CN102195956A - Cloud service system and user right management method thereof - Google Patents
Cloud service system and user right management method thereof Download PDFInfo
- Publication number
- CN102195956A CN102195956A CN2010101312356A CN201010131235A CN102195956A CN 102195956 A CN102195956 A CN 102195956A CN 2010101312356 A CN2010101312356 A CN 2010101312356A CN 201010131235 A CN201010131235 A CN 201010131235A CN 102195956 A CN102195956 A CN 102195956A
- Authority
- CN
- China
- Prior art keywords
- application
- user
- role
- application access
- decision logic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a cloud service system and a user right management method thereof. The cloud service system comprises a user login server, a right management server, an application access control server, an application management server and an application front-end server, wherein the user login server determines one or more roles of a user in response to the login of the user; the right management server comprises one or more judgment logics, and application access rules of which each corresponds to a given role, given application, a given operation and a given judgment logic; for each application access rule, a corresponding given judgment logic can determine whether the user as the given role is allowed to execute the given operation in the given application according to preset conditions; the application access control server determines one or more application access rules with the given roles in response to the determination of the role, and makes a request to the right management server for executing the given judgment logics corresponding to the application access rules; the application management server generates information about the application and operations which the user is allowed to use in response to judgment logic determination results; and the application front-end server displays corresponding application and operations to the user according to the information.
Description
Technical field
The present invention relates to user authority management, relate in particular to the cloud service system and reach the wherein method of leading subscriber authority.
Background technology
Along with computer and development of internet technology, cloud computing becomes the revolutionary new technology of information technology (IT) industry gradually.What cloud computing changed is not only computation schema, also is simultaneously the change on the business model.The cloud computing technology by network with as required, the mode of easily expansion provides IT service.The content of this service comprises that not only software promptly serves (SaaS), comprises that also platform promptly serves (PaaS) and promptly serve (IaaS) with the infrastructure of bottom more.Cloud computing provides by service manner and calculates and storage resources.Provide the system of such service to be also referred to as the cloud service system.
In the middle of the cloud service system, at different users and different resources (being embodied in cloud uses), need carry out effective control of authority, can be limited in other user there of a specific order to guarantee every resource.In the cloud service system, whom the access control that cloud is used determined to visit certain in which way to use, and when application being carried out a certain concrete operation, determined whether the user is authorized to carry out this operation.
The method of existing access control mainly contains uses access control list (ACL) and based on two kinds of role's access control (RBAC).
Summary of the invention
In the method for using Access Control List (ACL), a permissions list is set at the resource that needs binding authority.This permissions list is called ACL.Fig. 5 a shows the example of Access Control List (ACL).Shown in Fig. 5 a, Access Control List (ACL) 501 comprises three fields of resource ID, user ID and access mode (being authority), is authorized to visit which resource to specify that user, and can visits this resource in which way.Such as, if record has defined resource ID corresponding to file abc, corresponding to the user ID of user Tom with corresponding to the access mode of " deletion ", represent that then user Tom can deleted file abc.When needs judge whether certain user has authority to carry out a certain operation on a certain resource, need the continuous item of the ACL of this resource of inquiry earlier, and then determine whether this user can continue operation.Though the statement of the method for ACL is directly perceived, easy to understand, and be widely used in file system and the route system, when it is applied in the control of authority of cloud service, following distinct disadvantage is arranged but:
1) memory data output is excessive, because general user's enormous amount in the cloud service system, and needing the data of management also huge, this can cause ACL too huge;
2) because need safeguard ACL at each data resource and user's combination, so when user and function change in the cloud service system, just need carry out the renewal of ACL to all data resources, and the common quantity of the data resource in the cloud service system is huge and complicated, and this tends to cause Rights Management System difficult in maintenance;
3) lack unified rights management to same resource type.
Various roles have been defined in the rights management based on the role.Fig. 5 b shows the example of the table of definition user role.Shown in Fig. 5 b, table 502 comprises user ID and two fields of role.Every kind of role can finish certain function, and different users has been endowed corresponding role according to its function and responsibility.In case certain user becomes certain role's member, then this user can exercise the right that the role has.Relation between role and the authority is can be predefined.Fig. 5 b shows the example of the table of the authority that defines the role.Shown in Fig. 5 b, table 503 comprises role and two fields of access mode.Specific to the definition of authority, generally be operating right, such as the operating right of creating, delete, upgrade a certain categorical data resource to one group of data resource of same-type.Obviously, be more convenient for implementing the security strategy of the network information system of whole tissue or unit based on role's access control.But because be the authority restrict access is carried out in the data resource unification of same type, thereby lack enough flexibilities based on the granularity of role's rights management.For example, lack authority to the editor of certain concrete data.
The object of the present invention is to provide a kind of cloud service system and the method for leading subscriber authority wherein, to overcome the above-mentioned defective of prior art at least in part.
One embodiment of the present of invention are a kind of cloud service systems, comprising: the user login services device, and it logins one or more role who determines the user in response to the user; Right management server, comprise one or more decision logic, each described decision logic is corresponding to an application access rule, assigned role, application, operation and described decision logic in the described application access rule, wherein for each application access rule, specified decision logic can determine whether the user who serves as specified role is allowed to carry out specified operation in specified application according to predetermined condition; The application access Control Server, it determines in response to determining of described role to specify that one or more application access rule of described role is arranged, and asks described right management server to carry out the specified decision logic of described application access rule; Application management server, its definite result in response to described decision logic generate the relevant application of described user's use and the information of operation of allowing; And the application front end server, it presents respective application and operation according to described information to the user.
In a further embodiment, can realize of the request of application access Control Server based on table shape state-transition (REST) framework to the execution of the decision logic of right management server.
In a further embodiment, the application access Control Server can comprise the storehouse of application access rule.
In a further embodiment, the application front end server can be represented the permission of corresponding operating by presenting of control button.
In a further embodiment, the application front end server can be by the permission of representing to check operation that presents of using.
One embodiment of the present of invention are methods of leading subscriber authority in a kind of cloud service system, comprising: login one or more role who determines the user in response to the user; Determine to specify one or more application access rule that described role is arranged in response to determining of described role, and the specified decision logic of each described application access rule is carried out in request, specify in the wherein said application access rule and state role, application, operation and described decision logic to some extent, and for each application access rule, specified decision logic can determine whether the user who serves as specified role is allowed to carry out specified operation in specified application according to predetermined condition; Definite result in response to described decision logic generates the relevant application of described user's use and the information of operation of allowing; And present respective application and operation to the user according to described information.
In a further embodiment, can realize request based on the REST framework to the execution of decision logic.
In a further embodiment, can from the storehouse that comprises the application access rule, determine to specify one or more application access rule that described role is arranged.
In a further embodiment, present and to comprise the permission of representing corresponding operating by presenting of control button.
In a further embodiment, present the permission of representing to check operation that presents that can comprise by using.
According to embodiments of the invention, can realize the control of authority that is applicable to that cloud service is used based on flexible decision logic.
Description of drawings
With reference to below in conjunction with the explanation of accompanying drawing, can understand above and other purpose of the present invention, characteristics and advantage more easily to the embodiment of the invention.In the accompanying drawings, technical characterictic or parts identical or correspondence will adopt identical or corresponding Reference numeral to represent.Needn't go out the size and the relative position of unit in the accompanying drawings according to scale.
Fig. 1 is the block diagram that illustrates according to the structure of the cloud service system of the embodiment of the invention.
Fig. 2 is the schematic diagram that illustrates according to the example of the authorization administration information in the cloud service system of the embodiment of the invention.
Fig. 3 a, 3b and 3c illustrate the pseudo-code of the example of decision logic respectively.
Fig. 4 is the flow chart that illustrates according to the method for leading subscriber authority in the cloud service system of the embodiment of the invention.
Fig. 5 a shows the example of Access Control List (ACL), and Fig. 5 b shows the example of the table of table that defines user role and the authority that defines the role.
Fig. 6 is the block diagram that the exemplary configurations that wherein realizes computer of the present invention is shown.
Embodiment
Embodiments of the invention are described with reference to the accompanying drawings.Should be noted that for purpose clearly, omitted the parts that have nothing to do with the present invention, those of ordinary skills are known and the expression and the description of processing in accompanying drawing and the explanation.
Fig. 1 is the block diagram that illustrates according to the structure of the cloud service system 100 of the embodiment of the invention.
As shown in Figure 1, cloud service system 100 comprises user login services device 101, right management server 103, application access Control Server 102, application management server 104 and application front end server 105.
User login services device 101 is logined one or more role who determines the user in response to the user.
Fig. 2 is the schematic diagram that illustrates according to the example of the authorization administration information in the cloud service system of the embodiment of the invention.Table 201 among Fig. 2 comprises user ID field and corresponding authentication information field, is used for verifying when the user logins its whether validated user.After the user logined success, user login services device 101 was determined user's role according to the content of table 202.Table 202 comprises user ID field and corresponding role's field, is used to define the role who allows the user to bear.
Application access Control Server 102 is determined in response to determining of role to specify one or more application access rule that this role is arranged, and the request permissions management server is carried out the specified decision logic of application access rule.
Each decision logic is corresponding to an application access rule.Assigned role, application, operation and decision logic in each application access rule.For each application access rule, specified decision logic can determine whether the user who serves as specified role is allowed to carry out specified operation in specified application according to predetermined condition.
In an example, application be a group of in cloud service, specifically providing have logic association to data resource weblication that operate, that have operation interface.Use such as schedule management, the article management is used or the like; Operation is to its attribute of change of the data resource of or a certain type and the behavior of content, and concrete is on the interface of using by clicking and mode such as input content changes the interior perhaps attribute of data resource.
Table 203 among Fig. 2 provides the example of application access rule.
In example shown in Figure 2, the application access rule is four-tuple (role uses, operation, decision logic).There is the role: News Administrator, P.R.O. and the news person of checking.There is the user: user A, user B, user C, user D, user E and user F.Exist and use: the news management is used.Operation at the news management has: release news, edit news, browse news and check news.The application access rule that exists has:
Rule 1:(P.R.O., the news management is used, and releases news, always_true)
Rule 2:(P.R.O., the news management is used, and edits news, can_edit_own_article);
Rule 3:(News Administrator, the news management is used, and releases news, always_true)
Rule 4:(News Administrator, the news management is used, and edits news, always_true)
The rule 5:(news person of checking, the news management is used, and browses news, always_true)
The rule 6:(news person of checking, the news management is used, and checks news, always_true)
The rule 7:(news person of checking, the news management is used, and edits news, and can_edit_older_article) role that each user gave is as follows:
User A: P.R.O., News Administrator, the news person of checking
User B: P.R.O.
User C: News Administrator
User D: the news person of checking
User E: the news person of checking
User F: do not have
When user A logined, user login services device 101 was determined to login successfully according to table 201, and determined three kinds of roles of user A according to table 202: P.R.O., News Administrator, the news person of checking.According to three kinds of roles of determined user A, application access Control Server 102 finds the application access rule that relates to these roles in table 203, and promptly rule 1 is to rule 7.The specified decision logic of application access Control Server 102 respective request right management servers, 103 executing rules 1 to 7.
When user B logined, user login services device 101 was determined to login successfully according to table 201, and determined the role of user B according to table 202: the P.R.O..According to the role of determined user B, application access Control Server 102 finds the application access rule that relates to these roles in table 203, i.e. rule 1 and rule 2.Application access Control Server 102 respective request right management servers, 103 executing rules 1 and 2 specified decision logics.
In example shown in Figure 2, the return results of decision logic always_true forever is true (that is, corresponding authority being arranged).Fig. 3 a illustrates the eternal genuine result of being that decision logic always_true returns the XML form.
Decision logic can_edit_own_article just allows this user that this article is had corresponding authority under the current user who logins is situation by the author of certain piece of article of id sign.Fig. 3 b shows the handling process of logic determines can_edit_own_article with the form of pseudo-code.
Decision logic can_edit_older_article is just allowing corresponding role that this article is had corresponding authority by the creation-time of certain piece of article of id sign under greater than the situation of certain time.Fig. 3 c shows the handling process of logic determines can_edit_older_article with the form of pseudo-code.
In example shown in Figure 2, can determine that according to rule 1 or 3 user A has the right to carry out the operation of releasing news, can determine the have the right operation of executive editor's news of user A according to rule 4, can determine that according to rule 5 user A has the right to carry out the operation of browsing news, can determine that according to rule 6 user A has the right to carry out the operation of checking news.Can determine that according to rule 1 user B has the right to carry out the operation of releasing news.But user B haves no right to edit news.
