WO2021137757A1 - Authority management method and apparatus, and electronic device, and storage medium thereof - Google Patents

Authority management method and apparatus, and electronic device, and storage medium thereof Download PDF

Info

Publication number
WO2021137757A1
WO2021137757A1 PCT/SG2020/050769 SG2020050769W WO2021137757A1 WO 2021137757 A1 WO2021137757 A1 WO 2021137757A1 SG 2020050769 W SG2020050769 W SG 2020050769W WO 2021137757 A1 WO2021137757 A1 WO 2021137757A1
Authority
WO
WIPO (PCT)
Prior art keywords
authority
resource
role
node
type
Prior art date
Application number
PCT/SG2020/050769
Other languages
English (en)
French (fr)
Inventor
Congcong Chen
Original Assignee
Envision Digital International Pte. Ltd.
Shanghai Envision Digital Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Envision Digital International Pte. Ltd., Shanghai Envision Digital Co., Ltd. filed Critical Envision Digital International Pte. Ltd.
Publication of WO2021137757A1 publication Critical patent/WO2021137757A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/104Grouping of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Definitions

  • Embodiments of the present disclosure relate to the field of authority management technology, and in particular to an authority management method and an apparatus, and an electronic device and a storage medium thereof.
  • An authority management method provided in the related art includes: predefining a number of roles and defining operation authorities of the roles for different resources in the IoT development platform by a developer of the IoT platform system, and then assigning the above roles by the developer according to an operation authority required by each entity (such as a user and a user group).
  • Embodiments of the present disclosure provide an authority management method and apparatus, and an electronic device, and a non-transitory computer-readable storage medium thereof to solve a problem that the authority management method provided in the related art is relatively limited and cannot satisfy authority management requirements of the dynamically evolving IoT platform system.
  • an authority management method includes:
  • the authority inheritance rule includes a rule by which authority information of a taiget node is determined based on authority information of an associated node corresponding to the target node in a hierarchical network;
  • an authority management apparatus includes:
  • a resource type managing module configured to identify a target type to which a first resource belongs
  • an inheritance rule determining module configured to determine an authority inheritance rule corresponding to the target type, wherein the authority inheritance rule includes a rule by which authority information of a target node is determined based on authority information of an associated node corresponding to the target node in a hierarchical network;
  • a node acquiring module configured to acquire at least one associated node corresponding to the first resource in a first hierarchical network corresponding to the first resource;
  • an information acquiring module configured to acquire the authority information of the at least one associated node
  • an information updating module configured to update authority information of the first resource according to the authority inheritance rule based on the authority information of the at least one associated node.
  • an electronic device includes a processor and a memory storing at least one instruction.
  • the at least one instruction when loaded and executed the processor, causes the processor to perform the authority management method as described in the first aspect.
  • a non-transitory computer-readable storage medium stores at least one computer program including at least one instruction.
  • the at least one instruction when loaded and executed by a processor of an electronic device, causes the electronic device to perform the authority management method as described in the first aspect.
  • the authority inheritance rule is determined based on the resource type to which the resource belongs, and then, authority information of the added resource is updated based on the authority information of the associated node in the hierarchical network corresponding to the added resource, thereby solving a problem that authority management cannot be performed for the added resource due to authority management performed in a predefined way in the related art, and realizing automatic authority for the added resource.
  • the authority management method according to the embodiments of the present disclosure is more flexible and may satisfy authority management requirements of the dynamically evolving IoT platform system.
  • FIG. 1 is flowchart of an authority management method according to an embodiment of the present disclosure
  • FIG. 2 is a schematic diagram of a hierarchical network according to an embodiment of the present disclosure
  • FIG. 3 is a schematic diagram of authority information according to an embodiment of the present disclosure.
  • FIG. 4 is a flowchart of an authority management method according to an embodiment of the present disclosure.
  • FIG. 5 is a flowchart of an authority management method according to an embodiment of the present disclosure.
  • FIG. 6 is a structural block diagram of an authority management apparatus according to an embodiment of the present disclosure.
  • FIG. 7 is a structural block diagram of an electronic device according to an embodiment of the present disclosure.
  • the authority inheritance rule when a resource is added into the IoT platform system, the authority inheritance rule may be determined according to the resource type to which the resource belongs, and then, the authority information of the added resource may be updated according to the authority information of the associated node in the hierarchical network corresponding to the added resource, thereby solving the problem that authority management cannot be performed for the added resource due to authority management performed in a predefined way in the related art, and realizing the automatic authority for the added resource.
  • the authority management method according to the embodiments of the present disclosure is more flexible and may satisfy authority management requirements of the dynamically evolving IoT platform system.
  • an executive subject of each step is an electronic device.
  • the electronic device has an authority management function that may be implemented by any one of an application, a process and a service installed in the electronic device.
  • descriptions are made by taking the executive subject being an authority management system as an example, and the authority management system is configured to implement the above authority management function.
  • FIG. 1 is a flowchart of an authority management method according to an embodiment of the present disclosure. The method may include the following steps.
  • step 101 a target type to which a first resource belongs is identified.
  • the first resource is any resource with authority information not updated.
  • the types to which the resource belongs may be categorized by functionality, and may be a menu, an application programming interface (API), an application, data, a device, a model, or the like.
  • the target type is also the type to which the first resource belongs.
  • the first resource is a resource newly created by a particular functional module, and the functional module sends a resource registration request to the authority management system upon creation of the resource.
  • the resource registration request is intended to request resource registration in the authority management system.
  • the resource registration request carries the target type and a resource identifier of the first resource, wherein the resource identifier of the first resource is intended to identify the first resource uniquely.
  • the resource registration request also carries basic information of the first resource, such as a hierarchical network corresponding to the first resource and a node identifier of each node in the hierarchical network.
  • the authority management system When receiving the resource registration request, the authority management system firstly completes the resource registration, and then acquires the target type to which the first resource belongs and completes a subsequent flow of updating authority information.
  • step 102 an authority inheritance rule corresponding to the target type is determined.
  • the authority inheritance rule includes a rule by which authority information of a target node is determined according to authority information of an associated node corresponding to the target node in a hierarchical network.
  • the hierarchical network includes a network structure formed by the target node, the associated node corresponding to the target node and an association relationship between the target node and the associated node.
  • the associated node corresponding to the target node includes an ancestor node and/or a descendant node.
  • FIG. 2 is a schematic diagram of a hierarchical network according to an embodiment of the present disclosure.
  • the hierarchical network includes six nodes.
  • Node 10 "lighting of park” is the ancestor node of node 11 "lighting system of building 1" and node 12 "lighting system of building 2”
  • node 111 "lighting system of floor 1" and node 112 "lighting system of floor 2" are sub-nodes of the node 11 "lighting system of building 1”
  • node 121 "lighting system of floor 1" is a sub-node of the node 12 "lighting system of building 2.”
  • the authority inheritance rule may be an upward inheritance rule or a downward inheritance rule.
  • the upward inheritance rule includes a rule by which authority information of the target node is determined according to authority information of the descendant node of the target node in the hierarchical network.
  • the downward inheritance rule includes a rule by which authority information of the target node is determined according to authority information of the ancestor node of the target node in the hierarchical network.
  • FIG. 2 schematically illustrates a downward inheritance rule according to an embodiment of the present disclosure.
  • a role A has view authority and control authority for the node 11 "lighting system of building 1," such that the role A has view authority and control authority for the node 111 "lighting system of floor 1" and the node 112 "lighting system of floor 2;” the role A has view authority for the node 12 "lighting system of building 2,” such that the role A has control authority for the node 121 "lighting system of floor 1.”
  • the authority management system provides a corresponding relationship between the resource type and the authority inheritance rule.
  • the resource type to which the first resource belongs i.e., the target type
  • the authority inheritance rule corresponding to the target type may be acquired by searching for the above corresponding relationship.
  • the corresponding relationship may be established when the developer registers the resource type.
  • step 103 at least one associated node corresponding to the first resource is acquired in a first hierarchical network corresponding to the first resource.
  • the authority management system may also acquire at least one associated node corresponding to the first resource according to the authority inheritance rule.
  • the authority inheritance rule is the upward inheritance rule
  • the descendant node corresponding to the first resource is acquired.
  • the authority inheritance rule is the downward inheritance rule
  • the ancestor node corresponding to the first resource is acquired.
  • step 104 authority information of the at least one associated node is acquired.
  • the authority information includes three factors: subject of right, object of right and an operation authority type.
  • the subject of right may be any role, such as a user, a user group, an organization and a service account.
  • the object of a right may be any resource, such as a menu, an application programming interface (API), an application, data, a device and a model.
  • the operation authority type may include one or a combination of a read authority, a write authority, a control authority, and the like.
  • FIG. 3 is a schematic diagram of authority information according to an embodiment of the present disclosure.
  • the authority information defines a role 31 (i.e., the subject of right), a resource 33 (i.e., the object of right) and an operation authority type 32.
  • the role 31 may be authorized to a user, a user group, an organization, a service account, and the like, an external service may register the resource 33 requiring authority control, and the resource 33 may include a menu, an application programming interface, a service, an organization, a user group, and the like.
  • the operation authority type 32 includes a read authority, a write authority, a control authority, and the like. Subsequently, it is required to perform authority verification when the role 31 requires to perform an operation for the resource 33.
  • the authority information of the at least one associated node is also used to describe a role having an operation authority for the associated node and the operation authority type of the role.
  • authority information of the first resource is updated according to the authority inheritance rule based on the authority information of the at least one associated node.
  • the authority information of the newly-created resource may be updated according to the authority inheritance rule based on the authority information of the at least one associated node, thereby realizing automatic authority for the newly-created resource without setting the developer, and improving an authority management efficiency.
  • step 105 may include the following sub-steps.
  • a first role is determined according to the authority inheritance rule based on the authority information of the at least one associated node.
  • the first role includes a role having an operation authority for the first resource.
  • sub-step 105a may be specifically implemented as: determining the role having an operation authority for the ancestor node as the first role in the downward inheritance rule.
  • the first resource is economic data of Xinwu District of Wuxi City
  • the ancestor node of the first resource is economic data of Wuxi City
  • the role having an operation authority for the economic data of Wuxi City includes role A, such that the role A is determined as the first role.
  • sub-step 105a may be specifically implemented as: determining the role having an operation authority for the descendant node as the first role in the upward inheritance rule.
  • the first resource is a particular application
  • the descendant node of the first resource is a functional menu attached to the application
  • the role having an operation authority for the functional menu includes role C and role D, such that the role C and the role D are determined as the first role.
  • sub-step 105b the operation authority type corresponding to both the first role and the associated node is acquired.
  • sub-step 105b may be specifically implemented as: acquiring the operation authority type corresponding to both the first role and the ancestor node.
  • the role A has a read authority for the economic data of Wuxi City, such that the operation authority type acquired by the authority management system is a read authority.
  • sub-step 105b may be specifically performed as: acquiring the operation authority type corresponding to both the first role and the descendant node.
  • the role C has writing authority for the functional menu, such that the operation authority type acquired by the authority management system is write authority.
  • sub-step 105 c the operation authority type and the first role are updated to the authority information of the first resource.
  • the operation authority type and the first role acquired by the authority management system are determined as the authority information of the first resource.
  • the first resource is economic data of Xinwu District of Wuxi City
  • the ancestor node of the first resource is economic data of Wuxi City
  • the role having an operation authority for the economic data of Wuxi City includes role A, role B and role C.
  • the role A has a read authority for the economic data of Wuxi City, such that the role A has a read authority for the economic data of Xinwu District of Wuxi City.
  • the authority management system may send an authority updating notification to each role, wherein the authority updating notification carries the first resource and the operation authority type corresponding to both the first resource and the first role.
  • the authority inheritance rule when the resource is added into the IoT platform system, the authority inheritance rule may be determined based on the resource type to which the resource belongs, and then, the authority information of the added resource may be updated based on the authority information of the associated node in the hierarchical network corresponding to the added resource, thereby solving the problem that authority management cannot be performed for the added resource due to authority management performed in a predefined way in the related art, and realizing the automatic authority for the added resource.
  • the authority management method according to the embodiments of the present disclosure is more flexible and may satisfy authority management requirements of the dynamically evolving IoT platform system.
  • the authority inheritance rule may further include an independent inheritance rule.
  • the authority information of the first resource is set by the developer without depending on other associated nodes.
  • the authority inheritance rule is the independent inheritance rule in the following several cases.
  • the authority inheritance rule of the first resource is the downward inheritance rule, but no ancestor node is included in the hierarchical network corresponding to the first resource.
  • the authority management system updates the authority information of the first resource by: displaying an authority setting interface, acquiring the front one or both the first role and the operation authority type input in the authority setting interface, and updating the authority information of the first resource.
  • the authority setting interface is used for the developer to set the authority information of the first resource.
  • the authority management system determines the acquired first role and the acquired operation authority type as the authority information of the first resource.
  • the authority management system acquires the operation authority type corresponding to the target type, and determines the acquired first role and the acquired operation authority type corresponding to the target type as the authority information of the first resource.
  • the operation authority type corresponding to the target type is set when the resource type is registered.
  • the step is specifically performed as: receiving a type registration request corresponding to a first resource type, wherein the type registration request carries a type identifier of the first resource type and an operation authority type supported by the first resource type; and registering the first resource type according to the type registration request.
  • the type registration request is intended to request registration of the first resource type in the authority management system.
  • the operation authority type supported by the first resource type is intended to indicate an operation that may be performed for the resource with the type being the first resource type.
  • the operation authority type supported by the first resource type may include at least one of a read authority, a write authority, a control authority, and the like.
  • an independent inheritance rule is provided to update the authority information of the resource to improve the authority management method according to the embodiments of the present disclosure better.
  • the authority management system is further provided with an authority verification function, that is, the authority management system verifies whether a particular role has a designated operation authority for a particular resource.
  • the authority verification process is described below.
  • the authority management method further includes the following steps.
  • step 401 an authority verification request corresponding to a second resource is received.
  • the authority verification request is intended to request to verify whether a second role has a designated operation authority for the second resource.
  • the authority verification request includes a role identifier of the second role, a resource identifier of the second resource and an authority type of the designated operation authority.
  • the authority verification request is intended to verify whether the role C has control authority for process A.
  • the authority verification request is sent to the authority management system by the second role before the designated operation is performed for the second resource.
  • step 402 a second hierarchical network corresponding to the second resource is acquired.
  • the second hierarchical network includes an association relationship formed by the second resource, an associated node corresponding to the second resource and an association relationship between the second resource and the associated node.
  • step 403 comprehensive authority information corresponding to both the second role and the second hierarchical network is acquired.
  • the comprehensive authority information is intended to indicate an operation authority of the second role for at least one node in the second hierarchical network.
  • the comprehensive authority information may be referred to as an authority tree of the second role.
  • the comprehensive authority information is intended to indicate an operation authority of the second role for all nodes in the second hierarchical network.
  • the comprehensive authority information is intended to indicate an operation authority of the second role for part of nodes in the second hierarchical network.
  • step 403 may include the following several sub-steps: acquiring a resource type to which the second resource belongs; acquiring an authority inheritance rule corresponding to the resource type to which the second resource belongs; when the authority inheritance rule corresponding to the resource type to which the second resource belongs is upward inheritance, acquiring authority information of a descendant node in the second hierarchical network; and when the authority inheritance rule corresponding to the resource type to which the second resource belongs is downward inheritance, acquiring authority information of an ancestor node in the second hierarchical network.
  • step 404 when the comprehensive authority information includes a designated operation authority, it is determined that the second role has the designated operation authority.
  • the authority management system determines whether the second role has the designated operation authority for the second resource by detecting whether the comprehensive authority information includes the designated operation authority. When the comprehensive authority information includes the designated operation authority, it is determined that the second role has the designated operation authority for the second resource.
  • step 405 when the comprehensive authority information does not include the designated operation authority, it is determined that the second role does not have the designated operation authority.
  • FIG. 4 is a flowchart of an authority management method according to an embodiment of the present disclosure.
  • the authority management method includes the following steps.
  • step 41 an authority verification request is received.
  • step 42 a second role and a second resource are acquired from the authority verification request.
  • step 43 a second hierarchical network corresponding to the second resource is acquired.
  • step 44 authority information of the second hierarchical network corresponding to the second resource is acquired (an authority tree is established).
  • step 45 authority verification is performed based on the authority information of the second hierarchical network corresponding to the second resource.
  • the technical solutions according to embodiments of the present disclosure further provide authority verification to enable utilization of the resource to be more securer and more reliable.
  • resource update further includes resource deletion in addition to resource addition.
  • the authority management used during resource deletion is described below.
  • the authority management method further includes the following steps.
  • step 501 a deletion request corresponding to a third resource is received.
  • the deletion request is intended to request deletion of the third resource in the authority management system.
  • a creator of the third resource sends the deletion request to the authority management system before deleting the third resource.
  • step 502 the third resource is deleted after authority information of the third resource is deleted.
  • the authority management system firstly deletes the authority information of the third resource, and then deletes the third resource, thereby avoiding the unnecessary authority verification process.
  • Deleting the authority information of the third resource may be specifically performed as: acquiring a third hierarchical network corresponding to the third resource, acquiring comprehensive authority information corresponding to the third hierarchical network, wherein the comprehensive authority information corresponding to the third hierarchical network includes authority information of the third resource, and deleting the authority information of the third resource from the comprehensive authority information corresponding to the third hierarchical network.
  • the resource update in the IoT platform system further includes update of basic information of the resource. Update of authority information is not involved in the process, which is thus not repeated herein.
  • FIG. 5 is a flowchart of an authority management method according to still another embodiment of the present disclosure.
  • the authority management method includes the following steps. [0099] In step 51, an external service updates a resource.
  • step 52 the external service sends a resource update message to a message processor.
  • step 53 the message processor determines to process the resource update message, and acquires a resource update type. [00102] if the resource update type is DELETE, steps 54-55 are performed; if the resource update type is CREATE, steps 56-58 are performed; and if the resource update type is UPDATE, step 59 is performed.
  • step 54 authority information related to the resource is deleted.
  • step 55 the resource is deleted.
  • step 56 the type to which the resource belongs is determined.
  • step 57 an authority inheritance rule corresponding to the type to which the resource belongs is determined.
  • step 58 the authority information of the resource is updated according to the authority inheritance rule.
  • step 59 basic information of the resource is updated.
  • the technical solutions according to embodiments of the present disclosure further provide functions of deleting the resource and updating the basic information of the resource, thereby satisfying authority management requirements of the dynamically evolving IoT platform system.
  • Apparatus embodiments of the present disclosure are described below. For parts that are not described in detail in the apparatus embodiments, reference may be made to technical details disclosed in the above method embodiments.
  • FIG. 6 is a block diagram of an authority management apparatus according to an embodiment of the present disclosure.
  • the authority management apparatus may be practiced as all or part of a terminal by software, hardware or a combination of software and hardware.
  • the authority management apparatus includes: a resource type managing module 601, an inheritance rule determining module 602, a node acquiring module 603, an information acquiring module 604, and an information updating module 604..
  • the resource type managing module 601 is configured to identify a target type to which a first resource belongs.
  • the inheritance rule determining module 602 is configured to determine an authority inheritance rule corresponding to the target type, wherein the authority inheritance rule includes to a rule by which authority information of a target node is determined based on authority information of an associated node corresponding to the target node in a hierarchical network.
  • the node acquiring module 603 is configured to acquire at least one associated node corresponding to the first resource in a first hierarchical network corresponding to the first resource.
  • the information acquiring module 604 is configured to acquire the authority information of the at least one associated node.
  • the information updating module 605 is configured to update authority information of the first resource according to the authority inheritance rule based on the authority information of the at least one associated node.
  • the authority inheritance rule may be determined based on the resource type to which the resource belongs, and then, the authority information of the added resource may be updated based on the authority information of the associated node in the hierarchical network corresponding to the added resource, thereby solving the problem that authority management cannot be performed for the added resource due to authority management performed in a predefined way in the related art, and realizing the automatic authority for the added resource.
  • the authority management method according to the embodiments of the present disclosure is more flexible and may satisfy authority management requirements of the dynamically evolving IoT platform system.
  • the information updating module 605 is configured to:
  • [00119] determine a first role according to the authority inheritance rule based on the authority information of the associated node, wherein the first role includes a role having an operation authority for the first resource;
  • the authority inheritance rule is a downward inheritance rule
  • the associated node is an ancestor node
  • the information updating module 605 is specifically configured to determine the role having an operation authority for the ancestor node as the first role in the downward inheritance rule.
  • the authority inheritance rule is an upward inheritance rule
  • the associated node is a descendant node
  • the information updating module 605 is specifically configured to determine the role having an operation authority for the descendant node as the first role in the upward inheritance rule.
  • the apparatus further includes a request receiving module and a type registering module (not shown in FIG. 6).
  • the request receiving module is configured to receive a type registration request corresponding to a first resource type, wherein the type registration request carries a type identifier of the first resource type and an operation authority type supported by the first resource type.
  • the type registering module is configured to register the first resource type according to the type registration request.
  • the apparatus further includes an authority verifying module (not shown in FIG. 6).
  • the authority verifying module is configured to: [00129] receive an authority verification request corresponding to a second resource, wherein the authority verification request is intended to request to verify whether the second role has a designated operation authority for the second resource;
  • [00130] acquire a second hierarchical network corresponding to the second resource; [00131] acquire comprehensive authority information corresponding to both the second role and the second hierarchical network, wherein the comprehensive authority information is intended to indicate an operation authority of the second role for at least one node in the second hierarchical network;
  • the apparatus further includes a resource deleting module (not shown in FIG. 6).
  • the resource deleting module is configured to:
  • FIG. 7 is a structural block diagram of an electronic device according to an embodiment of the present disclosure.
  • the electronic device may be a terminal.
  • the electronic device in the present disclosure may include one or more of the following components: a processor 710 and a memory 720.
  • the processor 710 may include one or more processing cores.
  • the processor 710 connects different portions in the entire electronic device using different interfaces and lines, and executes different functions of the electronic device and processes data by running or executing instructions, programs, a code set or an instruction set stored in the memory 720 and invoking data stored in the memory 720.
  • the processor 710 may be implemented in at least one of hardware forms of a digital signal processing (DSP), a field-programmable gate array (FPGA) and a programmable logic array (PLA).
  • DSP digital signal processing
  • FPGA field-programmable gate array
  • PDA programmable logic array
  • the processor 710 may integrate one or a combination of a central processing unit (CPU) and a modem, and the like.
  • the CPU mainly processes operating systems and applications, and the like; the modem is configured to process wireless communication. It may be understood that the above modem may also not be integrated into the processor 710, and may be separately implemented by a chip.
  • the processor 710 when executing program instructions in the memory 720, the processor 710 implements the authority management method according to each method embodiment described above.
  • the memory 720 may include a random-access memory (RAM), and may further include a read-only memory (ROM). In some embodiments, the memory 720 includes a non-transitory computer-readable storage medium. The memory 720 may be configured to store instructions, programs, codes, a code set, or an instruction set. The memory 720 may include a memory program area and a memory data area. The memory program area may store instructions for implementing an operating system, instructions for at least one function, instructions for implementing different method embodiments described above, and the like; the memory data area may store data created by the electronic device in use, and the like.
  • the structure of the above electronic device is merely illustrative.
  • the electronic device may include more or less components, such as a camera, which is not limited in this embodiment.
  • An embodiment of the present disclosure further provides a non-transitory computer-readable storage medium.
  • the computer-readable storage medium stores at least one computer program including at least one instruction.
  • the at least one instruction when loaded and executed by a processer of an electronic device, causes the electronic device to perform the authority management method according to the above method embodiments.
  • the computer-readable storage medium may be a ROM, a RAM, a compact disc read-only memory (CD-ROM), a magnetic tape, a floppy disk, an optical data storage device, or the like.
  • An embodiment of the present disclosure further provides a computer program product.
  • the computer program product when loaded and run by a processor, causes the processor to perform the authority management method according to the above method embodiments.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
PCT/SG2020/050769 2019-12-31 2020-12-22 Authority management method and apparatus, and electronic device, and storage medium thereof WO2021137757A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911403657.1 2019-12-31
CN201911403657.1A CN111556005B (zh) 2019-12-31 2019-12-31 权限管理方法、装置、电子设备及存储介质

Publications (1)

Publication Number Publication Date
WO2021137757A1 true WO2021137757A1 (en) 2021-07-08

Family

ID=72004116

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SG2020/050769 WO2021137757A1 (en) 2019-12-31 2020-12-22 Authority management method and apparatus, and electronic device, and storage medium thereof

Country Status (2)

Country Link
CN (1) CN111556005B (zh)
WO (1) WO2021137757A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113505996A (zh) * 2021-07-13 2021-10-15 上海数禾信息科技有限公司 权限管理方法及装置
CN114944944A (zh) * 2022-05-05 2022-08-26 北京蓝海在线科技有限公司 一种基于json数据的权限分配方法、装置及计算机设备

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069541B (zh) * 2020-09-08 2024-05-07 北京百度网讯科技有限公司 权限管理、查询方法和装置
CN112562164A (zh) * 2020-12-17 2021-03-26 深圳市亚联讯网络科技有限公司 一种对象管理方法及对象管理系统
CN112988286A (zh) * 2021-03-12 2021-06-18 武汉蔚来能源有限公司 资源维护方法、装置及计算机存储介质
CN112883424A (zh) * 2021-03-18 2021-06-01 广西科技师范学院 一种物联网数据安全管理方法
CN113065108B (zh) * 2021-04-16 2022-05-17 支付宝(杭州)信息技术有限公司 用户权限的管理、应用运行方法及装置
CN114139139A (zh) * 2022-02-07 2022-03-04 树根互联股份有限公司 服务和应用的权限管控方法、装置和电子设备
CN115618387B (zh) * 2022-10-21 2024-02-06 上海和今信息科技有限公司 基于abac的鉴权方法、装置、设备及计算机可读介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030229623A1 (en) * 2002-05-30 2003-12-11 International Business Machines Corporation Fine grained role-based access to system resources
US20060010483A1 (en) * 2004-07-12 2006-01-12 International Business Machines Corporation Inherited role-based access control system, method and program product
US20110153671A1 (en) * 2009-12-18 2011-06-23 Fuji Xerox Co., Ltd. Information processing apparatus, information processing method and computer readable medium
CN109726579A (zh) * 2017-10-27 2019-05-07 阿里巴巴集团控股有限公司 资源访问权限分组方法及设备
US20190332789A1 (en) * 2018-04-27 2019-10-31 Microsoft Technology Licensing, Llc Hierarchical access rights and role based access

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100370441C (zh) * 2003-10-18 2008-02-20 鸿富锦精密工业(深圳)有限公司 遍历访问控制列表中许可权方法
US20070214497A1 (en) * 2006-03-10 2007-09-13 Axalto Inc. System and method for providing a hierarchical role-based access control
JP2008097214A (ja) * 2006-10-10 2008-04-24 Hitachi Ltd アクセス権管理方法、管理計算機、及び管理プログラム
CN101478536B (zh) * 2008-12-08 2011-09-14 山东浪潮齐鲁软件产业股份有限公司 一种解决权限管理中访问控制的方法
CN101916339B (zh) * 2010-06-22 2012-07-04 用友软件股份有限公司 权限查询方法和装置
CN105763522B (zh) * 2014-12-18 2020-02-14 中兴通讯股份有限公司 授权处理方法及装置
CN105468689A (zh) * 2015-11-17 2016-04-06 广东电网有限责任公司电力科学研究院 一种电网对象层级权限配置与继承的方法
CN106453395A (zh) * 2016-11-16 2017-02-22 航天信息股份有限公司 一种云平台资源访问权限的分级管理方法及系统
FR3060153B1 (fr) * 2016-12-09 2019-05-24 Thales Dispositif de gestion des droits d'acces d'utilisateurs a base de roles et procede de gestion associe
CN109688120B (zh) * 2018-12-14 2020-11-03 浙江大学 基于改进RBAC模型及Spring Security框架的动态权限管理系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030229623A1 (en) * 2002-05-30 2003-12-11 International Business Machines Corporation Fine grained role-based access to system resources
US20060010483A1 (en) * 2004-07-12 2006-01-12 International Business Machines Corporation Inherited role-based access control system, method and program product
US20110153671A1 (en) * 2009-12-18 2011-06-23 Fuji Xerox Co., Ltd. Information processing apparatus, information processing method and computer readable medium
CN109726579A (zh) * 2017-10-27 2019-05-07 阿里巴巴集团控股有限公司 资源访问权限分组方法及设备
US20190332789A1 (en) * 2018-04-27 2019-10-31 Microsoft Technology Licensing, Llc Hierarchical access rights and role based access

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113505996A (zh) * 2021-07-13 2021-10-15 上海数禾信息科技有限公司 权限管理方法及装置
CN114944944A (zh) * 2022-05-05 2022-08-26 北京蓝海在线科技有限公司 一种基于json数据的权限分配方法、装置及计算机设备

Also Published As

Publication number Publication date
CN111556005A (zh) 2020-08-18
CN111556005B (zh) 2023-08-08

Similar Documents

Publication Publication Date Title
WO2021137757A1 (en) Authority management method and apparatus, and electronic device, and storage medium thereof
CN108664650B (zh) 一种区块链网络的事务处理方法、装置、设备及存储介质
CN108897628B (zh) 一种分布式锁的实现方法、装置及电子设备
WO2019028992A1 (zh) 多模块版本依赖关系构建方法、装置、服务器和存储介质
US10204125B2 (en) Method, apparatus, and application platform for updating application object attribute
WO2020000675A1 (zh) 游戏资源包的发布方法、装置、终端设备及介质
CN101183379A (zh) 用于检索数据的方法和系统
RU2746155C2 (ru) Уничтожение объекта на основе последовательности выполняемых действий
CN110138767B (zh) 事务请求的处理方法、装置、设备和存储介质
US11720607B2 (en) System for lightweight objects
CN112579307A (zh) 一种物理锁资源的分配检测方法、装置及电子设备
CN102541544B (zh) 树形控件的处理方法、装置及系统
CN112199200B (zh) 资源调度方法、装置、计算机设备和存储介质
CN110807185A (zh) 系统访问方法、装置及服务器
CN115208637B (zh) 区块链智能合约的访问控制方法
US9009731B2 (en) Conversion of lightweight object to a heavyweight object
CN112711602B (zh) 一种存储过程的运行方法、装置,数据库系统及存储介质
CN110290172B (zh) 容器应用克隆方法、装置、计算机设备及存储介质
CN113626509A (zh) 数据接入方法、装置、电子设备及可读存储介质
CN113434938A (zh) Bim模型的检查方法、装置、计算机设备及存储介质
CN113360251A (zh) 智能合约执行与跨合约调用方法、装置及存储介质
CN104298763A (zh) 一种基于web的结构化数据库系统对外访问方法
CN112748952A (zh) 一种环形依赖关系的检测方法、装置、设备和存储介质
CN116680277B (zh) 信息核验方法、装置、设备及存储介质
CN105610908B (zh) 一种基于安卓设备的samba服务实现方法及系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20909096

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20909096

Country of ref document: EP

Kind code of ref document: A1