CN111967036B - Distributed control-based multi-weight group inheritance treatment method and device - Google Patents
Distributed control-based multi-weight group inheritance treatment method and device Download PDFInfo
- Publication number
- CN111967036B CN111967036B CN202011153073.6A CN202011153073A CN111967036B CN 111967036 B CN111967036 B CN 111967036B CN 202011153073 A CN202011153073 A CN 202011153073A CN 111967036 B CN111967036 B CN 111967036B
- Authority
- CN
- China
- Prior art keywords
- authority
- account
- group
- node
- inheritance
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a distributed control-based multi-authority group inheritance treatment method and a distributed control-based multi-authority group inheritance treatment device, which comprise the following steps: forming a corresponding authority group node according to the authority group of the account; generating a node mark according to the permission group node; the first account sends the corresponding first node mark to the second account; the second account records the first node mark in an authority group of the second account; the second account calls a first node in the authority group of the second account to mark the authority group for accessing the first account, and calls the authority granted by the first account. Authorization between accounts is carried out in a mode of using the node marks of the permission groups, when the permissions are inherited, the inherited permissions can be called by recording the node marks corresponding to the permission groups, and the problems that the capacity of a permission list formed in a traditional permission list recording mode is large and traditional authorization is inconvenient to manage are solved; any account can be authorized and inherited through the method, and decentralized distributed operation is realized.
Description
Technical Field
The invention relates to the field of authority management, in particular to a distributed control-based multi-authority group inheritance management method and device.
Background
The traditional permission control relates to the following obvious problems in the link of whether the permission is inherited or not:
the single management of authority relationship is complex and has large workload: the roles abstract corresponding function list authorities, many-to-many relations exist between the roles and the account, inheritance relations do not exist between the roles, the roles are parallel relations, and one user can simultaneously have a plurality of role groups;
the single blacklist mutex inheritance relationship management is more complicated: the traditional inheritance is executed in a blacklist mode, for example, an A authority group can be set to be in inheritance as long as a mutual exclusion relation does not exist between the A authority group and a B authority group, if multilayer inheritance and non-unique inheritance occur, for example, a C authority group inherits A and B, and under the condition of multi-dimensional inheritance, the control on the authority group is still complex and uncontrollable, and the functions of both inheritance and control cannot be achieved;
inheritance of the privilege relationship brings new vulnerabilities: under the condition that the traditional authority group is not inherited, all risks are concentrated on the configuration action of the authority list of an administrator, so that under the condition that simple inheritance is not controlled, another vulnerability appears instead, namely whether the inheritance relationship is set and the control allows the inheritance of the specific authority group or not, and the vulnerability is the maximum new increased risk;
inheritance passing between simple sets of rights does not ensure security and control: if the User001 does not have the authority of the authority group A and only has the authority of the authority group B, once the authority group B inherits the authority group A, all members originally only having the authority group B have all the authorities of the two authority groups, and the configuration and use process is not flexible or second;
the traditional way of group inheritance brings a lot of repetitions of the permission list: if the right group A has corresponding rights [001, 002, 003], the right group B has corresponding rights [002,004,007,009], when the user obtains the right group C [005,006,001,002,010] to inherit the right group, the inheritance relationship of the right group is that A to B directly reach C from C, A or B directly reach C, then the right list in the multiple groups is repeated in a large amount, not only the authorization processing performance is slow, but also the security of the right leakage is easy to occur.
The traditional inheritance can not avoid the cycle inheritance to cause uncontrollable and recycling of the authority: given the above description of A through B going to C, A directly to C or B going to C directly, then A can also inherit C, and B can also inherit C, creating a multidimensional loop such that the privilege inheritance complexity is increased by geometric multiples and is completely uncontrollable and recoverable.
Disclosure of Invention
The invention provides a distributed control-based multi-authority group inheritance treatment method and device, which solve the problem that the traditional authority control method is complex to control in the control process; the control method provided by the invention aims at the inheritance relationship appearing in the permission group, and ensures that the inheritance is more effective, flexible, controllable, safe and reliable.
The technical scheme adopted by the invention is as follows:
in a first aspect, the invention provides a distributed control-based multi-weight group inheritance governance method, which comprises the following steps:
forming a corresponding authority group node according to the authority group of the account;
generating a node mark according to the permission group node;
when the first account is authorized to the second account, the first account sends the corresponding first node mark to the second account;
the second account inherits the authority granted by the first account, and records the first node mark in the authority group of the second account;
the second account calls a first node in the authority group of the second account to mark the authority group for accessing the first account, and calls the authority granted by the first account.
According to the technology, authorization between accounts is carried out by using the node mark of the authority group, when the authority is inherited, the inherited authority can be called by recording the node mark corresponding to the authority group, the condition that the list records repeated authority when the repeated authority is involved is avoided, in addition, authorization and inheritance are carried out between accounts only by using the authority group mark in the authority granting process, the mark is equivalent to address information used for authority invoking, so that authorization between an ordinary account and an ordinary account can be carried out between the accounts by using the authorized node mark, because the node mark is only used as an access entrance and is not a real authority list, when the use authority is the same as the self authority, the problem of repeated configuration can not occur; when the authorized account is cancelled, the corresponding authority group can not be accessed through the node mark, so that the authorization performed through the node can be withdrawn when the authorized account is cancelled, the problem that the traditional authorization is inconvenient to manage is avoided, management and control are convenient, the authorization and the authority inheritance can be performed between any two accounts through the method, decentralized distributed operation is realized, and therefore the mode of performing authorization management through the node mark is simpler.
In one possible design, an administrative account is provided, which is used to create and log out accounts and assign initial permissions to the created accounts. The account is established in the logout and the account initial authority is distributed by setting the management account, so that the account is conveniently managed.
In one possible design, when the first account cancels the authorization of the second account, the access right of the second account to the first account right group is closed. By controlling the access authority, the authority is further controlled to be granted and withdrawn, and the purpose of convenient management and control is achieved.
In one possible design, the node token includes an account name or an account number of the corresponding account, and further includes an account authority group name.
In a possible design, when the authority of the first account changes, the authority in the authority group corresponding to the first account changes correspondingly.
In one possible design, when forming the corresponding rights group node based on the rights of the account,
the account distributes the owned authority into different authority groups according to the requirement, and forms corresponding authority group nodes according to the authority groups.
The authorization account groups the authority of the user according to authorization requirements to form different authority groups, so that flexible authorization of the authority can be realized by sending node marks of different authority groups during authorization.
In a second aspect, the invention provides a distributed control-based multi-authority group inheritance administration device, which comprises an authority group node generation module, a node mark generation module, an authority inheritance module, an authority granting module and an authority access module, wherein,
the authority group node generating module is used for forming a corresponding authority group node according to the authority group of the account;
the node mark generating module is used for generating a node mark according to the permission group node;
the authority granting module is used for sending the corresponding node mark to other accounts to be granted with the authority;
the authority inheritance module is used for receiving the node marks sent by the authority granting account and recording the node marks in the own authority group;
and the authority access module is used for marking the authority group authority corresponding to the access authority granted account through the node sent by the authority granted account.
In one possible design, the system further comprises an account management module, wherein the account management module is used for creating and logging off the account and allocating initial rights to the created account.
In one possible design, the system further comprises a permission group distribution module, and the permission group distribution module is used for authorizing the account to distribute the owned permission into different permission groups according to requirements.
In a third aspect, the present invention provides a distributed control-based multi-weight group inheritance governance device, including a memory, a processor and a transceiver connected in sequence, where the memory is used to store a computer program, the transceiver is used to transmit and receive messages, and the processor is used to read the computer program and execute the method in any one of the possible designs of the first aspect and the first aspect.
The invention has the following advantages and beneficial effects:
1. the invention authorizes accounts by using the node mark of the authority group, when the authority is inherited, the inherited authority can be called by recording the node mark corresponding to the authority group, thereby avoiding the condition that the list of the authority list formed by the traditional authority list recording mode has large capacity and the list records the repeated authority when the repeated authority is involved, in addition, in the authority granting process, the authorization and the inheritance are carried out between the accounts only by the authority group mark, so the mark is equivalent to the address information which is used as the authority calling, the authorization between the common account and the common account can be carried out by the authorized node mark, because the node mark is only used as an access entrance and is not the authority list in the real sense, when the inherited authority is the same as the self authority, the problem of repeated configuration can not occur, moreover, management and control are convenient, so that the authorization management mode by adopting the node marks is simpler;
2. according to the invention, the management account is set to establish the account in the process of canceling and allocating the initial authority of the account, so that the account is conveniently managed;
3. according to the invention, the self authority is grouped into different authority groups according to the authorization requirement through the authorization account, so that the flexible authorization of the authority can be realized by sending the node marks of different authority groups during authorization.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
FIG. 1 is a flow chart of the method of the present invention;
fig. 2 is a block diagram of an apparatus in a second aspect of the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
It should be understood that the terms first, second, etc. are used merely for distinguishing between descriptions and are not intended to indicate or imply relative importance. Although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first element could be termed a second element, and, similarly, a second element could be termed a first element, without departing from the scope of example embodiments of the present invention.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments of the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises," "comprising," "includes," and/or "including," when used herein, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, numbers, steps, operations, elements, components, and/or groups thereof; the term "and/or" herein is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, B exists alone, and A and B exist at the same time, and the term "/and" is used herein to describe another association object relationship, which means that two relationships may exist, for example, A/and B, may mean: a alone, and both a and B alone, and further, the character "/" in this document generally means that the former and latter associated objects are in an "or" relationship.
