CN119377923A - A multi-level digital fishery authority allocation method and system - Google Patents

A multi-level digital fishery authority allocation method and system Download PDF

Info

Publication number
CN119377923A
CN119377923A CN202411173609.9A CN202411173609A CN119377923A CN 119377923 A CN119377923 A CN 119377923A CN 202411173609 A CN202411173609 A CN 202411173609A CN 119377923 A CN119377923 A CN 119377923A
Authority
CN
China
Prior art keywords
authority
data
fishery
different users
business
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202411173609.9A
Other languages
Chinese (zh)
Inventor
刘海平
肖世俊
周朝伟
张善忠
余小聊
罗杨
张博伦
张川
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Wenray Technology Co ltd
Southwest University
Original Assignee
Chongqing Wenray Technology Co ltd
Southwest University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Wenray Technology Co ltd, Southwest University filed Critical Chongqing Wenray Technology Co ltd
Priority to CN202411173609.9A priority Critical patent/CN119377923A/en
Publication of CN119377923A publication Critical patent/CN119377923A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/02Agriculture; Fishing; Forestry; Mining

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Tourism & Hospitality (AREA)
  • General Health & Medical Sciences (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Business, Economics & Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Data Mining & Analysis (AREA)
  • Animal Husbandry (AREA)
  • Marine Sciences & Fisheries (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Automation & Control Theory (AREA)
  • Bioethics (AREA)
  • Mining & Mineral Resources (AREA)
  • Agronomy & Crop Science (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Primary Health Care (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明公开了一种多层级数智渔业权限分配方法及系统,涉及权限管理技术领域。包括:根据所需管理的渔业资源将系统中的不同用户进行定义;通过系统对不同用户进行管理,制定权限标准,明确不同用户在系统中的职责范围和操作权限;通过权限匹配策略对不同用户进行权限匹配,赋予用户相应的层级信息,将渔业权限逐级分配。本发明提高了系统的安全性和稳定性,还提升了业务运行的效率和协同性,为数智渔业系统的发展提供了有力的技术支撑。

The present invention discloses a multi-level digital fishery authority allocation method and system, which relates to the technical field of authority management. It includes: defining different users in the system according to the fishery resources to be managed; managing different users through the system, formulating authority standards, and clarifying the scope of responsibilities and operating permissions of different users in the system; matching permissions for different users through authority matching strategies, giving users corresponding hierarchical information, and allocating fishery permissions level by level. The present invention improves the security and stability of the system, and also improves the efficiency and coordination of business operations, providing strong technical support for the development of digital fishery systems.

Description

Multi-level intelligent fishery authority allocation method and system
Technical Field
The invention relates to the technical field of rights management, in particular to a multi-level intelligent fishery rights distribution method and system.
Background
With the rapid development of technology, digitization and intellectualization have become important driving forces for the transformation and upgrading of modern fishery. In the construction of an efficient and safe intelligent fishery system, a scientific and reasonable authority allocation method is important, and the stable operation of the system and the smooth execution of data safety are directly related.
In the prior art, the situation that the authority allocation is unreasonable may exist, for example, some users are endowed with excessive unnecessary authorities, the risk of data leakage is increased, or the traditional authority allocation method has the disadvantages of numerous users and complex authority allocation, and the traditional authority allocation method cannot meet the quick response requirement of the intelligent fishery system.
Therefore, a multi-layer-series intelligent fishery authority distribution method and a multi-layer-series intelligent fishery authority distribution system are provided to solve the problems in the prior art, and the problems are needed to be solved by those skilled in the art.
Disclosure of Invention
In view of the above, the invention provides a multi-level intelligent fishery authority distribution method and a multi-level intelligent fishery authority distribution system, which are used for solving the technical problems in the prior art.
In order to achieve the above object, the present invention provides the following technical solutions:
a multi-layer series intelligent fishery authority distribution method comprises the following steps:
Determining fishery resources to be managed and defining different users in the system;
Different users are managed through the system, permission standards are formulated, and the responsibility ranges and the operation permissions of the different users in the system are defined;
And performing authority matching on different users through an authority matching strategy, giving the users corresponding level information, and distributing the fishery authorities step by step.
Optionally, the specific content defined by different users in the system is as follows:
Identifying user roles in the system, including superadministrators, business administrators, operators, data analysts;
the super manager is responsible for setting, maintaining and user management of the system;
a service manager divides service data responsible for managing each area according to the service module;
The operator is responsible for data inquiry and data input of the business module;
and the data analyst is responsible for data collection, processing and analysis of the business modules.
Optionally, the permission standard comprises data access permission and function operation permission.
Optionally, the data access rights include a data range and a data operation;
the data range is limited according to the user roles, the super manager accesses all data of the service modules, the service manager accesses the data of the responsible service modules, the operator accesses the data of the input service modules, and the data analyzer accesses the data of a plurality of service modules for comprehensive analysis.
Optionally, the function operation authority includes dividing the system function into different modules according to the service requirement of the system, and setting the operation authority based on the different modules.
Optionally, the authority matching strategy matches according to responsibilities and authorities of different users and according to a minimum authority principle, and after the authority matching is completed, authority verification is performed, so that accuracy and rationality of authority allocation are ensured.
Optionally, the system also comprises a monitoring system for monitoring the use condition of the user authority in real time, periodically performing authority audit, checking whether the user authority accords with the responsibility, and timely finding out abnormal conditions.
A multi-level intelligent fishery authority distribution system for executing any one of the above multi-level intelligent fishery authority distribution methods comprises a definition module, a management module and an authority distribution module which are connected in sequence,
The definition module is used for defining different users in the system according to fishery resources to be managed;
The management module is used for managing different users through the system, making permission standards and defining the responsibility ranges and the operation permissions of the different users in the system;
And the authority distribution module is used for carrying out authority matching on different users through an authority matching strategy, giving the users corresponding level information and distributing the fishery authorities step by step.
Compared with the prior art, the invention discloses a multi-layer intelligent fishery authority distribution method and a system, which have the beneficial effects that through systematic steps, the accurate distribution and dynamic adjustment of user authorities are realized, the method not only improves the safety and stability of the system, but also improves the efficiency and cooperativity of service operation, and provides powerful technical support for the development of the intelligent fishery system.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a multi-level intelligent fishery rights allocation method provided by the invention;
FIG. 2 is a block diagram of a multi-level intelligent fishery rights distribution system provided by the invention;
fig. 3 is a block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to FIG. 1, the invention discloses a multi-layer-series intelligent fishery authority allocation method, which comprises the following steps:
determining fishery resources to be managed and defining different users in the system;
Different users are managed through the system, permission standards are formulated, and the responsibility ranges and the operation permissions of the different users in the system are defined;
And performing authority matching on different users through an authority matching strategy, giving the users corresponding level information, and distributing the fishery authorities step by step.
The specific content of the fishery resources to be managed is determined to be user data, system setting and operation logs, and the fishery resources are classified according to types.
Further, the specific content of defining different users in the system is as follows:
Identifying user roles in the system, including superadministrators, business administrators, operators, data analysts;
the super manager is responsible for setting, maintaining and user management of the system;
a service manager divides service data responsible for managing each area according to the service module;
The operator is responsible for data inquiry and data input of the business module;
and the data analyst is responsible for data collection, processing and analysis of the business modules.
Specifically, the super administrator is responsible for configuring system settings, including security settings, notification settings and global settings, has complete access rights, can configure user rights and system parameters, the service administrator has partial access rights, an operator performs conventional operations such as inquiry and editing, can only access and modify personal information of the operator, and performs core function operations, and the data analyzer is responsible for accessing an API of the system, has rights to access the API, and possibly needs a specific API key.
Further, the permission standard comprises data access permission and function operation permission.
Further, the data access rights include a data range and data operations;
the data range is limited according to the user roles, the super manager accesses all data of the service modules, the service manager accesses the data of the responsible service modules, the operator accesses the data of the input service modules, and the data analyzer accesses the data of a plurality of service modules for comprehensive analysis.
Further, the function operation authority comprises dividing the system function into different modules according to the service requirement of the system, and setting the operation authority based on the different modules.
Furthermore, the authority matching strategy is matched according to the responsibilities and authorities of different users and the minimum authority principle, and authority verification is carried out after the authority matching is completed, so that the accuracy and rationality of authority allocation are ensured.
Specifically, the minimum set of permissions required to be granted to complete each role is ensured in accordance with the minimum permission principle.
Further, the system also comprises a monitoring system for monitoring the use condition of the user authority in real time, periodically performing authority audit, checking whether the user authority accords with the responsibility, and timely finding out abnormal conditions.
And when the responsibility ranges of different users are changed, providing a permission change application function, allowing a permission change request to be initiated, approving the permission change request to ensure the reasonability and the compliance of the change, and adjusting the permissions of the different users after the approval is passed, so as to realize the dynamic adjustment of the permissions.
The method comprises the steps of dynamically adjusting user rights according to information to ensure that only resources related to a current task can be accessed and operated, implementing a right changing approval process to ensure that any right adjustment is reasonably approved, starting the approval process when more sensitive information is required to be accessed or higher-level operation is required to be executed, integrating a learning algorithm to automatically adjust the rights according to historical behaviors and preferences of a user, and automatically improving the rights of the user to certain types of resources when the system observes that the user frequently accesses the resources.
Corresponding to the method shown in fig. 1, the invention also provides a multi-layer series intelligent fishery authority distribution system, which is used for realizing the method shown in fig. 1, and the structure schematic diagram is shown in fig. 2, and comprises a definition module, a management module and an authority distribution module which are connected in sequence,
The definition module is used for defining different users in the system according to fishery resources to be managed;
The management module is used for managing different users through the system, making permission standards and defining the responsibility ranges and the operation permissions of the different users in the system;
And the authority distribution module is used for carrying out authority matching on different users through an authority matching strategy, giving the users corresponding level information and distributing the fishery authorities step by step.
Specifically, each module may be embedded in hardware or independent from a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to each module.
In one embodiment, referring to FIG. 3, a computer device, which may be a terminal, is provided that includes a processor, a memory, a communication interface, a display screen, and an input device connected by a system bus.
Wherein the processor of the computer device is configured to provide computing and control capabilities, and the memory of the computer device comprises a non-volatile storage medium, an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The communication interface of the computer device is used for performing wired or wireless communication with an external terminal, and the wireless mode can be realized through WIFI, an operator network, NFC (near field communication) or other technologies. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, the input device of the computer equipment can be a touch layer covered on the display screen, can also be keys, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the system disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (8)

1.一种多层级数智渔业权限分配方法,其特征在于,包括以下步骤:1. A multi-level digital fishery authority allocation method, characterized in that it includes the following steps: 确定所需管理的渔业资源将系统中的不同用户进行定义;Identify the fishery resources that require management and define the different users in the system; 通过系统对不同用户进行管理,制定权限标准,明确不同用户在系统中的职责范围和操作权限;Manage different users through the system, formulate authority standards, and clarify the scope of responsibilities and operating permissions of different users in the system; 通过权限匹配策略对不同用户进行权限匹配,赋予用户相应的层级信息,将渔业权限逐级分配。Through the authority matching strategy, the authorities of different users are matched, the users are given corresponding hierarchical information, and the fishery authorities are allocated level by level. 2.根据权利要求1所述的一种多层级数智渔业权限分配方法,其特征在于,将系统中的不同用户进行定义的具体内容为:2. A multi-level digital fishery authority allocation method according to claim 1, characterized in that the specific content of defining different users in the system is: 识别在系统中的用户角色,包括:超级管理员、业务管理员、操作员、数据分析员;Identify user roles in the system, including: super administrator, business administrator, operator, and data analyst; 超级管理员:负责系统的设置、维护、用户管理;Super administrator: responsible for system setup, maintenance, and user management; 业务管理员:根据业务模块划分负责管理各个区域的业务数据;Business administrator: responsible for managing the business data of each area according to the business module division; 操作员:负责业务模块的数据查询和数据录入;Operator: responsible for data query and data entry of business modules; 数据分析员:负责业务模块的数据收集、处理和分析。Data Analyst: Responsible for data collection, processing and analysis of business modules. 3.根据权利要求1所述的一种多层级数智渔业权限分配方法,其特征在于,权限标准包括:数据访问权限、功能操作权限。3. A multi-level digital fishery authority allocation method according to claim 1, characterized in that the authority standards include: data access authority and functional operation authority. 4.根据权利要求3所述的一种多层级数智渔业权限分配方法,其特征在于,数据访问权限包括数据范围以及数据操作;4. A multi-level digital fishery authority allocation method according to claim 3, characterized in that data access rights include data range and data operation; 数据范围根据用户角色限制访问的数据,超级管理员访问业务模块的所有数据,业务管理员访问所负责业务模块的数据,操作员访问所输入业务模块的数据,数据分析员访问若干业务模块的数据进行综合分析。The data scope restricts access to data based on user roles. Super administrators access all data in business modules, business administrators access data in the business modules they are responsible for, operators access data in the business modules they input, and data analysts access data from several business modules for comprehensive analysis. 5.根据权利要求3所述的一种多层级数智渔业权限分配方法,其特征在于,功能操作权限包括根据系统的业务需求,将系统功能划分为不同的模块,基于不同的模块设置操作权限。5. A multi-level digital fishery authority allocation method according to claim 3 is characterized in that the functional operation authority includes dividing the system functions into different modules according to the business needs of the system, and setting operation permissions based on different modules. 6.根据权利要求1所述的一种多层级数智渔业权限分配方法,其特征在于,权限匹配策略根据不同用户的职责和权限依据最小权限原则进行匹配,权限匹配完成后,进行权限审核,确保权限分配的准确性和合理性。6. According to a multi-level digital fishery authority allocation method described in claim 1, it is characterized in that the authority matching strategy is matched according to the responsibilities and authorities of different users based on the principle of least authority. After the authority matching is completed, an authority review is performed to ensure the accuracy and rationality of the authority allocation. 7.根据权利要求1所述的一种多层级数智渔业权限分配方法,其特征在于,还包括:使用监控系统实时监测用户权限的使用情况,定期进行权限审计,检查用户权限是否与职责相符,及时发现异常情况。7. According to claim 1, a multi-level digital fishery authority allocation method is characterized in that it also includes: using a monitoring system to monitor the use of user permissions in real time, conducting regular authority audits, checking whether user permissions are consistent with responsibilities, and promptly discovering abnormal situations. 8.一种多层级数智渔业权限分配系统,其特征在于执行权利要求1-7任一项所述的一种多层级数智渔业权限分配方法,包括依次连接的定义模块、管理模块、权限分配模块;其中,8. A multi-level digital fishery authority allocation system, characterized by executing a multi-level digital fishery authority allocation method as described in any one of claims 1 to 7, comprising a definition module, a management module, and an authority allocation module connected in sequence; wherein, 定义模块:根据所需管理的渔业资源将系统中的不同用户进行定义;Definition module: define different users in the system according to the fishery resources to be managed; 管理模块:通过系统对不同用户进行管理,制定权限标准,明确不同用户在系统中的职责范围和操作权限;Management module: manage different users through the system, formulate authority standards, and clarify the scope of responsibilities and operating permissions of different users in the system; 权限分配模块:通过权限匹配策略对不同用户进行权限匹配,赋予用户相应的层级信息,将渔业权限逐级分配。Permission allocation module: Match permissions for different users through permission matching strategies, assign users corresponding hierarchical information, and allocate fishery permissions step by step.
CN202411173609.9A 2024-08-26 2024-08-26 A multi-level digital fishery authority allocation method and system Pending CN119377923A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411173609.9A CN119377923A (en) 2024-08-26 2024-08-26 A multi-level digital fishery authority allocation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411173609.9A CN119377923A (en) 2024-08-26 2024-08-26 A multi-level digital fishery authority allocation method and system

Publications (1)

Publication Number Publication Date
CN119377923A true CN119377923A (en) 2025-01-28

Family

ID=94338394

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411173609.9A Pending CN119377923A (en) 2024-08-26 2024-08-26 A multi-level digital fishery authority allocation method and system

Country Status (1)

Country Link
CN (1) CN119377923A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117540404A (en) * 2023-11-30 2024-02-09 中电云科信息技术有限公司 Management authority matching method, device and system
CN118368141A (en) * 2024-06-17 2024-07-19 广东烟草东莞市有限公司 Intranet dynamic access method and system based on zero trust of tobacco intranet
CN118536106A (en) * 2024-04-22 2024-08-23 中国华能集团有限公司北京招标分公司 A business operator authorization management method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117540404A (en) * 2023-11-30 2024-02-09 中电云科信息技术有限公司 Management authority matching method, device and system
CN118536106A (en) * 2024-04-22 2024-08-23 中国华能集团有限公司北京招标分公司 A business operator authorization management method
CN118368141A (en) * 2024-06-17 2024-07-19 广东烟草东莞市有限公司 Intranet dynamic access method and system based on zero trust of tobacco intranet

Similar Documents

Publication Publication Date Title
US7996834B2 (en) Virtual machine self-service restrictions
US8719949B1 (en) Parameter based operation
US8255355B2 (en) Adaptive method and system with automatic scanner installation
US10114964B2 (en) Role-based content rendering
JP4537022B2 (en) A data processing method, a storage area control method, and a data processing system that limit data arrangement.
US10728348B2 (en) Systems and methods for analyzing application usage on a user device
CN117540404A (en) Management authority matching method, device and system
US12299106B2 (en) Project-based permission system
US9082085B2 (en) Computing environment climate dependent policy management
CN102571815B (en) A kind of method of e-procurement privately owned cloud integrating ERP authenticating user identification
US20250200198A1 (en) Managed Metastore
US20040088563A1 (en) Computer access authorization
CN114417278A (en) Interface unified management system and platform interface management system
CN105827645A (en) A method, device and system for access control
CN115422526B (en) Role authority management method, device and storage medium
CN119377923A (en) A multi-level digital fishery authority allocation method and system
CN114692126A (en) Big data unified authorization access method, device, electronic equipment and medium
JP2007293639A (en) Access control method and equipment and system using access control method
CN115357284A (en) Multi-dimensional data authority control configuration system and method
CN114528563A (en) Authority management method, device, electronic device and medium
CN120068088B (en) Resource unified identification and analysis calculation method based on trusted data space
US20240114029A1 (en) Methods and apparatus for identity and access management on networked machines
US20240095390A1 (en) Scalable access control mechanism
CN118503940A (en) A method and device for access control of AI acceleration core
US7568036B2 (en) Adaptive management method with automatic scanner installation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination