CN117319024A - User authority management method, device, equipment and storage medium - Google Patents
User authority management method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN117319024A CN117319024A CN202311244588.0A CN202311244588A CN117319024A CN 117319024 A CN117319024 A CN 117319024A CN 202311244588 A CN202311244588 A CN 202311244588A CN 117319024 A CN117319024 A CN 117319024A
- Authority
- CN
- China
- Prior art keywords
- user
- access
- preset type
- access request
- identity authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 61
- 238000000034 method Methods 0.000 claims abstract description 38
- 230000001960 triggered effect Effects 0.000 claims abstract description 25
- 238000013500 data storage Methods 0.000 claims description 59
- 238000004458 analytical method Methods 0.000 claims description 24
- 238000012217 deletion Methods 0.000 claims description 18
- 230000037430 deletion Effects 0.000 claims description 18
- 230000004044 response Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 17
- 238000005516 engineering process Methods 0.000 description 15
- 230000008569 process Effects 0.000 description 14
- 238000004590 computer program Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 11
- 230000006854 communication Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 206010039203 Road traffic accident Diseases 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
- 238000012800 visualization Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application discloses a user right management method, device, equipment and medium. The method comprises the following steps: acquiring identity information of a current user and carrying out identity authentication on the user to obtain an identity authentication result of the user; and the user identity information is subjected to at least one identity authentication and is in an operation state after the identity authentication is passed; determining the access right of the user according to the identity authentication result of the user; and receiving the access request triggered by the user, and returning a corresponding access result to the user aiming at the access request based on the access authority of the user. According to the embodiment of the application, the access right of the user can be further determined according to the identity authentication result of the user, and then when the access request triggered by the user is received, the corresponding access result is returned for the access request of the user based on the access right of the user, so that the access safety is improved, and the data safety is ensured.
Description
Technical Field
The present invention relates to the field of computer storage management technologies, and in particular, to a user permission management method and apparatus, an electronic device, and a computer readable storage medium.
Background
With the rapid development of electronic technology, terminal equipment (such as mobile phones, computers and the like) is used as a carrier for human to use mobile services and store personal information of users, and the use rate and the popularity rate of the terminal equipment are also higher and higher; as more and more personal information is stored in the terminal device and abundant communication and data exchange functions provide channels for information leakage and virus propagation, the security problem faced by the terminal device is also increasingly highlighted. At present, when the security problem faced by the terminal equipment is solved, the security authentication is usually performed, and the security authentication usually adopts an access control type management strategy, specifically, after one security authentication is passed, a user operating the terminal equipment can continuously use the terminal equipment for a long time. If the owner personally authenticates the terminal device and gives it to another personally for use, security problems are likely to be raised once the terminal device is out of the owner personally's line of sight. For example, a child uses a terminal device to enjoy a host, purchase game equipment, view chat records, personal photo albums, and the like. How to perform security authentication on a terminal device to effectively improve security of the terminal device is a technical problem that needs to be solved by those skilled in the art.
Disclosure of Invention
To solve the above technical problems, embodiments of the present application provide a user rights management method and apparatus, an electronic device, and a computer readable storage medium.
According to an aspect of the embodiments of the present application, there is provided a user rights management method, including: acquiring identity information of a current user and carrying out identity authentication on the user to obtain an identity authentication result of the user; and the user identity information is subjected to at least one identity authentication and is in an operation state after the identity authentication is passed; determining the access right of the user according to the identity authentication result of the user; and receiving the access request triggered by the user, and returning a corresponding access result to the user aiming at the access request based on the access authority of the user.
According to an aspect of the embodiments of the present application, the method further comprises: receiving identity authentication information input by a user, wherein the identity authentication information comprises a user account; and determining an identity authentication result of the user based on the user account.
According to an aspect of the embodiments of the present application, the method further comprises: if the identity authentication result of the user indicates that the user belongs to a first preset type user, analyzing an access request of the first preset type user to determine a first target data storage area of the access request of the first preset type user; executing the access request of the user of the first preset type in the first target data storage area, and generating a corresponding first access result.
According to an aspect of the embodiments of the present application, the method further comprises: if the identity authentication information of the user indicates that the user belongs to a second preset type user, judging whether an access request of the second preset type user has preset access rights or not, wherein the access rights of the second preset type user are lower than those of the first preset type user; if the access request of the second preset type user has the preset access right, analyzing the access request of the second preset type user to determine a second target data storage area corresponding to the access request of the second preset type user based on an analysis result; executing the access request of the second preset type user in the second target data storage area, and generating a corresponding second access result.
According to an aspect of the embodiments of the present application, the method further comprises: if the identity authentication information of the user indicates that the user belongs to a third preset type user, judging whether an access request of the third preset type user has preset access rights or not, wherein the access rights of the third preset type user are lower than those of the second preset type user; if the access request of the third preset type user has the preset access right, analyzing the access request of the third preset type user to determine a third target data storage area corresponding to the access request of the third preset type user based on an analysis result; executing the access request of the third preset type user in the third target data storage area, and generating a corresponding third access result.
According to an aspect of the embodiments of the present application, the method further comprises: if the identity authentication result of the user indicates that the user belongs to a first preset type of user, and the access request is a history track information query; acquiring all the history track information of the first preset type user, the second preset type user and the third preset type user, generating a corresponding log file, and sending the log file to the first preset type user.
According to an aspect of the embodiments of the present application, the method further comprises: if the user access request has the preset access right, analyzing the access request to generate a corresponding access execution instruction based on an analysis result; if the access execution instruction is a file deletion instruction, determining a file storage path to be deleted; and calling a preset file framework from the file storage path to execute the file deleting instruction.
According to an aspect of the embodiments of the present application, there is provided a user rights management apparatus, the apparatus including: the acquisition module is used for acquiring the identity information of the current user and carrying out identity authentication on the user so as to obtain an identity authentication result of the user; and the user identity information is subjected to at least one identity authentication and is in an operation state after the identity authentication is passed; the permission determining module is used for determining the access permission of the user according to the identity authentication result of the user; and the response module is used for receiving the access request triggered by the user so as to return a corresponding access result to the user aiming at the access request based on the access authority of the user.
According to an aspect of an embodiment of the present application, there is provided an electronic device including: one or more processors; and storage means for storing one or more programs which, when executed by the one or more processors, cause the electronic device to implement the user rights management method as described above.
According to an aspect of embodiments of the present application, there is provided a computer-readable storage medium having stored thereon computer-readable instructions, which when executed by a processor of a computer, cause the computer to perform the user rights management method as described above.
In the technical scheme provided by the embodiment of the application, the corresponding authentication result is obtained by acquiring the identity information of the current user and authenticating the identity information, and the acquired user information is in the running state after the identity authentication is passed because the identity authentication is performed at least once, so that the safety of the user identity information is ensured, the access authority of the user is further determined according to the identity authentication result of the user, and then when the access request triggered by the user is received, the corresponding access result is returned for the access request of the user based on the access authority of the user, so that the access safety is improved, and the data safety is ensured.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application. It is apparent that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained from these drawings without inventive effort for a person of ordinary skill in the art. In the drawings:
fig. 1 is a schematic structural diagram of a drive recording apparatus according to an exemplary embodiment of the present application;
FIG. 2 is a schematic diagram illustrating an implementation environment for user rights management in accordance with an exemplary embodiment of the present application;
FIG. 3 is a schematic diagram illustrating an implementation environment for user rights management in accordance with another exemplary embodiment of the present application;
FIG. 4 is a flow chart illustrating a user rights management method according to an exemplary embodiment of the present application;
FIG. 5 is a flow chart of step S410 in the embodiment of FIG. 4 in an exemplary embodiment;
FIG. 6 is a flow chart illustrating a user rights management method according to another exemplary embodiment of the present application;
FIG. 7 is a flow chart illustrating a user rights management method according to another exemplary embodiment of the present application;
FIG. 8 is a flow chart illustrating a user rights management method according to another exemplary embodiment of the present application;
FIG. 9 is a flowchart illustrating a user rights management method according to another exemplary embodiment of the present application;
FIG. 10 is a flow chart illustrating a user rights management method according to another exemplary embodiment of the present application;
FIG. 11 is a simplified flow diagram of user rights management in an exemplary application scenario;
FIG. 12 is a block diagram of a user rights management device shown in an exemplary embodiment of the present application;
fig. 13 shows a schematic diagram of a computer system suitable for use in implementing the electronic device of the embodiments of the present application.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present application as detailed in the accompanying claims.
The block diagrams depicted in the figures are merely functional entities and do not necessarily correspond to physically separate entities. That is, the functional entities may be implemented in software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
The flow diagrams depicted in the figures are exemplary only, and do not necessarily include all of the elements and operations/steps, nor must they be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the order of actual execution may be changed according to actual situations.
Reference to "a plurality" in this application means two or more than two. "and/or" describes an association relationship of an association object, meaning that there may be three relationships, e.g., a and/or B may represent: a exists alone, A and B exist together, and B exists alone. The character "/" generally indicates that the context-dependent object is an "or" relationship.
First, the automobile data recorder is a device for recording information related to images, sounds, and the like during the running of the automobile. After the automobile data recorder is installed, video images and sound of the whole automobile running process can be recorded, and evidence can be provided for traffic accidents. People who like to walk from himself, can also use it to record the process of conquering difficult danger. When driving, the user walks and records the video, and simultaneously records the time, the speed and the position in the video, which is equivalent to a black box. The device can also be used for DV shooting life fun in household or used for household monitoring. The vehicle event data recorder can be used for parking monitoring at ordinary times, and is installed, but video data in the vehicle event data recorder cannot be cut, and if the video data is cut, help cannot be provided after a liability accident occurs.
Referring to fig. 1, fig. 1 is a schematic structural diagram of an exemplary driving recording device. The structure schematic diagram of the device comprises a data writing module, a data storage module and a data reading module, wherein the data writing module comprises an image unit, the image unit is used for collecting image information generated in the driving process and writing the collected image information into the data storage module, the storage module can store the image information collected by the image module in a classified manner, such as a video file, an emergency video file, a photo file and the like, and the circulating video file is an MP4 file generated by common video which is always carried out in the background of a driving recorder after the power-on; the emergency video file is an MP4 file which is generated by video when the automobile data recorder detects collision or emergency after power-on; the photo file is generated after a user actively photographs through the automobile data recorder after power-on. Therefore, a user can trigger the access request of the data on the data storage module through the data reading module, and the data stored on the data storage module is read.
As shown in fig. 2, in an application scenario of the present application, an access request may be triggered by a user of the terminal device 210 on the terminal device 210, then the terminal device 210 may obtain identity information of a current user, and perform identity authentication on the identity information of the user to obtain an identity authentication result of the user, where the identity information of the user has been performed at least once and is in an operation state after the identity authentication is passed; further, the terminal device 210 may determine the access right of the user according to the identity authentication information of the user, so as to return, for the access request triggered by the user, the corresponding access result to the user triggering the access request based on the access right of the user. And further improving the accuracy, safety and reliability of the user authority management.
The application scenario shown in fig. 2 is an application scenario implemented by a single terminal device, and the embodiments of the present application may also be implemented by a combination of the terminal device and a server. Referring to fig. 3, fig. 3 is a schematic view of an implementation environment according to an embodiment of the present application. The implementation environment includes a terminal 310 and a server 320, wherein the terminal 310 and the server 320 communicate by wired or wireless means.
The user may trigger a request for accessing data of the data storage area on the terminal 310, then the terminal 310 sends the data access request to the server 320 based on the data access request triggered by the user, the server obtains identity information of the current user and authenticates the identity of the user to obtain an identity authentication result of the user, and the identity information of the user has been authenticated at least once and is in an operation state after the identity authentication is passed. Further, the access right of the user is determined based on the identity authentication result of the user, and the access request triggered by the user is received, so that the corresponding access result can be returned to the user for the access request based on the access right of the user.
It should be noted that, the terminal 310 may be any electronic device supporting the codeless visual configuration function, such as a smart phone, a tablet computer, a notebook computer, or a wearable device, but is not limited thereto, and the terminal 310 may be, for example, a vehicle-mounted terminal, an aircraft, or other devices applied to a special field. The terminal 310 may communicate with the server 320 via a wireless network such as 3G (third generation mobile information technology), 4G (fourth generation mobile information technology), 5G (fifth generation mobile information technology), or the like, or communicate with the server 320 via a wired network, which is not limited in this regard.
The server 320 may be, for example, an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or may be a cloud server that provides cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs (Content Delivery Network, content delivery networks), and basic cloud computing services such as big data and artificial intelligence platforms, which are not limited herein.
It should be understood that Cloud Technology (Cloud Technology) refers to a hosting Technology that unifies a series of resources such as hardware, software, networks, etc. within a wide area network or a local area network to implement computation, storage, processing, and sharing of data. The cloud technology is also a generic term of network technology, information technology, integration technology, management platform technology, application technology and the like based on cloud computing business model application, and can form a resource pool, and the cloud computing business model application system is flexible and convenient as required.
It will be appreciated that in the specific embodiment of the present application, information related to the usage object of the terminal device, such as operation information, etc. or information for characterizing identity, etc., when the above embodiments of the present application are applied to specific products or technologies, permission or consent of the usage object needs to be obtained, and collection, usage and processing of related data need to comply with related laws and regulations and standards of related countries and regions.
How to perform security authentication on a terminal device to effectively improve security of the terminal device is a technical problem that needs to be solved by those skilled in the art. To solve these problems, embodiments of the present application respectively propose a user right management method, a user right management apparatus, an electronic device, a computer-readable storage medium, and a computer program product, and these embodiments will be described in detail below.
Referring to fig. 4, fig. 4 is a flowchart illustrating a processing method of a codeless visualization configuration according to an exemplary embodiment of the present application. This mode is applicable to the implementation environment shown in fig. 2, and is specifically executed by the server 320 or the terminal 210 in the implementation environment shown in fig. 2, or may be specifically executed by the terminal 210 in the implementation environment. The method may also be applied to other implementation environments and performed by devices in other implementation environments, and this embodiment is not limited thereto.
As shown in fig. 3, in an exemplary embodiment, the user rights management method at least includes steps S410 to S430, which are described in detail below:
step S410, obtaining the identity information of the current user and carrying out identity authentication on the user to obtain an identity authentication result of the user; and, the user identity information has already carried out identity authentication at least once and is in the running state after the identity authentication is passed.
It should be noted that, in the embodiment of the present application, the driving recording device may be an electronic device with a movable property, such as a smart phone, a vehicle-mounted terminal, a tablet computer, and a wearable device, for example.
In general, after a vehicle is powered on, a system in the vehicle is started along with starting, for example, a vehicle recorder is started, and when the vehicle recorder is in a starting state, a vehicle recorder account management system is started, for example, if a user logs in the vehicle recorder, the identity information of the user currently logging in the vehicle recorder is obtained, and the identity information of the user is authenticated, wherein the identity information of the user can be a mobile phone number of the user, an identity card number of the user, an identity ID randomly generated during user registration, a user identity which is automatically set by the user and the like, and can be used for identifying the identity of the user. And then verifying the identity information of the user to obtain a corresponding identity authentication result.
It should be noted that, the obtained user identity information is an operation state after at least one identity authentication has been performed in the identity authentication system corresponding to the automobile data recorder and the identity authentication has passed.
In addition, in some possible embodiments, a phenomenon of guest login exists in the driving recorder, but when the guest logs in, a temporary guest login account is generated based on a data guest access request for the driving recorder triggered by a user, the account is subjected to identity authentication at least once in the generating process and is in an operating state after the identity authentication, and then the user can access data content in the driving recorder based on the temporary guest login account.
Step S420, determining the access right of the user according to the identity authentication result of the user.
Specifically, in the foregoing embodiment, identity authentication is performed for a user according to user identity information carried when the user sends a data access request, so as to obtain a corresponding identity authentication result, where the identity authentication result can determine the access authority of the user.
For example, the user identity authentication result is that the temporary tourist logs in, and the user only can access the storage area which is opened for the tourist to access because the user only logs in the temporary tourist, or the user logged in by the temporary tourist account only can browse part of the content on the automobile data recorder, and other operations such as deleting, downloading and the like cannot be performed on the content stored on the automobile data recorder.
Step S430, receiving an access request triggered by the user, so as to return a corresponding access result to the user aiming at the access request based on the access authority of the user.
Specifically, after authentication is performed on identity information of a user and an identity authentication result corresponding to the user is obtained, an access request triggered by the user is received, the access request is analyzed, whether the access request exceeds access rights corresponding to the identity authentication result of the user or not is compared based on the analysis result, and if the access request of the user exceeds the access rights corresponding to the identity authentication result of the user, prompt information exceeding the access rights is sent to the user; if the access request of the user does not exceed the access right corresponding to the user identity authentication result, generating a corresponding access link based on the analysis result corresponding to the access request triggered by the user, and returning the corresponding access data in the access link to the user.