In example shown in Figure 2, when user A logins, have the right to carry out the operation of releasing news, edit news, browsing news and check news owing to determine user A, the information that application management server 104 generates can comprise the demonstration that the news management uses and release news, edits news, browses news and check the demonstration of the option of operation of news.
Application front end server 105 presents respective application and operation according to the information that application management server 104 generates to the user.In example shown in Figure 2, when user A logins, present news management to user A and use and release news, edit news, browse news and check the option of operation of news.
The content and form that should be understood that authorization administration information is not limit example shown in Figure 2.
Fig. 4 is the flow chart that illustrates according to the method for leading subscriber authority in the cloud service system of the embodiment of the invention.
As shown in Figure 4, method starts from step 401.
In step 403, the user logins the cloud service system.
In step 405, login one or more role who determines the user in response to the user.
In step 407, determine to specify one or more application access rule that this role is arranged in response to determining of role, and the specified decision logic of each application access rule is carried out in request.Specify in the application access rule role, application, operation and decision logic are arranged.For each application access rule, specified decision logic can determine whether the user who serves as specified role is allowed to carry out specified operation in specified application according to predetermined condition.
In step 409, generate the application that the relevant user of permission uses and the information of operation in response to definite result of decision logic.
In step 411, the information that generates according to step 409 presents respective application and operation to the user.
In step 413, method finishes.
In a specific implementation of above-mentioned cloud service system, can realize of the request of application access Control Server based on the REST framework to the execution of the decision logic of right management server.
In a specific implementation of said method, can realize request based on the REST framework to the execution of decision logic.
For example, can on right management server, define concrete decision logic in the REST mode.Each decision logic can be the CGI corresponding to a HTTP GET (or POST) request.This CGI accepts one or more parameters, provides then with the expression true (permission) of XML format description or the result of false (not allowing).
In a specific implementation of above-mentioned cloud service system, the application access Control Server can comprise the storehouse of application access rule.
In a specific implementation of said method, can from the storehouse that comprises the application access rule, determine to specify one or more application access rule that described role is arranged.
In a specific implementation of above-mentioned cloud service system, the application front end server can be represented the permission of corresponding operating by presenting of control button.
In a specific implementation of said method, present and to comprise the permission of representing corresponding operating by presenting of control button.
In a specific implementation of above-mentioned cloud service system, the application front end server can be by the permission of representing to check operation that presents of using.
In a specific implementation of said method, present the permission of representing to check operation that presents that can comprise by using.
Fig. 6 is the block diagram that the exemplary configurations that wherein realizes computer of the present invention is shown.
Equipment of the present invention and method realize environment as shown in Figure 6.
In Fig. 6, CPU (CPU) 601 is carried out various processing according to program stored among read-only mapping (enum) data (ROM) 602 or from the program that storage area 608 is loaded into arbitrary access mapping (enum) data (RAM) 603.In RAM 603, also store data required when CPU 601 carries out various processing or the like as required.
Following parts are connected to input/output interface 605: importation 606 comprises keyboard, mouse or the like; Output 607 comprises display, such as cathode ray tube (CRT), LCD (LCD) or the like and loud speaker or the like; Storage area 608 comprises hard disk or the like; With communications portion 609, comprise that network interface unit is such as LAN card, modulator-demodulator or the like.Communications portion 609 is handled such as the internet executive communication via network.
As required, driver 610 also is connected to input/output interface 605.Detachable media 611 is installed on the driver 610 as required such as disk, CD, magneto optical disk, semiconductor mapping (enum) data or the like, makes the computer program of therefrom reading be installed to as required in the storage area 608.
Realizing by software under the situation of above-mentioned steps and processing, such as detachable media 611 program that constitutes software is being installed such as internet or storage medium from network.
It will be understood by those of skill in the art that this storage medium is not limited to shown in Figure 6 wherein having program stored therein, distribute separately so that the detachable media 611 of program to be provided to the user with method.The example of detachable media 611 comprises disk, CD (comprising read-only mapping (enum) data of CD (CD-ROM) and digital universal disc (DVD)), magneto optical disk and (comprises mini-disk (MD) and semiconductor mapping (enum) data.Perhaps, storage medium can be hard disk that comprises in ROM 602, the storage area 608 or the like, computer program stored wherein, and be distributed to the user with the method that comprises them.
With reference to specific embodiment the present invention has been described in the specification in front.Yet those of ordinary skill in the art understands, and can carry out various modifications and change under the prerequisite that does not depart from the scope of the present invention that limits as claims.
Claims (10)
1. cloud service system comprises:
The user login services device, it logins one or more role who determines the user in response to the user;
Right management server, comprise one or more decision logic, each described decision logic is corresponding to an application access rule, assigned role, application, operation and described decision logic in the described application access rule, wherein for each application access rule, specified decision logic can determine whether the user who serves as specified role is allowed to carry out specified operation in specified application according to predetermined condition;
The application access Control Server, it determines in response to determining of described role to specify that one or more application access rule of described role is arranged, and asks described right management server to carry out the specified decision logic of described application access rule;
Application management server, its definite result in response to described decision logic generate the relevant application of described user's use and the information of operation of allowing; And
The application front end server, it presents respective application and operation according to described information to the user.
2. cloud service as claimed in claim 1 system wherein realizes the request of application access Control Server to the execution of the decision logic of right management server based on the REST framework.
3. cloud service as claimed in claim 1 or 2 system, wherein said application access Control Server comprises the storehouse of application access rule.
4. cloud service as claimed in claim 1 or 2 system, wherein said application front end server is represented the permission of corresponding operating by presenting of control button.
5. cloud service as claimed in claim 1 or 2 system, the present permission of representing check operation of wherein said application front end server by using.
6. the method for leading subscriber authority in the cloud service system comprises:
Login one or more role who determines the user in response to the user;
Determine to specify one or more application access rule that described role is arranged in response to determining of described role, and the specified decision logic of each described application access rule is carried out in request, specify in the wherein said application access rule and state role, application, operation and described decision logic to some extent, and for each application access rule, specified decision logic can determine whether the user who serves as specified role is allowed to carry out specified operation in specified application according to predetermined condition;
Definite result in response to described decision logic generates the relevant application of described user's use and the information of operation of allowing; And
Present respective application and operation according to described information to the user.
7. method as claimed in claim 6 wherein realizes request to the execution of decision logic based on the REST framework.
8. as claim 6 or 7 described methods, wherein from the storehouse that comprises the application access rule, determine to specify one or more application access rule that described role is arranged.
9. as claim 6 or 7 described methods, wherein said presenting comprises the permission of representing corresponding operating by presenting of control button.
10. as claim 6 or 7 described methods, wherein saidly present the permission of representing to check operation that presents that comprises by using.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101312356A CN102195956A (en) | 2010-03-19 | 2010-03-19 | Cloud service system and user right management method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101312356A CN102195956A (en) | 2010-03-19 | 2010-03-19 | Cloud service system and user right management method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102195956A true CN102195956A (en) | 2011-09-21 |
Family
ID=44603351
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101312356A Pending CN102195956A (en) | 2010-03-19 | 2010-03-19 | Cloud service system and user right management method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102195956A (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102611699A (en) * | 2012-02-22 | 2012-07-25 | 浪潮(北京)电子信息产业有限公司 | Method and system for access control in cloud operation system |
| CN102833256A (en) * | 2012-09-03 | 2012-12-19 | 广州杰赛科技股份有限公司 | Method and cloud system for registering cluster control server and node control server |
| CN103167037A (en) * | 2013-03-15 | 2013-06-19 | 苏州九光信息科技有限公司 | Modularized cloud computing system |
| CN103179126A (en) * | 2013-03-26 | 2013-06-26 | 山东中创软件商用中间件股份有限公司 | Access control method and device |
| CN103338232A (en) * | 2013-06-06 | 2013-10-02 | 东南大学 | Distributed access control method of cloud computing |
| CN104580210A (en) * | 2015-01-04 | 2015-04-29 | 杭州华为数字技术有限公司 | Hotlinking prevention method, hotlinking prevention assembly and cloud platform under cloud platform environment |
| CN104735091A (en) * | 2015-04-17 | 2015-06-24 | 三星电子(中国)研发中心 | Linux system-based user access control method and device |
| CN104954463A (en) * | 2015-06-12 | 2015-09-30 | 华为技术有限公司 | Method, equipment and system for user information management of application |
| WO2016188153A1 (en) * | 2015-05-22 | 2016-12-01 | 中兴通讯股份有限公司 | Access role acquiring method, device and system |
| CN106534202A (en) * | 2016-12-26 | 2017-03-22 | 北京恒华伟业科技股份有限公司 | Permission processing method and device |
| CN106713375A (en) * | 2015-07-21 | 2017-05-24 | 中国移动通信集团重庆有限公司 | Method and device for allocating cloud resources |
| CN107342992A (en) * | 2017-06-27 | 2017-11-10 | 努比亚技术有限公司 | A kind of System right management method, apparatus and computer-readable recording medium |
| CN107749024A (en) * | 2014-08-25 | 2018-03-02 | 张琴 | Wisdom life range e-commerce system and the method for accessing cloud service platform system |
| CN109587151A (en) * | 2018-12-13 | 2019-04-05 | 泰康保险集团股份有限公司 | Access control method, device, equipment and computer readable storage medium |
| CN109740328A (en) * | 2019-01-08 | 2019-05-10 | 广州虎牙信息科技有限公司 | A kind of right authentication method, device, computer equipment and storage medium |
| CN111818090A (en) * | 2020-08-04 | 2020-10-23 | 蝉鸣科技(西安)有限公司 | Authority management method and system on SaaS platform |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1537262A (en) * | 2001-05-24 | 2004-10-13 | �Ҵ���˾ | Method and system for role-based access control model with active roles |
| CN1635439A (en) * | 2003-12-26 | 2005-07-06 | 华为技术有限公司 | A user right management method |
| US20070185875A1 (en) * | 2006-02-09 | 2007-08-09 | International Business Machines Corporation | Extensible role based authorization for manageable resources |
-
2010
- 2010-03-19 CN CN2010101312356A patent/CN102195956A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1537262A (en) * | 2001-05-24 | 2004-10-13 | �Ҵ���˾ | Method and system for role-based access control model with active roles |
| CN1635439A (en) * | 2003-12-26 | 2005-07-06 | 华为技术有限公司 | A user right management method |
| US20070185875A1 (en) * | 2006-02-09 | 2007-08-09 | International Business Machines Corporation | Extensible role based authorization for manageable resources |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102611699A (en) * | 2012-02-22 | 2012-07-25 | 浪潮(北京)电子信息产业有限公司 | Method and system for access control in cloud operation system |
| CN102833256A (en) * | 2012-09-03 | 2012-12-19 | 广州杰赛科技股份有限公司 | Method and cloud system for registering cluster control server and node control server |
| CN103167037B (en) * | 2013-03-15 | 2016-12-28 | 苏州九光信息科技有限公司 | Based on modular cloud computing system |
| CN103167037A (en) * | 2013-03-15 | 2013-06-19 | 苏州九光信息科技有限公司 | Modularized cloud computing system |
| CN103179126A (en) * | 2013-03-26 | 2013-06-26 | 山东中创软件商用中间件股份有限公司 | Access control method and device |
| CN103338232A (en) * | 2013-06-06 | 2013-10-02 | 东南大学 | Distributed access control method of cloud computing |
| CN107749024A (en) * | 2014-08-25 | 2018-03-02 | 张琴 | Wisdom life range e-commerce system and the method for accessing cloud service platform system |
| CN104580210B (en) * | 2015-01-04 | 2018-09-11 | 杭州华为数字技术有限公司 | Anti-stealing link method, antitheft chain component under cloud platform environment and cloud platform |
| CN104580210A (en) * | 2015-01-04 | 2015-04-29 | 杭州华为数字技术有限公司 | Hotlinking prevention method, hotlinking prevention assembly and cloud platform under cloud platform environment |
