CN102012981A - Distributing and matching method and system of general permission grade - Google Patents
Distributing and matching method and system of general permission grade Download PDFInfo
- Publication number
- CN102012981A CN102012981A CN2010105457392A CN201010545739A CN102012981A CN 102012981 A CN102012981 A CN 102012981A CN 2010105457392 A CN2010105457392 A CN 2010105457392A CN 201010545739 A CN201010545739 A CN 201010545739A CN 102012981 A CN102012981 A CN 102012981A
- Authority
- CN
- China
- Prior art keywords
- authority
- module
- protection
- general
- permission levels
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a distributing and matching system of general permission grade. The system is characterized in that a metadata module is used for storing permission protection object description metadata and permission grantee description metadata; when a request is received, the corresponding permission protection object description metadata and permission grantee description metadata are sent to a requestor; metadata is data for describing the data; a permission distribution module is used for generating permission data according to the incidence relation between the permission protection object description metadata and the permission grantee description metadata, and sending the permission data to a general permission storage module; the general permission storage module is used for storing the permission data; and a permission matching module is used for receiving an access request of a user and analyzing the permission grade in the access request, and obtaining a result whether the user can operate a protected object or not according to the permission grade and the permission data. The invention also discloses a distributing and matching method of general permission grade. According to the system and method disclosed by the invention, the protected object can be defined at random.
Description
Technical field
The present invention relates to a kind of administrative skill of system resource, specifically, relate to distribution of a kind of general-purpose rights grade and matching process and system thereof.
Background technology
Authority setting in the infosystem at present and management generally are carried out the Permission Levels setting at the special object in the system, then Permission Levels and user are set up related, thereby the operation that the differentiation user can carry out concrete data.
Prior art is only carried out the authority visit to a concrete class data object and is provided with, and as file, order, member etc., can only distribute to limited a few class owners, as user, role.If when existing a lot of class data objects all will distribute to the owner of uncertain classification in the system, existing method need be different data object difference create right tables, user's complicated operation, the requisite space storage consumption is big, may relate to simultaneously the exploitation once more of more workload, cause the whole cost of project to increase.
Summary of the invention
Technical matters solved by the invention provides a kind of general-purpose rights grade distributes and matching system, can define protected object arbitrarily.
The present invention is achieved through the following technical solutions.
A kind of general-purpose rights grade is distributed and matching system, comprises meta data block, right assignment module and authority matching module, wherein,
Meta data block is used to preserve authority object of protection descriptive metadata and authority awarded person descriptive metadata; When receiving request, corresponding authority object of protection descriptive metadata and authority awarded person descriptive metadata are sent to the requestor; Described metadata is the data of data of description;
The right assignment module is used for generating permissions data according to the incidence relation of described authority object of protection descriptive metadata and authority awarded person descriptive metadata, and described permissions data is sent to described general-purpose rights memory module;
The general-purpose rights memory module is used to store described permissions data;
The authority matching module; be used to receive user's request of access; parse the Permission Levels in the described request of access, draw the result whether user can operate object of protection according to the permissions data in Permission Levels in the described request of access and the described general-purpose rights memory module.
Further: described right assignment module comprises that authority plays up and select module and authority that module is set, the definition of module according to described meta data block played up and selected to described authority, and user interface is played up and be shown to described authority object of protection and authority awarded person descriptive metadata; Described authority is provided with the validity that module is used to verify described permissions data, and effective permissions data is write described general-purpose rights memory module.
Further: described permissions data comprises authority relation identification number ID, authority object of protection type, authority object of protection ID, Permission Levels, awarded person's object type or awarded person's object ID.
Further: described authority matching module draws the Permission Levels of current request of access action required according to authority relation identification number ID, authority object of protection type, authority object of protection ID, awarded person's object type or awarded person's object ID; Inquire about the Permission Levels that described general-purpose rights memory module obtains the authority awarded person then; described request of access Permission Levels and authority awarded person's Permission Levels are mated, draw the result whether described current accessed user can operate object of protection.
Another technical matters solved by the invention provides a kind of general-purpose rights grade distributes and matching process, can define protected object arbitrarily.
Technical scheme is as follows:
A kind of general-purpose rights grade is distributed and matching process, comprising:
The authority matching module receives user's request of access, according to described request of access identification protected object, authority awarded person and Permission Levels;
Described authority matching module is transferred authority object of protection descriptive metadata and the authority awarded person descriptive metadata in the meta data block, and described metadata is the data of data of description;
Described authority matching module is inquired about the permissions data in the general-purpose rights memory module, transfers authority awarded person's Permission Levels; Described permissions data is used to represent the incidence relation of described authority object of protection descriptive metadata and authority awarded person descriptive metadata;
Described authority matching module judges that whether described authority awarded person's the Permission Levels and the Permission Levels of described request of access mate, and operate object of protection according to matching result.
Preferably: described right assignment module comprises that authority plays up and select module and authority that module is set, the definition of module according to described meta data block played up and selected to described authority, described authority object of protection and authority awarded person descriptive metadata are played up, be shown to the authority person of setting by user interface; Described authority is provided with the validity of the permissions data of module verification, and effective permissions data is write described general-purpose rights memory module.
Preferably: described permissions data comprises authority relation identification number ID, authority object of protection type, authority object of protection ID, Permission Levels, awarded person's object type or awarded person's object ID.
Preferably: described authority matching module draws the Permission Levels of request of access action required according to authority relation identification number ID, identification protecting object type, object of protection ID, awarded person's object type or awarded person's object ID; inquire about the Permission Levels that described general-purpose rights memory module obtains the authority awarded person then; the Permission Levels of described request of access and authority awarded person's Permission Levels are mated, whether draw the result that can operate object of protection.
Preferably: described authority matching module is transferred the authority object of protection descriptive metadata of the described Permission Levels correspondence in the described meta data block, calculates the protected object inheritance; Transfer authority awarded person's level metadata of the described Permission Levels correspondence in the described meta data block, calculate authority owner inheritance; If authority owner's inheritance be superior to described protected object inheritance, think that then authority mates, can operate described protected object.
Preferably: based on current protected object a; if being set to allow to inherit the higher level, described protected object a is provided with; then search the higher level b of described protected object a according to object level metadata; the rest may be inferred; obtain protected object set x; during coupling, be that reference value is carried out the authority coupling with described set x.
The technology of the present invention effect comprises:
1, the present invention can define protected object arbitrarily.The present invention can give the owner of any classification with other right assignment of arbitrary number of level of the object of any classification in the infosystem.
2, the present invention can define Permission Levels arbitrarily.
3, the present invention supports protected object hierarchical relationship and authority to inherit.
4, the present invention can define the authority awarded person arbitrarily.
5, the present invention supports authority awarded person hierarchical relationship and authority to inherit.
6, the present invention can authorize any awarded person with any Permission Levels of any object.
7, among the present invention, the permissions data management is concentrated, simple.The present invention has saved the space of data storage with permissions data unified management and storage in the system, has reduced the complicacy of maintenance management permissions data.
8, simultaneously under large-scale data volume, the present invention can realize the distributed storage and the visit of load balancing easily, has very strong retractility.
Description of drawings
Fig. 1 is that general-purpose rights grade of the present invention is distributed and the structured flowchart that mates its system;
Fig. 2 is that general-purpose rights grade of the present invention is distributed and the workflow diagram that mates its system.
Embodiment
Below with reference to accompanying drawing and preferred embodiment technical solution of the present invention is elaborated.
As shown in Figure 1, be that general-purpose rights grade of the present invention is distributed and the structured flowchart that mates its system.The general-purpose rights grade is distributed with its system of coupling and is comprised: meta data block 10, right assignment module 20, general-purpose rights memory module 30 and authority matching module 40.
Meta data block 10 is used to preserve the definition and the description (being called authority object of protection descriptive metadata) of authority object of protection; and the definition and the description (being called authority awarded person descriptive metadata) that are used to preserve the authority awarded person; when request, (authority object of protection or authority awarded person) definition and description accordingly sends to the requestor.The authority object of protection can be any resource and the data in the system, for example order, client, file, department etc.; Authority object of protection descriptive metadata has defined the particular type of data or resource.Metadata is the data of data of description.Authority object of protection descriptive metadata comprises Permission Levels metadata and object level metadata.The Permission Levels meta data definition Permission Levels, each class authority object of protection can define Permission Levels arbitrarily, for example reads, edits, downloads, deletion etc., these ranks will be analyzed and contrast when authority be mated.Object level meta data definition the classification or the hierarchical relationship of authority object of protection, by setting, can make the low layer object inherit the authority of high-rise object to hierarchical relationship.Authority awarded person defined can granted permission object, for example user, department, role, user's group, external interface etc.; Awarded person's level meta data definition the hierarchical relationship between the awarded person, in order to realize the succession of authority.Authority awarded person's descriptive metadata and awarded person's level metadata are not contacted directly.Authority awarded person's descriptive metadata be with a part of object factory in the system for can granted permission, the user is for example described, department can granted permission.Awarded person's level metadata then is the relation of inclusion of describing in these objects, and for example X department comprises A, B, a C3 user, and the Z file comprises the F1-F100 file.
Right assignment module 20 comprises that authority plays up and select module 201 and authority that module 202 is set, and right assignment module 20 is used to generate permissions data, and permissions data is sent to general-purpose rights memory module 30.The definition of module 201 according to meta data block 10 played up and selected to authority, and authority object of protection and authority awarded person descriptive metadata are played up, and is shown to the authority person of setting by user interface, so that the authority person of setting is provided with permission object fast.Authority awarded person shows through the authority rendering module data from the authority awarded person's object set by authority awarded person meta data definition.Authority is provided with the validity of the permissions data that module 202 at first verifies, will write general-purpose rights memory module 30 for effective permissions data.Permissions data is that for example " user A-object x-rank L " is that representative of consumer A has other access rights of L level to object x by the authority object of protection of rights manager selection and authority awarded person's incidence relation.The module 201 mutual permissions data that generate are played up and selected to rights manager and authority, passes to authority then module 202 is set.
General-purpose rights memory module 30 is used to store permissions data, is the centralized stores center of permissions data.
Permissions data record format in the general-purpose rights memory module 30 is as follows:
| Authority relation ID (identification number) |
| Authority object of protection type |
| Authority object of protection ID |
| Permission Levels |
| Awarded person's object type |
| Awarded person's object ID |
Because all authority data centralization storages, the permissions data that needs to safeguard has only portion, can accomplish distributed storage, buffer memory, query optimization easily, and data stability, reliability, query performance significantly improve, and management complexity effectively reduces.
Authority matching module 40 plays a role when moving in system, at first discern authority relation identification number ID, authority object of protection type, authority object of protection ID, awarded person's object type, awarded person's object ID, parse authority owner's type and ID, determine awarded person's Permission Levels; Inquire about general-purpose rights memory module 30 then and obtain the corresponding Permission Levels of authority awarded person; awarded person's Permission Levels and the corresponding Permission Levels of authority owner are mated, thereby draw the result whether calling party can be operated this object of protection.
As shown in Figure 2, be that general-purpose rights grade of the present invention is distributed and the workflow diagram that mates its system.
Step 201: authority matching module 40 receives user's request of access.Request of access is concrete business function module; the authority object of protection type, authority object of protection ID that can definition in business function module will visit, the Permission Levels that will use, the while business module can parse authority owner's type and ID according to the session information of current this module of use.
Step 202: the information that authority matching module 40 is resolved in the request of access, identification protected object.
Authority matching module 40 is according to authority object of protection type, the concrete protected object in authority object of protection ID location.
Step 203: authority matching module 40 identification authority owners.Authority matching module 40 is according to authority owner's type and the concrete authority owner in ID location.
Step 204: authority matching module 40 identification request of access requested permissions ranks.
Step 205: authority matching module 40 is transferred the authority object of protection descriptive metadata of this protected object correspondence in the meta data block 10, calculates the protected object inheritance.
The protected object inheritance obtains in the following way:
Based on current protected object a, if being set to allow to inherit the higher level, this object is provided with, then search the higher level b of object a according to object level metadata, the rest may be inferred, obtains protected object set x.Authority coupling (being that reference value is carried out the authority coupling with set x promptly) will be carried out at set x in the back.
Step 206: authority matching module 40 is transferred authority awarded person's level metadata of this authority owner correspondence of meta data block 10, calculates authority owner inheritance.
Authority owner's inheritance obtains in the following way:
Based on current awarded person's object a, if being set to allow to inherit the higher level, this object is provided with, then search the higher level b of object a according to object level metadata, the rest may be inferred, obtains awarded person's object set y.The authority coupling will be carried out at set y in the back.
Step 207: authority awarded person's Permission Levels in the authority matching module 40 inquiry general-purpose rights memory modules 30;
Step 208: whether the Permission Levels that authority matching module 40 calculates the authority awarded person mate with the authority that this request of access comprises the Permission Levels correspondence.
Computing method are: if exist object combination among set x and the set y to have Permission Levels greater than the need access level, think that then authority mates.
Step 209: reach a conclusion, promptly draw the conclusion whether user can operate this protected object, whether calling party can be operated this protected object as can be known in view of the above.
If the Permission Levels of authority awarded person's inheritance are higher than described protected object inheritance, think that then authority mates, the user can operate described protected object.
Claims (10)
1. a general-purpose rights grade is distributed and matching system, it is characterized in that: comprise meta data block, right assignment module and authority matching module, wherein,
Meta data block is used to preserve authority object of protection descriptive metadata and authority awarded person descriptive metadata; When receiving request, corresponding authority object of protection descriptive metadata and authority awarded person descriptive metadata are sent to the requestor; Described metadata is the data of data of description;
The right assignment module is used for generating permissions data according to the incidence relation of described authority object of protection descriptive metadata and authority awarded person descriptive metadata, and described permissions data is sent to described general-purpose rights memory module;
The general-purpose rights memory module is used to store described permissions data;
The authority matching module; be used to receive user's request of access; parse the Permission Levels in the described request of access, draw the result whether user can operate object of protection according to the permissions data in Permission Levels in the described request of access and the described general-purpose rights memory module.
2. general-purpose rights grade as claimed in claim 1 is distributed and matching system, it is characterized in that: described right assignment module comprises that authority plays up and select module and authority that module is set, the definition of module according to described meta data block played up and selected to described authority, and user interface is played up and be shown to described authority object of protection and authority awarded person descriptive metadata; Described authority is provided with the validity that module is used to verify described permissions data, and effective permissions data is write described general-purpose rights memory module.
3. general-purpose rights grade as claimed in claim 1 is distributed and matching system, and it is characterized in that: described permissions data comprises authority relation identification number ID, authority object of protection type, authority object of protection ID, Permission Levels, awarded person's object type or awarded person's object ID.
4. general-purpose rights grade as claimed in claim 3 is distributed and matching system, and it is characterized in that: described authority matching module draws the Permission Levels of current request of access action required according to authority relation identification number ID, authority object of protection type, authority object of protection ID, awarded person's object type or awarded person's object ID; Inquire about the Permission Levels that described general-purpose rights memory module obtains the authority awarded person then; described request of access Permission Levels and authority awarded person's Permission Levels are mated, draw the result whether described current accessed user can operate object of protection.
5. a general-purpose rights grade is distributed and matching process, comprising:
The authority matching module receives user's request of access, according to described request of access identification protected object, authority awarded person and Permission Levels;
Described authority matching module is transferred authority object of protection descriptive metadata and the authority awarded person descriptive metadata in the meta data block, and described metadata is the data of data of description;
Described authority matching module is inquired about the permissions data in the general-purpose rights memory module, transfers authority awarded person's Permission Levels; Described permissions data is used to represent the incidence relation of described authority object of protection descriptive metadata and authority awarded person descriptive metadata;
Described authority matching module judges that whether described authority awarded person's the Permission Levels and the Permission Levels of described request of access mate, and operate object of protection according to matching result.
6. general-purpose rights grade according to claim 5 is distributed and matching process, it is characterized in that: described right assignment module comprises that authority plays up and select module and authority that module is set, the definition of module according to described meta data block played up and selected to described authority, described authority object of protection and authority awarded person descriptive metadata are played up, be shown to the authority person of setting by user interface; Described authority is provided with the validity of the permissions data of module verification, and effective permissions data is write described general-purpose rights memory module.
7. general-purpose rights grade according to claim 5 is distributed and matching process, and it is characterized in that: described permissions data comprises authority relation identification number ID, authority object of protection type, authority object of protection ID, Permission Levels, awarded person's object type or awarded person's object ID.
8. general-purpose rights grade according to claim 7 is distributed and matching process; it is characterized in that: described authority matching module draws the Permission Levels of request of access action required according to authority relation identification number ID, identification protecting object type, object of protection ID, awarded person's object type or awarded person's object ID; inquire about the Permission Levels that described general-purpose rights memory module obtains the authority awarded person then; the Permission Levels of described request of access and authority awarded person's Permission Levels are mated, whether draw the result that can operate object of protection.
9. general-purpose rights grade according to claim 1 is distributed and matching process, it is characterized in that: described authority matching module is transferred the authority object of protection descriptive metadata of the described Permission Levels correspondence in the described meta data block, calculates the protected object inheritance; Transfer authority awarded person's level metadata of the described Permission Levels correspondence in the described meta data block, calculate authority owner inheritance; If authority owner's inheritance be superior to described protected object inheritance, think that then authority mates, can operate described protected object.
10. general-purpose rights grade according to claim 1 is distributed and matching process; it is characterized in that: based on current protected object a; if being set to allow to inherit the higher level, described protected object a is provided with; then search the higher level b of described protected object a according to object level metadata; the rest may be inferred; obtaining protected object set x, during coupling, is that reference value is carried out the authority coupling with described set x.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010545739A CN102012981B (en) | 2010-11-16 | 2010-11-16 | Distributing and matching method and system of general permission grade |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010545739A CN102012981B (en) | 2010-11-16 | 2010-11-16 | Distributing and matching method and system of general permission grade |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102012981A true CN102012981A (en) | 2011-04-13 |
| CN102012981B CN102012981B (en) | 2012-09-05 |
Family
ID=43843154
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010545739A Active CN102012981B (en) | 2010-11-16 | 2010-11-16 | Distributing and matching method and system of general permission grade |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102012981B (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102271141A (en) * | 2011-09-13 | 2011-12-07 | 大连佳姆信息安全软件技术有限公司 | Electronic file permission dynamic adaptive control method and system |
| CN103078859A (en) * | 2012-12-31 | 2013-05-01 | 普天新能源有限责任公司 | Service system authority management method, equipment and system |
| CN103218688A (en) * | 2013-04-23 | 2013-07-24 | 浪潮集团山东通用软件有限公司 | Method for determining workflow participant based on data permission |
| CN103488791A (en) * | 2013-09-30 | 2014-01-01 | 华为技术有限公司 | Data access method and system and data warehouse |
| CN104092652A (en) * | 2013-12-25 | 2014-10-08 | 腾讯数码(天津)有限公司 | Data processing system and method |
| CN104820508A (en) * | 2014-01-30 | 2015-08-05 | 联发科技(新加坡)私人有限公司 | Data sharing method for setting permissions and touch electronic devices |
| CN105184467A (en) * | 2015-08-25 | 2015-12-23 | 长沙市麓智信息科技有限公司 | Quality evaluation system of patent application file and evaluation method thereof |
| CN105243337A (en) * | 2015-10-20 | 2016-01-13 | 上海斐讯数据通信技术有限公司 | Permission control system and method |
| CN107172007A (en) * | 2017-03-28 | 2017-09-15 | 深圳市卓讯信息技术有限公司 | The concentration authorization management method and device of a kind of multifactor adaptation |
| CN107229644A (en) * | 2016-03-25 | 2017-10-03 | 阿里巴巴集团控股有限公司 | Searching method and device |
| CN103746798B (en) * | 2013-12-12 | 2017-12-26 | 中国科学院深圳先进技术研究院 | A kind of data access control method and system |
| CN109495518A (en) * | 2019-01-10 | 2019-03-19 | 王艳 | Network access authority management system |
| CN110083680A (en) * | 2019-03-20 | 2019-08-02 | 阿里巴巴集团控股有限公司 | Context data management method and device in a kind of distributed system |
| CN110753060A (en) * | 2019-10-25 | 2020-02-04 | 深信服科技股份有限公司 | Process operation control method and device, electronic equipment and storage medium |
| CN111222929A (en) * | 2019-12-31 | 2020-06-02 | 航天信息股份有限公司 | Electronic invoice application method and device supporting dynamic file permission |
| CN111931234A (en) * | 2020-08-13 | 2020-11-13 | 中国民航信息网络股份有限公司 | Data access control method and system |
| CN112597510A (en) * | 2020-12-16 | 2021-04-02 | 中国工商银行股份有限公司 | Access control method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7185192B1 (en) * | 2000-07-07 | 2007-02-27 | Emc Corporation | Methods and apparatus for controlling access to a resource |
| CN101441688A (en) * | 2007-11-20 | 2009-05-27 | 阿里巴巴集团控股有限公司 | User authority allocation method and user authority control method |
| CN101571897A (en) * | 2009-06-04 | 2009-11-04 | 浙江大学 | Method for controlling access permission of massive objects in computer system |
| CN101739523A (en) * | 2009-11-25 | 2010-06-16 | 金蝶软件(中国)有限公司 | Data permission control method and device |
-
2010
- 2010-11-16 CN CN201010545739A patent/CN102012981B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7185192B1 (en) * | 2000-07-07 | 2007-02-27 | Emc Corporation | Methods and apparatus for controlling access to a resource |
| CN101441688A (en) * | 2007-11-20 | 2009-05-27 | 阿里巴巴集团控股有限公司 | User authority allocation method and user authority control method |
| CN101571897A (en) * | 2009-06-04 | 2009-11-04 | 浙江大学 | Method for controlling access permission of massive objects in computer system |
| CN101739523A (en) * | 2009-11-25 | 2010-06-16 | 金蝶软件(中国)有限公司 | Data permission control method and device |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102271141A (en) * | 2011-09-13 | 2011-12-07 | 大连佳姆信息安全软件技术有限公司 | Electronic file permission dynamic adaptive control method and system |
| CN102271141B (en) * | 2011-09-13 | 2014-04-02 | 大连佳姆信息安全软件技术有限公司 | Electronic file permission dynamic adaptive control method and system |
| CN103078859B (en) * | 2012-12-31 | 2016-03-02 | 普天新能源有限责任公司 | Operation system right management method, equipment and system |
| CN103078859A (en) * | 2012-12-31 | 2013-05-01 | 普天新能源有限责任公司 | Service system authority management method, equipment and system |
| CN103218688A (en) * | 2013-04-23 | 2013-07-24 | 浪潮集团山东通用软件有限公司 | Method for determining workflow participant based on data permission |
| CN103488791A (en) * | 2013-09-30 | 2014-01-01 | 华为技术有限公司 | Data access method and system and data warehouse |
| CN103488791B (en) * | 2013-09-30 | 2018-03-27 | 华为技术有限公司 | Data access method, system and data warehouse |
| CN103746798B (en) * | 2013-12-12 | 2017-12-26 | 中国科学院深圳先进技术研究院 | A kind of data access control method and system |
| CN104092652A (en) * | 2013-12-25 | 2014-10-08 | 腾讯数码(天津)有限公司 | Data processing system and method |
| CN104092652B (en) * | 2013-12-25 | 2017-08-01 | 腾讯数码(天津)有限公司 | Data handling system and method |
| CN104820508A (en) * | 2014-01-30 | 2015-08-05 | 联发科技(新加坡)私人有限公司 | Data sharing method for setting permissions and touch electronic devices |
| CN105184467A (en) * | 2015-08-25 | 2015-12-23 | 长沙市麓智信息科技有限公司 | Quality evaluation system of patent application file and evaluation method thereof |
| CN105243337A (en) * | 2015-10-20 | 2016-01-13 | 上海斐讯数据通信技术有限公司 | Permission control system and method |
| CN107229644A (en) * | 2016-03-25 | 2017-10-03 | 阿里巴巴集团控股有限公司 | Searching method and device |
| CN107172007A (en) * | 2017-03-28 | 2017-09-15 | 深圳市卓讯信息技术有限公司 | The concentration authorization management method and device of a kind of multifactor adaptation |
| CN109495518A (en) * | 2019-01-10 | 2019-03-19 | 王艳 | Network access authority management system |
| CN110083680A (en) * | 2019-03-20 | 2019-08-02 | 阿里巴巴集团控股有限公司 | Context data management method and device in a kind of distributed system |
| CN110083680B (en) * | 2019-03-20 | 2023-07-25 | 创新先进技术有限公司 | Method and device for managing context data in distributed system |
| CN110753060A (en) * | 2019-10-25 | 2020-02-04 | 深信服科技股份有限公司 | Process operation control method and device, electronic equipment and storage medium |
| CN110753060B (en) * | 2019-10-25 | 2022-06-21 | 深信服科技股份有限公司 | Process operation control method and device, electronic equipment and storage medium |
| CN111222929A (en) * | 2019-12-31 | 2020-06-02 | 航天信息股份有限公司 | Electronic invoice application method and device supporting dynamic file permission |
| CN111931234A (en) * | 2020-08-13 | 2020-11-13 | 中国民航信息网络股份有限公司 | Data access control method and system |
| CN112597510A (en) * | 2020-12-16 | 2021-04-02 | 中国工商银行股份有限公司 | Access control method and device |
| CN112597510B (en) * | 2020-12-16 | 2024-01-30 | 中国工商银行股份有限公司 | Access control method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102012981B (en) | 2012-09-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102012981B (en) | Distributing and matching method and system of general permission grade | |
| KR101959153B1 (en) | System for efficient processing of transaction requests related to an account in a database | |
| CN103312624B (en) | A kind of Message Queuing Services system and method | |
| CN102684903A (en) | Management platform, system and method for realizing access of multiple cloud storage resource nodes | |
| CN104050248B (en) | A kind of document storage system and storage method | |
| CN104765661B (en) | The multinode hot spare method of Metadata Service node in a kind of cloud storage service | |
| CN101442558B (en) | Method and system for providing index service for P2SP network | |
| CN102081710A (en) | Authority setting method and authority control method | |
| CN102034036A (en) | Permission management method and equipment | |
| CN104506487A (en) | Credible execution method for privacy policy in cloud environment | |
| CN106960011A (en) | Metadata of distributed type file system management system and method | |
| CN112487061B (en) | Big data tracing method and system based on block chain and computer equipment | |
| CN102143228A (en) | Cloud storage system, cloud client and method for realizing storage area network service | |
| US11282309B2 (en) | Control method, information processing device, management system, and recording medium | |
| TW202025057A (en) | Field updating method and device and electronic equipment | |
| WO2016169237A1 (en) | Data processing method and device | |
| CN105512188A (en) | Data connection method and data connection system | |
| CN102469089A (en) | Method and device for dynamically sharing and isolating data | |
| CN103414762A (en) | Cloud backup method and cloud backup device | |
| CN105224541B (en) | Uniqueness control method, information storage means and the device of data | |
| CN115085902A (en) | Power grid dispatching log management method and system | |
| CN103530538A (en) | XML safety view querying method based on Schema | |
| WO2022206439A1 (en) | Method and apparatus for providing cross-chain message | |
| CN103699961A (en) | System and method for managing and controlling authority of personnel in multiple areas | |
| CN102724301B (en) | Cloud database system and method and equipment for reading and writing cloud data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Distributing and matching method and system of general permission grade Effective date of registration: 20130424 Granted publication date: 20120905 Pledgee: Wuhan rural commercial bank Limited by Share Ltd Optics Valley branch Pledgor: Transn (Beijing) Information Technology Co., Ltd. Registration number: 2013990000241 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| ASS | Succession or assignment of patent right |
Owner name: WUHAN TRANSN INFORMATION TECHNOLOGY CO., LTD. TRAN Effective date: 20140225 |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20140225 Address after: 100085 Beijing city Haidian District Qingyun aromatic garden Ting Building 9, Tsing Wun contemporary building seventeen 1707A1 room Patentee after: Transn (Beijing) Information Technology Co., Ltd. Patentee after: Wuhan Transn Information Technology Co., Ltd. Patentee after: Vivid (China) Network Technology Co., Ltd. Address before: 100085 Beijing city Haidian District Qingyun aromatic garden Ting Building 9, Tsing Wun contemporary building seventeen 1707A1 room Patentee before: Transn (Beijing) Information Technology Co., Ltd. |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20140403 Granted publication date: 20120905 Pledgee: Wuhan rural commercial bank Limited by Share Ltd Optics Valley branch Pledgor: Union (Beijing) Information Technology Co., Ltd.| Wuhan vivid Information Technology Co., Ltd.| vivid (China) Network Technology Co., Ltd. Registration number: 2013990000241 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| PM01 | Change of the registration of the contract for pledge of patent right |
Change date: 20140403 Registration number: 2013990000241 Pledgor after: Union (Beijing) Information Technology Co., Ltd. Pledgor after: Wuhan vivid Information Technology Co., Ltd. Pledgor after: vivid (China) Network Technology Co., Ltd. Pledgor before: Transn (Beijing) Information Technology Co., Ltd. |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Distributing and matching method and system of general permission grade Effective date of registration: 20140404 Granted publication date: 20120905 Pledgee: Wuhan rural commercial bank Limited by Share Ltd Optics Valley branch Pledgor: Union (Beijing) Information Technology Co., Ltd.|Wuhan vivid Information Technology Co., Ltd.|vivid (China) Network Technology Co., Ltd. Registration number: 2014990000238 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20150213 Granted publication date: 20120905 Pledgee: Wuhan rural commercial bank Limited by Share Ltd Optics Valley branch Pledgor: Union (Beijing) Information Technology Co., Ltd.|Wuhan vivid Information Technology Co., Ltd.|vivid (China) Network Technology Co., Ltd. Registration number: 2014990000238 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Distributing and matching method and system of general permission grade Effective date of registration: 20150215 Granted publication date: 20120905 Pledgee: Wuhan rural commercial bank Limited by Share Ltd Optics Valley branch Pledgor: Translated Description: (China) Network Technology Co., Ltd.|Wuhan vivid Information Technology Co., Ltd.|vivid Union (Beijing) Information Technology Co., Ltd. Registration number: 2015990000148 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20160823 Granted publication date: 20120905 Pledgee: Wuhan rural commercial bank Limited by Share Ltd Optics Valley branch Pledgor: Translated Description: (China) Network Technology Co., Ltd.|Wuhan vivid Information Technology Co., Ltd.|vivid Union (Beijing) Information Technology Co., Ltd. Registration number: 2015990000148 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| C56 | Change in the name or address of the patentee | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100085 Beijing city Haidian District Qingyun aromatic garden Ting Building 9, Tsing Wun contemporary building seventeen 1707A1 room Patentee after: Transn (Beijing) Information Technology Co., Ltd. Patentee after: Language network (Wuhan) Information Technology Co., Ltd. Patentee after: Expressive language, networking, Polytron Technologies Inc Address before: 100085 Beijing city Haidian District Qingyun aromatic garden Ting Building 9, Tsing Wun contemporary building seventeen 1707A1 room Patentee before: Transn (Beijing) Information Technology Co., Ltd. Patentee before: Wuhan Transn Information Technology Co., Ltd. Patentee before: Vivid (China) Network Technology Co., Ltd. |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Distributing and matching method and system of general permission grade Effective date of registration: 20161109 Granted publication date: 20120905 Pledgee: Wuhan rural commercial bank Limited by Share Ltd Optics Valley branch Pledgor: Language network (Wuhan) Information Technology Co. Ltd.|transn information technology (Beijing) Co. Ltd.|vivid language network Polytron Technologies Inc Registration number: 2016420000044 |
|
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model |