If the user is determined to be a temporary tourist account according to the identity authentication result of the user, and the access request sent by the temporary tourist user is for browsing the driving records before 24 hours, a prompt message of access super-permission is returned to the temporary tourist user based on the user access permission that the temporary tourist user cannot access the driving records before 24 hours; if the access request sent by the temporary tourist user is for browsing the driving record of the previous hour, generating a link of the driving record of the previous hour based on the user access authority which can temporarily access the driving record within 24 hours, and loading the driving record of the previous hour on a terminal interface of the temporary tourist user.
In this embodiment, the identity information of the current user is obtained and authenticated to obtain a corresponding authentication result, and the obtained user information is in an operation state after the identity authentication is passed because at least one time of identity authentication has been performed, so that the security of the user identity information is ensured, the access permission of the user is further determined according to the identity authentication result of the user, and then, when an access request triggered by the user is received, the corresponding access result is returned for the access request of the user based on the access permission of the user, so that the access security is improved, and the data security is ensured.
Further, based on the above embodiment, referring to fig. 5, in one exemplary embodiment of the present application, the specific implementation process of obtaining the identity information of the current user and authenticating the user to obtain the identity authentication result of the user may further include step S510 and step S520, which are described in detail below:
step S510, acquiring identity authentication information input by a user, wherein the identity authentication information comprises a user account;
step S520, determining the identity authentication result of the user based on the user account.
Specifically, the identity authentication information, such as a mobile phone number, an identity card number, an account number or other identity marks, such as face information, fingerprint information, voiceprint information and the like, which is input by a user in order to access data in the automobile data recorder in the starting state of the automobile data recorder is obtained. In this embodiment, the user account is taken as the authentication information. After receiving a user account input by a user, judging whether the user account is logged in on a corresponding account management system, and if the user account is not logged in on the corresponding account management system, determining that the user is a temporary tourist login account. Thus, the temporary tourist login user can only access the access area corresponding to the temporary tourist.
When a user performs access operation on a vehicle recorder, for example, identity authentication information is input first, for example, a user account is input, then whether the user account is on an account management system corresponding to the vehicle recorder is judged, if the user account has a corresponding record on the account management system corresponding to the vehicle recorder, the user account is proved to be logged in at least one time on the vehicle recorder, and corresponding user information is stored on the account management system, wherein the user information comprises authority level of the user account, and then identity authentication results of corresponding users can be determined according to the authority level of the user account.
In this embodiment, the user account determines the identity authentication result of the user through the user identity authentication information, so that the brand new security level of the user is distinguished according to the user account, the access security is improved, and the data security is ensured.
Further, based on the above embodiment, referring to fig. 6, in one exemplary embodiment provided in the present application, the specific implementation process of the user rights management method may further include step S610 and step S620, which are described in detail below:
In step S610, if the identity authentication result of the user indicates that the user belongs to the first preset type user, the access request of the first preset type user is parsed to determine a first target data storage area of the access request of the first preset type user.
Optionally, in the foregoing embodiment, if the identity authentication result of the user indicates that the user belongs to a user of a first preset type, the access request sent by the user of the first preset type may be analyzed, so that a first target data storage area corresponding to the access request may be determined.
For example, taking a vehicle event data recorder as an example, if it is detected that the identity authentication result of the current user indicates that the user belongs to a first type of user, for example, the first preset type of user is a type of user with the highest user permission, a data access request corresponding to the user may be analyzed, and a target data storage area corresponding to the data access request may be determined, so that when the data access request is executed, corresponding target data is obtained.
Step S620, executing an access request of a user of a first preset type in the first target data storage area, and generating a corresponding first access result.
Optionally, in some implementable embodiments, before executing the access request of the first preset type user by the first target data storage area and generating the corresponding first access result, the method further includes:
detecting whether the user authority of a first preset type user meets the access authority of a first target data storage area or not;
if the user authority of the first preset type user does not meet the access authority in the first target data storage area, sending prompt information of no access authority to the first preset type user, and generating a corresponding log file, wherein the log file comprises a user account of the first preset type user of which no access authority exists and access information corresponding to the first preset type user.
Optionally, if the user authority of the first preset type user meets the access authority of the first target data storage area, executing the access request of the first preset type user in the first target data storage area, so that target data corresponding to the access request of the first preset type user is acquired in the first target data storage area, and the target data is returned to the first preset type user.
In addition, it should be noted that, in some possible embodiments, taking an object of a user access request as an example of a vehicle recorder, after a vehicle is powered on, the vehicle recorder is started correspondingly, and in a state of starting a vehicle record, the vehicle record records image information and voice information generated in the running process of the vehicle, and in particular, the vehicle recorder can perform cyclic recording, photographing, emergency recording and the like and generate corresponding files.
In this embodiment, for the first preset type user with the highest user authority, the access request of the user can be analyzed, and the access request of the first preset type user is executed in the target data storage area corresponding to the access request, so that a corresponding access result is obtained and returned to the user, the security and timeliness of data access are improved, and the efficiency of user authority management is improved.
Further, based on the above embodiment, referring to fig. 7, in one exemplary embodiment provided in the present application, the specific implementation process of the user rights management method may further include steps S710 to S730, which are described in detail below:
step S710, if the identity authentication information of the user indicates that the user belongs to a second preset type user, judging whether the access request of the second preset type user has preset access rights, wherein the access rights of the second preset type user are lower than those of the first preset type user.
Specifically, in the foregoing embodiment, if the user belongs to a second preset type user according to the identity authentication information of the user, whether the data access request of the second preset type user has preset access rights can be judged, where the second preset type user may be a common user with access rights, the access rights of the second preset type user are not high in the access rights of the first preset type user, that is, when the user belongs to the second preset type user according to the identity authentication information of the user, the data access request of the second preset type user is analyzed, so that whether the access request of the second preset type user has preset access rights is determined based on the analysis result, for example, if the analysis result of the access request of the second preset type user indicates that the user initiates a deletion operation for a storage file, but the preset access request indicates that the second preset type user has no deletion rights for the storage file, the access request of the second preset type user may not have preset access rights; if the analysis result of the access request of the second preset type user indicates that the user initiates a browsing request aiming at the storage file, and the preset access request indicates that the second preset type user has the authority to browse the storage file, the access request of the second preset type user can be determined to have the preset access authority.
