32results about How to "Flexible Authorization" patented technology

The invention discloses a multi-weight group inheritance management method and device based on distributed control. The method comprises the following steps that a corresponding authority group node is formed according to an authority group of an account; node marks are generated according to the authority group nodes; the first account sends the corresponding first node mark to the second account; the second account records the first node mark in an authority group of the second account; the second account calls the first node mark in the second permission group to access the permission groupof the first account, and calls the permission granted by the first account. Authorization between accounts is carried out by using a permission group node mark form; during permission inheritance, an inherited permission can be called by recording a node mark corresponding to a permission group, and therefore the problems that a permission list formed by a traditional permission list recording mode is large in capacity and traditional authorization is inconvenient to manage are prevented; operations of authorization and permission inheritance can be carried out between any accounts through the method, and decentralized distributed operation is achieved.

An access control method and system based on blockchain technology, which combines blockchain technology with attribute-based access control, including: object attributes are entered into the chain, and based on policies, the judgment process of attributes and policies is bound on all blockchain nodes. Change the access authorization from centralized to distributed, use the consensus mechanism of the block chain to realize the consistency check of the judgment results in the whole network, and permanently record the authorization operation of the access record transaction on the block chain. This method has the characteristics of anti-single point failure, flexible authorization mode, precise access boundary, and auditable records. The present invention is applicable to enterprises, governments, etc. that have data privacy protection requirements and realize multi-branch collaborative work environment based on the block chain platform, and can manage the access rights of users in the system in a dynamic and scalable manner, and realize it around policies and attributes Fine-grained authority management has important practical significance for protecting information system security in a distributed network environment.

The invention discloses an identification cryptographic technique-based electronic passport extended access control system and an identification cryptographic technique-based authentication method. The authentication method comprises the following steps that: a key service centre provides a key service; a passport verification center makes an application for sensitive biological characteristic information-reading authority, the key service center issues an authorization smart card to perform authorization, and the passport verification center distributes the authorization smart card to a verification terminal controlled thereby; and a passport issuing center applies the key service center for an authentication key and a public parameter for authentication and writes the authentication keyand the public parameter into passport smart card of an electronic passport. During passport verification, the authorization smart card and the passport smart card implement an identification cryptographic algorithm-based authentication protocol to judge if the verification terminal has the authority to read sensitive biological characteristic data. The system and the method avoid loopholes in authentication trust transmission in a European proposal, save the establishment of a complicate PKI system, and allow for low system construction cost. Compared with Singaporean EAC, the method provides flexible authorization for a certifying organization, and can still authorize the certifying organization after the issue of a passport.

The invention discloses an OCS traffic authorization method, OCS, server and readable storage medium, which are used to solve the problem that the OCS dynamic authorization configuration method in the prior art is not flexible enough, resulting in low accuracy of user authorization configuration Technical issues to improve the flexibility of traffic authorization configuration, so that differentiated traffic authorization can be implemented for different users to meet the user's actual traffic business needs as much as possible, and enhance the user's traffic business experience. The method includes: creating a traffic authorization model according to the online behavior data of the terminal user and the service characteristics of the subscription service; obtaining the traffic service request sent by the terminal device corresponding to the terminal user; inputting the traffic service request into the traffic authorization model to obtain predicted traffic authorization information for the traffic service request; and send the predicted traffic authorization information to the PGW, so as to forward the predicted traffic authorization information to the terminal device through the PGW.

The invention belongs to the technical field of block chains, and discloses an attribute reconstruction encryption method and system for permission chain data sharing and supervision. Its characteristics include that the permission chain authoritative organization acts as a data supervision organization to build an attribute management infrastructure for managing the attributes of the entire chain; the access tree submitted by the data release organization is reconstructed into a standardized access tree under the attribute management infrastructure; The standardized standard access tree trans-encrypts the ciphertext submitted by the organization, and converts personalized encryption and access control into full-chain standardized encryption and access control. This application can protect the privacy and security of uplink data through the cryptographic algorithm and license chain technology based on attribute encryption, realize fine-grained and flexible authorization of data, and use the invented attribute reconstruction encryption method and system to realize efficient encryption of encrypted data Supervision.

Embodiments of the present invention provide a vSIM authorization method, device and system. The system includes: a resource server, an authorization server and a client server. The authorization server is used to generate a token according to the token request message, and sends the generated token to the client server and the resource server respectively. The resource server is used to send the token to the vSIM. The client identification information in the code number download request message and the legitimacy of the token are verified. If the verification is successful, a code number is assigned to the vSIM according to the code number download request message and the second correspondence, and the encrypted code number number is sent to vSIM. Through the cooperation between the resource server and the authorization server, code number resources are allocated to legal token holders, and secure and flexible authorization of the vSIM is realized, so that any legal client can obtain the right to use the vSIM through the authorization system provided in this embodiment .

Disclosed are an authorization processing method and apparatus. The method comprises: organizing resource nodes to be authorized into a tree structure or a hierarchical structure; performing appointed authorization on an operation set selected from the resource nodes to be authorized; and subordinate nodes of the resource nodes subjected to appointed authorization in the tree structure or the hierarchical structure inheriting the operation set of the authorized resource nodes. By the means of the present invention, at least one of the following problems, such as an inflexible authorization method, non-visual authority displaying and a large authority quantity during role authorization in the relevant art is solved, so that the effects of providing a flexible authorization method, visual authority displaying and better authority storage method are achieved.

The invention provides a method and system for authorization of software function modules of the internet of things. The system for authorization at least comprises at least one terminal device, an operator operation platform communicated with the terminal device through a first network and an authorization authentication server communicated with the operator operation platform through a second network. The terminal device is used for starting an authorization procedure and can form a uniqueness mark through acquisition of relevant information and authorize the corresponding function module according to returned first authorization code information. The operator operation platform is used for processing authorization requests and the like of the terminal device. The authorization authentication server is used for managing secret keys of the terminal device and the operator operation platform and automatically generating the first authorization code information, second authorization code information and the like according to the uniqueness mark. According to the method and system, independent authorization can be conducted according to functions and function points of software, the version safety of the software is guaranteed, authorization is achieved according to the requirements, version management conducted by an operator is facilitated, and the operator can know the application condition of the software so as to further improve the software.