It should also be noted that, in some alternative implementations, the functions/acts noted may occur out of the order noted in the figures. For example, two figures shown in succession may, in fact, be executed substantially concurrently, or the figures may sometimes be executed in the reverse order, depending upon the functionality/acts involved.
It should be understood that specific details are provided in the following description to facilitate a thorough understanding of example embodiments. However, it will be understood by those of ordinary skill in the art that the example embodiments may be practiced without these specific details. For example, systems may be shown in block diagrams in order not to obscure the examples in unnecessary detail. In other instances, well-known processes, structures and techniques may be shown without unnecessary detail in order to avoid obscuring example embodiments.
Examples
As shown in fig. 1, in a first aspect, this embodiment provides a distributed control-based multi-weight group inheritance governance method, which includes the following steps:
forming a corresponding authority group node according to the authority group of the account;
generating a node mark according to the permission group node;
for example, in practice, when the first account logs off, the authority of other accounts inherited to the first node is withdrawn at the same time. The node mark comprises an account name or an account number of a corresponding account and an account authority group name. For example, if account user001 has permissions of the A permission group [001, 002, 003], then the corresponding permission group node is: {001, [001, 002, 003] }, node labeled (001, a);
when the first account is authorized to the second account, the first account sends the corresponding first node mark to the second account;
the second account inherits the authority granted by the first account, and records the first node mark in the authority group of the second account;
for example, according to the above example, the permission inheritance relationship is implemented in a manner that a two-dimensional multidimensional matrix data model records coordinates, such as account user002 has permission [002,004,007,009], the account user002 permission group inherits the a permission group of account user001, then the permission group matrix of B is { [002,004,007,009], (001, a) };
the second account calls a first node in the authority group of the second account to mark the authority group for accessing the first account, and calls the authority granted by the first account.
For example, according to the above example, when account user002 calls the authority, account user002 accesses the a authority group under the account with account name or account number 001 according to the node mark (001, a), reads the authority [001, 002, 003 ]; and realizing the invocation of the authority.
In one possible design, an administrative account is provided, which is used to create and log out accounts and assign initial permissions to the created accounts.
In one possible design, when the first account cancels the authorization of the second account, the access right of the second account to the first account right group is closed.
In specific implementation, when multiple accounts perform multiple authorization or one account inherits the authority from multiple accounts, a multidimensional inheritance relationship network appears, and at this time, the authority inheritance coordinates are recorded by a multidimensional matrix, such as: (004, A- > B (002, C (009, E (010, F)))), wherein the numbers represent user names or user numbers, the letters represent authority groups, the N-dimension extension is realized, a mesh model of an inheritance relationship graph is realized, and unified control can be realized through key element nodes.
In a possible design, when the authority of the first account changes, the authority in the authority group corresponding to the first account changes correspondingly.
In one possible design, when forming the corresponding rights group node based on the rights of the account,
the account distributes the owned authority into different authority groups according to the requirement, and forms corresponding authority group nodes according to the authority groups.
The embodiment provides a distributed control-based multi-authority group inheritance governance device in a second aspect, as shown in fig. 2, which comprises an authority group node generation module, a node mark generation module, an authority inheritance module, an authority grant module and an authority access module, wherein,
the authority group node generating module is used for forming a corresponding authority group node according to the authority group of the account;
the node mark generating module is used for generating a node mark according to the permission group node;
the authority granting module is used for sending the corresponding node mark to other accounts to be granted with the authority;
the authority inheritance module is used for receiving the node marks sent by the authority granting account and recording the node marks in the own authority group;
and the authority access module is used for marking the authority group authority corresponding to the access authority granted account through the node sent by the authority granted account.
In one possible design, the system further comprises an account management module, wherein the account management module is used for creating and logging off the account and allocating initial rights to the created account.
In one possible design, the system further comprises a permission group distribution module, and the permission group distribution module is used for authorizing the account to distribute the owned permission into different permission groups according to requirements.
In a third aspect, the present embodiment provides a distributed control-based multi-weight group inheritance governance device, including a memory, a processor, and a transceiver, which are connected in sequence, where the memory is used to store a computer program, the transceiver is used to transmit and receive a message, and the processor is used to read the computer program and execute the method in any one of the possible designs according to the first aspect and the first aspect of the embodiments.
For example, the Memory may include, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Flash Memory (Flash Memory), a First In First Out (FIFO) Memory, and/or a First In Last Out (FILO) Memory, and the like; the processor may not be limited to the use of a microprocessor model number STM32F105 family; the transceiver may be, but is not limited to, a Wireless Fidelity (WiFi) Wireless transceiver, a bluetooth Wireless transceiver, a General Packet Radio Service (GPRS) Wireless transceiver, a ZigBee protocol (ZigBee) Wireless transceiver, and/or the like. In addition, the multimedia terminal may include, but is not limited to, a power module, a display screen, and other necessary components.
A fourth aspect of this embodiment provides a computer-readable storage medium, where instructions are stored on the computer-readable storage medium, and when the instructions are executed on a computer, the distributed control-based multi-authority group inheritance governance method according to the first aspect of this embodiment or any one of the possible designs of the first aspect of this embodiment is executed. The computer-readable storage medium refers to a carrier for storing data, and may include, but is not limited to, floppy disks, optical disks, hard disks, flash memories, flash disks and/or Memory sticks (Memory sticks), etc., and the computer may be a general purpose computer, special purpose computer, computer network, or other programmable device.
For the working process, the working details, and the technical effects of the computer-readable storage medium provided in this embodiment, reference may be made to the first aspect of the embodiment, which is not described herein again.
The invention provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the distributed control based multi-authority inheritance abatement method according to the first or second aspect of the embodiments, wherein the computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus.
The embodiments described above are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. Based on such understanding, the technical solutions mentioned above may be embodied in the form of software products, which may be stored in computer-readable storage media, such as ROM/RAM, magnetic disk, optical disk, etc., and include instructions for causing a computer device to execute the distributed control-based multi-authority inheritance abatement method described in each embodiment or some portions of the embodiments.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (10)
1. The distributed control-based multi-weight group inheritance treatment method is characterized by comprising the following steps:
forming a corresponding authority group node according to the authority group of the account;
generating a node mark according to the permission group node;
when the first account is authorized to the second account, the first account sends the corresponding first node mark to the second account;
the second account inherits the authority granted by the first account, and records the first node mark in the authority group of the second account;
the second account calls a first node in the authority group of the second account to mark the authority group for accessing the first account, and calls the authority granted by the first account.
2. The distributed control-based multi-authority group inheritance governing method according to claim 1, wherein a management account is provided, and the management account is used for creating and deregistering an account and allocating initial authority to the created account.
3. The distributed control-based multi-authority group inheritance governance method according to claim 1, wherein when the first account cancels authorization of the second account, access rights of the second account to the first account authority group are closed.
4. The distributed control-based multi-authority group inheritance governance method according to claim 1, wherein the node mark comprises an account name or an account number of a corresponding account and further comprises an account authority group name.
5. The distributed control-based multi-authority group inheritance governance method according to claim 1, wherein when the authority of the first account changes, the authority in the authority group corresponding to the first account changes correspondingly.
6. The distributed control-based multi-authority group inheritance governing method as claimed in claim 1, wherein when a corresponding authority group node is formed according to the authority of an account,
the account distributes the owned authority into different authority groups according to the requirement, and forms corresponding authority group nodes according to the authority groups.
7. The multi-authority group inheritance management device based on distributed control is characterized by comprising an authority group node generation module, a node mark generation module, an authority inheritance module, an authority granting module and an authority access module, wherein,
the authority group node generating module is used for forming a corresponding authority group node according to the authority group of the account;
the node mark generating module is used for generating a node mark according to the permission group node;
the authority granting module is used for sending the corresponding node mark to other accounts to be granted with the authority;
the authority inheritance module is used for receiving the node marks sent by the authority granting account and recording the node marks in the own authority group;
and the authority access module is used for marking the authority group authority corresponding to the access authority granted account through the node sent by the authority granted account.
8. The distributed control-based multi-authority group inheritance abatement device according to claim 7, further comprising an account management module configured to create and log off accounts and assign initial authorities to the created accounts.
9. The distributed control-based multi-authority group inheritance governance device according to claim 7, further comprising an authority group assignment module configured to authorize an account to assign owned authorities to different authority groups according to requirements.
10. Many rights group inheritance governance device based on distributed control, its characterized in that: the system comprises a memory, a processor and a transceiver which are connected in sequence, wherein the memory is used for storing a computer program, the transceiver is used for transmitting and receiving messages, and the processor is used for reading the computer program and executing the method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011153073.6A CN111967036B (en) | 2020-10-26 | 2020-10-26 | Distributed control-based multi-weight group inheritance treatment method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011153073.6A CN111967036B (en) | 2020-10-26 | 2020-10-26 | Distributed control-based multi-weight group inheritance treatment method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111967036A CN111967036A (en) | 2020-11-20 |
| CN111967036B true CN111967036B (en) | 2020-12-22 |
Family
ID=73387199
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011153073.6A Active CN111967036B (en) | 2020-10-26 | 2020-10-26 | Distributed control-based multi-weight group inheritance treatment method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111967036B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112202819B (en) * | 2020-12-02 | 2021-02-12 | 成都掌控者网络科技有限公司 | Distributed control authority method and device, computer equipment and storage medium |
| CN118569150B (en) * | 2024-04-18 | 2025-07-18 | 北京清微智能科技有限公司 | A connection diagram establishment method and data transmission mechanism |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020026592A1 (en) * | 2000-06-16 | 2002-02-28 | Vdg, Inc. | Method for automatic permission management in role-based access control systems |
| US7013332B2 (en) * | 2001-01-09 | 2006-03-14 | Microsoft Corporation | Distributed policy model for access control |
| CN102129539A (en) * | 2011-03-11 | 2011-07-20 | 清华大学 | Data resource authority management method based on access control list |
| CN109788054B (en) * | 2019-01-07 | 2022-04-15 | 平安科技(深圳)有限公司 | Configuration method, server and medium for distributed application coordination service node |
| CN111274609A (en) * | 2020-01-19 | 2020-06-12 | 苏州浪潮智能科技有限公司 | A method and device for inheriting user rights of a distributed file storage system |
-
2020
- 2020-10-26 CN CN202011153073.6A patent/CN111967036B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN111967036A (en) | 2020-11-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113221169B (en) | Method and device for inquiring block chain private data | |
| CN102622311A (en) | USB (universal serial bus) mobile memory device access control method, USB mobile memory device access control device and USB mobile memory device access control system | |
| CN107979612A (en) | The system and method that the computer environment of safety is provided | |
| CN102468971A (en) | Authority management method and device and authority control method and device | |
| CN110363012B (en) | Method for configuring authority of authority resource, authority system and storage medium | |
| CN103366135A (en) | Tenant driven security system and method in a storage cloud | |
| EP3185507B1 (en) | Access control method and apparatus | |
| CN111967036B (en) | Distributed control-based multi-weight group inheritance treatment method and device | |
| CN107196951A (en) | The implementation method and firewall system of a kind of HDFS systems fire wall | |
| EP2746978B1 (en) | License control method and system thereof | |
| TW201914354A (en) | A binding method, device and system for smart apparatus, and telecommunications system | |
| US8180894B2 (en) | System and method for policy-based registration of client devices | |
| CN111797374B (en) | Supply chain access control system and method based on public chain intelligent contract | |
| CN106487770B (en) | Method for authenticating and authentication device | |
| CN110138767B (en) | Transaction request processing method, device, equipment and storage medium | |
| CN111191279A (en) | Big data safe operation space implementation method and system oriented to data sharing service | |
| CN110445765A (en) | Data sharing method, terminal device and medium based on block chain | |
| CN106469270A (en) | A kind of management method of application permission, equipment and system | |
| CN115955346A (en) | Multi-tenant management system and method based on identity authentication system | |
| CN113886862B (en) | Trusted computing system and resource processing method based on trusted computing system | |
| CN101197675B (en) | Accesses control list configuration method and device | |
| CN106537873A (en) | Establishing secure computing devices for virtualization and administration | |
| CN118337437A (en) | A Kubernetes cluster management method, device, equipment, medium and program product | |
| US20150242570A1 (en) | Electronic health record system with customizable compliance policies | |
| CN108319849A (en) | Equipment strategy management system based on Android twin containers system and management domain implementation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |