Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Multi-dimensionalauthority model design method for matrix management

A technology of permission model and design method, which is applied in computing, electronic digital data processing, structured data retrieval, etc., can solve the problems of huge workload, unintuitive and inconvenient definition of information isolation rules, etc., and achieve vertical control and horizontal Effects of control, avoidance of information leakage, accurate positioning and judgment

Active Publication Date: 2021-04-09
杭州新中大科技股份有限公司
View PDF9 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] (1) The definition of information isolation rules is too complicated and requires high skills for administrators;
[0008] (2) The definition of information isolation rules is not intuitive, it is not easy to track errors in empowerment conveniently, and there is a high risk of information leakage;
[0009] (3) When the time for data filtering and processing by SQL language is too long, the performance of the system is significantly reduced, which greatly reduces the user experience;
[0010] (4) When there are many information resources that require authority control, such as complex and diverse business documents, the workload of administrator empowerment is still very large

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-dimensionalauthority model design method for matrix management
  • Multi-dimensionalauthority model design method for matrix management
  • Multi-dimensionalauthority model design method for matrix management

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] This embodiment proposes a multi-dimensional authority model design method for matrix management, including the following steps:

[0047] A. The system administrator grants information permissions to users or roles through information management objects:

[0048] After enabling the information management object, the system administrator authorizes the information access rights of the user or role, and binds the metadata field with the management object;

[0049] In the metadata, define the accessible range of information resources, and bind a data type of information resources with information resource objects; for example, bind field elements in business documents with information management objects; in this way, the system can obtain business The field in the document is bound to the information management object, so that this field can be queried as the query condition of the database statement.

[0050] On the authorization interface, the system administrator grant...

Embodiment 2

[0075] This embodiment is to realize the multi-dimensional information authority in the information system, specifically including the following process:

[0076] 1. Set the main table information:

[0077] InfoManageObject: Store information management object configuration, mainly including information such as unique identifier id, name, description, global, data source table, conditions, and data display mode (tree, list) of information management objects.

[0078] MetadataInfoObjRel: Stores the relationship between metadata fields and information management objects, mainly including business document ID, table name, field name, management object Id, additional conditions (conditional restrictions in some special cases)

[0079] RoleInfoObjRights: stores the authorization data of role information management objects, mainly including organization Id, role Id, information management object name, authority ID (organization management object is organization Id, operator manageme...

Embodiment 3

[0096] This embodiment is used to illustrate that information permissions can be controlled vertically and horizontally, refer to image 3 , listed the three-tier organization of East China region, branch, and office, and there are marketing departments under the organization.

[0097] The goal of vertical control is that in the customer relationship, pre-sales customers are confidential data to any organization, and there are pre-sales customer data that can be viewed by superiors. The specific implementation method is:

[0098] 1. In the information permission setting: the system administrator starts the organization and salesperson management objects, and then selects the pre-sales customer business document in the metadata, and sets the organization field to bind the organization information management object, and the salesperson field to bind the business information management object.

[0099] 2. In information authority control: In this way, anyone in the system who h...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a multi-dimensional authority model design method for matrix management. The method comprises the following steps that: a system administrator grants information authority to a user or a role through an information management object: after the information management object is started, the system administrator performs information access authority authorization on the user or the role, and binds the metadata field with the management object; in the metadata, an accessible range of the information resource is defined, and one data type of the information resource is bound with the information resource object; the system administrator grants accessible data range permission to each information management object of a user or a role on an authorization interface, and controls the range of accessible resources by setting information management object values or conditions. According to the method, longitudinal and vertical management and control of the business document can be processed, transverse business cooperation of the business document can be processed, the information management object is used as an information authority control dimension, and the information authority is conveniently, quickly and accurately controlled through information resource authorization of the information management object.

Description

technical field [0001] The invention relates to the technical field of authority management, in particular to a multi-dimensional authority model design method for matrix management. Background technique [0002] Traditional authority management method 1: authority means that the system (or organization) grants a specific user certain operating rights (or functions) to information resources (or objects); Have the right to prepare procurement plans, enter purchase orders, receive purchased materials, and pay suppliers. The specific implementation method is: separately define the user's operation authority to the information resources; this is one of the most important foundations of the information system data security. [0003] However, since the system administrator needs to individually authorize all operable information resources of all users, the workload is huge; [0004] Traditional rights management method 2: The concept of roles has been introduced internationally;...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/31G06F21/45G06F16/242G06F16/26
CPCG06F21/31G06F21/45G06F16/2433G06F16/26
Inventor 丰立新李伯鸣
Owner 杭州新中大科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products