| CN104735091A (en) * | 2015-04-17 | 2015-06-24 | 三星电子(中国)研发中心 | Linux system-based user access control method and device |
| CN104735091B (en) * | 2015-04-17 | 2018-03-30 | 三星电子(中国)研发中心 | A kind of user access control method and apparatus based on linux system |
| WO2016188153A1 (en) * | 2015-05-22 | 2016-12-01 | 中兴通讯股份有限公司 | Access role acquiring method, device and system |
| US10986166B2 (en) | 2015-06-12 | 2021-04-20 | Huawei Technologies Co., Ltd. | Method for managing user information of application, device, and system |
| CN104954463B (en) * | 2015-06-12 | 2018-05-18 | 华为技术有限公司 | A kind of method, equipment and the system of the subscriber information management of application |
| CN104954463A (en) * | 2015-06-12 | 2015-09-30 | 华为技术有限公司 | Method, equipment and system for user information management of application |
| US12120173B2 (en) | 2015-06-12 | 2024-10-15 | Huawei Technologies Co., Ltd. | Method for managing user information of application, device, and system |
| US11388224B2 (en) | 2015-06-12 | 2022-07-12 | Huawei Technologies Co., Ltd. | Method for managing user information of application, device, and system |
| CN106713375A (en) * | 2015-07-21 | 2017-05-24 | 中国移动通信集团重庆有限公司 | Method and device for allocating cloud resources |
| CN106534202A (en) * | 2016-12-26 | 2017-03-22 | 北京恒华伟业科技股份有限公司 | Permission processing method and device |
| CN107342992A (en) * | 2017-06-27 | 2017-11-10 | 努比亚技术有限公司 | A kind of System right management method, apparatus and computer-readable recording medium |
| CN107342992B (en) * | 2017-06-27 | 2020-12-08 | 深圳媒介之家文化传播有限公司 | System authority management method and device and computer readable storage medium |
| CN109587151A (en) * | 2018-12-13 | 2019-04-05 | 泰康保险集团股份有限公司 | Access control method, device, equipment and computer readable storage medium |
| CN109740328B (en) * | 2019-01-08 | 2021-07-02 | 广州虎牙信息科技有限公司 | Authority identification method and device, computer equipment and storage medium |
| CN109740328A (en) * | 2019-01-08 | 2019-05-10 | 广州虎牙信息科技有限公司 | A kind of right authentication method, device, computer equipment and storage medium |
| CN111818090A (en) * | 2020-08-04 | 2020-10-23 | 蝉鸣科技(西安)有限公司 | Authority management method and system on SaaS platform |
| CN111818090B (en) * | 2020-08-04 | 2022-09-23 | 蝉鸣科技(西安)有限公司 | Authority management method and system on SaaS platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102195956A (en) | Cloud service system and user right management method thereof | |
| US11467891B2 (en) | Kernel event triggers for content item security | |
| CN109688120B (en) | Dynamic authority management system based on improved RBAC model and Spring Security framework | |
| US11038861B2 (en) | Techniques for security artifacts management | |
| CN103380423B (en) | For the system and method for private cloud computing | |
| US20190034648A1 (en) | Managing access to documents with a file monitor | |
| US10554486B2 (en) | Multi-enrollments of a computing device into configuration sources | |
| US8918709B2 (en) | Object templates for data-driven applications | |
| WO2017021153A1 (en) | Expendable access control | |
| EP3329409A1 (en) | Access control | |
| GB2540977A (en) | Expendable access control | |
| KR20230005308A (en) | Prevent deployment of unapproved packages in the cluster | |
| GB2540976A (en) | Access control | |
| CN110555293A (en) | Method, apparatus, electronic device and computer readable medium for protecting data | |
| US20220029998A1 (en) | Systems and methods for managing domain name information | |
| CN111680310A (en) | Authority control method and device, electronic equipment and storage medium | |
| US20180173744A1 (en) | Determining integrity of database workload transactions | |
| US10841342B2 (en) | Data driven user interfaces for device management | |
| CN113239386A (en) | API (application program interface) permission control method and device | |
| US11900269B2 (en) | Method and apparatus for managing knowledge base, device and medium | |
| CN103902637B (en) | Method and apparatus for providing computing resources to a user | |
| US11977837B2 (en) | Consent to content template mapping | |
| KR101570980B1 (en) | Method for management common code of multi-tenane environment, server performing the same and storage media storing the same | |
| Li et al. | Research and Design of Docker Technology Based Authority Management System | |
| CN112101890A (en) | Authority control method, device, equipment and medium based on role and cloud function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110921 |