CN103067463A - Centralized management system and centralized management method for user root permission - Google Patents
Centralized management system and centralized management method for user root permission Download PDFInfo
- Publication number
- CN103067463A CN103067463A CN201210557359XA CN201210557359A CN103067463A CN 103067463 A CN103067463 A CN 103067463A CN 201210557359X A CN201210557359X A CN 201210557359XA CN 201210557359 A CN201210557359 A CN 201210557359A CN 103067463 A CN103067463 A CN 103067463A
- Authority
- CN
- China
- Prior art keywords
- server
- user
- authority
- information
- data center
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title claims abstract description 57
- 230000004048 modification Effects 0.000 claims abstract description 17
- 238000012986 modification Methods 0.000 claims abstract description 17
- 238000000034 method Methods 0.000 claims description 23
- 238000012795 verification Methods 0.000 claims description 21
- 230000000295 complement effect Effects 0.000 claims description 10
- 238000004891 communication Methods 0.000 claims description 3
- 230000001360 synchronised effect Effects 0.000 claims description 2
- 238000013475 authorization Methods 0.000 abstract description 4
- 238000005516 engineering process Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 241000282326 Felis catus Species 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000012217 deletion Methods 0.000 description 3
- 230000037430 deletion Effects 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000009849 deactivation Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a centralized management system and a centralized management method for user root permission. The centralized management system for the user root permission comprises an authorization management server, a data center and a server cluster, wherein after the authorization management server receives user permission modification information, the authorization management server updates record in a permission information data base of the data center; after a user logs in and inputs a root permission command, servers in the server cluster generate a query condition according to a login user name of the user, the name of the root permission command and a server identification and uses the query condition to query the data center; according to the query results, the root permission command is determined to be executed or not. The user permission information is stored in the data center, centralized management is carried out on the user root permission of each server in the server cluster through the data center, all user permission information is not needed to be stored in configuration files of each sever, and therefore the resources in the system are largely saved.
Description
Technical field
The present invention relates to computer technology, relate in particular to user root authority centralized management system and management method in the computer operating system.
Background technology
The root(root) authority is a kind of of System Privileges, with the System(system) authority can be understood as a concept, but is higher than the Administrator(keeper) authority; Root account is the super administrator account in Linux and the Unix system, and this account has whole system highest weight limit, can start or stop a process, deletion or increase user, increase or forbidding hardware etc.
For example, the user who has a root authority in linux system can input the order of root authority in order line and carry out some function.Domestic consumer for non-root user, operating system also can allow it to use some root authority order: in the configuration file/etc/sudoers of linux system, recorded the user name of domestic consumer, and the corresponding relation between the order of the spendable root authority of the user who adopts this user name to login.After the user is with this user name login system, if in the order of order line input root authority, then operating system is searched first the corresponding root authority of this user name order of putting down in writing among configuration file/etc/sudoers, if comprising the order of the current input of user, show that then this user is authorized to, operating system is carried out this order; If wherein do not comprise the order of the current input of user, then show this order of the uncommitted use of this user, operating system will refuse to carry out this order.Root user has the authority of revising above-mentioned configuration file/etc/sudoers.
For the root rights management of the operating system of separate unit server, can revise configuration file/etc/sudoers by root user and finish; If need to manage concentratedly the root authority order in the operating system of multiple servers, then can be more loaded down with trivial details; Usually the user root authority centralized management system that adopts as shown in Figure 1, needs in this system the root authority order in the operating system of each server in a plurality of server clusters is managed concentratedly; For example, need to manage concentratedly the root authority order in the operating system of each server among server cluster A, B, the C.So, the keeper is according to configuration file format, in configuration file, revise or added user right information after be submitted to SVN(Subversion, the version control system of an open source code), further be issued to Cfengine(Unix management tool by SVN) root node, further be issued to the Cfengine two-level node by the Cfengine root node, by the Cfengine two-level node with each server in the server cluster that configuration file is issued to this node is communicated by letter.
Server A (10.0.0.1) authority in the user A application server cluster A describes as example: after the keeper who has a root authority obtains the information of up-to-date configuration file/etc/sudoers by SVN, revise or add the authority information of user A:
Cmnd_Alias CMD_CAT =/bin/cat
USERA 10.0.0.1 =root NOPASSWD:CMD_CAT
It shows that user A is the execution authority of root authority order/bin/cat of having of the server A of 10.0.0.1 to the IP address.
The keeper is submitted to SVN with amended configuration file, by SVN by the Cfengine root node, by the Cfengine root node by each Cfengine two-level node, by each Cfengine two-level node to server cluster that this node is communicated by letter in each server send.
After server A got access to configuration file, Authorized operation was finished; After the operating system of user A logon server A, can use root authority order/bin/cat according to configuration file.
Yet, the present inventor's discovery, the system of prior art also has been issued to above-mentioned configuration file in other server; For other server, the user A that records in the configuration file to server A have/right of execution of bin/cat is limited to redundant information; Along with the sharp increase of the quantity of the server of needs centralized management, the increase of number of users, the redundant information that records in the configuration file causes the wasting of resources with jumbo growth.
Summary of the invention
Embodiments of the invention provide a kind of user root authority centralized management system and management method, in order to save the resource in the user root authority centralized management system.
According to an aspect of the present invention, provide authoring system in a kind of root authority command set, having comprised: empowerment management server, data center, and server cluster; Wherein,
Described empowerment management server generates corresponding data base manipulation statement after being used for receiving the user right modification information of the keeper's input with root authority; And according to the data base manipulation statement that generates, upgrade the record in the authority information database of described data center;
Server in the described server cluster according to the user name generated query condition of this user's login, sends the query requests of carrying described querying condition to described data center after user's login, the order of input root authority; Described data center is according to the query requests that receives, and the information of the user right that is complementary with described querying condition in the described authority information database is returned as Query Result; Described server confirms according to the Query Result that returns whether Authority Verification passes through; If confirm to pass through, then carry out the root authority order of input;
Wherein, user right modification information comprises: the information of revising type and user right; The information of described user right comprises: user name, this user that the user uses asks server identification, this user of the server of authorizing to ask to authorize the title of the root authority order of this server.
According to another aspect of the present invention, also provide authorization method in a kind of root authority command set, having comprised:
Server in the server cluster according to the user name generated query condition of this user's login, sends the query requests of carrying described querying condition to data center after the user logins the order of input root authority;
Described data center is according to the query requests that receives, and the information of the user right that is complementary with described querying condition in the authority information database is returned as Query Result;
Described server confirms according to the Query Result that returns whether Authority Verification passes through; If confirm to pass through, then carry out the root authority order of input;
Wherein, record in the authority information database of described data center is by the empowerment management server update: described empowerment management server generates corresponding data base manipulation statement after receiving the user right modification information of the keeper's input with root authority; And according to the data base manipulation statement that generates, upgrade the record in the authority information database of described data center.
The embodiment of the invention is owing to being stored in data center with user right information, by data center is unified the user root authority of each server in the server cluster is managed concentratedly, and needn't in the configuration file of every station server, store all user right information such as existing technology; Thereby greatly saved the storage resources of the resource in the system, especially each server; So that whole system is with lower cost, the user root authority of the more huge server cluster of centralized management more rapidly.
Description of drawings
Fig. 1 is the schematic diagram of the user root authority centralized management system of prior art;
Fig. 2 a, 2b are the schematic diagram of the user root authority centralized management system of the embodiment of the invention;
Fig. 3 is the method flow diagram of empowerment management in the user root authority set of the embodiment of the invention;
Fig. 4 be the embodiment of the invention according to data center's canned data, each server in the server cluster carried out the method flow diagram of verifying in the user root authority set.
Embodiment
For making purpose of the present invention, technical scheme and advantage clearer, referring to accompanying drawing and enumerate preferred embodiment, the present invention is described in more detail.Yet, need to prove, many details of listing in the specification only are in order to make the reader to one or more aspects of the present invention a thorough understanding be arranged, even if there are not these specific details also can realize these aspects of the present invention.
The terms such as " module " used in this application, " system " are intended to comprise the entity relevant with computer, such as but not limited to hardware, firmware, combination thereof, software or executory software.For example, module can be, but be not limited in: the thread of the process of moving on the processor, processor, object, executable program, execution, program and/or computer.For instance, the application program of moving on the computing equipment and this computing equipment can be modules.One or more modules can be positioned at an executory process and/or thread, and module also can be on the computer and/or be distributed between two or more the computers.
The present inventor considers, behind the user login services device, the method for using configuration file that Authority Verification is carried out in the order of its input relatively is fit to the management to the root authority order of separate unit server; Still adopt the method that the root authority order of server cluster is managed, then very inapplicable; Therefore, in the embodiments of the invention, in data center, stored the execution authority of the root authority order that the user has each server, each server in the server cluster can be when carrying out Authority Verification to the order of user's input, communicate by letter with data center, carry out Authority Verification according to the authority information of its storage; Like this, also be convenient to the root authority order and concentrate mandate.Because Authority Verification is mainly finished by data center, needn't store a large amount of profile informations in each server, does not more have the redundant information of the authority information of other server, thereby has greatly saved the resource of concentrated authoring system.
Describe the technical scheme of the embodiment of the invention in detail below in conjunction with accompanying drawing.The user root authority centralized management system that the embodiment of the invention provides shown in Fig. 2 a, comprising: empowerment management server 201, data center 202, and each server 203 in the server cluster.
Method flow by empowerment management in the user root authority set of each server 203 in 201 pairs of server clusters of empowerment management server as shown in Figure 3, comprises the steps:
S301: the user right of empowerment management server 201 receiving management persons input is revised information.
Particularly, in the empowerment management server 201 rights management software can be installed, when the keeper with root authority moved this rights management software, this software can provide inputting interface or the WEB page; Input user right by inputting interface or WEB page management person and revise information.User right is revised information and is specifically comprised: the information of revising type and user right.
Wherein, the modification type of keeper input can comprise: add (add), deletion (delete), and some other operations revise types, such as reading (read) etc.
The information of the user right of keeper input comprises: user name, the user that the user uses asks server identification, the user of the server of authorizing to ask to authorize the title of the root authority order of this server; Wherein, server identification specifically can be the IP address of server.
Preferably, according to the similarity of user's operation, the user name with user of similar operations can be divided in same user's group, namely can comprise a plurality of user names in user's group; Also some root authority orders can be divided in the root authority command history, namely can comprise the title of a plurality of root authority order in root authority command history;
So, a kind of method of inputting in higher efficiency the information of user right can be, the information of user right of input can also comprise: the title of user's group, the user of this user's group asks the user of server identification, this user's group of the server of authorizing to ask to authorize the title of the root authority command history of this server.
Further, the information of user right also can comprise: the information such as the effective time of mandate, mandate remarks.
S302: empowerment management server 201 is revised information according to the user right of input, generates corresponding data base manipulation statement.
Particularly, rights management software in the empowerment management server 201 is revised information according to the user right of input, call and revise the corresponding api function of type, according to the corresponding data base manipulation statement of Information generation of the user right in the user right modification information of input.
For example, revise type for add, then call the API(Application Program Interface that adds record, application programming interfaces) function, the data base manipulation statement of the information of the user right in the user right modification information of generation interpolation input;
Revise type for delete, then call the api function of deletion record, generate the data base manipulation statement of the information of the user right in the user right modification information of deleting input.
S303: empowerment management server 201 upgrades the record in the authority information database in the data center 202 according to the data base manipulation statement that generates.
Particularly, in the authority information database of data center 202, recorded the information of user right; Empowerment management server 201 can according to the data base manipulation statement that generates, upgrade the record in the authority information database in the data center 202.Preferably, empowerment management server 201 can adopt the record in the authority information database in the Hive technology innovation data center 202; The data base manipulation statement that generates among the above-mentioned steps S302 specifically can be Hive SQL(Structured Query Language, SQL) statement.
Preferably, the authority information database in the data center 202 can be LDAP(Lightweight Directory Access Protocol, LDAP) database.
According to data center's canned data, each server 203 in the server cluster carried out the method flow diagram verified in the user root authority set, as shown in Figure 4, comprise the steps:
S401: server 203 if the user inputs the order of root authority, then receives the root authority order of this user's input after non-root user's login.
S402: server 203 generated query conditions, and to data center's 202 transmission query requests, the authority information database in the data query center 202; Wherein, carry the querying condition of generation in the query requests.
In this step, server 203 can according to the user name generated query condition of user's login, send query requests according to the querying condition that generates to data center 202; Perhaps,
In fact, pre-configured Authority Verification mode in the operating system of server 203, and the network address of data center 202; Pre-configured according to this, after this user inputted the order of root authority, operating system was removed to inquire about remote data base according to the Authority Verification mode of configuration and is carried out Authority Verification rather than carry out Authority Verification by configuration file; The pre-configured network address has then indicated the reference address of remote data base.Therefore, server 203 can according to the pre-configured network address, send the querying condition that generates to data center 202.
The inquiry remote data base carries out the technology that the Authority Verification of user's authority order is well known to those skilled in the art; In fact, along with NIS(Network Information System, the network information service) and DNS(Domain Name System, domain name system) appearance, search user profile and system information and just not only finished by the search local file.Checked in the past ,/the etc/sudoer file just can obtain user right information, and can search this category information with number of ways now.For example, file/etc/nsswitch.conf(Name Service Switch Configuration, name Service handover configurations) stipulated sequentially search the information of particular type by these approach by which approach and according to what.If can also specify certain method to prove effective or what action deactivation system will take.Every delegation configuration among the file nsswitch.conf has all indicated the information of how searching for, such as the root authority information.Nsswitch.conf can be configured to as follows:
sudoers ldap
Like this, after the user inputted the order of root authority, operating system was removed to inquire about the remote data base ldap database according to the Authority Verification mode of configuration and is obtained relevant information and carry out Authority Verification.The inquiry of relevant information is carried out in two of the common transmissions of the operating system of server 203 or three data query requests in this proof procedure to remote data base; And carry out Authority Verification according to the information of returning.First request is used for resolving global configuration (being used for control verification certification level); Second request is used for the user's of match query information; If do not return the user of coupling, the 3rd request is used for all data clauses and subclauses of inquiry, checks whether the user belongs to one of them.
S403: the Query Result that server 203 returns according to data center 202 confirms whether Authority Verification passes through; Pass through execution in step S404 if confirm; Otherwise, execution in step S405.
If server 203 sends to the querying condition in the query requests of data center 202, only to generate according to user name, then data center 202 is according to this query requests, behind the search access right information database, will with querying condition in the information of user right of user name coupling return to server 203 as Query Result; Server 203 is according to this Query Result, therefrom searches the information whether user right that the server identification with the title of the root authority order of input, book server is complementary is arranged; If have, confirm to pass through; Otherwise checking is not passed through.
If server 203 sends to the querying condition in the query requests of data center 202, to generate according to the server identification of user name, book server, then data center 202 is according to this query requests, behind the search access right information database, will with querying condition in user name and the information of the user right that is complementary of server identification return to server 203 as Query Result; Server 203 is according to this Query Result, therefrom searches the information whether user right that the title with the root authority order of input is complementary is arranged; If have, confirm to pass through; Otherwise checking is not passed through.
If server 203 sends to the querying condition in the query requests of data center 202, that the title according to the root authority order of user name, input, the server identification of book server generate, then data center 202 is according to this query requests, behind the search access right information database, will with querying condition in the information of the user right that is complementary of the title of user name, server identification, the order of root authority return to server 203 as Query Result; If include the information of user right in the Query Result that server 203 receives, then confirm to pass through; Otherwise checking is not passed through.
S404: server 203 is carried out the root authority order of user's input.
S405: server 203 is not carried out the root authority order of user's input, and shows uncommitted information.
More preferably, if system need to manage a plurality of server clusters, then the data center 202 among Fig. 2 a specifically can shown in Fig. 2 b, comprise: main database server 211 and a plurality of from database server 212; Each is responsible for user root authority centralized management of server clusters from database server 212, namely each server cluster is assigned one and communicates by letter with it from database server.Each authority information database from database server realize with described main database server in the authority information database synchronization.
For having hypotactic data center, among the above-mentioned steps S303, empowerment management server 201 upgrades the record in the authority information database in the data center 202 according to the data base manipulation statement that generates, and specifically comprises:
After main database server 211 was finished the authority information database update, main database server 211 more new data was synchronized to respectively from the authority information database of database server 212; After synchronizing process is finished, respectively from database server 212, store the database with the database identical content of main database server 211.
With each server the server cluster of communicating by letter from database server 212, according to the information from database server stores, carry out the method verified in the user root authority set identical with the method described in above-mentioned Fig. 4, be among the above-mentioned steps S402, server 203 is according to the querying condition that generates, authority information database in the data query center 202, be specially: server 203 is inquired about the authority information database from database server with book server place server set group communication according to the querying condition that generates; And pre-configured in each server in this server cluster should be from the network address of database server.
The embodiment of the invention is owing to being stored in data center with user right information, by data center is unified the user root authority of each server in the server cluster is managed concentratedly, and needn't in the configuration file of every station server, store all user right information such as existing technology; Thereby greatly saved the storage resources of the resource in the system, especially each server; So that whole system is with lower cost, the user root authority of the more huge server cluster of centralized management more rapidly.
One of ordinary skill in the art will appreciate that all or part of step that realizes in above-described embodiment method is to come the relevant hardware of instruction to finish by program, this program can be stored in the computer read/write memory medium, as: ROM/RAM, magnetic disc, CD etc.
The above only is preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (10)
1. a user root authority centralized management system comprises: empowerment management server, data center, and server cluster; Wherein,
Described empowerment management server generates corresponding data base manipulation statement after being used for receiving the user right modification information of the keeper's input with root root authority; And according to the data base manipulation statement that generates, upgrade the record in the authority information database of described data center;
Server in the described server cluster according to the user name generated query condition of this user's login, sends the query requests of carrying described querying condition to described data center after user's login, the order of input root authority; Described data center is according to the query requests that receives, and the information of the user right that is complementary with described querying condition in the described authority information database is returned as Query Result; Described server confirms according to the Query Result that returns whether Authority Verification passes through; If confirm to pass through, then carry out the root authority order of input;
Wherein, user right modification information comprises: the information of revising type and user right; The information of described user right comprises: user name, this user that the user uses asks server identification, this user of the server of authorizing to ask to authorize the title of the root authority order of this server.
2. the system as claimed in claim 1 is characterized in that, described server cluster is a plurality of, and described data center specifically comprises: main database server, and a plurality of from database server; Each server cluster is assigned one and communicates by letter with it from database server; Each authority information database from database server and the authority information database synchronization in the described main database server; And
Described empowerment management server specifically is used for according to the data base manipulation statement that generates, and upgrades the record in the authority information database of described main database server.
3. system as claimed in claim 1 or 2, it is characterized in that, the information of described user right also comprises: the title of user group, and the user of this user's group asks the user of server identification, this user's group of the server of authorizing to ask to authorize the title of the root authority command history of this server; Wherein, comprise a plurality of user names in described user's group, comprise the title of a plurality of root authority order in the described root authority command history.
4. management method in the user root authority set comprises:
Server in the server cluster according to the user name generated query condition of this user's login, sends the query requests of carrying described querying condition to data center after the user logins the order of input root authority;
Described data center is according to the query requests that receives, and the information of the user right that is complementary with described querying condition in the authority information database is returned as Query Result;
Described server confirms according to the Query Result that returns whether Authority Verification passes through; If confirm to pass through, then carry out the root authority order of input;
Wherein, record in the authority information database of described data center is by the empowerment management server update: described empowerment management server generates corresponding data base manipulation statement after receiving the user right modification information of the keeper's input with root authority; And according to the data base manipulation statement that generates, upgrade the record in the authority information database of described data center.
5. method as claimed in claim 4 is characterized in that, described server confirms that according to the Query Result that returns whether Authority Verification is by being specially:
Described server is according to the Query Result that returns, and therefrom searches the information whether user right that the server identification with the title of the root authority order of input, book server is complementary is arranged; If have, confirm to pass through; Otherwise, confirm not pass through.
6. method as claimed in claim 4 is characterized in that, also comprises in the described querying condition: the server identification of book server; And
Described server confirms that according to the Query Result that returns whether Authority Verification is by being specially:
Described server is according to the Query Result that returns, and therefrom searches the information whether user right that the title with the root authority order of input is complementary is arranged; If have, confirm to pass through; Otherwise, confirm not pass through.
7. method as claimed in claim 4 is characterized in that, also comprises in the described querying condition: the title of the root authority order of the server identification of book server, input; And
Described server confirms that according to the Query Result that returns whether Authority Verification is by being specially:
If include the information of user right in the Query Result that described server receives, then confirm to pass through; Otherwise, confirm not pass through.
8. such as the arbitrary described method of claim 4-7, it is characterized in that, described data center specifically comprises: main database server, and a plurality of from database server; And
Described server cluster is a plurality of, and each server cluster is assigned one and communicates by letter with it from database server; And
Described data base manipulation statement according to generating, the record that upgrades in the authority information database of described data center specifically comprises:
Described empowerment management server upgrades the record in the authority information database in the described main database server according to the data base manipulation statement that generates;
Described main database server more new data is synchronized to respectively from database server; And
This querying condition inquiry of described use is specially with the authority information database of the data center of described server set group communication:
Server in the described server cluster uses the authority information database from database server of this querying condition inquiry and book server place server set group communication.
9. method as claimed in claim 8, it is characterized in that, the information of described user right also comprises: the title of user group, and the user of this user's group asks the user of server identification, this user's group of the server of authorizing to ask to authorize the title of the root authority command history of this server; Wherein, comprise a plurality of user names in described user's group, comprise the title of a plurality of root authority order in the described root authority command history.
10. method as claimed in claim 9 is characterized in that, described empowerment management server generates corresponding data base manipulation statement after receiving the user right modification information of the keeper's input with root authority, specifically comprises:
After described empowerment management server receives the user right modification information of the keeper's input with root authority, call with described user right modification information in revise the corresponding api function of type, according to the corresponding data base manipulation statement of Information generation of the user right in the described user right modification information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210557359.XA CN103067463B (en) | 2012-12-19 | 2012-12-19 | user root authority centralized management system and management method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210557359.XA CN103067463B (en) | 2012-12-19 | 2012-12-19 | user root authority centralized management system and management method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103067463A true CN103067463A (en) | 2013-04-24 |
| CN103067463B CN103067463B (en) | 2016-05-11 |
Family
ID=48109917
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210557359.XA Active CN103067463B (en) | 2012-12-19 | 2012-12-19 | user root authority centralized management system and management method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103067463B (en) |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103365685A (en) * | 2013-06-03 | 2013-10-23 | 深圳创维无线技术有限公司 | Super authority method and super authority device based on android |
| CN103826215A (en) * | 2014-02-11 | 2014-05-28 | 北京奇虎科技有限公司 | Method and apparatus for carrying out root authority management at terminal equipment |
| WO2014194721A1 (en) * | 2013-06-07 | 2014-12-11 | Tencent Technology (Shenzhen) Company Limited | System and method for centralizedly controlling server user rights |
| CN104618486A (en) * | 2015-02-06 | 2015-05-13 | 浪潮电子信息产业股份有限公司 | Unified management method of multi-platform users of cluster storage system |
| CN105303119A (en) * | 2015-09-14 | 2016-02-03 | 浪潮集团有限公司 | Multi-data center privilege management method and system |
| WO2016029793A1 (en) * | 2014-08-26 | 2016-03-03 | 阿里巴巴集团控股有限公司 | Processing method, device, and system for interactive information |
| CN105956457A (en) * | 2016-04-27 | 2016-09-21 | 四川秘无痕信息安全技术有限责任公司 | Method for frequently executing root privilege operations and acquiring real-time result feedbacks |
| CN107517124A (en) * | 2017-07-18 | 2017-12-26 | 交控科技股份有限公司 | Method and device based on Transmission Control Protocol Remote configuration Version Management Software SVN authorities |
| CN108563958A (en) * | 2018-04-17 | 2018-09-21 | 平安普惠企业管理有限公司 | Role-security update method, device, computer equipment and storage medium |
| CN109359443A (en) * | 2018-09-07 | 2019-02-19 | 郑州云海信息技术有限公司 | An interface implementation method for editing locally authenticated users in a distributed block storage system |
| CN109408593A (en) * | 2018-10-16 | 2019-03-01 | 国家电网有限公司 | A kind of data base management system, device and method |
| CN109522368A (en) * | 2018-09-28 | 2019-03-26 | 北京英视睿达科技有限公司 | A kind of method for managing user right and system |
| CN109543420A (en) * | 2018-09-29 | 2019-03-29 | 中国平安人寿保险股份有限公司 | Authority configuring method, device, electronic equipment and storage medium based on sudo |
| CN109711147A (en) * | 2019-01-02 | 2019-05-03 | 浪潮商用机器有限公司 | Separation management method, device, system and storage medium of operating system |
| CN109784087A (en) * | 2018-12-13 | 2019-05-21 | 平安科技(深圳)有限公司 | Method, apparatus, medium and the electronic equipment of virtual platform user authority management |
| CN110968568A (en) * | 2019-12-04 | 2020-04-07 | 常熟理工学院 | Database management system |
| CN111414423A (en) * | 2020-03-20 | 2020-07-14 | 北京金山云网络技术有限公司 | MongoDB database operation method and device and server |
| CN112688983A (en) * | 2019-10-18 | 2021-04-20 | 顺丰科技有限公司 | Proxy right management device, terminal device and storage medium |
| CN115348185A (en) * | 2022-08-19 | 2022-11-15 | 招银云创信息技术有限公司 | Control method and control device of distributed query engine |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080028449A1 (en) * | 2006-07-28 | 2008-01-31 | Canon Kabushiki Kaisha | Authority management apparatus authority management system and authority management method |
| CN101170409A (en) * | 2006-10-24 | 2008-04-30 | 华为技术有限公司 | Method, system, service device and authentication server for realizing device access control |
| CN102088351A (en) * | 2009-12-08 | 2011-06-08 | 长春吉大正元信息技术股份有限公司 | Authorization management system and implementation method thereof |
| CN102088350A (en) * | 2009-12-08 | 2011-06-08 | 长春吉大正元信息技术股份有限公司 | Directory service-based authorization management system and implementation method thereof |
-
2012
- 2012-12-19 CN CN201210557359.XA patent/CN103067463B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080028449A1 (en) * | 2006-07-28 | 2008-01-31 | Canon Kabushiki Kaisha | Authority management apparatus authority management system and authority management method |
| CN101170409A (en) * | 2006-10-24 | 2008-04-30 | 华为技术有限公司 | Method, system, service device and authentication server for realizing device access control |
| CN102088351A (en) * | 2009-12-08 | 2011-06-08 | 长春吉大正元信息技术股份有限公司 | Authorization management system and implementation method thereof |
| CN102088350A (en) * | 2009-12-08 | 2011-06-08 | 长春吉大正元信息技术股份有限公司 | Directory service-based authorization management system and implementation method thereof |
Cited By (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103365685A (en) * | 2013-06-03 | 2013-10-23 | 深圳创维无线技术有限公司 | Super authority method and super authority device based on android |
| US9524382B2 (en) | 2013-06-07 | 2016-12-20 | Tencent Technology (Shenzhen) Company Limited | System and method for centralizedly controlling server user rights |
| WO2014194721A1 (en) * | 2013-06-07 | 2014-12-11 | Tencent Technology (Shenzhen) Company Limited | System and method for centralizedly controlling server user rights |
| CN103826215A (en) * | 2014-02-11 | 2014-05-28 | 北京奇虎科技有限公司 | Method and apparatus for carrying out root authority management at terminal equipment |
| CN103826215B (en) * | 2014-02-11 | 2018-03-02 | 北京奇虎科技有限公司 | A kind of method and apparatus for carrying out Root authority management on the terminal device |
| TWI684149B (en) * | 2014-08-26 | 2020-02-01 | 香港商阿里巴巴集團服務有限公司 | Interactive information processing method, device and system |
| WO2016029793A1 (en) * | 2014-08-26 | 2016-03-03 | 阿里巴巴集团控股有限公司 | Processing method, device, and system for interactive information |
| CN104618486A (en) * | 2015-02-06 | 2015-05-13 | 浪潮电子信息产业股份有限公司 | Unified management method of multi-platform users of cluster storage system |
| CN105303119A (en) * | 2015-09-14 | 2016-02-03 | 浪潮集团有限公司 | Multi-data center privilege management method and system |
| CN105956457A (en) * | 2016-04-27 | 2016-09-21 | 四川秘无痕信息安全技术有限责任公司 | Method for frequently executing root privilege operations and acquiring real-time result feedbacks |
| CN105956457B (en) * | 2016-04-27 | 2018-11-13 | 四川秘无痕信息安全技术有限责任公司 | A method of it frequently executing root authority and operates and obtain real-time results feedback |
| CN107517124A (en) * | 2017-07-18 | 2017-12-26 | 交控科技股份有限公司 | Method and device based on Transmission Control Protocol Remote configuration Version Management Software SVN authorities |
| CN108563958A (en) * | 2018-04-17 | 2018-09-21 | 平安普惠企业管理有限公司 | Role-security update method, device, computer equipment and storage medium |
| CN109359443A (en) * | 2018-09-07 | 2019-02-19 | 郑州云海信息技术有限公司 | An interface implementation method for editing locally authenticated users in a distributed block storage system |
| CN109522368A (en) * | 2018-09-28 | 2019-03-26 | 北京英视睿达科技有限公司 | A kind of method for managing user right and system |
| CN109543420A (en) * | 2018-09-29 | 2019-03-29 | 中国平安人寿保险股份有限公司 | Authority configuring method, device, electronic equipment and storage medium based on sudo |
| CN109543420B (en) * | 2018-09-29 | 2023-07-21 | 中国平安人寿保险股份有限公司 | Permission configuration method and device based on sud, electronic equipment and storage medium |
| CN109408593A (en) * | 2018-10-16 | 2019-03-01 | 国家电网有限公司 | A kind of data base management system, device and method |
| CN109784087A (en) * | 2018-12-13 | 2019-05-21 | 平安科技(深圳)有限公司 | Method, apparatus, medium and the electronic equipment of virtual platform user authority management |
| CN109711147B (en) * | 2019-01-02 | 2020-06-02 | 浪潮商用机器有限公司 | Separation management method, device, system and storage medium of operating system |
| CN109711147A (en) * | 2019-01-02 | 2019-05-03 | 浪潮商用机器有限公司 | Separation management method, device, system and storage medium of operating system |
| CN112688983A (en) * | 2019-10-18 | 2021-04-20 | 顺丰科技有限公司 | Proxy right management device, terminal device and storage medium |
| CN110968568A (en) * | 2019-12-04 | 2020-04-07 | 常熟理工学院 | Database management system |
| CN110968568B (en) * | 2019-12-04 | 2023-08-18 | 常熟理工学院 | Database management system |
| CN111414423A (en) * | 2020-03-20 | 2020-07-14 | 北京金山云网络技术有限公司 | MongoDB database operation method and device and server |
| CN111414423B (en) * | 2020-03-20 | 2023-07-25 | 北京金山云网络技术有限公司 | Method, device and server for operating MongoDB database |
| CN115348185A (en) * | 2022-08-19 | 2022-11-15 | 招银云创信息技术有限公司 | Control method and control device of distributed query engine |
| CN115348185B (en) * | 2022-08-19 | 2023-12-05 | 招银云创信息技术有限公司 | Control method and control device of distributed query engine |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103067463B (en) | 2016-05-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103067463A (en) | Centralized management system and centralized management method for user root permission | |
| US7200806B2 (en) | System and method for generating pre-populated forms | |
| US8255420B2 (en) | Distributed storage | |
| CN101568919B (en) | Single view of data in a networked computer system with distributed storage | |
| US8214355B2 (en) | Small table: multitenancy for lots of small tables on a cloud database | |
| CN109542861B (en) | File management method, device and system | |
| CN109144785A (en) | Method and apparatus for Backup Data | |
| CN104852965A (en) | Method and system for user account project management | |
| CN111783050A (en) | Role and authority control system of website user | |
| KR100977159B1 (en) | Method and system for managing file metadata transparent to data server address change and disk movement | |
| CN110674382A (en) | Data access method and device and data access system | |
| JP4273934B2 (en) | File system | |
| CN110798358B (en) | Distributed service identification method and device, computer readable medium and electronic equipment | |
| CN115906178A (en) | Database management method, data subscription end and data publishing end | |
| CN105653566B (en) | A kind of method and device for realizing database write access | |
| US20240168972A1 (en) | Data Distribution and Access within a Multi-Zone Computing Platform | |
| CN101894126B (en) | Method and system for storing volume attributes in database | |
| US20240411567A1 (en) | Systems, Methods and Computer Program Products for Remote Data Retrieval from Computing Devices | |
| US20240356762A1 (en) | Database tenant-level move | |
| CN108881479B (en) | Integrated message queue and message management method | |
| CN116055082B (en) | User management method and system based on OpenStack | |
| CN111428270A (en) | Distributed storage method and system for database based on optical disk | |
| US7836084B1 (en) | Central database routing for distributed applications | |
| CN104092652A (en) | Data processing system and method | |
| CN115150191B (en) | Cross-region cloud management platform information interaction method and related components |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230417 Address after: Room 501-502, 5/F, Sina Headquarters Scientific Research Building, Block N-1 and N-2, Zhongguancun Software Park, Dongbei Wangxi Road, Haidian District, Beijing, 100193 Patentee after: Sina Technology (China) Co.,Ltd. Address before: 100080, International Building, No. 58 West Fourth Ring Road, Haidian District, Beijing, 20 floor Patentee before: Sina.com Technology (China) Co.,Ltd. |