Step S720, if the access request of the second preset type user has the preset access right, analyzing the access request of the second preset type user to determine a second target data storage area corresponding to the access request of the second preset type user based on the analysis result.
Step S730, executing the access request of the user of the second prediction type preset type in the second target data storage area, and generating a corresponding second access result.
In the foregoing embodiment, if it is determined that the access request of the second preset type user has the preset access right, the access request sent by the second preset type user may be parsed, so as to determine, according to the obtained parsing result, a second target data storage area corresponding to the access request of the second preset type user. If the analysis result of the access request obtained by the first preset type user indicates that the user requests to browse the driving record video in the previous hour, determining the position information stored in the driving record video in the previous hour of the driving recorder, namely, a second target data storage area corresponding to the access request of the second preset type user.
Optionally, after determining a second target data storage area corresponding to the access request of the second preset type user, executing the access request of the second preset type user in the second target data storage area, and generating a corresponding second access result. For example, a driving record video of the corresponding driving recorder in the previous hour in the second preset type user access request is obtained from the second target storage area.
In some embodiments, the data storage area accessible by the second preset-type user is fixed, i.e. the second preset-type user can access the second target data storage area according to its corresponding user rights, i.e. the user rights corresponding to the second preset-type user define that the second preset-type user can access the data stored in the second target storage area.
In this embodiment, for a second preset type user whose user authority is lower than that of the first preset type user, by judging whether the access request triggered by the user has the preset access authority, the user without the user access authority is effectively prevented from accessing important data, and the access request with the preset access authority executes the corresponding access request in the corresponding second target data storage area, so that the efficiency of executing data access is improved, and the security of data is ensured.
Further, based on the above embodiment, referring to fig. 8, in one exemplary embodiment provided in the present application, the specific implementation process of the user identity management method may further include the following steps S810 to S830, which are described in detail below:
Step 810, if the identity authentication information of the user indicates that the user belongs to a third preset type user, judging whether the access request of the third preset type user has preset access rights, wherein the access rights of the third preset type user are lower than those of the second preset type user.
If the identity authentication information of the user indicates that the user belongs to a third preset type user, it needs to be further determined whether the access request of the third preset type user has the preset access right, where it needs to be described that the access right of the third preset type user is lower than the access right of the second preset type user, that is, in this embodiment, the size relationship of the user access right includes that the access right of the first preset user type is greater than the access right of the second preset user type, and the access right of the second preset user type is greater than the access right of the third preset user type, so as to further determine whether the data access request sent by the third preset user has the corresponding preset access right.
The vehicle event data recorder is taken as an example for the embodiment, and the third preset type user is a temporary tourist user, that is, when the user triggering the data access request is determined to be the temporary tourist user according to the identity information of the user, then the data access request triggered by the temporary tourist user is analyzed, and whether the access request triggered by the temporary tourist has the preset access right is determined according to the analysis result of the data access request.
In some possible embodiments, if it is detected that the data access request sent by the user does not have the preset access right, a corresponding prompt message without the access right may be returned to the user.
Step S820, if the access request of the third preset type user has the preset access right, analyzing the access request of the third preset type user to determine a third target data storage area corresponding to the access request of the third preset type user based on the analysis result;
step S830, executing the access request of the third preset type user in the third target data storage area, and generating a corresponding third access result.
Optionally, if the access request of the third preset type user has the preset access right according to the access request of the third preset type user, the access request of the third preset type user is analyzed to determine a third target data storage area corresponding to the access request of the third preset type user, and further the data access request triggered by the point type user can be executed in the third target data storage area to generate a corresponding third access result from the third target data storage area, and the third access result is returned to the third preset type user triggering the access request.
Taking a vehicle event data recorder as an example, if the third preset type user is a temporary tourist user, and the access request sent by the temporary tourist user is to browse the vehicle event data record in half an hour, according to the preset access authority, the temporary tourist is authorized to access the vehicle event data record in half an hour, which corresponds to the access request sent by the temporary tourist user, can be obtained from the third data storage area in which the temporary vehicle event data record is stored, and the vehicle event data record in half an hour, which corresponds to the access request sent by the temporary tourist user, is returned to the temporary tourist user triggering the access request.
In this embodiment, for the third preset type user with the lowest access right, by judging whether the access request triggered by the user has the preset access right, the user without the user access right is effectively prevented from accessing important data, and the access request with the preset access right executes the corresponding access request in the corresponding third target data storage area, so that the efficiency of executing the data access is improved, and the security of the data is ensured.
Further, based on the above embodiment, referring to fig. 9, in one exemplary embodiment provided in the present application, the specific implementation process of the user rights management method may further include step S910 and step S920, which are described in detail below:
Step S910, if the identity authentication result of the user indicates that the user belongs to the first preset type of user, and the access request comprises historical track information inquiry;
step S920, acquiring all the history track information of the first preset type user, the second preset type user and the third preset type user, generating corresponding log files, and sending the log files to the first preset type user.
Optionally, taking the user authority management of the vehicle data recorder as an example, if the user is determined to be a first preset type user according to the identity information of the user triggering the access request, taking the first preset type user as an example of a vehicle owner, if the access request triggered by the user logged in by the vehicle owner account includes a query of historical track information, where the historical track information includes historical track information of all users on the vehicle data recorder, for example, a second preset type user-1, browses the vehicle data record of the previous hour at 09:35, the first preset type user-3 stores pictures into a storage area of the vehicle data recorder at 08:30, and the like.
