KR20170062248A - System for supporting user-defined collaborative workspaces - Google Patents

System for supporting user-defined collaborative workspaces Download PDF

Info

Publication number
KR20170062248A
KR20170062248A KR1020150167829A KR20150167829A KR20170062248A KR 20170062248 A KR20170062248 A KR 20170062248A KR 1020150167829 A KR1020150167829 A KR 1020150167829A KR 20150167829 A KR20150167829 A KR 20150167829A KR 20170062248 A KR20170062248 A KR 20170062248A
Authority
KR
South Korea
Prior art keywords
user
resource
token
terminal
server
Prior art date
Application number
KR1020150167829A
Other languages
Korean (ko)
Other versions
KR101792357B1 (en
Inventor
이명준
진재환
Original Assignee
울산대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 울산대학교 산학협력단 filed Critical 울산대학교 산학협력단
Priority to KR1020150167829A priority Critical patent/KR101792357B1/en
Publication of KR20170062248A publication Critical patent/KR20170062248A/en
Application granted granted Critical
Publication of KR101792357B1 publication Critical patent/KR101792357B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • H04L67/2809
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Marketing (AREA)
  • General Business, Economics & Management (AREA)
  • Data Mining & Analysis (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • Economics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention relates to a user-defined collaborative workspace support system, and more particularly, to a cloud computing environment in which a user who is not registered in a cloud storage service is a resource of a collaborative workspace, To a user-defined collaborative workspace support system.
According to the present invention, in using a collaborative workspace based on a cloud storage, even if the cloud storage service is unregistered, the resource of the collaborative work space provided by the service can be facilitated without complicated registration procedures such as inputting personal information The advantage is that it can be used. In addition, it provides a concurrency control service that does not require a separate server, thereby maintaining the consistency of resources in a collaborative workspace where resources are modified asynchronously.

Description

Custom Collaboration Workspace Support System {SYSTEM FOR SUPPORTING USER-DEFINED COLLABORATIVE WORKSPACES}

The present invention relates to a user-defined collaborative workspace support system, and more particularly, to a cloud computing environment in which a user who is not registered in a cloud storage service is a resource of a collaborative workspace, To a user-defined collaborative workspace support system.

As the network is developed, the structure of the system is simplified, and the Internet service using remote communication is actively achieved. In keeping with that, cloud storage such as Google Drive or OpenStack Swift and Dropbox allows users to remotely store resources, Service. That is, the cloud storage is one of typical cloud computing models and provides a resource management function. The cloud storage service provider operates a large virtualized data center and provides users with unlimited storage space. Cloud storage service users can easily access resources through cloud storage services anywhere, anytime, with no time and space constraints using Internet connected devices. This cloud storage service allows users to easily manage the same resources using multiple devices.

Cloud storage services are not limited to users' personal storage services, but they also provide a group-wide collaborative environment by sharing resources among multiple users. Such a system is called a collaborative system. The above-described collaboration system provides various services and collaborative workspaces to a plurality of users or group members to create an environment in which group work can be performed together. A collaborative workspace is a physical storage space that provides a function of sharing resources among users and managing the resources.

However, a conventional collaborative workspace support system (i.e., a collaborative system) allows only specific users registered in the cloud storage service to be assigned workspaces, and does not provide workspaces that can be used even if they are not registered. In addition, the user has to input various personal information in order to register in the above cloud storage service. For this reason, users tend to not actively collaborate through traditional collaboration systems, and some users share resources through traditional communication methods such as e-mail. Therefore, there is a need for a system that enables users to easily form groups and access collaborative workspaces.

Korean Patent Laid-Open No. 10-2014-0098579 (Aug. 8, 2014)

SUMMARY OF THE INVENTION The present invention has been made to overcome the above problems of the prior art, and it is an object of the present invention to provide a system which can easily access and collaborate with a resource of a collaborative workspace even if a user who is not registered in the service is requested by a registered user of the cloud storage service There is a purpose.

It is also an object of the present invention to provide a concurrency control service that does not require a separate server in order to prevent resource utilization from occurring asynchronously through cooperation among users.

According to an aspect of the present invention, there is provided a system for providing a collaborative workspace for a terminal connected to a network, the system comprising: a server unregistered user who wants to access a resource of the collaborative workspace; A first terminal for receiving authentication information for a server registration user; A server for assigning the collaboration workspace to the server registration user and generating a token corresponding to the authentication information received from the first terminal; And a second terminal for accessing the resource using the token received from the server and the location information of the collaboration workspace.

The server comprises: a storage node for storing data generated in the collaboration workspace including the resource; And a proxy node for controlling the storage node and processing the authentication information received from the first terminal.

Wherein the proxy node generates the token when receiving the authentication information from the first terminal and transmits the token and the location of the collaboration workspace to a second terminal of the server unregistered user corresponding to the authentication information, And generates an access control list using the token. The location information of the collaboration workspace is in the form of a URL (uniform resource locator).

When receiving a use request for the resource from the server unregistered user, the second terminal requests access to the resource to the proxy node, and transmits the token received from the proxy node together.

Further, the proxy node may control access of the second terminal to the resource only when the token received in the access request for the resource is registered in the access control list, Upon receiving an update request for the access control list from the terminal, updates the access control list. The proxy node changes the value of the token and transmits the changed token to the second terminal when the number of times that the second terminal requests the resource access through the token becomes a threshold value or more.

The authentication information includes an email address of the server unregistered user and an access authority rank, and the token is a combination of characters and symbols encrypted based on the authentication information for security, A first rank capable of viewing and modifying a resource; And a second rank capable of only viewing the resource.

Finally, when one of the users uses the resource, the proxy node restricts access of another user until the use of the user is terminated.

According to the user-defined collaborative workspace support system of the present invention, even if the cloud storage service is unregistered, the resources of the collaborative work space provided by the service can be easily accessed without complicated registration procedures such as inputting personal information There is an advantage that it can be used.

In addition, it provides a concurrency control service that does not require a separate server, thereby maintaining the consistency of resources in a collaborative workspace where resources are modified, deleted, or changed asynchronously.

1 is a configuration diagram of a user-defined collaborative workspace support system according to a preferred embodiment of the present invention.
FIG. 2 is a diagram illustrating an operation principle of a user-defined collaborative workspace support system according to a preferred embodiment of the present invention.
FIG. 3 is a diagram illustrating the operation principle of a user-defined collaborative workspace support system according to another embodiment of the present invention.
4 is a diagram showing the operation principle of middleware of a conventional collaborative workspace support system.
5 is a diagram illustrating an operation principle of a middleware of a user-defined collaborative workspace support system according to another embodiment of the present invention.
6A and 6B are views showing the operation principles of the RefererAut middleware and the ConControl middleware among the middleware of the user-defined collaborative workspace support system shown in FIG.

Conventional workspaces simply provide the ability to store and manage resources for users. However, as the development of networks has increased the speed and accessibility of the Internet, workspace has been increasingly used for sharing resources between users. Thus, conventional workspaces are evolving into collaborative workspaces that provide a variety of collaborative services such as sharing and management of resources to multiple users and group members.

Collaborative workspaces allow multiple users to manage resources together, allowing the user to specify access controls for the shared scope and resources of the resource. In addition, it ensures a quick response time to the user's request so that the user can perform the group operation in real time. Finally, collaborative workspaces are characterized by supporting various concurrency control techniques to maintain the consistency of shared resources.

In order to solve the problems of the conventional collaborative system while preserving the characteristics of the collaborative workspace as described above, it is necessary to provide a resource of the collaborative workspace even if the user is not registered in the cloud storage service And provides a user-defined collaborative workspace support system that provides services that can be used effectively.

Hereinafter, embodiments of a user-defined collaborative workspace support system according to the present invention will be described in detail with reference to the accompanying drawings.

1 is a configuration diagram of a user-defined collaborative workspace support system according to a preferred embodiment of the present invention.

1, the user-defined collaborative workspace support system 1 may include a first terminal 10, a server 20, and a second terminal 30. [

The first terminal 10 and the second terminal 30 are devices capable of receiving input from a user and performing an operation by accessing the Internet. Devices such as a mobile phone, a smart watch, a notebook, etc., I will say that this is all.

The server 20 stores data including programs, resources, and the like necessary for providing collaborative workspaces to users, and controls the operation of the entire collaborative workspace support system 1. Specifically, the server 20 includes a storage node 22 for storing all the data generated in the collaborative workspace including the resources, a storage node 22 for controlling the storage node, And a proxy node 21 for accessing the collaborative workspace.

Hereinafter, a specific operation of a user-defined collaborative workspace support system according to a preferred embodiment of the present invention will be described with reference to FIG.

FIG. 2 is a diagram illustrating an operation principle of a user-defined collaborative workspace support system according to a preferred embodiment of the present invention.

A plurality of terminals are networked with the server 20 of the collaborative workspace support system 1. The server 20 can allocate a collaborative work space to a user registered in the system 1 (hereinafter, a server registration user) by which a plurality of people can work. The server registration user can invite a person who wants to work together with the assigned collaborative workspace. At this time, if a person who wants to work together with the server registration user is not registered in the system 1, the server registration user firstly registers the person who is not registered in the system 1 (hereinafter, User '). Then, the first terminal 10 transmits the authentication information to the server 20. The server 20 receiving the authentication information of the server unregistered user from the first terminal 10 generates a token corresponding to the authentication information and transmits the token to the second and third terminals 30 and 40 And transmits the token and the location information of the collaboration work space allocated by the server registration user. The location information may be in the form of a URL (uniform resource locator), and any information indicating the location of the collaborative workspace may be associated therewith. At this time, the terminal of the server unregistered user is not limited to the second and third terminals 30 and 40, and the system 1 may have a larger number of terminals. When the second and third terminals 30 and 40 receive the token and the location information from the server 20, the second and third terminals 30 and 40 can access the resources of the collaboration workspace using the token and the location information.

The authentication information may include an e-mail address of a server unregistered user and an access authority rank. The access authority ranking can be divided into one or more steps, which may include a first rank capable of both reading and modifying the resource, and a second rank capable of only browsing the resource. However, the ranking is merely an example, and other resource utilization methods such as sorting, filtering, and the like may be added as new items according to the access authority rank. The server registration user can request the access privilege ranking of the server unregistered user at any time and the proxy node 21 can change the content of the access privilege ranking if there is the change request.

The token serves as a kind of invitation to prevent any user from accessing the collaborative workspace, and the terminals with the token can access the collaborative workspace of the server registration user. As described above, for security, the token is composed of a combination of characters and symbols encrypted based on the authentication information of the server unregistered user.

The server 20 may include a proxy node 21 and a storage node 22 as described above. The proxy node 21 plays an important role in controlling the entire collaborative support system 1. More specifically, the proxy node 21 receives the authentication information of the server unregistered user from the first terminal 10 , Generating the token corresponding to the authentication information, and generating the token and the location information of the collaborative work space allocated by the server registration user to the second and third terminals (30, 40) used by the server unregistered user And performs a series of operations to transmit. Furthermore, the proxy node 21 uses the token to create an access control list. The access control list is constructed in the same format as the token, and is a list in which a token of the server unregistered object accessible to the collaboration workspace is registered.

The second and third terminals 30 and 40, which have received the token and the location information, receive a use request for a resource of the collaboration workspace from the server unregistered user and access the resource to the proxy node 21 And transmits the token received from the proxy node 21 together. At this time, the proxy node 21 permits access of the second and third terminals 30 and 40 to the resource only when the token received in the access request for the resource is registered in the access control list do.

On the other hand, when the server registration user desires to change the access authority ranking of the server unregistered user or invite another server unregistered user, the proxy node 21 updates the access control list through the first terminal 10 . ≪ / RTI > When the proxy node 21 receives an update request for the access control list from the first terminal 10 of the server registration user, the proxy node 21 updates the access control list as requested by the first terminal 10. [ The proxy node 21 changes the value of the token when the number of times that the second and third terminals 30 and 40 requests the resource access through the token is equal to or greater than a threshold value, To the second and third terminals (30, 40). That is, when the number of access requests exceeds the threshold value, the token is changed and returned to the original terminals. This is to prevent the token from being leaked and maliciously used by someone else.

Here, the threshold value may be input together with the authentication information of the server unregistered user when the server registration user inputs the collaboration workspace and inputs the authentication information of the server unregistered user to the first terminal 10. The threshold may be defined as a certain number of token transmissions that the user inputs. However, the method of changing the token is not limited to this, and it is quite possible to change the token by a predetermined session time rather than the number of resource access requests.

Finally, in order to maintain the consistency of the resources (concurrency control), the proxy node 21 accesses the resource by one of the users (including the server registered user and the server unregistered user who received the token) Or if the contents of the resource are being modified, control is performed so that the access of the other user is restricted until the operation of the above user is terminated.

As described above, according to the preferred embodiment of the user-defined collaborative workspace support system according to the present invention, the problems of the conventional collaboration system can be overcome.

Hereinafter, another embodiment of the user-defined collaborative workspace support system according to the present invention will be described in detail with reference to FIG. 3 to FIG.

Another embodiment of the user-defined collaborative workspace support system according to the present invention can be implemented in a different configuration of middleware in 'Swift', a cloud storage service of an open-source cloud platform 'Openstack' . The Swift manages the workspace on an account, container, and object basis for effective resource management. An account is a unit of Swift's workspace, and users can access that workspace through a uniform resource locator (URL) based on the unique ID of the account. A container is a component that stores a schedule file or data in the concept of a folder (foler) in Swift. The swift can access the corresponding component using the above URL and request work.

Swift provides a workspace that allows users to manage their resources by assigning an account. To use Swift's workspace among group users, it must be used in conjunction with Keystone, an OpenStack authentication service that supports user authentication and group management. The detailed description thereof will be omitted since it is a publicly known technology widely known to the ordinary artisan.

3 is a diagram illustrating an operation principle of a user-defined collaborative workspace support system according to another embodiment of the present invention.

① A user who wants to create a collaborative workspace registers a user with the cloud storage service, and allocates a workspace to create a resource to perform collaboration. (2) The registered user designates an e-mail address and a resource-specific access right of a specific unregistered user through a management tool provided by the cloud storage service. ③ The next designated email address will be sent tokens used to access resources in the collaborative workspace of cloud storage. Finally, the unregistered users receiving the token can access the cloud storage service using only the token, and can collaborate with other users without having to register with the cloud storage service.

In order to make the system operate as described above, Swift's Referer technique can be used. The referrer means a technique of setting access control list in a container and accessing a resource with a specified character string without additional authentication. To perform the referrer, another embodiment of the present invention may add RefereAuth middleware to the swift proxy middleware pipe line.

FIG. 4 is a diagram illustrating an operation principle of a middleware of a conventional collaborative workspace support system, and FIG. 5 is a diagram illustrating an operation principle of a middleware of a user-defined collaborative workspace support system according to another embodiment of the present invention.

4 and 5, in comparison with a conventional collaborative workspace support system, another embodiment of a user-defined collaborative workspace support system according to the present invention includes Swift authentication middleware (SwiftAuth middleware) in the following order.

FIG. 6A is a diagram specifically illustrating the operation principle of the RefererAuth middleware in the user-defined collaborative workspace support system of FIG.

As shown in FIG. 6A, the referrer authentication middleware is performed as follows. ① The owner (registered user) of the collaboration group sends a request including the email information and the access authority rank information of group members (unregistered users) through the management tool provided by Swift. ② In the referrer authentication middleware, the Jason file of the group member authentication information is parsed. ③ Generate referrer tokens using the authentication information of each group member. ④ Create a request to update the corresponding referer token in each container's access control list. ⑤ Update request for container is forwarded to Swift container server and applied. ⑥ After applying, send the referrer tokens and the URL of the workspace to each group member's e-mail.

According to the configuration applied to the container through the referrer authentication middleware, the unregistered members can access the resource with their referer token. At this time, the members do not need to subscribe to the cloud storage service.

Table 1 below shows classes and functions of the referrer authentication middleware implemented based on the WSGI (web server gateway interface).

Figure pat00001

The referrer authentication middleware starts from the filter_factory () function in Table 1 above. The filter_factory () function is called in order when Swift Proxy Server is started. The order in which they are invoked follows the order of the middleware pipeline specified in the Swift Proxy Server's configuration file. The referrer middleware class initialized by the filter_factory () function is called by the user's request at a later time. Then functions for implementing a custom collaborative workspace in the handle_request () function of the referer context class operate. The handle_request () function processes the user's request in the following process.

① It confirms whether it is a request for creation of user-defined collaborative workspace through X_ACL header of HTTP header of user request. ② Parse the Jason file received from the user using the parseACL () function. ③ Create the token for each user by calling the makeToken () function based on the parsed member-specific authentication information. ④ Create a request to be sent to each container server to update the container's access control list. ⑤ Send a request to update the ACL information to each container server and send the token to the members' email.

The user-specified authentication information for each member can be converted into access control list information for each container in the handle_request () function. The converted access control list information registers the access control list in the container by transmitting a request for each container. Table 2 below shows the Python source code of the handle_request () function that generates a request to update each container access control list based on the converted access control list information and transmits the request to each container server.

Figure pat00002

The HTTP_X_CONTAINER_READ and HTTP_X_CONTAINER_WRITE headers in the user's request can specify access control lists for viewing and modifying the container. In addition, the PATH_INFOR information is a variable that specifies the container that is the target of the request. Then, when the PATH_INFOR information is designated as a corresponding container and the authority is specified and the next middleware of the pipeline is called using the app_call () function as in the source code of Table 2, the corresponding access control list information can be registered in the container.

Meanwhile, in the referrer authentication middleware, a referrer token is generated based on the user's authentication information and registered in the access control list of the container. The referrer authentication middleware uses the e-mail address of the group member and the location information of the containers of the account to generate the referrer token. The referer token can be generated in 32 character combinations by encrypting it using MD5 (a 128 bit cryptographic hash function) based on user information. In the above-described manner, each group member can receive a unique referer token including his / her authentication information.

Any user's access using the referer token may be accompanied by security problems. Therefore, when accessing a resource using a referer token, no user authentication is performed. Therefore, when a referer token is leaked, another user can access the resource with malicious purpose. Therefore, in order to solve the above problem, it is possible to use a method of changing the referrer token according to a certain session time or limiting the number of times. The generated referrer token thus returns a new referer token value for each session of the user's request. The changed token value is returned as a response to the user request and the old referer token is not available from the time the referer token is changed.

Hereinafter, a concurrency control technique in another embodiment of a user-defined collaborative workspace support system according to the present invention will be described.

In a collaborative environment, it is desirable to support concurrency control on resources, since many requests for shared resources occur asynchronously. In another embodiment of the present invention, it is not necessary to install a separate server, and it can be implemented through a con-control middleware. It can be provided at the API level for use in user or application applications.

As shown in FIG. 5, the cone-control middleware is implemented through the WSGI interface and added to the middleware pipeline of the Swift proxy server. Since the cone control middleware must be performed after every authentication process and validation, it is added to the proxy server middleware, which is the final position of the pipeline, to check the resource usage rights.

A user can obtain or return a permission by adding a specific header to an HTTP request and register or release the shared resource as a resource requiring concurrency control. Table 3 below shows HTTP headers and their values required for performing concurrency control through cone control middleware.

Figure pat00003

The control-middleware manages a list of resources requiring concurrency control and a table storing user information of each list. The X-CC header is an HTTP header for registering or releasing a resource in a list of resources requiring concurrency control. In addition, the user request using the X-LOCK header can acquire the resource usage right and register the tenant and the user name of the user who has acquired the authority to the table storing the user information.

FIG. 6B is a diagram specifically illustrating the operation principle of the ConControl middleware among the middleware of the user-defined collaborative workspace support system of FIG.

As shown in FIG. 6B, checks the value of the HTTP header and the header of the user to perform a role. The user must obtain the right to use the resource in order to modify the resource registered as a resource requiring concurrency control. When a user requests a permission, the con- trol middleware verifies that the resource is a resource requiring concurrency control, and grants permission to the resource when there is no user already in use. At the same time, the user's information is stored in a table that manages usage rights, and the resource is locked. If a request for a license is issued for a resource already in use by another user, the existing user is waited for the permission to be returned. The timeout for the waiting time can be specified by the user in advance through the setting. If there is a time limit for the acquisition request, the request fails and returns the result to the user.

The con-control middleware can use Python's synchronized queue to implement the above locking scheme. The cone control middleware may be implemented by creating a synchronization queue having a size of 1 by setting a time limit time in the PUT function of the synchronization queue. The generated synchronization queue is not accessible at the same time to maintain the consistency of the data stored in the queue. Using the features of this synchronization queue, cone-control middleware can implement concurrency control functions in Swift.

It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present invention as defined by the following claims. will be. Therefore, it should be understood that the above-described embodiments are illustrative and non-restrictive in every respect. Therefore, the true scope of the present invention should be determined by the following claims.

1: System 21: Proxy node
10: first terminal 22: storage node
20: Server
30:
40: Third terminal

Claims (10)

A system for providing a collaborative workspace for a networked terminal, the system comprising:
A first terminal for receiving authentication information for a server unregistered user who wishes to access a resource of the collaboration workspace from a server registration user;
A server for assigning the collaboration workspace to the server registration user and generating a token corresponding to the authentication information received from the first terminal; And
And a second terminal for accessing the resource using the token received from the server and the location information of the collaboration workspace. The method according to claim 1,
The server comprises:
A storage node for storing data generated in the collaboration workspace including the resource; And
And a proxy node for controlling the storage node and processing the authentication information received from the first terminal. 3. The method of claim 2,
The proxy node,
Generating the token when receiving the authentication information from the first terminal and transmitting the token and the location information of the collaboration workspace to a second terminal of the server unregistered user corresponding to the authentication information,
Wherein the access control list is generated using the token. The method of claim 3,
Wherein the location information of the collaboration workspace includes:
And a URL (uniform resource locator) format. The method of claim 3,
The second terminal,
Wherein the proxy node transmits an access request to the proxy node and the token received from the proxy node together when receiving a use request for the resource from the server unregistered user, system. 6. The method of claim 5,
The proxy node,
And controls access of the second terminal to the resource only when the token received in the access request for the resource is registered in the access control list,
And updates the access control list upon receiving an update request for the access control list from the first terminal. 6. The method of claim 5,
The proxy node,
And changing the value of the token and transmitting the changed token to the second terminal when the number of times that the second terminal requests the resource access through the token is equal to or more than a threshold value, system. The method of claim 3,
The authentication information includes:
An e-mail address of the server unregistered user and an access authority rank,
The token,
And a combination of characters and symbols encrypted based on the authentication information for security. 9. The method of claim 8,
The access privilege ranking includes:
A first rank capable of viewing and modifying the resource; And
And a second rank capable of only viewing the resource. 3. The method of claim 2,
The proxy node,
Wherein when the one of the users uses the resource, the access restriction of the other user is restricted until the use of the user is terminated.
KR1020150167829A 2015-11-27 2015-11-27 System for supporting user-defined collaborative workspaces KR101792357B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150167829A KR101792357B1 (en) 2015-11-27 2015-11-27 System for supporting user-defined collaborative workspaces

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150167829A KR101792357B1 (en) 2015-11-27 2015-11-27 System for supporting user-defined collaborative workspaces

Publications (2)

Publication Number Publication Date
KR20170062248A true KR20170062248A (en) 2017-06-07
KR101792357B1 KR101792357B1 (en) 2017-11-20

Family

ID=59223660

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150167829A KR101792357B1 (en) 2015-11-27 2015-11-27 System for supporting user-defined collaborative workspaces

Country Status (1)

Country Link
KR (1) KR101792357B1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20200043223A (en) * 2018-10-17 2020-04-27 주식회사 모티링크 System for providing virtual working space and method for authorizing virtual working space user
KR20200132375A (en) * 2019-05-17 2020-11-25 주식회사 모티링크 Method for authorizing virtual space user and system for providing virtual space
CN117354069A (en) * 2023-12-06 2024-01-05 自然资源陕西省卫星应用技术中心 Remote sensing data management system and method based on data lake

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102338422B1 (en) 2021-07-30 2021-12-10 클로우플레이크(주) Method, device and system for providing collaboration tool service in cloud environment based on did

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012030624A1 (en) * 2010-08-30 2012-03-08 Vmware, Inc. Unified workspace for thin, remote, and saas applications

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20200043223A (en) * 2018-10-17 2020-04-27 주식회사 모티링크 System for providing virtual working space and method for authorizing virtual working space user
KR20200132375A (en) * 2019-05-17 2020-11-25 주식회사 모티링크 Method for authorizing virtual space user and system for providing virtual space
CN117354069A (en) * 2023-12-06 2024-01-05 自然资源陕西省卫星应用技术中心 Remote sensing data management system and method based on data lake
CN117354069B (en) * 2023-12-06 2024-02-13 自然资源陕西省卫星应用技术中心 Remote sensing data management system and method based on data lake

Also Published As

Publication number Publication date
KR101792357B1 (en) 2017-11-20

Similar Documents

Publication Publication Date Title
KR102209276B1 (en) Messaging protocol communication management
US20220147644A1 (en) Data storage architecture for an enterprise communication system
CN110383772B (en) Techniques for rich communication for messaging robots
EP2828763B1 (en) Method of modifying access control for web services using query languages
US9197417B2 (en) Hosted application sandbox model
US9047462B2 (en) Computer account management system and realizing method thereof
US8843648B2 (en) External access and partner delegation
KR101792357B1 (en) System for supporting user-defined collaborative workspaces
WO2010138910A1 (en) Secure collaborative environment
EP2518972A1 (en) System and method for device addressing
CN111052685B (en) Method and apparatus for multi-agent messaging
US20090019517A1 (en) Method and System for Restricting Access of One or More Users to a Service
KR20080100356A (en) A method and system for managing xml document
JP2020526983A (en) Aliase management method and device
CN103036597A (en) Method and device of sharing resources among devices in close range
CN108702390B (en) Transfer of control rights for a configuration source
US20100146123A1 (en) Resource allocation method of each terminal apparatus using resource management system and resource management server apparatus
KR20150043150A (en) Method and apparatus for access control system using relationship information
US10242174B2 (en) Secure information flow
Takalo-Mattila et al. Architecture for mixed criticality resource management in Internet of Things
KR20090002252A (en) System and method for collaborative work of document
US20160337456A1 (en) Probabilistic federated agent discovery for pervasive device management system
US11848923B2 (en) Secure peer-to-peer connection network and associated protocols for a group-based communication system
US20140359071A1 (en) Maintaining state synchronization of an application between computing devices as well as maintaining state synchronization of common information between different applications without requiring periodic synchronization
JP7225677B2 (en) Information processing device and program

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E90F Notification of reason for final refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
X701 Decision to grant (after re-examination)
GRNT Written decision to grant