embodiment of the method for supervising access data is proposed, and in this embodiment, after the step S20, the following steps may be further included:
step S60, if it is determined that the target authorized party of the authorized parties does not authorize the access to the access data, it is determined that the stage access level is not authorized successfully, and it is determined that the access data is not allowed to be accessed, where the number of the target authorized parties is greater than or equal to 1.
In some possible embodiments, if it is confirmed that any one of the authorized parties of a certain phase access level does not authorize access to the access data, the terminal device confirms that the phase access level is not authorized successfully, and confirms that the access data is not allowed to be accessed.
In a specific embodiment, the access level of the access data obtained by the terminal device is 3 levels, and in 5 authorizers, an authorizer a, an authorizer B, an authorizer C, an authorizer D, and an authorizer E of the access level at level 1, if it is determined that the authorizer B does not authorize access to the access data, it is determined that the access level at level 1 is not authorized successfully, and it is determined that the access data is not allowed to be accessed, which is not limited in the embodiment.
It should be noted that, the terminal apparatus performs uplink saving for the unauthorized process, that is, performs uplink saving for the unauthorized party, the unauthorized record and the unauthorized result in the unauthorized process.
Optionally, in some possible embodiments, after step S60, the method for supervising access data of the present invention may further include the following steps:
step S70, confirming an access unauthorized record according to the access data, the access information, the access level and the target authorized party;
in some possible embodiments, if the terminal device confirms that the target authorized party in the authorized parties does not authorize access to the access data, it confirms that the access level is not authorized successfully in the phase of confirmation, and confirms that the access data is not allowed to be accessed, and then confirms the access unauthorized record according to the access data, the access information, the access level and the target authorized party.
It should be noted that the access denial record is confirmed according to the access data, the access information, the access level, and the target authorized party, and whether the access level of the access information is set with an error is checked through the access denial record.
And S80, sending the access unauthorized record to a preset supervisor.
In some possible embodiments, the terminal device confirms the access unauthorized record according to the access data, the access information, the access level and the target authorized party, and sends the access unauthorized record to a preset supervisor, specifically, sends the access unauthorized record to an authorized party other than the access level of the access data, a preset supervisor system or a preset supervisor, so that the preset supervisor manages the access data.
The invention confirms that the access grade of a certain stage is not authorized to access data if any one of the authorized parties of the access grade of the certain stage is not authorized to access the access data, confirms that the access grade of the certain stage is not authorized to access the access data, and then sends an access unauthorized record confirmed by a target authorized party to a preset supervisor to manage the access data by the preset supervisor.
In addition, an embodiment of the present invention further provides an access data monitoring apparatus, and with reference to fig. 5, the access data monitoring apparatus includes:
an obtaining module 10, configured to perform real-time uplink supervision on access information corresponding to an access request according to a blockchain when the access request for accessing data is received, and obtain an access level of the access data and perform real-time uplink supervision on the access level according to the blockchain, where the access level includes multiple-stage access levels;
a request module 20, configured to sequentially determine, according to a level sequence of the multiple stage access levels, whether at least one authorizer of each of the multiple stage access levels authorizes the access request, and perform real-time uplink supervision on an authorization process of the access request by each authorizer according to the blockchain;
and an access permission module 30, configured to, if it is confirmed that each of the authorizers of the multiple phase access levels has successfully authorized the access data, allow access to the access data.
Optionally, the access information includes: the visitor accesses the data content, the access account and the access time;
the obtaining module 10 is further configured to:
and the first uplink storage unit is used for performing real-time uplink storage on the visitor, the access data content, the access account and the access time corresponding to the access request according to the block chain, so that a preset supervisor can perform inquiry and supervision.
Optionally, the authorization process includes: authorization records and authorization results of a plurality of said phase access levels, and authorization records and authorization results of each of said authorized parties;
the request module 20 is further configured to:
and the second uplink storage unit is used for performing real-time uplink storage according to the authorization records and the authorization results of the block chain aiming at the multiple stage access levels and the authorization records and the authorization results of each authorizer so as to be used for the administrator to perform inquiry and supervision.
Optionally, the request module 20 is further configured to:
a first confirming unit, configured to confirm whether at least one authorized party at each of the ith stage access level authorizes the access request;
and the second confirmation unit is used for confirming whether the access request is authorized by at least one authorized party of the i +1 th stage access level until whether the access request is authorized by at least one authorized party of the last stage access level is confirmed if the access request is authorized by at least one authorized party of the i th stage access level.
Optionally, the supervising means for accessing data is further configured to:
and the first confirmation module is used for confirming that the stage access level is not authorized successfully and confirming that the access data is not allowed to be accessed if the target authorized party in each authorized party is confirmed not to authorize the access data, wherein the number of the target authorized parties is greater than or equal to 1.
Optionally, the supervising means for accessing data is further configured to:
the second confirmation module is used for confirming an access unauthorized record according to the access data, the access information, the access level and the target authorized party;
and the sending module is used for sending the access unauthorized record to a preset supervisor.
Optionally, the supervising means for accessing data is further configured to:
the system comprises a first setting module, a second setting module and a third setting module, wherein the first setting module is used for setting the total access level of a preset database and the authorized party of the access level of each stage of the total access level through preset setting operation;
and the second setting module is used for setting the access levels of all the access data in the preset database through preset setting operation.
The embodiments of the supervision apparatus for access data of the present invention can refer to the embodiments of the supervision method for access data of the present invention, and are not described herein again.
In addition, an embodiment of the present invention further provides a computer-readable storage medium, where a monitoring program for access data is stored on the storage medium, and when executed by a processor, the monitoring program for access data implements the following steps of the monitoring method for access data.
The embodiments of the terminal device and the computer-readable storage medium of the present invention can refer to the embodiments of the supervision method for access data of the present invention, and are not described herein again.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention or portions thereof contributing to the prior art may be embodied in the form of a software product, where the computer software product is stored in a computer storage medium (such as a Flash memory, a ROM/RAM, a magnetic disk, an optical disk), and includes several instructions for enabling a controller, which is used for controlling the storage medium to perform data reading and writing operations, in a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.), to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and all equivalent structures or equivalent processes performed by the present invention or directly or indirectly applied to other related technical fields are also included in the scope of the present invention.
Claims (10)
1. A method for supervising access data, comprising the steps of:
when an access request for accessing data is received, performing real-time uplink supervision on access information corresponding to the access request according to a block chain, and acquiring an access level of the access data and performing real-time uplink supervision on the access level according to the block chain, wherein the access level comprises a plurality of stages of access levels;
sequentially confirming whether at least one authorizing party of each of the multiple stage access levels authorizes the access request according to the level sequence of the multiple stage access levels, and performing real-time uplink supervision on the authorizing process of the access request by aiming at each authorizing party according to the block chain;
and if the authorization of each authorizing party of the plurality of stage access levels to the access data is successful, allowing the access data to be accessed.
2. A method of administration of access data according to claim 1, wherein the access information comprises: the visitor accesses the data content, the access account and the access time;
the step of performing real-time uplink supervision on the access information corresponding to the access request according to the block chain includes:
and performing real-time uplink storage on the visitor, the access data content, the access account and the access time corresponding to the access request according to the blockchain, so that a preset supervisor can perform inquiry and supervision.
3. A method of administration of access data according to claim 2, wherein the authorisation process comprises: authorization records and authorization results of a plurality of said phase access levels, and authorization records and authorization results of each of said authorized parties;
the step of performing real-time uplink supervision on the authorization process of the access request by each authorizer according to the blockchain includes:
and performing real-time uplink storage according to the authorization records and authorization results of the blockchain for the multiple stage access levels and the authorization records and authorization results of each authorizer, so as to allow the administrator to perform inquiry and supervision.
4. A method for policing access data according to claim 1, wherein the step of sequentially determining whether at least one authorizer of each of the plurality of phase access levels authorizes the access request in a rank order of the plurality of phase access levels comprises;
confirming whether at least one authorized party of the ith stage access level authorizes the access request according to the level sequence of the plurality of stage access levels;
and when all the authorized parties of the ith stage access level are confirmed to authorize the access request, whether at least one authorized party of the (i + 1) th stage access level authorizes the access request or not is confirmed according to the level sequence.
5. The method of supervising access to data as recited in claim 4, wherein following said step of sequentially ascertaining in a rank order of a plurality of said phase access levels whether at least one authorizer for each of said plurality of said phase access levels authorizes said access request, said method further comprises;
and if the target authorized party in each authorized party does not authorize the access to the access data, confirming that the phase access level is not authorized successfully, and confirming that the access data is not allowed to be accessed, wherein the number of the target authorized parties is greater than or equal to 1.
6. A method of policing access data according to claim 5, wherein, after the step of confirming that the phase access level is not authorised successfully, and confirming that access to the access data is not allowed, the method further comprises:
confirming an access unauthorized record according to the access data, the access information, the access level and the target authorized party;
and sending the access unauthorized record to a preset supervisor.
7. A policing method of access data according to any one of claims 1 to 6, wherein, prior to the step of obtaining the access level of the access data upon receipt of an access request to access data, the method further comprises:
setting a total access level of a preset database and an authorized party of the access level of each stage of the total access level through preset setting operation;
and setting the access levels of all the access data in the preset database through preset setting operation.
8. An administration apparatus for accessing data, the administration apparatus for accessing data comprising:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for carrying out real-time uplink supervision on access information corresponding to an access request according to a block chain when the access request of access data is received, acquiring the access grade of the access data and carrying out real-time uplink supervision on the access grade according to the block chain, and the access grade comprises a plurality of stages of access grades;
the request module is used for sequentially confirming whether at least one authorizing party of each of the multiple stage access levels authorizes the access request according to the level sequence of the multiple stage access levels, and carrying out real-time uplink supervision on the authorizing process of the access request by aiming at each authorizing party according to the block chain;
and the access permitting module is used for permitting the access to the access data if the authorization of each authorizing party of the plurality of the stage access levels to the access data is successful.
9. A terminal device, characterized in that the terminal device comprises: memory, a processor and a supervisor of access data stored on said memory and executable on said processor, said supervisor of access data implementing the steps of the supervising method of access data as claimed in any one of claims 1 to 7 when executed by said processor.
10. A computer storage medium, characterized in that the computer storage medium has stored thereon a supervisor of access data, which when executed by a processor implements the steps of the method of supervision of access data according to any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211742968.2A CN115967579A (en) | 2022-12-27 | 2022-12-27 | Monitoring method and device for access data, terminal equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211742968.2A CN115967579A (en) | 2022-12-27 | 2022-12-27 | Monitoring method and device for access data, terminal equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115967579A true CN115967579A (en) | 2023-04-14 |
Family
ID=87359735
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211742968.2A Pending CN115967579A (en) | 2022-12-27 | 2022-12-27 | Monitoring method and device for access data, terminal equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115967579A (en) |
-
2022
- 2022-12-27 CN CN202211742968.2A patent/CN115967579A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11601412B2 (en) | Securely managing digital assistants that access third-party applications | |
| US8839354B2 (en) | Mobile enterprise server and client device interaction | |
| US10805301B2 (en) | Securely managing digital assistants that access third-party applications | |
| US10958437B2 (en) | Object signing within a cloud-based architecture | |
| US10572240B2 (en) | Operating system update management for enrolled devices | |
| US11108811B2 (en) | Methods and devices for detecting denial of service attacks in secure interactions | |
| US11647026B2 (en) | Automatically executing responsive actions based on a verification of an account lineage chain | |
| CN104364790A (en) | Systems and methods for implementing multi-factor authentication | |
| CN112860778B (en) | Database management method, device, equipment and medium for desktop application program | |
| US20230362263A1 (en) | Automatically Executing Responsive Actions Upon Detecting an Incomplete Account Lineage Chain | |
| CN112039878B (en) | Equipment registration method and device, computer equipment and storage medium | |
| KR102137309B1 (en) | Intergrated Monitoring System | |
| KR102356474B1 (en) | Systems that support smart work | |
| CN113111339A (en) | Access control method, device, equipment and medium for application service | |
| CN114372254B (en) | Multi-authentication authorization method under big data environment | |
| CN114422197A (en) | Permission access control method and system based on policy management | |
| CN114244568A (en) | Security access control method, device and equipment based on terminal access behavior | |
| CN109992298B (en) | Examination and approval platform expansion method and device, examination and approval platform and readable storage medium | |
| CN111274595A (en) | Resource access control method and device | |
| CN111030816A (en) | Authentication method and device for access platform of evidence obtaining equipment and storage medium | |
| CN115967579A (en) | Monitoring method and device for access data, terminal equipment and storage medium | |
| CN112583890B (en) | Message pushing method and device based on enterprise office system and computer equipment | |
| CN111159736B (en) | Application control method and system of block chain | |
| CN111885006B (en) | Page access and authorized access method and device | |
| CN112367347B (en) | Encryption equipment access method, device and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |