Supercharge Your Innovation With Domain-Expert AI Agents!

Resource access control method, system and device, equipment and medium

A technology of resource access and control methods, applied in the field of devices, electronic equipment and storage media, resource access control methods, and systems, capable of solving problems affecting application performance and increasing pressure on databases, etc.

Pending Publication Date: 2021-05-18
CCB FINTECH CO LTD
View PDF8 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this way, each request will increase at least one database query operation for permission information, resulting in at least double the pressure on the database, thereby affecting the performance of the application

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Resource access control method, system and device, equipment and medium
  • Resource access control method, system and device, equipment and medium
  • Resource access control method, system and device, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0041] figure 1 It is a flow diagram of a resource access control method provided by Embodiment 1 of the present invention. This method is applicable to when a Web application requests resources from a server, and the server checks the requester's access rights to prevent requests without access rights from The emergence of unauthorized access to resources. The resource access control method can be executed by a resource access control device, and the device can be implemented in the form of software and / or hardware.

[0042] like figure 1 As shown, the resource access control method provided in this embodiment includes the following steps:

[0043] Step 110: When receiving an operation request for the currently displayed resource, determine the operating user identifier of the current user who triggers the operation request.

[0044]Wherein, the currently displayed resource may specifically be an article displayed on a terminal interface, or an operation page of a specific...

Embodiment 2

[0061] figure 2 It is a schematic flowchart of a resource access control method provided in Embodiment 2 of the present invention. On the basis of the above embodiments, this embodiment further optimizes the solution, specifically for the above step 120 "according to the operating user ID and the pre-acquired reference user ID with operation authority on the current display resource, Determining whether the current user has the operation authority of the current display resource" provides an optional implementation manner. Wherein, the same or similar descriptions will not be repeated in this embodiment, and relevant explanations of the foregoing embodiments may be referred to.

[0062] like figure 2 As shown, the resource access control method includes the following steps:

[0063] Step 210: When receiving an operation request for the currently displayed resource, determine the operating user identifier of the current user who triggers the operation request.

[0064] St...

Embodiment 3

[0083] image 3 It is a schematic flowchart of a resource access control method provided in Embodiment 2 of the present invention. On the basis of the above embodiments, this embodiment further optimizes the solution, specifically for the above step 120 "according to the operating user ID and the pre-acquired reference user ID with operation authority on the current display resource, Determining whether the current user has the operation authority of the currently displayed resource" presents another optional implementation manner. Wherein, the same or similar descriptions will not be repeated in this embodiment, and relevant explanations of the foregoing embodiments may be referred to.

[0084] Such as image 3 As shown, the resource access control method includes the following steps:

[0085] Step 310: When receiving an operation request for the currently displayed resource, determine the operating user identifier of the current user who triggers the operation request.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a resource access control method, system and device, electronic equipment and a storage medium. The method comprises the steps: determining an operation user identifier for triggering an operation request when the operation request for the current display resource is received; according to the operation user identifier and a pre-acquired reference user identifier having an operation authority for the current display resource, determining whether the current user has the operation authority; and if the current user has the operation authority, responding to the operation request, otherwise, refusing to respond to the operation request. According to the technical scheme provided by the embodiment of the invention, the number of query operations on the database in the permission verification process is reduced, the database pressure is reduced, and the application performance is improved.

Description

technical field [0001] The embodiments of the present invention relate to the field of computer technology, and in particular, to a resource access control method, system, device, electronic equipment, and storage medium. Background technique [0002] BAC (Broken Access Control, unauthorized access) is a common vulnerability in Web applications. Unauthorized access is a vulnerability caused by a "data-based access control" design defect. It is an unauthorized data access vulnerability caused by the server side not judging the owner / group of the data when it receives a data request for operation. Horizontal overreach vulnerabilities generally occur when a user object is associated with multiple other objects (such as orders or addresses, etc.), and the process of adding, deleting, modifying, and checking the associated objects is implemented. [0003] Unauthorized access means that after an attacker obtains a low-privilege user account, he uses some methods to bypass the per...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/60G06F21/62
CPCG06F21/604G06F21/6218G06F2221/2141
Inventor 黄阳
Owner CCB FINTECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com