Method and device for controlling permission

A technology of authority control and authority, applied in computer security devices, instruments, digital data authentication, etc., can solve the problems of tediousness, display data business, inability to provide protection for processes, complicated authority control, etc., to achieve simple authority control and extended application scope. Effect

Inactive Publication Date: 2012-02-01
ZTE CORP
View PDF3 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] This kind of access control method generally only protects data, but cannot provide protection for the business and process of displaying data;
[0007] The main object controlled by this permission control method is data, and data generally requires dynamic and incremental changes, which makes the permission control more complicated and cumbersome

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for controlling permission
  • Method and device for controlling permission
  • Method and device for controlling permission

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0053] In this embodiment, only application permissions are assigned to roles, and no data constraints are set.

[0054] refer to image 3 , the authority control method of the embodiment of the present invention, comprises the following steps:

[0055] Step 301: Setting the first correspondence between users and roles;

[0056] Step 302: Setting the second corresponding relationship between roles and application permissions;

[0057]Application permissions correspond to the system functions and custom functions of the application, and are granted to user roles on the application object. The application permissions corresponding to the system functions of the application include: read (Read), add (Add), delete (Delete) and / or save (Save) permissions, and explain these types of permissions as follows:

[0058] Read: The application can be read. If the role does not have the Read permission for the application, the system will not present the application to the user, so the u...

example 1

[0063] Example 1: Send the corresponding data record to the mobile phone as a text message;

example 2

[0064] Example 2: Send the corresponding data records to the predetermined mailbox by email;

[0065] Example 3: Associate several database tables, generate and present statistical reports according to predetermined rules.

[0066] Step 303: After the user logs in, the system obtains the user's role from the first correspondence, and obtains the application authority corresponding to the user's role from the second correspondence;

[0067] Step 304: Determine whether the user has read permission for the application according to the obtained application permission, if so, present the application to the user, otherwise, do not present the application to the user;

[0068] After the application is presented to the user, the user can enter the application and issue corresponding operation requests; if the application is not applied to the user program, obviously the user cannot enter the application and cannot issue corresponding operation requests.

[0069] Step 305: Receive the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and device for controlling the permission. The method for controlling the permission comprises the following steps of: acquiring a role of a user from a set first corresponding relation between the user and the role; acquiring an application permission corresponding to the role of the user from a set second corresponding relation between the role and the user; receiving an operation request of the user entering the application, querying whether the acquired application permission comprises corresponding operations of the operation request or not; if so, allowing to execute the operation; and otherwise, refusing to execute the operation. According to the method and device disclosed by the invention, the permission control becomes simpler and more flexible and the application range of the permission control is wider.

Description

technical field [0001] The invention relates to the field of authority control, in particular to an authority control method and device. Background technique [0002] With the development of the IT industry, enterprise applications and e-commerce have higher requirements for authority control: not only require authority control to have relatively high security, but also require authority control to be easy to expand, easy to manage, and more flexible , so as to meet all kinds of complex business. Traditional access control methods such as Discretionary Access Control (DAC) and Mandatory Access Control (MAC) cannot meet the demands of increasingly complex and flexible e-commerce applications and enterprise environment applications. In view of the above reasons, the US National Institute of Standards and Technology (NIST) proposed a role-based access control (Role-Based Access Control, RBAC) model in the early 1990s. [0003] refer to figure 1 , the basic principle of permi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F21/31
Inventor 李凯
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap