CN1464402A - User identification confirmation and operation conferring process - Google Patents
User identification confirmation and operation conferring process Download PDFInfo
- Publication number
- CN1464402A CN1464402A CN 02121230 CN02121230A CN1464402A CN 1464402 A CN1464402 A CN 1464402A CN 02121230 CN02121230 CN 02121230 CN 02121230 A CN02121230 A CN 02121230A CN 1464402 A CN1464402 A CN 1464402A
- Authority
- CN
- China
- Prior art keywords
- user
- information
- function
- client
- service end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method for user identity confirmation and operation right granting wherein users input their user name and keyword via. the client end to setup connection with the authorization service end, and send the user name and password to the authorization service end through said connection for verification. The authorization service end generates user authority information based on the user authority, and notifies the client end via. the setup connection. The invention provides a three-layer framework based on client end, authorization end and SCM system.
Description
Technical field:
The present invention relates to the method for a kind of user identification confirmation and operation conferring, be meant a kind of supply chain management (Supply Chain Management that is applied to especially, abbreviation SCM) in the system, is used to guarantee system database and the extraneous user identification confirmation of effectively isolating and the method for operation conferring.
Background technology:
The large-scale professional next common service data information of a large amount of personnel that often needs is to guarantee the smooth and easy realization of operation flow.Also to determine that each user's identity, state and authority authorizes different user corresponding right simultaneously, avoid illegal operation, thereby guarantee that really security of system stably moves data according to different personnel roles.This method that just needs the sound right authentication of a cover is as assurance.
At present, open transaction processing system substantially all is based on the system of client/server structure, and client need be carried out communication by medium various wide area network and service end.Because the unreliability of network, losing of transaction data in the transmission course usually can appear, and cause the transaction of client and service end imperfect or data are inconsistent, cause the risk of data message.How taking precautions against the risk that produces owing to the communication reason, is the problem that the on-line transaction disposal system of any one client/server structure must be considered.
By encryption measures is to prevent that the data stealer from directly seeing the good method of data in the transmission, and it similarly is password or credit card number that this measure is similar to.Nearly all processing has the data of susceptibility, Financial Information or require the website of authentication all can use encryption measures.
But encryption measures is not to be used for protecting operating system to use; It is the data that is designed to protect in the transmission.In other words: encryption measures just likes a kind of between browser calcaneus rete network server " password-protected conduit ".This conduit is encrypted the data that comes and goes between user and the website.But the threat that the website will be subjected to can't be eliminated or weaken to encryption measures.Unfortunately, a lot of system operators are but thought: the web page server that is subjected to the encryption measures protection has just become safety automatically.In fact, the web page server that is subjected to encryption measures protection equally still can be subjected to the danger of the attack that suffers as Website server.System documentation equally can be subjected to serious threat.
More very importantly in business system should be able to keep commercial state exactly exactly.For example, in a system, must follow the tracks of order reliably.If not, will produce huge revenue losses.Existing order may be lost or might delay time when getting order, filling out order, and unsatisfied user may forward other places to and do business.
According to demand, each user must pass through the client login system, carries out operations such as corresponding data query, modification.And each user is dispersed in different departments, different office, have closely have far away.Everyone is bearing different roles, is being responsible for different business step.So the personnel that disperse keep jointly this cover at a high speed, stable business system, allow everyone can Each performs its own functions, co-operating, make total system as streamline, efficient, stable service is provided endlessly, be the target that system must reach.
Owing to can comprise a large amount of trade secret data of enterprise in the system, the thing that any point loss all might cause expecting takes place.Total system being resembled be subjected to tight protection as the bank vault, how to guarantee system database and extraneous effective isolation, avoid system to be subjected to malicious sabotage, data are illegally stolen or revised, also is unusual important problem.
Analyze by the on-line transaction disposal system to client/server structure, a transaction comprises four processes: 1. ask transmission course at least; 2. service end is to the transaction processing process; 3. acknowledgement transmissions process; 4. client process answering.
In each step of above-mentioned four processes, if can both guarantee security of system, stable, efficient operation effectively, realize simultaneously each user is carried out authentication and authority is authorized, then the security of system data will be guaranteed; Make the method for user identification confirmation and operation conferring, can guarantee system database and extraneous effective isolation, thereby reach the protection system purpose of safe operation.
Summary of the invention:
Fundamental purpose of the present invention is to provide the method for a kind of user identification confirmation and operation conferring, guarantee security of system, stable, efficient operation effectively, guarantee system database and extraneous effective isolation, realize each user is carried out the management that authentication and authority are authorized.
The object of the present invention is achieved like this:
The method of a kind of user identification confirmation and operation conferring, the user inputs personal name in an account book and password by client; Connect with the authorization service end, and by this connection username and password is sent to the authorization service end and authenticate; The authorization service end produces user right information according to user's authority, again the connection notice client by having set up.
Described operating right comprises function privilege and data permission at least.
Described client is used for to authorizing layer to send an ID authentication request, and the authority information that returns according to the authorization service end is configured, for the user provides the business operation interface.
The authorization service end is used for identifying user identity, authorizes user right, and maintenance customer's Operation Log, realizes the isolation of client and system.
Described user right information comprises at least: user's group table, the user's group of subscriber group information that is used for login user table, the register system of recording user information organized function privilege table, authorization service end account number table and function mapping table with user's mapping table, systemic-function tabulation, user function authority list, user;
Wherein:
Information in this login user table comprises at least: user login name, login password, the true name of user, employee number, division department, domain information;
Information in this user's group table comprises at least: user's group id, user's group name claim, the user organizes description;
Information in this user's group and the user's mapping table comprises at least: user's group id and user login name;
Information in this systemic-function tabulation comprises at least: Function Identification information and function title;
Information in this user function authority list comprises at least: Function Identification information, user login name, License Info;
The information that this user organizes in the function privilege table comprises at least: Function Identification information, user's group id, License Info;
Information in this authorization service end account number table comprises at least: account number identification information, account number cipher, account number classification information;
Information in this function mapping table comprises at least: Function Identification information, mapped identification, function point are described.
Described authorization service end comprises at least to the processing procedure of authorization requests:
Step 1: use client user's information to encrypt, send to the authorization service end then;
Step 2: user authentication request is monitored and received to the authorization service end;
Step 3: user profile is decrypted, adopts highspeed user's identity authentication function that user identity is authenticated.
Step 4: the user information authentication success, then obtain the user function authority, structure returns the user right condition code.
Step 5: the user right condition code is encrypted, and the user right condition code that will encrypt sends to client.
Step 6: client is according to user right condition code configuration foreground client, and the realization client is connected with system.
Above-mentioned step 2 is specially:
Step 21: the main thread that the authorization service end is monitored;
Step 22: after the link information that listens to client, client-information records is got off, generate the sub-thread of real work simultaneously, and give sub-thread with client-side information;
Step 23: sub-thread to client send information receive at last, finish the deciphering of information then.
Above-mentioned step 3 is specially: the information in username and password after will deciphering and the login user table contrasts, and confirms the correctness of user's name and user cipher.And checking whether this user is freezed by the keeper, the result obtains condition code according to checking, and this sign indicating number will be sent back to client as return message; Sub-thread adopts highspeed user's identity authentication function to the information after deciphering, and in database user identity is authenticated.
The described information of described condition code comprises at least: freeze that account number, authentication success, service end are out of service, database connection failure, user name or password mistake and to upload authentication information illegal
Described highspeed user's authentication comprises at least:
Step 31:, and guarantee that these connections open all the time to a plurality of connections to database of system's application;
Step 32: for new authentification of user demand is set up new thread, to system's application memory headroom independently; And with promoter and the specific implementation person of this thread as authenticating user identification;
Step 33: connect the idle database of application by this thread to a plurality of databases of having opened and connect, if database connection resource can provide idle database to connect, then the authentication operation is finished in this connection of this thread dispatching;
Step 34: if find database connection resource all for duty, then the new database of automated data library Resource Managers application connects; Go to finish user information authentication work;
Step 35: in case database connection resource reaches maximum number restriction, system then allows the wait of ranking of the thread of concrete executable operations.
The described user function authority of obtaining of above-mentioned step 4, the concrete operations of structuring user's authority condition code are:
Step 41: take out all functions tabulation, record in order from the user function authority list;
Step 42: the set of searching user place user group from user's group table;
Step 43: if should set not be empty, continue, otherwise, execution in step 46;
Step 44: take out corresponding user's group in this set, organize the feature list that takes out this user's group the menu from the user then, do computing with the element of step 41 record in order then, and upgrade corresponding element with this result;
Step 45: from this set, remove above-mentioned user's group, execution in step 43;
Step 46: obtain the username and password of log database from authorization service end account number, form user right information jointly with the information of step 41 record and return.
The concrete operations of above-mentioned step 6 are: client is decrypted condition code after receiving the condition code that the authorization service end returns, and revises client configuration according to condition code then, finishes simultaneously and being connected of system.
The above-mentioned step according to condition code modification client configuration is as follows:
Step 61: revise the master menu function privilege according to function privilege;
Step 62: according in the function mapping table mapped identification information obtain this function corresponding authority credentials in function privilege information, and identify according to the interface operation that this authority credentials is revised the influential data recording of institute;
Step 63: user division department identity: the division department's information in the inquiry login user table can obtain division department's title then from this division department's information;
Step 64: user area identity: the ground domain information of inquiry login user table obtains region name then from the ground domain information;
Step 65:, show all matched record according to two signs of division department and region.
The invention provides three-tier architecture based on client, authorization service end and system, and by asking transmission, authorization service end to transaction processing, acknowledgement transmissions and client process answering, system database and extraneous effective isolation have been guaranteed, realized simultaneously each user is carried out the function that authentication and authority are authorized, guaranteed security of system, stable and operation efficiently effectively.
Description of drawings:
The factor synoptic diagram that Fig. 1 relates to for authority models among the present invention.
Fig. 2 is an authorization server topological structure synoptic diagram of the present invention.
Fig. 3 is an authorization server licensing process synoptic diagram of the present invention.
Fig. 4 is the process flow diagram of highspeed user's authentification of message of the present invention.
Embodiment:
The present invention is described in further detail below in conjunction with accompanying drawing and specific embodiment:
Referring to Fig. 1, the authority that the authorization service end is handled relates to following factor:
Organize the functional level authority problem that solves by user, user: combination definition user's functional level authority;
Solve and relate to administrative data permission problem by department, two dimensions in zone: two dimension dynamic expansion adapt to business development;
All latitudes all should be able to dynamic expansion;
Characteristic with SCM authorization service;
The business operation dispersiveness, the business personnel can not concentrate effectively united and coordinating, and operating personnel mainly come as lower gate.
Different personnel, different role has different authorities; The personnel of different departments can only operate the data of own department.For example: in the management of hard disk, can only operating the hard disc data of department's first of department's first can not be operated the data of other departments.In addition, the personnel of a department also will carry out delineation of power according to the post difference.For example: there is the modification authority of hard disk and display in purchasing department, but the hard disk management person of this department does not just have the administration authority of display.
Need high stability to guarantee professional continual being performed; For example: an order flow process the simplest at first requires the client to place an order; All departments carry out the preparation and the inspection of various materials according to the model of order then; Arrange production according to arrangement of time then.Each step all will quick and precisely carry out, so require high stability.
Security of system requires high, just can not enter system easily without permission.
Referring to Fig. 2, authorization service is divided into three levels in the present invention:
The SCM client: this layer major function provides login window for the user, and the user sends ID authentication request by this interface to the second layer (authorizing layer).The authority information that returns according to the authorization service end is configured.For providing the business operation interface, the user realizes service logic.
The authorization service layer: this layer is the core layer of authorization service end, is responsible for the checking of user identity, and authority is authorized, and User operation log.And play the isolation of SCM client and SCM systems, reach the security of safeguarding the 3rd layer of SCM systems.Owing to consider all have every day a large amount of users to need login system, all have only data manipulation in a small amount at every turn when landing, but require the efficient must be very high.Be connected with disconnecting if the user is authenticated to connect with database at every turn, not only efficient is very low, and has the disadvantage of a large amount of consume system resources.The industry middleware servers that adopt need a large amount of investments again more.So native system also disposes highspeed user's information authentication method according to this characteristic, can improve the speed of authenticating user identification effectively.
SCM systems: this layer preservation relates to the mass data of SCM business, is the core business layer of SCM project.
Referring to Fig. 3, the pass between three levels of authorization service is: a user wants to operate any one function of SCM systems, at first must have one the SCM client has been installed, and link this network.Import personal name in an account book and password by the SCM client.This client can connect with the second layer.And by this connection the user name password is dealt into the authorization service layer and carries out data authentication.If user identity is effective, system will produce user right information according to user's authority.Connection notice SCM client tier by having set up is finished the Certificate Authority operation then.
Authorization service of the present invention comprises four following processes:
The request transmission course; Service end is to the processing procedure of authorization requests; Acknowledgement transmissions process after authorization requests is finished; The client process answering.
At licensing process, also need information as shown in the table:
The login user table of recording user information:
Field |
User login name (LOGINNAME) |
Login password (PASSWORD) |
Freeze flag (DELFLAG) |
The true name of user (USERNAME) |
Employee number (SERIALNUMBER) |
Division department (DEPTID) |
Region (REGION) |
The user of the subscriber group information of register system organizes table:
Field |
User's group id (GROUPID) |
User's group name claims (GROUPNAME) |
The user organizes description (GROUPDESC) |
User's group and user's mapping table:
Field |
User's group id (GROUPID) |
User login name (LOGINNAME) |
The tabulation of system's all functions:
Field |
Function Identification (FUNCTIONID) |
Function title (FUNCTIONNAME) |
The user function authority list
Field |
Function Identification (FUNCTIONID) |
User login name (LOGINNAME) |
License Info (PERMISSION) |
The user organizes the function privilege table
Field |
Function Identification (FUNCTIONID) |
User's group id (GROUPID) |
License Info (PERMISSION) |
Authorization service end account number table:
Field |
Account number identification information (DB_ACCOUNTS_ID) |
Account number cipher (DB_ACCOUNTS_PWD) |
Account number classification information (DB_ACCOUNTS_TYPE) |
Function mapping table
Function Identification information (FUNCTION_ID) | Mapped identification (MAP_ID) | Function point is described (DESC) |
The concrete steps of authorization service are as follows among the present invention:
1, use SCM client user information to send to the authorization service end;
2, user authentication request is monitored and received to the authorization service end;
3, user profile is decrypted; Adopt highspeed user's identity authentication function, user identity is authenticated;
4, user information authentication success.Then structure returns the user right condition code;
5, the user right condition code is encrypted, and this enciphered message is sent to the SCM client
6, the SCM client is finally finished according to user right condition code configuration foreground client, and the SCM client is connected with SCM systems.
The detailed description of each above-mentioned step realizing method:
1, use SCM client user information to send to the authorization service end.
Use the SCM client that user name and user cipher are encrypted, send to authorization service end (avoiding password leakage) then.
2, user authentication request is monitored and received to the authorization service end.
The main thread that the authorization service end is responsible for monitoring, listen to client-side information after, client-information records is got off, generate the sub-thread of real work simultaneously, and give sub-thread client-side information.Sub-thread to client send information receive at last, finish the deciphering of information then.
3, sub-thread authenticates in database the information after deciphering; Adopt highspeed user's identity authentication function, user identity is authenticated; That is: data contrast in username and password after will deciphering and the authentification of user table, confirm the correctness of user's name and user cipher.And check whether this user is freezed by the keeper; The result obtains following condition code according to checking.This sign indicating number will feed back to the SCM client as return message.In the present embodiment, set 0---freeze account number; 1---authentication success; 3---service end is out of service; 4---the database connection failure; 5---user name or password mistake; 6---it is illegal to upload authentication information.
Referring to Fig. 4, concrete highspeed user's authentication process is as follows:
1), and guarantees that these five connections open all the time at first to 5 of system's applications connections to database.A resource that makes this part become this program is called for short database connection resource.(advantage: more effectively utilize system resource, do not need frequent opening and closing);
2), just set up new thread, to system's application memory headroom independently for this demand whenever new authentification of user demand is arranged.With promoter and the specific implementation person of this thread as authenticating user identification.(advantage: utilize the thread consumption of natural resource few, the advantage that efficient is high.Simultaneously task has been carried out the clear and definite division of labor);
3) connecting the idle database of application by this thread to 5 databases having opened connects.If database connection resource can provide idle database to connect.Then this thread will call this connection and finish the authentication operation;
4) if find that database connection resource is all in running order, then the new database of automated data library Resource Managers application connects.Go to finish user information authentication work.Attention: database connection resource is limited (limited by database), application resource that can not be unlimited;
5) in case database connection resource reaches maximum number restriction, system then allows the wait of ranking of the thread of concrete executable operations.
If the success of 4 user information authentications is then according to userspersonal information's structuring user's authority condition code.Wherein, user function authority acquiring step:
1) takes out all functions tabulation from the user function authority list, record an array a in order;
2) organize table from the user, search the set C of user place user group;
3) if set C is not empty, continue, otherwise, change 6;
4) take out corresponding user's group among the set C, organize from the user then and take out the user the menu and organize this feature list, do computing with the element of a in order then, and upgrade the element of the correspondence of array a with this result.
5) from C, remove above-mentioned user's group, change 3;
6) obtain the username and password of log database from authorization service end account number table, form user right information jointly with a and return.
5, condition code is encrypted, and send to the SCM client; If authentification failure according to Fail Type, returns to client.
6, the SCM client is decrypted condition code after receiving the condition code of authorizing SERVER to return, and revises the SCM client configuration according to condition code then and finishes simultaneously and being connected of SCM systems.Wherein, the user right treatment step is as follows:
According to the function privilege string, for master menu, if the authority of certain function is 0, it is invalid that then corresponding menu item is set to;
For certain function operations interface, obtain this function corresponding authority in the function privilege string according to the mapped identification information in the user function permissions mapping table, if this authority is 1, then the button of influential data recording be set to invalid;
User division department identity: division department's field of inquiry login user table can obtain division department's title then from division department's information;
User area identity: the region field of inquiry login user table obtains region name then from the ground domain information;
According to two signs of division department and region, show all matched record.
Claims (13)
1, the method for a kind of user identification confirmation and operation conferring is characterized in that: which comprises at least: the user inputs personal name in an account book and password by client; Connect with the authorization service end, and by this connection username and password is sent to the authorization service end and authenticate; The authorization service end produces user right information according to user's authority, again the connection notice client by having set up.
2, the method for user identification confirmation according to claim 1 and operation conferring is characterized in that: described operating right comprises function privilege and data permission at least.
3, the method for user identification confirmation according to claim 1 and operation conferring, it is characterized in that: described client is used for to authorizing layer to send ID authentication request, and the authority information that returns according to the authorization service end is configured, for the user provides the business operation interface.
4, the method for user identification confirmation according to claim 1 and operation conferring is characterized in that: the authorization service end is used for identifying user identity, authorizes user right, and maintenance customer's Operation Log, realizes the isolation of client and system.
5, the method for user identification confirmation according to claim 1 and operation conferring is characterized in that: described user right information comprises at least: user's group table, the user's group of subscriber group information that is used for login user table, the register system of recording user information organized function privilege table, authorization service end account number table and function mapping table with user's mapping table, systemic-function tabulation, user function authority list, user;
Wherein:
Information in this login user table comprises at least: user login name, login password, the true name of user, employee number, division department, domain information;
Information in this user's group table comprises at least: user's group id, user's group name claim, the user organizes description;
Information in this user's group and the user's mapping table comprises at least: user's group id and user login name;
Information in this systemic-function tabulation comprises at least: Function Identification information and function title;
Information in this user function authority list comprises at least: Function Identification information, user login name, License Info;
The information that this user organizes in the function privilege table comprises at least: Function Identification information, user's group id, License Info;
Information in this authorization service end account number table comprises at least: account number identification information, account number cipher, account number classification information;
Information in this function mapping table comprises at least: Function Identification information, mapped identification, function point are described.
6, the method for user identification confirmation according to claim 1 and operation conferring is characterized in that: the authorization service end comprises at least to the processing procedure of authorization requests:
Step 1: use client user's information to encrypt, send to the authorization service end then;
Step 2: user authentication request is monitored and received to the authorization service end;
Step 3: user profile is decrypted, adopts highspeed user's identity authentication function that user identity is authenticated.
Step 4: the user information authentication success, then obtain the user function authority, structure returns the user right condition code.
Step 5: the user right condition code is encrypted, and the user right condition code that will encrypt sends to client.
Step 6: client is according to user right condition code configuration foreground client, and the realization client is connected with system.
7, the method for user identification confirmation according to claim 6 and operation conferring, it is characterized in that: above-mentioned step 2 is specially:
Step 21: the main thread that the authorization service end is monitored;
Step 22: after the link information that listens to client, client-information records is got off, generate the sub-thread of real work simultaneously, and give sub-thread with client-side information;
Step 23: sub-thread to client send information receive at last, finish the deciphering of information then.
8, the method for user identification confirmation according to claim 6 and operation conferring, it is characterized in that: above-mentioned step 3 is specially: the information in username and password after will deciphering and the login user table contrasts, confirm the correctness of user's name and user cipher, and check whether this user is freezed by the keeper, the result obtains condition code according to checking, and this sign indicating number will be sent back to client as return message; Sub-thread adopts highspeed user's identity authentication function to the information after deciphering, and in database user identity is authenticated.
9, the method for user identification confirmation according to claim 8 and operation conferring is characterized in that: the described information of described condition code comprises at least: freeze that account number, authentication success, service end are out of service, database connection failure, user name or password mistake and upload the verify data invalid information.
10, the method for user identification confirmation according to claim 8 and operation conferring is characterized in that: described highspeed user's authentication comprises at least:
Step 31:, and guarantee that these connections open all the time to a plurality of connections to database of system's application;
Step 32: for new authentification of user demand is set up new thread, to system's application memory headroom independently; And with promoter and the specific implementation person of this thread as authenticating user identification;
Step 33: connect the idle database of application by this thread to a plurality of databases of having opened and connect, if database connection resource can provide idle database to connect, then the authentication operation is finished in this connection of this thread dispatching;
Step 34: if find that database connection resource is all in running order, then the new database of automated data library Resource Managers application connects; Go to finish user information authentication work;
Step 35: in case database connection resource reaches maximum number restriction, system then allows the wait of ranking of the thread of concrete executable operations.
11, the method for user identification confirmation according to claim 6 and operation conferring is characterized in that: the described user function authority of obtaining of step 4, and the concrete operations of structuring user's authority condition code are:
Step 41: take out all functions tabulation, record in order from the user function authority list;
Step 42: the set of searching user place user group from user's group table;
Step 43: if should set not be empty, continue, otherwise, execution in step 46;
Step 44: take out corresponding user's group in this set, organize the feature list that takes out this user's group the menu from the user then, do computing with the element of step 41 record in order then, and upgrade corresponding element with this result;
Step 45: from this set, remove above-mentioned user's group, execution in step 43;
Step 46: obtain the username and password of log database from authorization service end account number, form user right information jointly with the information of step 41 record and return.
12, the method for user identification confirmation according to claim 6 and operation conferring, it is characterized in that: the concrete operations of step 6 are: client is decrypted condition code after receiving the condition code that the authorization service end returns, revise client configuration according to condition code then, finish simultaneously and being connected of system.
13, the method for user identification confirmation according to claim 12 and operation conferring is characterized in that: the step of revising client configuration according to condition code is as follows:
Step 61: revise the master menu function privilege according to function privilege;
Step 62: obtain this function corresponding authority credentials in function privilege information according to the mapped identification information in the function mapping table, and identify according to the interface operation that this authority credentials is revised the influential data recording of institute;
Step 63: user division department identity: the division department's information in the inquiry login user table can obtain division department's title then from this division department's information;
Step 64: user area identity: the ground domain information of inquiry login user table obtains region name then from the ground domain information;
Step 65:, show all matched record according to two signs of division department and region.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 02121230 CN1286022C (en) | 2002-06-10 | 2002-06-10 | User identification confirmation and operation conferring process |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 02121230 CN1286022C (en) | 2002-06-10 | 2002-06-10 | User identification confirmation and operation conferring process |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1464402A true CN1464402A (en) | 2003-12-31 |
CN1286022C CN1286022C (en) | 2006-11-22 |
Family
ID=29742875
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 02121230 Expired - Lifetime CN1286022C (en) | 2002-06-10 | 2002-06-10 | User identification confirmation and operation conferring process |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN1286022C (en) |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008003222A1 (en) * | 2006-06-26 | 2008-01-10 | Huawei Technologies Co., Ltd. | A method and an apparatus for operating right |
CN100397862C (en) * | 2004-01-28 | 2008-06-25 | 富士施乐株式会社 | Electronic device and electronic device control method |
CN100495419C (en) * | 2005-12-27 | 2009-06-03 | 台湾积体电路制造股份有限公司 | Data archiving and accessing methods and systems |
CN1885768B (en) * | 2005-06-23 | 2010-07-21 | 华为技术有限公司 | Worldwide web authentication method |
CN101034984B (en) * | 2006-09-22 | 2011-02-02 | 北京国政通科技有限公司 | Establishing the true identify database of the user with the personal information submitted by the user |
CN101084664B (en) * | 2004-12-27 | 2011-06-01 | 国际商业机器公司 | Method and system for providing and utilizing a network trusted context, and data server |
CN102479082A (en) * | 2010-11-25 | 2012-05-30 | 中国移动通信集团四川有限公司 | Method and system for providing client end interface information, and client end interface generating device |
CN102930439A (en) * | 2011-08-12 | 2013-02-13 | 江苏大学 | Digital library management system |
US8516604B2 (en) | 2008-02-28 | 2013-08-20 | Huawei Technologies Co., Ltd. | Method and apparatus for managing a user |
CN103441888A (en) * | 2013-09-18 | 2013-12-11 | 北京网秦天下科技有限公司 | Equipment managing device and method |
CN104252655A (en) * | 2013-06-27 | 2014-12-31 | 宁夏新航信息科技有限公司 | Intelligent client information management system |
CN104426884A (en) * | 2013-09-03 | 2015-03-18 | 深圳市腾讯计算机系统有限公司 | Method for authenticating identity and device for authenticating identity |
CN104751077A (en) * | 2015-04-21 | 2015-07-01 | 沈文策 | Access control method and device |
CN107016295A (en) * | 2017-03-01 | 2017-08-04 | 武汉斗鱼网络科技有限公司 | A kind of method and system for realizing data encrypting and deciphering |
CN107360150A (en) * | 2017-07-06 | 2017-11-17 | 天脉聚源(北京)传媒科技有限公司 | A kind of method and device of intelligent logging-on |
CN107784573A (en) * | 2017-10-26 | 2018-03-09 | 海闻科技有限公司 | A kind of tax administration platform service system |
CN108090374A (en) * | 2018-01-09 | 2018-05-29 | 珠海迈越信息技术有限公司 | A kind of multi User Privilege Management method and system |
CN108268788A (en) * | 2016-12-30 | 2018-07-10 | 珠海金山办公软件有限公司 | A kind of method and device that document permission is authorized according to permission template |
CN108268792A (en) * | 2016-12-30 | 2018-07-10 | 珠海金山办公软件有限公司 | A kind of giving method and device of document permission |
CN108520060A (en) * | 2018-04-09 | 2018-09-11 | 内蒙古工业大学 | A kind of Mongolian Costumes Digital Display method and system |
CN108881666A (en) * | 2017-05-11 | 2018-11-23 | 柯尼卡美能达株式会社 | Permission authorizes device and permission authorizes the control program of device |
CN110334153A (en) * | 2019-06-28 | 2019-10-15 | 阿里巴巴集团控股有限公司 | Authorization method, system, device and equipment in block chain type account book |
US10936734B2 (en) | 2019-06-28 | 2021-03-02 | Advanced New Technologies Co., Ltd. | Blockchain authorization |
CN112579996A (en) * | 2019-09-29 | 2021-03-30 | 杭州海康威视数字技术股份有限公司 | Temporary authorization method and device |
CN112861085A (en) * | 2021-02-18 | 2021-05-28 | 北京通付盾人工智能技术有限公司 | KYC security service system and method |
CN115004668A (en) * | 2020-02-28 | 2022-09-02 | 深圳市欢太科技有限公司 | Data synchronization method and related product |
-
2002
- 2002-06-10 CN CN 02121230 patent/CN1286022C/en not_active Expired - Lifetime
Cited By (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100397862C (en) * | 2004-01-28 | 2008-06-25 | 富士施乐株式会社 | Electronic device and electronic device control method |
CN101084664B (en) * | 2004-12-27 | 2011-06-01 | 国际商业机器公司 | Method and system for providing and utilizing a network trusted context, and data server |
CN1885768B (en) * | 2005-06-23 | 2010-07-21 | 华为技术有限公司 | Worldwide web authentication method |
CN100495419C (en) * | 2005-12-27 | 2009-06-03 | 台湾积体电路制造股份有限公司 | Data archiving and accessing methods and systems |
WO2008003222A1 (en) * | 2006-06-26 | 2008-01-10 | Huawei Technologies Co., Ltd. | A method and an apparatus for operating right |
CN101034984B (en) * | 2006-09-22 | 2011-02-02 | 北京国政通科技有限公司 | Establishing the true identify database of the user with the personal information submitted by the user |
US8516604B2 (en) | 2008-02-28 | 2013-08-20 | Huawei Technologies Co., Ltd. | Method and apparatus for managing a user |
CN102479082A (en) * | 2010-11-25 | 2012-05-30 | 中国移动通信集团四川有限公司 | Method and system for providing client end interface information, and client end interface generating device |
CN102930439A (en) * | 2011-08-12 | 2013-02-13 | 江苏大学 | Digital library management system |
CN104252655A (en) * | 2013-06-27 | 2014-12-31 | 宁夏新航信息科技有限公司 | Intelligent client information management system |
CN104426884A (en) * | 2013-09-03 | 2015-03-18 | 深圳市腾讯计算机系统有限公司 | Method for authenticating identity and device for authenticating identity |
CN103441888A (en) * | 2013-09-18 | 2013-12-11 | 北京网秦天下科技有限公司 | Equipment managing device and method |
CN104751077A (en) * | 2015-04-21 | 2015-07-01 | 沈文策 | Access control method and device |
CN108268788A (en) * | 2016-12-30 | 2018-07-10 | 珠海金山办公软件有限公司 | A kind of method and device that document permission is authorized according to permission template |
CN108268792A (en) * | 2016-12-30 | 2018-07-10 | 珠海金山办公软件有限公司 | A kind of giving method and device of document permission |
CN107016295A (en) * | 2017-03-01 | 2017-08-04 | 武汉斗鱼网络科技有限公司 | A kind of method and system for realizing data encrypting and deciphering |
US10409969B2 (en) | 2017-05-11 | 2019-09-10 | Konica Minolta, Inc. | Authorization device that grants authority to guest users |
CN108881666B (en) * | 2017-05-11 | 2020-03-17 | 柯尼卡美能达株式会社 | Authority granting device and control program for authority granting device |
CN108881666A (en) * | 2017-05-11 | 2018-11-23 | 柯尼卡美能达株式会社 | Permission authorizes device and permission authorizes the control program of device |
CN107360150A (en) * | 2017-07-06 | 2017-11-17 | 天脉聚源(北京)传媒科技有限公司 | A kind of method and device of intelligent logging-on |
CN107784573A (en) * | 2017-10-26 | 2018-03-09 | 海闻科技有限公司 | A kind of tax administration platform service system |
CN108090374A (en) * | 2018-01-09 | 2018-05-29 | 珠海迈越信息技术有限公司 | A kind of multi User Privilege Management method and system |
CN108520060A (en) * | 2018-04-09 | 2018-09-11 | 内蒙古工业大学 | A kind of Mongolian Costumes Digital Display method and system |
CN108520060B (en) * | 2018-04-09 | 2022-03-15 | 内蒙古工业大学 | Mongolian clothing digital display method and system |
CN110334153A (en) * | 2019-06-28 | 2019-10-15 | 阿里巴巴集团控股有限公司 | Authorization method, system, device and equipment in block chain type account book |
CN110334153B (en) * | 2019-06-28 | 2020-09-01 | 阿里巴巴集团控股有限公司 | Authorization method, system, device and equipment in block chain type account book |
US10936734B2 (en) | 2019-06-28 | 2021-03-02 | Advanced New Technologies Co., Ltd. | Blockchain authorization |
CN112579996A (en) * | 2019-09-29 | 2021-03-30 | 杭州海康威视数字技术股份有限公司 | Temporary authorization method and device |
CN112579996B (en) * | 2019-09-29 | 2023-11-03 | 杭州海康威视数字技术股份有限公司 | Temporary authorization method and device |
CN115004668A (en) * | 2020-02-28 | 2022-09-02 | 深圳市欢太科技有限公司 | Data synchronization method and related product |
CN112861085A (en) * | 2021-02-18 | 2021-05-28 | 北京通付盾人工智能技术有限公司 | KYC security service system and method |
Also Published As
Publication number | Publication date |
---|---|
CN1286022C (en) | 2006-11-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1286022C (en) | User identification confirmation and operation conferring process | |
TW202021307A (en) | Cross-block chain interaction method and system, computer device, and storage medium | |
CN102722576B (en) | Encipherment protection system and encipherment protection method for database in cloud computing environment | |
Singh et al. | SQL injection: Types, methodology, attack queries and prevention | |
CN110889130B (en) | Database-based fine-grained data encryption method, system and device | |
CN105450669B (en) | Data-oriented security system method and system | |
CN1675632A (en) | Method and apparatus for secure processing of sensitive data | |
CN1736078A (en) | Secure logging of transactions | |
US20230132505A1 (en) | Blockchain-based certification audit data sharing and integrity verification system, device, and method thereof | |
CN103152179A (en) | Uniform identity authentication method suitable for multiple application systems | |
Sharif et al. | Current security threats and prevention measures relating to cloud services, Hadoop concurrent processing, and big data | |
Tiwari et al. | Privacy issues & security techniques in big data | |
CN1855086A (en) | System and method for analyzing and abstracting data evidence | |
KR20220088391A (en) | Management computers for security management of things, security management systems and methods using them | |
CN101067837A (en) | Information system data processing safety control method and device | |
Ahmed et al. | A Method for Eliciting Security Requirements from the Business Process Models. | |
CN110708156B (en) | Communication method, client and server | |
US20230171083A1 (en) | Using automatic homomorphic encryption in a multi-cloud environment to support translytical data computation using an elastic hybrid memory cube | |
Nanda et al. | Oracle Privacy Security Auditing: Includes Federal Law Compliance with HIPAA, Sarbanes Oxley and the Gramm Leach Bliley Act GLB | |
CN110543774B (en) | XML (extensive Makeup language) file private data protection method and system in cloud environment | |
Zou et al. | Model Design of Role-Based Access Control and Methods of Data Security | |
Nadjar et al. | A Case Study on the Multi-Vector Data Breach on Astoria | |
CN115906142B (en) | Enterprise online interaction data management method | |
Elebute | A Grounded Theory of Security and Technical Barriers to the Continuance Use of Cloud Storage by SMEs | |
Kaushik et al. | A review of efficient data utilization schemes in cloud computing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CX01 | Expiry of patent term | ||
CX01 | Expiry of patent term |
Granted publication date: 20061122 |