TWI825607B - Method of checking system modification - Google Patents

Method of checking system modification Download PDF

Info

Publication number
TWI825607B
TWI825607B TW111107861A TW111107861A TWI825607B TW I825607 B TWI825607 B TW I825607B TW 111107861 A TW111107861 A TW 111107861A TW 111107861 A TW111107861 A TW 111107861A TW I825607 B TWI825607 B TW I825607B
Authority
TW
Taiwan
Prior art keywords
server
content
change
change content
login account
Prior art date
Application number
TW111107861A
Other languages
Chinese (zh)
Other versions
TW202336612A (en
Inventor
趙偉庭
Original Assignee
動力安全資訊股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 動力安全資訊股份有限公司 filed Critical 動力安全資訊股份有限公司
Priority to TW111107861A priority Critical patent/TWI825607B/en
Publication of TW202336612A publication Critical patent/TW202336612A/en
Application granted granted Critical
Publication of TWI825607B publication Critical patent/TWI825607B/en

Links

Landscapes

  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

A method of checking system modification comprises: receiving a first log-in account and a first modification content through a user interface, and transmitting the first log-in account and the first modification content, receiving a second log-in account through the user interface and transmitting the second log-in account to the server, determining whether the second log-in account matches the first log-in account, receiving a second modification content by the server through the user interface when the second log-in account matches the first log-in account, and determining whether the second modification content matches the first modification content, and storing a modification result corresponding to the second modification content when the second modification content matches the first modification content.

Description

系統變更檢查方法System change checking method

本發明係關於一種系統變更檢查方法。The invention relates to a system change checking method.

隨著資訊科技的快速發展,多數企業皆會使用資安防禦系統,以加強企業內部及客戶端資料的安全性。一般而言,完整的資安系統的建立並不容易,需要耗費大量人力及時間。因此,企業的資安系統通常是外包給相關廠商協助建立。With the rapid development of information technology, most companies will use information security defense systems to enhance the security of internal and client data. Generally speaking, establishing a complete information security system is not easy and requires a lot of manpower and time. Therefore, enterprise information security systems are usually outsourced to relevant vendors to help build them.

在資安系統建立完成後,仍然需要定期或不定期地對系統進行更新,以確保企業端可以有好的使用體驗,並維持資料的安全性。然而,由於對系統進行更新的作業通常是由該系統廠商的工程師執行,並非企業內部的人員。因此,在系統廠商的工程師對該企業內部運作不熟悉的情況下,可能會誤將該企業仍在使用的功能更新成其他版本。此外,若系統廠商的工程師的上班時間與該企業的上班時間大致重疊的話,則工程師很有可能無法避免地在該系統正在被使用的期間進行系統更新,這導致工程師僅能自行猜測系統未被使用的時段,並於該時段進行更新。After the information security system is established, the system still needs to be updated regularly or irregularly to ensure that the enterprise can have a good user experience and maintain data security. However, since updates to the system are usually performed by engineers from the system manufacturer, not personnel within the enterprise. Therefore, when the system manufacturer's engineers are not familiar with the internal operations of the enterprise, they may mistakenly update functions that the enterprise is still using to other versions. In addition, if the working hours of the system manufacturer's engineers roughly overlap with the company's working hours, the engineers will most likely be unable to avoid updating the system while the system is being used. As a result, the engineers can only guess that the system has not been used. The time period used and updated during that time period.

鑒於上述,本發明提供一種以滿足上述需求的系統變更檢查方法。In view of the above, the present invention provides a system change checking method that meets the above requirements.

依據本發明一實施例的一種系統變更檢查方法,包含:以一使用者介面接收一第一登入帳號及一第一變更內容,並傳輸該第一登入帳號及該第一變更內容至一伺服器;以該使用者介面接收一第二登入帳號,並傳輸該第二登入帳號至該伺服器;以該伺服器判斷該第二登入帳號是否符合該第一登入帳號;當該伺服器判斷該第二登入帳號符合該第一登入帳號時,以該伺服器透過該使用者介面接收一第二變更內容;以該伺服器判斷該第二變更內容是否符合該第一變更內容;以及當以該伺服器判斷該第二變更內容符合該第一變更內容時,以該伺服器儲存對應該第二變更內容的一變更結果。A system change checking method according to an embodiment of the present invention includes: receiving a first login account and a first change content through a user interface, and transmitting the first login account and the first change content to a server ; Use the user interface to receive a second login account, and transmit the second login account to the server; use the server to determine whether the second login account matches the first login account; when the server determines that the second login account When the second login account matches the first login account, use the server to receive a second change content through the user interface; use the server to determine whether the second change content matches the first change content; and when using the server When the server determines that the second change content matches the first change content, the server stores a change result corresponding to the second change content.

綜上所述,依據本發明一或多個實施例所示的系統變更檢查方法,可以確保使用者是在適當的時間對系統進行變更或更新,且同時可以確保系統是由有權限的使用者進行更新。並且,可以在系統配置被不合法修改後,更可以將配置回復至修改前的狀態。In summary, according to the system change checking method shown in one or more embodiments of the present invention, it can be ensured that the user changes or updates the system at the appropriate time, and at the same time, it can be ensured that the system is operated by an authorized user. Make an update. Moreover, after the system configuration is illegally modified, the configuration can be restored to the state before the modification.

以上之關於本揭露內容之說明及以下之實施方式之說明係用以示範與解釋本發明之精神與原理,並且提供本發明之專利申請範圍更進一步之解釋。The above description of the present disclosure and the following description of the embodiments are used to demonstrate and explain the spirit and principles of the present invention, and to provide further explanation of the patent application scope of the present invention.

以下在實施方式中詳細敘述本發明之詳細特徵以及優點,其內容足以使任何熟習相關技藝者了解本發明之技術內容並據以實施,且根據本說明書所揭露之內容、申請專利範圍及圖式,任何熟習相關技藝者可輕易地理解本發明相關之目的及優點。以下之實施例係進一步詳細說明本發明之觀點,但非以任何觀點限制本發明之範疇。The detailed features and advantages of the present invention are described in detail below in the implementation mode. The content is sufficient to enable anyone skilled in the relevant art to understand the technical content of the present invention and implement it according to the content disclosed in this specification, the patent scope and the drawings. , anyone familiar with the relevant art can easily understand the relevant objectives and advantages of the present invention. The following examples further illustrate the aspects of the present invention in detail, but do not limit the scope of the present invention in any way.

通常來說,企業使用的資安系統或雲端資料管理系統需由該系統廠商的工程師或是公司內部的資訊人員進行維護及更新。本發明提供的系統變更檢查方法即可以用於對該系統進行維護及更新的情境。本發明所示的系統變更檢查方法可以適用於一使用者介面及一伺服器,且使用者介面通訊連接於伺服器。所述的使用者介面較佳可為電腦等終端裝置的螢幕及輸入裝置(例如,鍵盤、滑鼠)等,使用者介面用於接收上述工程師或資訊人員輸入的資料,同時可用於輸出資料或通知予工程師或資訊人員。所述的通訊連接可以是透過藍芽、網際網路等無線的連接方式。伺服器則可以是該系統廠商公司的伺服器,或是該公司內部的伺服器,用以基於從使用者介面接收到的資料維護及更新管理系統。Generally speaking, the information security system or cloud data management system used by an enterprise needs to be maintained and updated by the system manufacturer's engineers or the company's internal information personnel. The system change checking method provided by the present invention can be used in the context of maintaining and updating the system. The system change checking method shown in the present invention can be applied to a user interface and a server, and the user interface is communicatively connected to the server. The user interface can preferably be the screen of a terminal device such as a computer and an input device (for example, a keyboard, a mouse), etc. The user interface is used to receive data input by the above-mentioned engineers or information personnel, and can also be used to output data or Notify engineers or information personnel. The communication connection may be through wireless connection methods such as Bluetooth and the Internet. The server can be a server of the system manufacturer or an internal server of the company, which is used to maintain and update the management system based on the data received from the user interface.

請參考圖1,圖1係依據本發明一實施例所繪示的系統變更檢查方法的流程圖。需先說明的是,本發明的系統變更檢查方法可以包含兩個階段,分別為預約階段及變更階段。預約階段可以包含步驟S101;變更階段可以包含步驟S103到S111。Please refer to FIG. 1 , which is a flow chart of a system change checking method according to an embodiment of the present invention. It should be noted that the system change checking method of the present invention may include two stages, namely the reservation stage and the change stage. The reservation phase may include step S101; the change phase may include steps S103 to S111.

請參考步驟S101,步驟S101係以使用者介面接收第一登入帳號及第一變更內容,並傳輸第一登入帳號及第一變更內容至伺服器。在另一實施例中,第一變更內容還可包含預約時段。Please refer to step S101. Step S101 uses the user interface to receive the first login account and the first change content, and transmits the first login account and the first change content to the server. In another embodiment, the first change content may also include a reservation time period.

如前所述,使用者介面是用於接收工程師或資訊人員(以下以使用者稱之)輸入的資料。在此實施例中,使用者介面即是用於接收使用者輸入的第一登入帳號及第一變更內容。第一變更內容為使用者欲於變更階段(預約時段)進行修改的系統及修改內容等,且第一變更內容為事先預約的內容,例如為新增程式碼、關聯於既有程式碼的修改或關聯於既有程式碼的刪減,而第一登入帳號包含要於變更階段進行變更的使用者的帳號、密碼等身分資料(表示該帳號密碼對應的使用者將於預約時段進行關於第一變更內容的變更)。As mentioned before, the user interface is used to receive data input by engineers or information personnel (hereinafter referred to as users). In this embodiment, the user interface is used to receive the first login account and the first change content input by the user. The first change content is the system and modification content that the user wants to modify during the change stage (reservation period), and the first change content is the content that has been reserved in advance, such as new code and modifications related to existing code. Or related to the deletion of the existing program code, and the first login account contains the account number, password and other identity information of the user to be changed during the change stage (meaning that the user corresponding to the account password will perform the first login account during the reservation period) change of content).

請先繼續參考步驟S103及步驟S105,其中步驟S103為:以使用者介面接收第二登入帳號,並傳輸第二登入帳號至伺服器;步驟S105為:以伺服器判斷第二登入帳號是否符合第一登入帳號。Please continue to refer to steps S103 and S105. Step S103 is: receiving the second login account through the user interface and transmitting the second login account to the server; step S105 is: using the server to determine whether the second login account matches the first login account. Once logged into your account.

使用者介面接收使用者當前輸入的第二登入帳號,並將第二登入帳號傳輸至伺服器。第二登入帳號例如包含使用者的帳號、密碼等身分資料。伺服器在收到第二登入帳號後,即可據以判斷第二登入帳號是否符合第一登入帳號。伺服器可以具有一資料庫,儲存有多個第一登入帳號,每個第一登入帳號用於代表一個使用者。當伺服器判斷第二登入帳號未符合第一登入帳號時,則拒絕請求(步驟S106)。The user interface receives the second login account currently entered by the user and transmits the second login account to the server. The second login account includes, for example, the user's account number, password and other identity information. After receiving the second login account, the server can determine whether the second login account matches the first login account. The server may have a database that stores multiple first login accounts, and each first login account is used to represent a user. When the server determines that the second login account does not match the first login account, it rejects the request (step S106).

當伺服器判斷第二登入帳號符合該些第一登入帳號的一者時,表示該使用者的身分已通過驗證,伺服器可以執行步驟S107:透過使用者介面接收第二變更內容。具體地,伺服器可透過使用者介面接收第二變更內容,而第二變更內容例如為新增的程式碼、對既有的程式碼進行的修改或對既有的程式碼進行的刪減,而當伺服器在步驟S105判斷第二登入帳號通過驗證後,伺服器可以從使用者介面接收第二變更內容,所述的第二變更內容即為使用者在進入系統的使用者介面之後所輸入的指令。When the server determines that the second login account matches one of the first login accounts, it means that the user's identity has been verified, and the server can perform step S107: receive the second change content through the user interface. Specifically, the server can receive the second change content through the user interface, and the second change content is, for example, new code, modification to the existing code, or deletion of the existing code. When the server determines that the second login account has passed the verification in step S105, the server can receive the second change content from the user interface. The second change content is what the user input after entering the user interface of the system. instructions.

換言之,使用者介面可以接收使用者輸入的確認指令,並將確認指令傳輸至伺服器,其中所述確認指令表示使用者完成輸入第二變更內容。舉例而言,使用者介面上可呈現「確認」、「儲存」等按鍵,而確認指令即為「確認」、「儲存」等按鍵被觸發的訊號。接著,在收到確認指令後,伺服器即可接續執行步驟S109。In other words, the user interface can receive a confirmation command input by the user and transmit the confirmation command to the server, where the confirmation command indicates that the user has completed inputting the second change content. For example, buttons such as "Confirm" and "Save" may appear on the user interface, and the confirmation command is the signal for the buttons such as "Confirm" and "Save" to be triggered. Then, after receiving the confirmation command, the server can continue to execute step S109.

伺服器進一步執行步驟S109:判斷第二變更內容是否符合第一變更內容。舉例而言,以上述的程式碼為例,伺服器可以判斷第二變更內容中所修改、新增或刪減的程式碼是否與第一變更內容中所修改、新增或刪減的程式碼相符。The server further executes step S109: determining whether the second change content matches the first change content. For example, taking the above code as an example, the server can determine whether the code modified, added or deleted in the second change content is consistent with the code modified, added or deleted in the first change content. consistent.

當伺服器判斷第二變更內容不符合第一變更內容時,則伺服器執行步驟S110:輸出警告通知至該使用者介面,且伺服器可以拒絕使用者的第二變更內容。When the server determines that the second change content does not comply with the first change content, the server executes step S110: outputting a warning notification to the user interface, and the server can reject the user's second change content.

當伺服器判斷第二變更內容符合第一變更內容時,則伺服器執行步驟S111以儲存對應於第二變更內容的變更結果。變更結果即為依據第二變更內容對當前的執行檔進行編譯(compile)的結果,而當第二變更內容符合第一變更內容時,表示第二變更內容在第二登入帳號對應的權限範圍內,且該變更結果即可作為系統的更新的執行檔。所述執行檔例如為對應於控管員工的郵件收發權限的執行檔,或是對應於系統初始化流程的執行檔等,本發明不對執行檔的實際內容予以限制。據此,即可確保每次對系統的更新都是正確的,進而避免系統以被錯誤更新的執行檔運行。When the server determines that the second change content matches the first change content, the server executes step S111 to store the change result corresponding to the second change content. The change result is the result of compiling the current executable file based on the second change content. When the second change content matches the first change content, it means that the second change content is within the authority range corresponding to the second login account. , and the change result can be used as the updated executable file of the system. The executable file is, for example, an executable file corresponding to the mail sending and receiving authority of the controlling employee, or an executable file corresponding to the system initialization process, etc. The present invention does not limit the actual content of the executable file. This ensures that every update to the system is correct, thereby preventing the system from running with an incorrectly updated executable file.

在另一實施例中,伺服器可先依據第二變更內容對當前的執行檔進行編譯以產生變更結果,再判斷第二變更內容是否符合第一變更內容。當伺服器於步驟S109判斷第二變更內容符合第一變更內容時,伺服器可執行步驟S111;當伺服器於步驟S109判斷第二變更內容不符合第一變更內容時,將執行檔回復(rollback)至執行第二變更內容之前的版本,以避免執行檔的內容被誤更動。In another embodiment, the server may first compile the current executable file according to the second change content to generate a change result, and then determine whether the second change content conforms to the first change content. When the server determines in step S109 that the second change content matches the first change content, the server can execute step S111; when the server determines in step S109 that the second change content does not match the first change content, it will rollback the executable file. ) to the version before executing the second changed content to avoid the content of the executable file being accidentally changed.

請參考圖2,圖2係依據本發明另一實施例所繪示的系統變更檢查方法的流程圖。圖2的步驟大致與圖1相同,圖2與圖1的不同處在於,圖2更包含了步驟S102,其中步驟S102執行在圖1的步驟S101之後,及在圖1的步驟S103之前。因此,以下將主要對步驟S102進行說明,而圖2與圖1的相同之處則不再予以贅述。首先,如前所述,使用者介面除了接收第一登入帳號及第一變更內容外,使用者介面還可接收預約時段。因此,在透過使用者介面接收第一登入帳號及第一變更內容後,伺服器還可判斷第一變更內容及預約時段是否落於一可存取範圍,其中可存取範圍可包含可預約時段及可變更內容,伺服器可於判斷第一變更內容及預約時段落於可存取範圍時記錄第一變更內容及預約時段。Please refer to FIG. 2 , which is a flow chart of a system change checking method according to another embodiment of the present invention. The steps in Figure 2 are roughly the same as those in Figure 1 . The difference between Figure 2 and Figure 1 is that Figure 2 further includes step S102 , where step S102 is performed after step S101 in Figure 1 and before step S103 in Figure 1 . Therefore, step S102 will be mainly described below, and the similarities between FIG. 2 and FIG. 1 will not be described again. First, as mentioned above, in addition to receiving the first login account and the first change content, the user interface can also receive the reservation time period. Therefore, after receiving the first login account and the first change content through the user interface, the server can also determine whether the first change content and the reservation time period fall within an accessible range, where the accessible range may include the reservable time period. And the changeable content, the server can record the first changed content and reservation time period when it determines that the first change content and reservation time period are within the accessible range.

伺服器在步驟S101收到第一登入帳號、第一變更內容及預約時段後,接著執行步驟S1021:判斷預約時段是否落於可預約時段,且第一變更內容是否符合可變更內容。After the server receives the first login account, the first change content and the reservation time period in step S101, it then executes step S1021: determine whether the reservation time period falls within the reservable time period, and whether the first change content complies with the changeable content.

具體而言,伺服器可以儲存有一或多個可預約時段,而所述可預約時段可為未被預約的時段,或是與企業的系統運行時間不衝突的時段。因此,伺服器在收到預約時段時,可以判斷此預約時段是否落於可預約時段。Specifically, the server may store one or more reservable time periods, and the reservable time periods may be unbooked time periods, or time periods that do not conflict with the enterprise's system running time. Therefore, when the server receives the reservation period, it can determine whether the reservation period falls within the available reservation period.

伺服器的資料庫較佳更儲存有每個使用者帳號(例如第一登入帳號)所對應的可變更內容,即每個使用者帳號可以對系統進行變更的權限範圍。所述的可變更內容可例如是對應於阻擋含有特定資料的電子郵件的執行檔或程式碼,或是對應於在雲端資料管理系統增加新的合約到期欄位的執行檔或程式碼、對應於將產品類型及產品編號欄位整合成一個欄位的執行檔或程式碼、對應於變更系統初始化的流程的執行檔或程式碼等,以上僅為舉例說明,本發明並不對可變更內容的具體內容予以限制。The database of the server preferably stores the changeable content corresponding to each user account (such as the first login account), that is, the scope of authority that each user account can make changes to the system. The changeable content may be, for example, an executable file or code corresponding to blocking emails containing specific data, or an executable file or code corresponding to adding a new contract expiration field in the cloud data management system, corresponding to The executable file or program code that integrates the product type and product number fields into one field, the executable file or program code that corresponds to the process of changing the system initialization, etc. are only examples. The present invention does not apply to the changeable content. Specific content is restricted.

此外,該第一登入帳號可以是對應多個可變更內容,伺服器即可判斷第一變更內容是否符合該第一登入帳號的該些可變更內容的至少其中一者。舉例而言,假設該第一登入帳號對應的可變更內容包含對應於變更系統初始化流程及刪減欄位兩者的程式碼,則伺服器可以判斷第一變更內容中變更的程式碼是否對應於該二可變更內容的至少其中一者。當伺服器判斷第一變更內容不符合可變更內容時,可以執行步驟S1022:拒絕第一登入帳號及第一變更內容。亦即,伺服器可以輸出「資料不符」等通知至使用者介面,並刪除第一登入帳號及第一變更內容。此外,當伺服器判斷預約時段未落於可預約時段時,伺服器同樣可執行步驟S1022。In addition, the first login account may correspond to multiple changeable contents, and the server can determine whether the first changed content matches at least one of the changeable contents of the first login account. For example, assuming that the changeable content corresponding to the first login account includes code corresponding to both changing the system initialization process and deleting fields, the server can determine whether the changed code in the first change content corresponds to At least one of the two changeable contents. When the server determines that the first changed content does not comply with the changeable content, step S1022 may be performed: rejecting the first login account and the first changed content. That is, the server can output notifications such as "data inconsistency" to the user interface, and delete the first login account and the first change content. In addition, when the server determines that the reservation period does not fall within the reservable period, the server can also execute step S1022.

當伺服器判斷預約時段落於可預約時段,且第一變更內容符合可變更內容時,可以接著執行步驟S1023及步驟S1025,其中步驟S1023為:對應地記錄預約時段及第一登入帳號;步驟S1025為:開放第一登入帳號在預約時段的權限。When the server determines that the reservation time period is within the reservable time period and the first change content conforms to the changeable content, step S1023 and step S1025 can then be performed, wherein step S1023 is: correspondingly recording the reservation time period and the first login account; step S1025 For: Open the permissions of the first login account during the reservation period.

在預約時段及第一變更內容皆已通過驗證後,伺服器可以對應地記錄預約時段、第一變更內容及第一登入帳號。並且,伺服器可以開放第一登入帳號在預約時段的權限,讓該第一登入帳號的使用者在預約時段有進行變更的權限。舉例而言,假設預約時段為星期一早上10點到11點,則伺服器即可記錄在星期一早上10點到11點,第一登入帳號對應的使用者會對系統進行變更。據此,即可避免使用者進行變更的時間與系統運行時間產生衝突。以第一變更內容係對應於刪減欄位為例,伺服器可以僅開放第一登入帳號在預約時段修改關於刪減欄位的程式碼的權限,即第一登入帳號在預約時段並無修改關於系統初始化流程的程式碼的權限。因此,於後續的變更階段,伺服器即可根據上述記錄的內容判斷使用者的變更是否合法(即於後續的變更階段,伺服器判斷第二變更內容與第一變更內容是否相符)。After the reservation time period and the first change content have been verified, the server can record the reservation time period, the first change content, and the first login account accordingly. In addition, the server can open the permissions of the first login account during the reservation period, so that the user of the first login account has the authority to make changes during the reservation period. For example, assuming that the reservation period is from 10 am to 11 am on Monday, the server can record that the user corresponding to the first login account will make changes to the system from 10 am to 11 am on Monday. Accordingly, conflicts between the time when users make changes and the system running time can be avoided. For example, if the first change content corresponds to deleting a field, the server can only allow the first login account to modify the code about deleting the field during the reservation period. That is, the first login account has no modifications during the reservation period. Permissions for code regarding the system initialization process. Therefore, in the subsequent change stage, the server can determine whether the user's change is legal based on the content of the above record (that is, in the subsequent change stage, the server determines whether the second change content matches the first change content).

請參考圖3,圖3係依據本發明又一實施例所繪示的系統變更檢查方法的流程圖。圖3的步驟大致與圖1相同,圖3與圖1的不同處在於,圖3更包含了步驟S108,其中步驟S108執行在圖1的步驟S107之後,及在圖1的步驟S109之前。因此,以下將主要對步驟S108進行說明,而圖3與圖1的相同之處則不再予以贅述。Please refer to FIG. 3 , which is a flow chart of a system change checking method according to another embodiment of the present invention. The steps in Figure 3 are generally the same as those in Figure 1 . The difference between Figure 3 and Figure 1 is that Figure 3 further includes step S108 , where step S108 is performed after step S107 in Figure 1 and before step S109 in Figure 1 . Therefore, step S108 will be mainly described below, and the similarities between FIG. 3 and FIG. 1 will not be described again.

伺服器在步驟S107接收第二變更內容後,伺服器可以接著執行步驟S108:判斷收到第二變更內容的時間是否落於預約時段內。亦即,伺服器可以判斷收到第二變更內容的時間是否符合預約時段。以上述預約時段為星期一早上10點到11點為例,伺服器執行步驟S108即是判斷收到第二變更內容的時間是否落於星期一早上10點到11點的範圍。After the server receives the second modified content in step S107, the server can then perform step S108: determine whether the time when the second modified content is received falls within the reservation period. That is, the server can determine whether the time when the second modified content is received is consistent with the reservation period. Taking the above reservation period as 10 am to 11 am on Monday as an example, the server executes step S108 to determine whether the time when the second change content is received falls within the range of 10 am to 11 am on Monday morning.

當伺服器判斷收到第二變更內容的時間落於預約時段內(即收到第二變更內容的時間落於星期一早上10點到11點的範圍)時,即可執行步驟S109。When the server determines that the time when the second change content is received falls within the reservation period (that is, the time when the second change content is received falls within the range of 10 a.m. to 11 a.m. on Monday), step S109 can be executed.

若伺服器於步驟S108判斷收到第二變更內容的時間落於預約時段外時,則伺服器可以執行步驟S110:發出警告通知至使用者介面,其中此述的步驟S110即為圖1的步驟S110。另外,在伺服器於步驟S109前先依據第二變更內容產生變更結果的實施例中,若伺服器於步驟S108判斷收到第二變更內容的時間落於預約時段外時,伺服器還可將執行檔(變更結果)回復至原始版本。If the server determines in step S108 that the time when the second change content is received falls outside the scheduled time period, the server can perform step S110: sending a warning notification to the user interface. The step S110 described above is the step in Figure 1 S110. In addition, in the embodiment where the server first generates a change result based on the second change content before step S109, if the server determines in step S108 that the time when the second change content is received falls outside the reservation period, the server may also The executable file (the result of the change) is restored to the original version.

在一較佳的實施態樣中,本發明是先判斷收到第二變更內容的時間是否落於預約時段內,再判斷第二變更內容是否符合第一變更內容。據此,可以避免使用者在非預約時段仍更動了執行檔的情況,進一步讓伺服器不用另外回復執行檔。In a preferred implementation, the present invention first determines whether the time when the second change content is received falls within the reservation time period, and then determines whether the second change content conforms to the first change content. Accordingly, it is possible to avoid the situation where the user modifies the executable file during non-scheduled periods, further eliminating the need for the server to reply to the executable file separately.

綜上所述,依據本發明一或多個實施例所示的系統變更檢查方法,可以確保使用者是在適當的時間對系統進行變更或更新,且同時可以確保系統是由有權限的使用者進行更新。並且,可以在系統配置被不合法修改後,更可以將配置回復至修改前的狀態。In summary, according to the system change checking method shown in one or more embodiments of the present invention, it can be ensured that the user changes or updates the system at the appropriate time, and at the same time, it can be ensured that the system is operated by an authorized user. Make an update. Moreover, after the system configuration is illegally modified, the configuration can be restored to the state before the modification.

雖然本發明以前述之實施例揭露如上,然其並非用以限定本發明。在不脫離本發明之精神和範圍內,所為之更動與潤飾,均屬本發明之專利保護範圍。關於本發明所界定之保護範圍請參考所附之申請專利範圍。Although the present invention is disclosed in the foregoing embodiments, they are not intended to limit the present invention. All changes and modifications made without departing from the spirit and scope of the present invention shall fall within the scope of patent protection of the present invention. Regarding the protection scope defined by the present invention, please refer to the attached patent application scope.

S101,S103,S105,S106,S107,S108,S109,S110,S111:步驟 S1021,S1022,S1023,S1025:步驟 S101, S103, S105, S106, S107, S108, S109, S110, S111: Steps S1021, S1022, S1023, S1025: steps

圖1係依據本發明一實施例所繪示的系統變更檢查方法的流程圖。圖2係依據本發明另一實施例所繪示的系統變更檢查方法的流程圖。圖3係依據本發明又一實施例所繪示的系統變更檢查方法的流程圖。FIG. 1 is a flow chart of a system change checking method according to an embodiment of the present invention. FIG. 2 is a flow chart of a system change checking method according to another embodiment of the present invention. FIG. 3 is a flow chart of a system change checking method according to another embodiment of the present invention.

S101,S103,S105,S106,S107,S109,S110,S111:步驟S101, S103, S105, S106, S107, S109, S110, S111: Steps

Claims (5)

一種系統變更檢查方法,包含:以一使用者介面接收一第一登入帳號及一第一變更內容,並傳輸該第一登入帳號及該第一變更內容至一伺服器,其中該第一變更內容包含一預約時段;以該伺服器判斷該第一變更內容是否落於一可存取範圍;當判斷該第一變更內容落於該可存取範圍時,以該伺服器記錄該第一登入帳號及該第一變更內容;以該伺服器判斷該預約時段是否落於該可存取範圍的該可預約時段;當以該伺服器判斷該預約時段落於該可預約時段時,以該使用者介面接收一第二登入帳號,並傳輸該第二登入帳號至該伺服器;以該伺服器判斷該第二登入帳號是否符合該第一登入帳號;當該伺服器判斷該第二登入帳號符合該第一登入帳號時,以該伺服器透過該使用者介面接收一第二變更內容;以該伺服器判斷該第二變更內容是否符合該第一變更內容;以及當該伺服器判斷該第二變更內容符合該第一變更內容時,以該伺服器儲存對應於該第二變更內容的一變更結果,其中該方法更包含:以該伺服器判斷收到該第二變更內容的時間是否落於該預約時段; 以該伺服器於判斷收到該第二變更內容的時間落於該預約時段時,對一執行檔執行該第二變更內容以產生該變更結果;以及當該伺服器判斷該第二變更內容不符合該第一變更內容時,以該伺服器回復該執行檔。 A system change checking method includes: receiving a first login account and a first change content through a user interface, and transmitting the first login account and the first change content to a server, wherein the first change content Including a reservation period; using the server to determine whether the first changed content falls within an accessible range; when it is determined that the first changed content falls within the accessible range, using the server to record the first login account and the first change content; use the server to determine whether the reservation time period falls within the reservable time period within the accessible range; when the server determines that the reservation time period falls within the reservable time period, use the user The interface receives a second login account and transmits the second login account to the server; the server determines whether the second login account matches the first login account; when the server determines that the second login account matches the first login account When logging in to the account for the first time, the server receives a second change content through the user interface; the server determines whether the second change content conforms to the first change content; and when the server determines the second change content When the content matches the first change content, the server is used to store a change result corresponding to the second change content, and the method further includes: using the server to determine whether the time of receiving the second change content falls within the Appointment period; When the server determines that the time when the second change content is received falls within the scheduled time period, the second change content is executed on an executable file to generate the change result; and when the server determines that the second change content is not When the first change content is met, the server is used to restore the executable file. 如請求項1所述的系統變更檢查方法,其中當以該伺服器判斷該第二變更內容不符合該第一變更內容時,該方法更包含:輸出一警告通知至該使用者介面。 The system change checking method as described in claim 1, wherein when the server determines that the second change content does not comply with the first change content, the method further includes: outputting a warning notification to the user interface. 如請求項1所述的系統變更檢查方法,其中該可存取範圍包含一可變更內容,判斷該第一變更內容是否落於該可存取範圍包含:以該伺服器判斷該第一變更內容是否符合該可變更內容。 The system change checking method as described in claim 1, wherein the accessible range includes a changeable content, and determining whether the first changed content falls within the accessible range includes: using the server to determine the first changed content Whether it complies with the changeable content. 如請求項3所述的系統變更檢查方法,其中在以該伺服器記錄該第一登入帳號及該第一變更內容後,該方法更包含:開放該第一登入帳號在該預約時段的權限。 The system change checking method described in claim 3, wherein after recording the first login account and the first change content with the server, the method further includes: opening the permissions of the first login account in the reservation period. 如請求項1所述的系統變更檢查方法,其中該第一變更內容包含一新增程式碼、關聯於一既有程式碼的一修改及關聯於該既有程式碼的一刪減的其中一者。 The system change checking method as described in claim 1, wherein the first change content includes one of a new code, a modification associated with an existing code, and a deletion associated with the existing code. By.
TW111107861A 2022-03-04 2022-03-04 Method of checking system modification TWI825607B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW111107861A TWI825607B (en) 2022-03-04 2022-03-04 Method of checking system modification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW111107861A TWI825607B (en) 2022-03-04 2022-03-04 Method of checking system modification

Publications (2)

Publication Number Publication Date
TW202336612A TW202336612A (en) 2023-09-16
TWI825607B true TWI825607B (en) 2023-12-11

Family

ID=88927348

Family Applications (1)

Application Number Title Priority Date Filing Date
TW111107861A TWI825607B (en) 2022-03-04 2022-03-04 Method of checking system modification

Country Status (1)

Country Link
TW (1) TWI825607B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070256078A1 (en) * 2006-04-28 2007-11-01 Falk Nathan B Resource reservation system, method and program product used in distributed cluster environments
TW201339998A (en) * 2012-03-30 2013-10-01 Zyxel Communications Corp Booking management method and system
CN112380101A (en) * 2020-12-02 2021-02-19 广州数园网络有限公司 Instrument and equipment monitoring system and method based on process monitoring and data gateway
CN113378185A (en) * 2021-03-31 2021-09-10 腾飞 Data access and storage method, data access and storage device and data access and storage system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070256078A1 (en) * 2006-04-28 2007-11-01 Falk Nathan B Resource reservation system, method and program product used in distributed cluster environments
TW201339998A (en) * 2012-03-30 2013-10-01 Zyxel Communications Corp Booking management method and system
CN112380101A (en) * 2020-12-02 2021-02-19 广州数园网络有限公司 Instrument and equipment monitoring system and method based on process monitoring and data gateway
CN113378185A (en) * 2021-03-31 2021-09-10 腾飞 Data access and storage method, data access and storage device and data access and storage system

Also Published As

Publication number Publication date
TW202336612A (en) 2023-09-16

Similar Documents

Publication Publication Date Title
CN110620810B (en) Non-linked ownership of continuous asset transfer over blockchain
US10348774B2 (en) Method and system for managing security policies
US10523526B2 (en) System and method for managing services and licenses using a blockchain network
US10511632B2 (en) Incremental security policy development for an enterprise network
US8321549B2 (en) Action execution management for service configuration items
US10044755B2 (en) Integrated security management
US8839234B1 (en) System and method for automated configuration of software installation package
US9244671B2 (en) System and method for deploying preconfigured software
US7590669B2 (en) Managing client configuration data
US9237180B2 (en) System and method for verifying configuration item changes
JP2019008791A (en) Smart contract life cycle management
US11948196B2 (en) Asset management techniques
US8255507B2 (en) Active directory object management methods and systems
CN108776756A (en) Access authorization for resource management method and device
US8671073B2 (en) Synchronizing human resource database with authorization database
US11792270B2 (en) Offline sideloading for enrollment of devices in a mobile device management system
US20240007458A1 (en) Computer user credentialing and verification system
EP2750350B1 (en) System and method for deploying preconfigured software
TWI825607B (en) Method of checking system modification
KR102251579B1 (en) Method and apparatus for supporting remote control
US20030065795A1 (en) Computer system and method for managing remote access of user resources
CN109218452B (en) Method and device for pushing node information
US20220391290A1 (en) Security by default in a cloud environment
CN118070311A (en) Data isolation access control method, system and related equipment based on alliance chain