Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Unified data access service type fine-grained authority control method and system

A data access and authority control technology, applied in database management systems, digital data authentication, data processing applications, etc., can solve the problems of coarse control of data authority granularity and uncontrollable data authority, and achieve the effect of safe open sharing

Pending Publication Date: 2021-12-10
科大国创云网科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The technical problem to be solved by the present invention is: how to solve the problem that the data permission granularity control is too coarse or even uncontrollable during the use of data, and a fine-grained permission control method of unified data access service type is provided

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Unified data access service type fine-grained authority control method and system
  • Unified data access service type fine-grained authority control method and system
  • Unified data access service type fine-grained authority control method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] This embodiment provides a technical solution: a unified data access service-type fine-grained authority control method, including the following steps:

[0045] S1: Data asset metadata management

[0046] Use the database to store the metadata information of the enterprise's data assets;

[0047] S2: Configure Metadata Property Access Permissions

[0048] Configure the access rights of metadata attributes based on metadata through the page, and synchronize them to the authentication database redis;

[0049] S3: access policy match

[0050] When the user makes a data service call, the server intercepts the data access before calling, and obtains the data service call message and matches the access strategy for the message analysis;

[0051] S4: Matching judgment

[0052] If the matching is successful, the data service call is made, and if the matching fails, the data service call is rejected.

[0053] In this example, if figure 1 As shown, the metadata information ...

Embodiment 2

[0066] like Figure 4 As shown, it is an implementation flowchart of the fine-grained authority control method of the unified data access service in this embodiment. First, the client (user) submits a single entity read service request, and then the server uses an interceptor to intercept data access and obtain the request report. text and parse it, wherein, the request message includes the following information: APPID, SPECID, query field, query condition; then go to the cache database (redis) to query data authorization information according to APPID and SPECID, and confirm whether there is authorization information and authorization Information will continue to obtain its policy_type (authorization policy type), and then judge the authorization policy type. If there is no authorization information, it will prompt the user to call the service without authorization; when judging the authorization policy type, when the authorization policy type is attribute_auth (attribute Aut...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a unified data access service type fine-grained authority control method and system, which belong to the technical field of data access authority control. The method comprises the steps of S1, data asset metadata management, S2, configuring a metadata attribute access permission, S3, matching an access strategy, and S3, access strategy matching. Service authorization and authentication are carried out based on the metadata, so that the security of the data in the opening process is improved; a redis cache technology is adopted, so that metadata and an authorization strategy do not need to be read repeatedly in a data authentication process, and the data authentication efficiency is improved; a spring interceptor technology is adopted, so that the data service has smaller invasiveness in enterprise data service transformation, granularity control transformation of the data service can be completed without reconstructing a data service code, and the technology use cost is reduced; authority control is carried out in a mode of driving data service by metadata, and the normalization of data use can be improved at the level of data governance, so that the data quality is improved.

Description

technical field [0001] The invention relates to the technical field of data access authority control, in particular to a unified data access service-type fine-grained authority control method and system. Background technique [0002] For an enterprise, data is the asset of the enterprise, and data leakage is the loss of assets of the enterprise. So how to ensure the security of data sharing in the process of enterprise system construction, and how to have more fine-grained data security control. It has always been the goal that all enterprises are striving to achieve. [0003] At present, in traditional project construction, when it comes to data interaction and sharing between systems, many systems adopt the following data interaction scheme: access directly by the peer program through an open database, and the security level of this method It is relatively low. If the authority of the database user is not well controlled, database tampering, data leakage and other danger...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06Q10/06G06F16/25G06F21/31
CPCG06Q10/06311G06F21/31G06F16/252
Inventor 倪亮张军伟徐况王震李飞
Owner 科大国创云网科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com