Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method of authorizing an authorized operator in a system

An operator and authorized technology, applied in transmission systems, instruments, electrical and digital data processing, etc., can solve the problems of unclear employee authority, cumbersome and troublesome operation of the user, and difficulty in distinguishing the specific differences of the authority of each role. Improve the efficiency of rights management, reduce the workload of authorization, and set clear rights

Active Publication Date: 2018-12-18
CHENGDU QIANNIUCAO INFORMATION TECH CO LTD
View PDF13 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, the traditional role-based user rights management methods all adopt the "role-to-user one-to-many" association mechanism. / Position / Type of work and other concepts, the authorization of user rights under this association mechanism is basically divided into the following three forms: 1. figure 1 As shown, directly authorizing users has the disadvantages of heavy workload, frequent and cumbersome operations; 2. figure 2 As shown, authorize the role (category / group / position / type of work) (a role can be associated with multiple users), and the user obtains the authority through the role; 3. For example image 3 As shown, the combination of the above two methods
[0006] In the above statement, both 2 and 3 need to authorize the role of class / group nature, but the way of authorization through the role of class / group / post / work type has the following disadvantages: 1. The operation is difficult when the user authority changes: In the actual system use, it is often necessary to adjust the user's permissions during the operation process. For example, when dealing with changes in employee permissions, the permissions of an employee associated with a role change. We cannot Changes to change the permissions of the entire role, because the role is also associated with other employees whose permissions have not changed
The above two processing methods not only take a long time to authorize the role in the case of many role permissions, but also are prone to mistakes. The operation of the user is cumbersome and troublesome, and it is also easy to make mistakes and cause losses to the system user.
[0007] 2. It is difficult to remember the specific permissions contained in the role for a long time: If the role has many permission function points, it is difficult to remember the specific permissions of the role over time, and it is even more difficult to remember the permission differences between roles with similar permissions. To associate a new user, it is impossible to accurately determine how to choose the association
[0008] 3. Due to the change of user permissions, more and more roles will be created (if no new roles are created, the direct authorization to users will be greatly increased), and it is more difficult to distinguish the specific differences between the permissions of each role
[0009] 4. When transferring a post, if you want to assign many permissions of the transferred user to several other users, you must distinguish these permissions of the transferred user during processing, and then create roles to associate with the other users. users, such an operation is not only complicated and time-consuming, but also prone to errors
[0010] For a large-scale management software system, there are many people who need to be authorized, and there are many permissions that need to be granted to the authorized person, and there are many functional modules included. The traditional authorization method is the system operator (admin / system super administrator) Authorize directly; however, in many cases, the system operator is the network administrator, and the authority of each position and employee is not clear. Usually, the authorization is given to the system operator by the relevant personnel dictating or writing in words, but the system administrator Administrators may have misunderstandings, resulting in authorization errors
[0011] In addition, the existing authorized operators are only system operators. For large-scale software systems, there are a large number of authorization requirements, which makes the authorization workload of system operators huge and error-prone.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of authorizing an authorized operator in a system
  • Method of authorizing an authorized operator in a system
  • Method of authorizing an authorized operator in a system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] The technical solution of the present invention will be further described in detail below in conjunction with the accompanying drawings, but the protection scope of the present invention is not limited to the following description.

[0053] [Example 1] If Figure 4 As shown, the method for authorizing authorized operators in the system includes: S11. The system operator selects one or more authorized operators.

[0054] The authorized operators include one or more of roles, users, employees, groups and classes.

[0055] Such as Figure 5 As shown, the role is an independent individual, not a group / class. A role can only be associated with a unique user at the same time, and a user is associated with one or more roles; users obtain the permissions of their associated roles. Select a department for the role when the role is created or after the role is created, the role belongs to the department, and the role is authorized according to the work content of the role, and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for authorizing an authorized operator in a system, which comprises the following steps: a system operator selecting one or more authorized operators; setting one or more licensees for each licensed operator, respectively; each authorization operator setting permissions for each authorization operator who needs to set permissions among all authorizations corresponding to the authorization operator. The authorized person performs a corresponding operation according to a right set for the authorized person. A plurality of authorization operators can be arranged in the invention, so that the corresponding authorization operator who clearly understands the rights of each authorization person can authorize each authorization person, so that the authorization operation is not prone to error.

Description

technical field [0001] The invention relates to an authorization method of management software systems such as ERP, in particular to a method for authorizing authorized operators in the system. Background technique [0002] Role-based access control (RBAC) is the most researched and thoughtful database permission management mechanism in recent years. It is considered to be an ideal candidate to replace traditional mandatory access control (MAC) and discretionary access control (DAC). The basic idea of ​​role-based access control (RBAC) is to divide different roles according to different functional positions in the enterprise organization view, encapsulate the access rights of database resources in roles, and users can indirectly access database resources by being assigned different roles. [0003] There are often a large number of tables and views in large-scale application systems, which makes the management and authorization of database resources very complicated. It is v...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60
CPCH04L63/101H04L63/102H04L63/104G06F21/604G06F2221/2149G06F21/6218H04L41/28G06Q10/105
Inventor 陈达志
Owner CHENGDU QIANNIUCAO INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products