Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Access control method and device, computer device and storage medium

A technology of computer equipment and access control, which is applied in the field of information security management, can solve the problems of authorization confusion, no concept of grouping, and difficulty in dealing with it, and achieve the effect of authorization

Active Publication Date: 2019-12-13
BEIJING BYTEDANCE NETWORK TECH CO LTD
View PDF10 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the existing RBAC model uses URI to authorize roles as a coarse-grained authorization method. Although URI itself can be divided into fine details, it cannot clearly describe the function itself, and because of the absolute uniqueness of URI, there is no grouping The concept of the function aggregation in the system is also very descriptive. If the authorization is divided according to the fine-grained dimension, it will cause serious authorization confusion, especially when the function grouping form changes, the fine-grained URI authorization is even more difficult to deal with.
Therefore, it is difficult to use URI to authorize roles to meet the authority requirements of complex enterprise information systems.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method and device, computer device and storage medium
  • Access control method and device, computer device and storage medium
  • Access control method and device, computer device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] figure 1 It is a flowchart of an access control method provided by Embodiment 1 of the present disclosure. The embodiment of the present disclosure is applicable to the situation that in a complex information system, system resources need to be carefully authorized without causing authorization confusion. The method can be executed by an access control device, and the device can use software and / or or hardware, the device can be configured in computer equipment. Such as figure 1 As shown, the method may include the following steps:

[0034] S110. Determine at least one role to which the target user belongs, where the target user is a user who initiates a target function access request.

[0035] Exemplarily, the target function may be at least one operation of adding, deleting, modifying, searching, importing and exporting.

[0036] Preferably, different roles can be pre-set in the system according to actual needs, and corresponding system resources (for example, eac...

Embodiment 2

[0051] figure 2 It is a flow chart of an access control method provided in Embodiment 2 of the present disclosure. Embodiments of the present disclosure may be combined with various optional solutions in the foregoing one or more embodiments. In the embodiments of the present disclosure, before determining at least one role to which the target user belongs, it further includes: assigning at least one role to each user Roles, wherein the role function type corresponding to each role is the same, and the role function type is the type to which the function authorized by the corresponding role belongs.

[0052] Such as figure 2 As shown, the method may include the following steps:

[0053] S210. Allocate at least one role to each user, wherein each role corresponds to the same role function type, and the role function type is the type to which the function authorized by the corresponding role belongs.

[0054] Since each function in the system is refined, different functions...

Embodiment 3

[0062] image 3 It is a flow chart of an access control method provided by Embodiment 3 of the present disclosure. Embodiments of the present disclosure may be combined with various optional solutions in one or more of the above embodiments. In the embodiments of the present disclosure, if the second function code includes the first function code, then display the target After the target function page corresponding to the function, it also includes: for each field on the target function page, determine each field authority corresponding to each role; in each field authority, prioritize The highest field authority is used as the target user's authority to the corresponding field.

[0063] Such as image 3 As shown, the method may include the following steps:

[0064] S310. Determine at least one role to which the target user belongs, where the target user is a user who initiates a target function access request.

[0065] S320. Determine the first function code corresponding...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses an access control method and device, a computer device and a storage medium. The access control method comprises: determining at least one role to which a target user belongs, and the target user being a user initiating a target function access request; determining a first function code corresponding to the target function and a second function code corresponding to at least one function authorized for each role; and if the second function code comprises the first function code, displaying a target function page corresponding to the target function. According to the technical scheme provided by the embodiment of the invention, the problems that system resources cannot be authorized in detail when an existing role-based permission access control model authorizes the role by utilizing URI, and authorization chaos is easily caused are overcome, and the effect that in the complex information system, authorization of the system resources can be achieved more carefully on the premise that authorization chaos is not caused is achieved.

Description

technical field [0001] Embodiments of the present disclosure relate to the technical field of information security management, and in particular, to an access control method, device, computing device, and storage medium. Background technique [0002] In the enterprise information system, users' access to system functions and resources must be controlled according to the requirements of enterprise management, and users are only allowed to access the system within the scope of authorization. [0003] The existing permission model is RBAC (Role-Based Access Control, role-based access control) model, which usually uses the URI (Uniform Resource Identifier, Uniform Resource Identifier) ​​corresponding to system resources to identify an Internet resource name string) to authorize the role to achieve the effect of authorizing functions and resources to the personnel in the role. [0004] However, the existing RBAC model uses URI to authorize roles as a coarse-grained authorization...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62
CPCG06F21/6218
Inventor 郑海波
Owner BEIJING BYTEDANCE NETWORK TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com