That is, if the user is determined to be the user of the first preset type according to the identity information of the user triggering the access request, the access request triggered by the user of the first preset type includes a query for the historical track information, where in some possible embodiments, the historical track information includes: account information, operation records, storage records, deletion records, check records and user account information stored above the driving records. In this way, the history track information corresponding to the access request of the first preset type user in the vehicle event data recorder can be obtained, for example, the access request of the first preset type user includes an access request for inquiring the history storage track information, so that corresponding files can be generated by videos, photos or videos recorded in an emergency state and the like shot by the vehicle event data recorder in the use process, and the first preset type user is allowed to preview, display, delete and the like.
In particular, taking the driving recorder as an example, in the starting state of the driving recorder, aiming at users with different preset types, the driving recorder comprises a local embedded point function, namely, the driving recorder records the operation records, the storage records, the deletion records, the check records and other combined time information of different users on the driving recorder according to different types of the access users to generate corresponding log files, and the corresponding log files are stored in a corresponding database for a vehicle owner (a user with a first preset type) to check.
In this embodiment, the first preset type user with the highest access authority may call the history behavior track logs of all users, and ensure the security of data access and the validity of user authority management while guaranteeing the highest authority of the first preset type user.
Further, based on the above embodiment, referring to fig. 10, in one exemplary embodiment provided in the present application, the specific implementation process of the user rights management method may further include steps S1010 to S1030, which are described in detail below:
step S1010, if the user access request has the preset access right, analyzing the access request to generate a corresponding access execution instruction based on the analysis result;
Step S1020, if the access execution instruction is a file deletion instruction, determining a file storage path to be deleted;
step S1030, a preset file frame is called from the file storage path to execute the file deletion instruction.
Optionally, if the identity information of the user triggering the access request is verified to obtain that the access request triggered by the user has the preset access right, the access request sent by the user can be analyzed to generate a corresponding access execution instruction according to the analysis result, and if the access instruction is a data reading instruction, the data reading instruction can be executed from a corresponding target data storage area, and a corresponding access result is generated and returned to the user; if the access instruction is a data writing instruction, the data writing instruction can be read in a corresponding target data storage area, so that corresponding data can be written in the target data storage area, writing feedback data is obtained, and the writing feedback data is returned to a user as an access result, wherein the writing feedback data is used for representing the data writing condition.
Further, in some possible embodiments, if the access execution instruction generated based on the analysis of the user access request is a file deletion instruction, determining a storage path of the target deletion file, and matching a corresponding file frame according to the storage path of the target deletion file, so as to call the file frame to execute the file deletion instruction, thereby enabling deletion of the target deletion file to be more thorough.
In this embodiment, when the file deletion instruction is included in the access request of the user, the storage path of the file to be deleted may be determined, so that the storage path of the file to be deleted may call the corresponding file frame to execute the file deletion instruction, so that the deletion speed of the file to be deleted is faster, and the security of other data is ensured.
Fig. 11 is a simplified flow diagram of user rights management in an exemplary application scenario. Under the application scene shown in 11, the identity information of the current user is obtained, and the identity of the user is authenticated based on the identity information of the user, so that the identity authentication result of the user is obtained, and the access right of the user can be determined according to the identity result of the user. For example, if the identity authentication result of the user indicates that the user belongs to a first preset type user, analyzing an access request of the first preset type user to determine a first target data storage area of the access request of the first preset type user; executing an access request of a user of a first preset type in a first target data storage area, and generating a corresponding first access result. If the identity authentication information of the user characterizes that the user belongs to a second preset type user, judging whether an access request of the second preset type user has preset access rights or not, wherein the access rights of the second preset type user are lower than those of the first preset type user; if the access request of the second preset type user has the preset access right, analyzing the access request of the second preset type user to determine a second target data storage area corresponding to the access request of the second preset type user based on the analysis result; executing the access request of the second preset type user in the second target data storage area, generating a corresponding second access result and returning the second access result to the second preset type user. If the identity authentication information of the user characterizes that the user belongs to a third preset type user, judging whether an access request of the third preset type user has preset access rights or not, wherein the access rights of the third preset type user are lower than those of the second preset type user; if the access request of the third preset type user has the preset access right, analyzing the access request of the third preset type user to determine a third target data storage area corresponding to the access request of the third preset type user based on the analysis result; executing the access request of the third preset type user in the third target data storage area, generating a corresponding third access result and returning the third access result to the third preset type user. If the identity authentication result of the user indicates that the user belongs to the first preset type of user, and if the access request comprises historical track information inquiry; acquiring all the history track information of the first preset type user, the second preset type user and the third preset type user, generating corresponding log files, and sending the log files to the first preset type user. Please refer to the descriptions in the foregoing embodiments for detailed implementation, and a detailed description thereof is omitted herein.
Fig. 12 is a block diagram of a user rights management device according to an exemplary embodiment of the present application. The apparatus may be applied to the implementation environment shown in fig. 2, and is specifically configured in the smart terminal 210. The apparatus may also be adapted to other exemplary implementation environments and may be specifically configured in other devices, and the present embodiment is not limited to the implementation environments to which the apparatus is adapted.
As shown in fig. 12, the exemplary user right management apparatus includes: the acquiring module 1210 is configured to acquire identity information of a current user and perform identity authentication on the user to obtain an identity authentication result of the user; and, the user identity information has already carried out identity authentication at least once and is in the running state after the identity authentication is passed; the permission determining module 1220 is configured to determine an access permission of the user according to an identity authentication result of the user; and a response module 1230, configured to receive an access request triggered by the user, so as to return a corresponding access result to the user for the access request based on the access right of the user.
According to an aspect of the embodiments of the present application, the acquiring module 1210 further specifically includes: the system comprises an acquisition unit, a user identification unit and a user identification unit, wherein the acquisition unit is used for acquiring identity authentication information input by a user, and the identity authentication information comprises a user account; and the determining unit is used for determining the identity authentication result of the user based on the user account.
According to an aspect of the embodiments of the present application, the user rights management apparatus further includes: the first preset type user management module is used for analyzing the access request of the first preset type user if the identity authentication result of the user indicates that the user belongs to the first preset type user, so as to determine a first target data storage area of the access request of the first preset type user; the first execution module is used for executing the access request of the user of the first preset type in the first target data storage area and generating a corresponding first access result.
According to an aspect of the embodiments of the present application, the user rights management apparatus further includes: the second preset type user management module is used for judging whether the access request of the second preset type user has preset access rights if the identity authentication information of the user indicates that the user belongs to the second preset type user, wherein the access rights of the second preset type user are lower than those of the first preset type user; the first permission verification module is used for analyzing the access request of the second preset type user if the access request of the second preset type user has the preset access permission so as to determine a second target data storage area corresponding to the access request of the second preset type user based on the analysis result; the second execution module is used for executing the access request of the second preset type user in the second target data storage area and generating a corresponding second access result.
According to an aspect of the embodiments of the present application, the user rights management apparatus further includes: the third preset type user management module is used for judging whether the access request of the third preset type user has preset access rights if the identity authentication information of the user indicates that the user belongs to the third preset type user, wherein the access rights of the third preset type user are lower than those of the second preset type user; the second permission verification module is used for analyzing the access request of the third preset type user if the access request of the third preset type user has the preset access permission so as to determine a third target data storage area corresponding to the access request of the third preset type user based on the analysis result; and the third execution module is used for executing the access request of the third preset type user in the third target data storage area and generating a corresponding third access result.
According to an aspect of the embodiments of the present application, the user rights management apparatus further includes: the judging module is used for indicating that the user belongs to the user of the first preset type if the identity authentication result of the user indicates that the user belongs to the user of the first preset type, and the access request comprises historical track information inquiry; the history track acquisition module is used for acquiring all history track information of the first preset type user, the second preset type user and the third preset type user, generating corresponding log files and sending the log files to the first preset type user.
According to an aspect of the embodiments of the present application, the user rights management apparatus further includes: the analysis module is used for analyzing the access request if the user access request has the preset access right so as to generate a corresponding access execution instruction based on the analysis result; the storage path determining module is used for determining a file storage path to be deleted if the access execution instruction is a file deletion instruction; and the calling module is used for calling a preset file frame from the file storage path to execute a file deleting instruction.
It should be noted that, the user rights management apparatus provided in the foregoing embodiment and the user rights management method provided in the foregoing embodiment belong to the same concept, and a specific manner in which each module and unit perform an operation has been described in detail in the method embodiment, which is not described herein again. In practical application, the user rights management device provided in the above embodiment may allocate the functions to different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules to perform all or part of the functions described above, which is not limited herein.
The embodiment of the application also provides electronic equipment, which comprises: one or more processors; and a storage means for storing one or more programs that, when executed by the one or more processors, cause the electronic device to implement the user rights management method provided in the respective embodiments described above.
Fig. 13 shows a schematic diagram of a computer system suitable for use in implementing the electronic device of the embodiments of the present application. It should be noted that, the computer system 1300 of the electronic device shown in fig. 13 is only an example, and should not impose any limitation on the functions and the application scope of the embodiments of the present application.
As shown in fig. 13, the computer system 1300 includes a central processing unit (Central Processing Unit, CPU) 1301 that can perform various appropriate actions and processes according to a program stored in a Read-Only Memory (ROM) 1302 or a program loaded from a storage portion 1308 into a random access Memory (Random Access Memory, RAM) 1303, for example, performing the method described in the above embodiment. In the RAM 1303, various programs and data required for the system operation are also stored. The CPU 1301, ROM 1302, and RAM 1303 are connected to each other through a bus 1304. An Input/Output (I/O) interface 1305 is also connected to bus 1304.
The following components are connected to the I/O interface 1305: an input section 1306 including a keyboard, a mouse, and the like; an output portion 1307 including a Cathode Ray Tube (CRT), a liquid crystal display (Liquid Crystal Display, LCD), and the like, a speaker, and the like; a storage portion 1308 including a hard disk or the like; and a communication section 1309 including a network interface card such as a LAN (Local Area Network ) card, a modem, or the like. The communication section 1309 performs a communication process via a network such as the internet. The drive 1310 is also connected to the I/O interface 1305 as needed. Removable media 1311, such as magnetic disks, optical disks, magneto-optical disks, semiconductor memory, and the like, is mounted on drive 1310 as needed so that a computer program read therefrom is mounted into storage portion 1308 as needed.
In particular, according to embodiments of the present application, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising a computer program for performing the method shown in the flowchart. In such embodiments, the computer program may be downloaded and installed from a network via the communication portion 1309 and/or installed from the removable medium 1311. When executed by a Central Processing Unit (CPU) 1301, performs the various functions defined in the system of the present application.
It should be noted that, the computer readable medium shown in the embodiments of the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium may be, for example, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-Only Memory (ROM), an erasable programmable read-Only Memory (Erasable Programmable Read Only Memory, EPROM), flash Memory, an optical fiber, a portable compact disc read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with a computer-readable computer program embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. A computer program embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. Where each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units involved in the embodiments of the present application may be implemented by means of software, or may be implemented by means of hardware, and the described units may also be provided in a processor. Wherein the names of the units do not constitute a limitation of the units themselves in some cases.
Another aspect of the present application also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor implements a user rights management method as described above. The computer-readable storage medium may be included in the electronic device described in the above embodiment or may exist alone without being incorporated in the electronic device.
Another aspect of the present application also provides a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the user right management method provided in the above-described respective embodiments.
The foregoing is merely a preferred exemplary embodiment of the present application and is not intended to limit the embodiments of the present application, and those skilled in the art may make various changes and modifications according to the main concept and spirit of the present application, so that the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A user rights management method, comprising:
acquiring identity information of a current user and carrying out identity authentication on the user to obtain an identity authentication result of the user; and the user identity information is subjected to at least one identity authentication and is in an operation state after the identity authentication is passed;
determining the access right of the user according to the identity authentication result of the user;
and receiving the access request triggered by the user, and returning a corresponding access result to the user aiming at the access request based on the access authority of the user.
2. The method of claim 1, wherein the obtaining the identity information of the current user and authenticating the user to obtain the identity authentication result of the user comprises:
acquiring identity authentication information input by a user, wherein the identity authentication information comprises a user account;
and determining an identity authentication result of the user based on the user account.
3. The method of claim 2, wherein the method further comprises:
if the identity authentication result of the user indicates that the user belongs to a first preset type user, analyzing an access request of the first preset type user to determine a first target data storage area of the access request of the first preset type user;
Executing the access request of the user of the first preset type in the first target data storage area, and generating a corresponding first access result.
4. A method as claimed in claim 3, wherein the method further comprises:
if the identity authentication information of the user indicates that the user belongs to a second preset type user, judging whether an access request of the second preset type user has preset access rights or not, wherein the access rights of the second preset type user are lower than those of the first preset type user;
if the access request of the second preset type user has the preset access right, analyzing the access request of the second preset type user to determine a second target data storage area corresponding to the access request of the second preset type user based on an analysis result;
executing the access request of the second preset type user in the second target data storage area, and generating a corresponding second access result.
5. The method of claim 4, wherein the method further comprises:
if the identity authentication information of the user indicates that the user belongs to a third preset type user, judging whether an access request of the third preset type user has preset access rights or not, wherein the access rights of the third preset type user are lower than those of the second preset type user;
If the access request of the third preset type user has the preset access right, analyzing the access request of the third preset type user to determine a third target data storage area corresponding to the access request of the third preset type user based on an analysis result;
executing the access request of the third preset type user in the third target data storage area, and generating a corresponding third access result.
6. The method of any one of claims 2 to 5, further comprising:
if the identity authentication result of the user indicates that the user belongs to a first preset type of user, and the access request comprises historical track information inquiry;
acquiring all the history track information of the first preset type user, the second preset type user and the third preset type user, generating a corresponding log file, and sending the log file to the first preset type user.
7. The method of claim 1, wherein the method further comprises:
if the user access request has the preset access right, analyzing the access request to generate a corresponding access execution instruction based on an analysis result;
If the access execution instruction is a file deletion instruction, determining a file storage path to be deleted;
and calling a preset file framework from the file storage path to execute the file deleting instruction.
8. A user rights management apparatus, the apparatus comprising:
the acquisition module is used for acquiring the identity information of the current user and carrying out identity authentication on the user so as to obtain an identity authentication result of the user; and the user identity information is subjected to at least one identity authentication and is in an operation state after the identity authentication is passed;
the permission determining module is used for determining the access permission of the user according to the identity authentication result of the user;
and the response module is used for receiving the access request triggered by the user so as to return a corresponding access result to the user aiming at the access request based on the access authority of the user.
9. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs which, when executed by the one or more processors, cause the electronic device to implement the user rights management method of any of claims 1 to 7.
10. A computer readable storage medium having stored thereon computer readable instructions which, when executed by a processor of a computer, cause the computer to perform the user rights management method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311244588.0A CN117319024A (en) | 2023-09-25 | 2023-09-25 | User authority management method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311244588.0A CN117319024A (en) | 2023-09-25 | 2023-09-25 | User authority management method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117319024A true CN117319024A (en) | 2023-12-29 |
Family
ID=89284277
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311244588.0A Pending CN117319024A (en) | 2023-09-25 | 2023-09-25 | User authority management method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117319024A (en) |
-
2023
- 2023-09-25 CN CN202311244588.0A patent/CN117319024A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110879903B (en) | Evidence storage method, evidence verification method, evidence storage device, evidence verification equipment and evidence verification medium | |
| CN103220344B (en) | Microblogging licenses method and system | |
| CN110121873A (en) | A kind of access token management method, terminal and server | |
| US20180196875A1 (en) | Determining repeat website users via browser uniqueness tracking | |
| CN111991813B (en) | Method and device for logging in game, electronic equipment and storage medium | |
| CN110268406B (en) | Password security | |
| CN103795702A (en) | Transit control for data | |
| CN104753677B (en) | Password hierarchical control method and system | |
| CN114139135B (en) | Equipment login management method, device and storage medium | |
| US20240134960A1 (en) | Sentinel system for an online device | |
| CN115146815A (en) | Service processing method, device, computer and readable storage medium | |
| CN105429943A (en) | Information processing method and terminal thereof | |
| CN115102744A (en) | Data access method and device | |
| CN116415217A (en) | Instant authorization system based on zero trust architecture | |
| CN114268461B (en) | User identity authentication method, device, server, terminal and storage medium | |
| US11962697B2 (en) | Systems and methods for tracking chain of custody of body worn cameras | |
| CN113542191A (en) | Block chain based data access and verification method and device | |
| US11025634B2 (en) | Enhancement of privacy/security of images | |
| CN112286632A (en) | Cloud platform, cloud platform management method and device, electronic equipment and storage medium | |
| US11409856B2 (en) | Video-based authentication | |
| CN117319024A (en) | User authority management method, device, equipment and storage medium | |
| CN116975821A (en) | Information processing method, apparatus, electronic device, storage medium, and program product | |
| CN115694979A (en) | Method, device, equipment, medium and program for accessing MQTT (Multi-query Log) by vehicle-mounted terminal | |
| US20230195934A1 (en) | Device And Method For Redacting Records Based On A Contextual Correlation With A Previously Redacted Record | |
| CN116938501A (en) | Authentication method, device, storage medium, and program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |