CN104410640B - A kind of authority control method and system of the acquisition of information under distributed cooperation environment - Google Patents
A kind of authority control method and system of the acquisition of information under distributed cooperation environment Download PDFInfo
- Publication number
- CN104410640B CN104410640B CN201410722053.4A CN201410722053A CN104410640B CN 104410640 B CN104410640 B CN 104410640B CN 201410722053 A CN201410722053 A CN 201410722053A CN 104410640 B CN104410640 B CN 104410640B
- Authority
- CN
- China
- Prior art keywords
- user
- signal
- equipment
- permission
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000001914 filtration Methods 0.000 claims abstract description 19
- 230000008859 change Effects 0.000 claims description 35
- 230000008569 process Effects 0.000 description 20
- 238000010586 diagram Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 238000004321 preservation Methods 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 230000007812 deficiency Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002195 synergetic effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
Abstract
The authority control method and system of the present invention relates to a kind of under distributed cooperation environment acquisition of information.Method includes the registration request of administrative center's receiving device, user, signal, and setting ID number, login password and permission simultaneously return to ID number and login password;Administrative center receives and the log-on message of verifying equipment and/or signal, and variable attribute information is changed after verifying and returns to authority information;Administrative center receives user login information, judges that the user logins successfully if user right is greater than or equal to equipment permission, changes user's variable attribute description information and returns to user right information, otherwise judge the login failed for user, returns to insufficient permission;Administrative center sets filtering rule according to equipment and the permission size of signal, and signal list can be checked by returning to the user in the user place equipment logged in that succeeded according to filtering rule.The present invention can effectively solve in control room information interconnection and intercommunication bring in the application of distributed multi-service multi-person synergy system and safely and controllably challenge.
Description
Technical field
The present invention relates to distributed systems, more particularly, to a kind of power of acquisition of information under distributed cooperation environment
Limit control method and system.
Background technique
With the development of network technology and the promotion of speed, the synergistic application under distributed environment is widely used based on network
Technology for information acquisition, can transmit and obtain whenever and wherever possible text, multimedia and various forms of computer output signals
(commonly referred to herein as information), and can easily interconnect in the plurality of devices of multi-person synergy, it is total by information
Realization is enjoyed and interacts mostly manually to cooperate with.
Control room is a typical multiple-person cooperative work environment, mainly includes the high-resolution for information centralized displaying
Splicing wall display system (VW:Video Wall), various signal sources and various signal access devices.Control room generally has more
A operation system is run simultaneously, and multiple business departments use simultaneously, is also needed temporarily to access oracle sometimes or will be believed
Breath shares to outside, is such as shown to the signal of mobile device (plate, mobile phone) and spells on wall, or will spell the specified signal on wall
It is shown to aobvious with participant in the interactive digital whiteboard screen (IDB:Interactive Digital Board) of meeting room
Show in terminal.These demands are often flexible and changeable, and control room only carries out priority assignation and limit to user in the prior art
System, from information security and it is controllable from the perspective of, traditional control room security strategy is difficult to meet this interim changeable information
Interconnect demand, generally requires to do many setting and configuration in advance, time-consuming and laborious.
Summary of the invention
The present invention in order to overcome at least one of the drawbacks of the prior art described above (deficiency), provides a kind of ensure and connects various
Enter flexibly to carry out the controllable information under distributed cooperation environment that ensures information safety while interconnecting of signal in equipment
The authority control method of acquisition.
The present invention also provides guarantees while interconnecting that a kind of guarantee flexibly carries out signal on various access devices
The controllable authority control system of acquisition of information under distributed cooperation environment of information security.
In order to solve the above technical problems, technical scheme is as follows:
A kind of authority control method of the acquisition of information under distributed cooperation environment, comprising:
The registration request of administrative center's receiving device, user or signal, setting ID number, login password and permission simultaneously return
ID number and login password;
Administrative center receives and the log-on message of verifying equipment and/or signal, and the equipment and/or letter are changed after being verified
Number variable attribute information and return to authority information;
Administrative center receives the log-on message that user is issued using the equipment logined successfully, if user right is greater than or waits
Then judge that the user logs in success in equipment permission, change the variable attribute description information of user and return to user right information,
Otherwise judge the login failed for user, return to insufficient permission information;
Administrative center sets filtering rule according to equipment and the permission size of signal, according to filtering rule to successfully stepping on
All signal lists that the user can check are returned in the equipment used by a user of record.
Method of the invention uses permission centralized distribution and control, and administrative center is to equipment, the user for issuing registration request
Globally unique ID number and login password are distributed with signal, and the permission of equipment, user and signal can be separately provided, and by ID
Number the corresponding equipment of registration request or user or signal, only registered equipment, signal and user are returned to login password
It can show and use in control room, improve the safety of control room information exchange;Secondly, in distributed collaboration process
In, equipment and user log in and require to verify, and judge automatically equipment according to authority information and whether user has permission and step on
Record and judge automatically whether user and equipment have the permission for obtaining signal, this mode passes through the power to equipment, user and signal
Limit is come to equipment, the realization of the information exchange of user controllably, can effectively solve distributed multi-service multi-person synergy system in control room
Information interconnection and intercommunication bring is safely and controllably challenged in.
A kind of authority control system of the acquisition of information under distributed cooperation environment, including administrative center, in the management
The heart includes:
Registration request processing module, for the registration request of receiving device, user or signal, be arranged unique ID number,
Login password and Permission Levels simultaneously return to ID number and login password;
Equipment and signal login module, for receiving and verifying the log-on message of equipment and/or signal, after being verified more
Change the variable attribute information of the equipment and/or signal and returns to authority information;
User log-in block, the log-on message issued for receiving user using the equipment logined successfully, if user weighs
Limit is greater than or equal to equipment permission and then judges that the user logins successfully, and changes the variable attribute description information of user and returns to user
Otherwise authority information judges the login failed for user, return to insufficient permission information;
Signal list obtains module, for setting filtering rule according to the permission size of equipment and signal, is advised according to filtering
All signal lists that the user can check then are returned in the equipment used by a user for the login that succeeded.
System of the invention uses permission centralized distribution and control, and the registration request processing module of administrative center infuses sending
Equipment, user and the signal of volume request distribute globally unique ID number and login password, and equipment, Yong Huhe can be separately provided
The permission of signal, and ID number and login password are returned into the corresponding equipment of registration request or user or signal, only registered
Equipment, signal and user can show and use in control room, improve the safety of control room information exchange;Secondly,
During distributed collaboration, equipment login module and user log-in block are in equipment and process of user login to log-on message
It is verified, and equipment is judged automatically according to authority information and whether user has permission login and obtain mould using signal list
Block judges automatically user and whether equipment has a permission for obtaining signal, this system by the permission to equipment, user and signal come
Equipment, the information exchange of user are realized controllably, distributed multi-service multi-person synergy system application in control room can be effectively solved
Middle information interconnection and intercommunication bring is safely and controllably challenged.
Detailed description of the invention
Fig. 1 is a kind of stream of the authority control method specific embodiment of the acquisition of information under distributed cooperation environment of the present invention
Cheng Tu.
Fig. 2 is the processing stream registered in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention
Cheng Tu.
Control when Fig. 3 is a kind of authority control method concrete application of acquisition of information under distributed cooperation environment of the present invention
Room architecture diagram processed.
Fig. 4 is signal login authentication in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention
Flow chart.
Fig. 5 is that equipment and user step in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention
Record verifying flow chart.
Fig. 6 is that signal list obtains in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention
Flow chart.
Fig. 7 is signal permission change in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention
Flow chart.
Fig. 8 is equipment permission change in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention
Flow chart.
Fig. 9 is user right change in a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention
Flow chart.
Figure 10 is a kind of architecture diagram of the authority control system of the acquisition of information under distributed cooperation environment of the present invention.
Specific embodiment
The attached figures are only used for illustrative purposes and cannot be understood as limitating the patent;
In order to better illustrate this embodiment, the certain components of attached drawing have omission, zoom in or out, and do not represent actual product
Size;
To those skilled in the art, it is to be understood that certain known features and its explanation, which may be omitted, in attached drawing
's.
In the description of the present invention, it is to be understood that, term " first ", " second " are used for description purposes only, and cannot
It is interpreted as indication or suggestion relative importance or implies the quantity of indicated technical characteristic." first " that limits as a result, "
One or more of the features can be expressed or be implicitly included to two " feature.In the description of the present invention, unless otherwise saying
Bright, the meaning of " plurality " is two or more.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation " " connects
Connect " it shall be understood in a broad sense, for example, it may be being fixedly connected, it may be a detachable connection, or be integrally connected;It can be machine
Tool connection, is also possible to be electrically connected;It can be directly connected, be also possible to be indirectly connected with by intermediary, it may be said that two
Connection inside element.For the ordinary skill in the art, above-mentioned term can be understood in the present invention with concrete condition
Concrete meaning.
The following further describes the technical solution of the present invention with reference to the accompanying drawings and examples.
Embodiment 1
As shown in Figure 1, specifically real for a kind of authority control method of the acquisition of information under distributed cooperation environment of the present invention
Apply the flow chart of example.Referring to Fig. 1, a kind of permission control new method of acquisition of information under distributed cooperation environment of the present invention has
Include the following steps:
S101. the registration request of administrative center's receiving device, user or signal, setting ID number, login password and permission
And return to ID number and login password;
S102. administrative center receives and verifies the log-on message of equipment and/or signal, and the equipment is changed after being verified
And/or signal variable attribute information and return to authority information;
S103. administrative center receives the log-on message that user is issued using the equipment logined successfully, if user right is big
Then judge that the user logins successfully in or equal to equipment permission, change the variable attribute description information of user and returns to user right
Otherwise information judges the login failed for user, return to insufficient permission information;
S104. administrative center sets filtering rule according to equipment and the permission size of signal, according to filtering rule to
All signal lists that the user can check are returned in the equipment used by a user that success logs in.
Based on above scheme, the administrative center of this specific embodiment receives the registration from equipment, user or signal and asks
It asks, according to the ID number of registration request generating device, user or signal, login password and permission, and to equipment, user or signal
ID number and login password are returned to, so as to subsequent login use;In login process, administrative center receives and verifying equipment, letter
Number and user log-on message and determine whether to log in conjunction with permission and the equipment that whether allows signal to use in user
Upper display can prevent from illegally registering equipment, user or signal entering in system in the process using registration process,
And judge whether user allow to be shown to equipment using equipment and signal using the permission of equipment, user and signal
And user so that in the distributed multi-service multi-person synergy system of control room information the control for interconnecting to obtain safety,
The controllability for guaranteeing information exchange is controlled by Trinitarian permission, can effectively solve the more people of distributed multi-service in control room
Information interconnection and intercommunication bring is safely and controllably challenged in cooperative system application.
In the specific implementation process, as shown in Fig. 2, in step S101 using administrative center to equipment, signal and user into
Row registration management, equipment, signal and user send a request for registration to administrative center, and administrative center receives registration request and generates and sets
The relevant information of standby, user and signal, by the local data base of information preservation to administrative center if succeeding in registration, and to
Equipment, user or signal return to ID number and login password, if registration failure, administrative center can be accused by returning to miscue
Know equipment, user or signal login failure.In a particular application, equipment, signal and user require managing in control room
Center is registered, and equipment, signal and user correspond to globally unique ID number and login password after registration, and administrative center is also
Individually setting signal permission, equipment permission and user right, only registered equipment, signal and user side can control
Room shows and uses.As shown in figure 3, for the system architecture under the distributed cooperation environment of control room in concrete application of the invention
Figure, equipment, which can be, spells wall display system, IDB display system, PC machine, mobile terminal etc., when concrete application inside administrative center
Registration information is managed by local data base.
As shown in Figures 4 and 5, it carries out equipment in step s 102 and/or signal login authentication, equipment and/or signal is opening
The ID number and login password returned when passing through registration after dynamic automatically logs into administrative center, and administrative center is according to ID number and logs in close
Code login is verified, after being verified, administrative center the variable attribute information of equipment and/or signal is modified and to
Equipment, signal return to corresponding authority information.Equipment and signal acquisition authority information can be saved in local.Wherein, it can be changed and belong to
Property information include but is not limited to status information and IP address, status information includes the states such as online and not online.
As shown in figure 5, user needs be successfully logged onto management during the user login validation of step S103
It is logged in the equipment at center, the log-on message of user is issued by the equipment, such as ID number and login password, administrative center is connect
The equipment permission that user right and user use is judged after receiving log-on message, if user right is greater than or equal to
Equipment permission then judges that the equipment can be used in the user, while administrative center updates the variable attribute description information of user, such as
The IP address that user logs in, and user right information is returned, otherwise user right then judges that the user cannot less than equipment permission
Using the equipment, login failure prompts insufficient permission.
As shown in fig. 6, step S104 is verified to acquisition signal in the specific implementation process.User logins successfully
Afterwards, the signal list that the equipment permission build user that administrative center uses according to user can currently check is root when specifically generating
It is carried out according to preset filtering rule.Filtering rule can be, but not limited to:
If signal permission is higher than equipment permission, user cannot check the signal on the login device, if signal permission
Equal to or less than equipment permission, then user can check the signal in equipment.
Administrative center returns to all signal lists that this user can check according to filtering rule, and user can according to signal list
To select arbitrary signal and directly initiate request of data to signal.
Signal in user selection signal list is directly initiated the connection to signal, request data;After successful connection, signal hair
Equipment used by a user is transmitted data to be shown, equipment used by a user receive the data that signal is sent and local into
Row display.Administrative center is needed not move through in the process, guarantees to can be realized information exchange in the case where information interaction security
Simplify, high-speeding.
In the specific implementation process, administrative center can change the permission of equipment, user and signal, when administrative center changes
After equipment permission, user right or signal permission, sending permission update notification is understood by administrative center, at this time equipment, user and signal
It can be presence and be also possible to not presence.Under presence, i.e., under logging state, administrative center's change is in login
The equipment of state, user perhaps signal permission and to corresponding equipment, user or signal sending permission update notification, specifically
It is as Figure 7-9:
Administrator changes signal permission in administrative center, and signal can receive permission notice of change, the letter that will locally save
Number authority credentials is revised as current value, while administrative center can send signal power to all users for checking the signal were originally had permission
Update notification is limited, if signal permission adjusted is greater than or equal to the equipment permission of active user, by signal from can check
It is deleted in signal list, if permission adjusted is less than the equipment permission of active user, signal, which is added to, can check letter
Number list.
Administrator changes equipment permission in administrative center, and equipment can receive permission notice of change, if setting after change
Standby permission improves, and is greater than active user's permission, then active user cannot reuse the equipment, and user is forced to nullify.If set
Standby permission improves, and still less than or equal to active user's permission, then the equipment, but the signal that can be checked can be used in active user
It can increase, administrative center will be improved due to equipment permission and the newly-increased signal checked is sent to equipment, and is updated and can be checked
Signal list.If the equipment permission after change reduces, the signal that can be checked can reduce, can be automatically deleted in signal list and weigh
Limit for height is in the signal of equipment permission.
Administrator changes user right in administrative center, and user can receive permission notice of change, if the use after change
Family permission improves, then user can continue to use the equipment, if the user right after change drops below current device power
Limit, then user cannot be used continuously the equipment, and user is forced to nullify.
In the specific implementation process, when signal, equipment and user are no longer allowed in control room in use, administrative center can
To nullify signal, equipment and user.
In the method for the invention, the control of signal, equipment and the permission of user can effectively be solved to control using administrative center
Information interconnection and intercommunication bring is safely and controllably challenged in the application of distributed multi-service multi-person synergy system in room processed.And it utilizes
Management to Permission Levels, the present invention can carry out flexible deployment to indoor equipment, user and signal is controlled, support any more
Display equipment, signal and user used in control room, system, which can according to need, to be expanded.In addition, side of the invention
Method can be with flexible configuration, and administrative center can need to change any permission at any time according to application, equipment when permission is changed, signal and
User does not need to log in again, and the update of permission can be carried out with direct-on-line, is easy to use, and can be according to the change of permission
Signal list that real-time update user can check ensures that specified permission user can only see it and be authorized at any time and sees
Information.
Embodiment 2
On the basis of embodiment 1, the permission control of the present invention also provides a kind of under distributed cooperation environment acquisition of information
System processed.Referring to Figure 10, a kind of authority control system of the acquisition of information under distributed cooperation environment of the present invention specifically includes pipe
Equipment, signal and user in reason center 201, administrative center and control room can establish connection and carry out information exchange;Institute
Stating administrative center 201 includes:
Registration request processing module 2011 is arranged ID number, steps on for the registration request of receiving device, user or signal
Record password and permission simultaneously return to ID number and login password;
Equipment and signal login module 2012 are verified for receiving the log-on message with checking signal and/or equipment
The variable attribute information of the equipment and/or signal and the authority information of returning equipment are changed afterwards;
User log-in block 2013, the log-on message issued for receiving user using the equipment logined successfully, if with
Family permission is greater than or equal to equipment permission and then judges that the user logins successfully, and changes the variable attribute description information of user and returns
Otherwise user right information judges the login failed for user, return to insufficient permission information;
Signal list obtains module 2014, for setting filtering rule according to the permission size of equipment and signal, according to mistake
Filter rule returns to all signal lists that the user can check in the equipment used by a user for the login that succeeded.
Based on above scheme, the registration request processing module 2011 of this specific embodiment receive from equipment, user or
The registration request of signal, according to the ID number of registration request generating device, user or signal, login password and permission, and to setting
Standby, user or signal return to ID number and login password, so as to subsequent login use;In login process, registration request processing
Module 2011 receives and verifying equipment, the log-on message of signal and user and determine whether to log in conjunction with permission and whether
Allow signal to show in the equipment that user uses, in the process, can prevent from illegally registering equipment using registration process, use
Family or signal enter in system, and judged using the permission of equipment, user and signal user whether use equipment with
And whether signal allows to be shown to equipment and user so that in the distributed multi-service multi-person synergy system of control room information it is mutual
Connection intercommunication obtains the control of safety, and the controllability for guaranteeing information exchange is controlled by Trinitarian permission, can effectively be solved
Information interconnection and intercommunication bring is safely and controllably challenged in the application of distributed multi-service multi-person synergy system in control room.
In the specific implementation process, registration pipe is carried out to equipment, signal and user using registration request processing module 2011
Reason, equipment, signal and user send a request for registration to the registration request processing module 2011 of administrative center, and registration request handles mould
Block 2011 receives registration request and generating device, the relevant information of user and signal, arrives information preservation if succeeding in registration
In local data base, and ID number and login password are returned to equipment, user or signal, if registration failure, registration request processing
Module 2011 can be by returning to miscue annunciator, user or signal login failure.In a particular application, control room
Middle equipment, signal and user require to register in the registration request processing module 2011 of administrative center, equipment, letter after registration
Number and user all correspond to globally unique ID number and login password, administrative center also individually setting signal permission, equipment
Permission and user right, only registered equipment, signal and user side can show and use in control room.
In the specific implementation process, equipment and signal login module 2012 carry out equipment and/or signal login authentication, equipment
And/or signal passes through the ID number returned when registration after actuation and login password automatically logs into the equipment and signal of administrative center
Login module 2012, equipment and signal login module 2012 verify login according to ID number and login password, are verified
Afterwards, equipment and signal login module 2012 are modified the variable attribute information of equipment and/or signal and return to equipment, signal
Return corresponding authority information.Equipment and signal acquisition authority information can be saved in local.Wherein, variable attribute information include but
It is not limited to status information and IP address, status information includes the states such as online and not online.
In the specific implementation process, during user log-in block 2013 is to user login validation, user needs
It is successfully logged onto the equipment of administrative center and is logged in, the log-on message of user is issued by the equipment, such as ID number and login
Password, the user log-in block 2013 of administrative center weigh the equipment that user right and user use after receiving log-on message
Limit is judged, judges that the equipment, while user can be used in the user if user right is greater than or equal to equipment permission
Login module 2013 updates the variable attribute description information of user, such as the IP address that user logs in, and returns to user right information,
Otherwise user right then judges that the user cannot use the equipment less than equipment permission, and login failure prompts insufficient permission.
It states in scheme in realization, user log-in block 2013 and equipment and signal login module 2012 can close two and be
One, function is integrated into the same module and is handled.
Signal list, which obtains module 2014, in the specific implementation process is verified to acquisition signal.User logins successfully
Afterwards, the letter that the equipment permission build user that the signal list of administrative center obtains that module 2014 is used according to user can currently check
Number list, specific when generating is carried out according to preset filtering rule.Filtering rule can be, but not limited to:
If signal permission is higher than equipment permission, user cannot check the signal on the login device, if signal permission
Equal to or less than equipment permission, then user can check the signal in equipment.
Signal list obtains module 2014 and returns to all signal lists that this user can check, Yong Hugen according to filtering rule
It is believed that a number list can choose arbitrary signal and directly initiate request of data to signal.
Signal in user selection signal list is directly initiated the connection to signal, request data;After successful connection, signal hair
Equipment used by a user is transmitted data to be shown, equipment used by a user receive the data that signal is sent and local into
Row display.Administrative center is needed not move through in the process, guarantees to can be realized information exchange in the case where information interaction security
Simplify, high-speeding.
In the specific implementation process, administrative center can change the permission of equipment, user and signal, when administrative center changes
After equipment permission, user right or signal permission, sending permission update notification is understood by administrative center, at this time equipment, user and signal
It can be presence and be also possible to not presence.Under presence, i.e., under logging state, administrative center's change is in login
The equipment of state, user perhaps signal permission and to corresponding equipment, user or signal sending permission update notification, specifically
Registration request processing mould 2011 be can use to complete.For being in the object of logging state, registration request handles mould 2011 more
Change and perhaps signal permission and is updated to corresponding equipment, user or signal sending permission logical in the equipment of logging state, user
Know, specifically:
Registration request handles mould 2011 and changes signal permission, and signal can receive permission notice of change, by what is locally saved
Signal authority credentials is revised as current value, while the registration request processing mould 2011 of administrative center can check the letter to originally having permission
Number all users send signal permission update notification, at this time the signal list update module of administrative center registration request processing
Mould 2011 judges whether the permission of the signal is less than or equal to the permission of equipment after changing signal permission, if then the signal increases
It is added in the signal list that user can check, otherwise deletes the signal from the signal list that user can check.
Administrator changes equipment permission in the registration request processing mould 2011 of administrative center, and equipment can receive permission change
Notice is greater than active user's permission if the equipment permission after change improves, then active user cannot reuse the equipment, this
When administrative center cancellation module can registration request processing module change equipment permission after judge whether the permission of equipment is greater than
Using the permission of the user of the equipment, if the then login of the kick out user.If equipment permission improve, still less than or
Equal to active user's permission, then the equipment can be used in active user, but the signal that can be checked can increase, at this time administrative center
Signal list update module judges whether the permission of the equipment is higher than after the permission that registration request processing mould 2011 changes equipment
Otherwise the permission of signal can check the signal from user if then the signal increases in the signal list that user can check
Signal list in delete.
Administrator changes user right in the registration request processing mould 2011 of administrative center, and user can receive permission change
Notice;The cancellation module of administrative center can judge the power of equipment after registration request processing module 2011 changes user right at this time
Whether limit is greater than the permission of the user using the equipment, if the then login of the kick out user.If the user after change
Permission improves, then user can continue to use the equipment, if the user right after change drops below current device permission,
Then user cannot be used continuously the equipment, and user is forced to nullify.
In the specific implementation process, when signal, equipment and user are no longer allowed in control room in use, administrative center
Registration request processing mould 2011 can nullify signal, equipment and user.
It in the system of the present invention, can to the control of signal, equipment and the permission of user using the modules of administrative center
Effectively information interconnection and intercommunication bring is safely and controllably chosen in the application of distributed multi-service multi-person synergy system in solution control room
War.And using the management to Permission Levels, the present invention can carry out flexible portion to indoor equipment, user and signal is controlled
Administration supports any more display equipment, signal and user to use in control room, and system, which can according to need, to be expanded.This
Outside, method of the invention can need to change any permission, permission change at any time with flexible configuration, administrative center according to application
When equipment, signal and user do not need to log in again, the update of permission can be carried out with direct-on-line, is easy to use, and can
According to the signal list that the change real-time update user of permission can check, ensure that specified permission user can only see at any time
It is authorized to the information seen.
The same or similar label correspond to the same or similar components;
Described in attached drawing positional relationship for only for illustration, should not be understood as the limitation to this patent;
Obviously, the above embodiment of the present invention be only to clearly illustrate example of the present invention, and not be pair
The restriction of embodiments of the present invention.For those of ordinary skill in the art, may be used also on the basis of the above description
To make other variations or changes in different ways.There is no necessity and possibility to exhaust all the enbodiments.It is all this
Made any modifications, equivalent replacements, and improvements etc., should be included in the claims in the present invention within the spirit and principle of invention
Protection scope within.
Claims (9)
1. a kind of authority control method of the acquisition of information under distributed cooperation environment characterized by comprising
The registration request of administrative center's receiving device, user or signal, setting ID number, login password and permission simultaneously return to ID number
And login password;
Administrative center receives and the log-on message of verifying equipment and signal, and the variable category of the equipment and signal is changed after being verified
Property information simultaneously returns to authority information;
Administrative center receives the log-on message that user is issued using the equipment logined successfully, sets if user right is greater than or equal to
Standby permission then judges that the user logins successfully, and changes the variable attribute description information of user and returns to user right information, otherwise
Judge that the user fails, returns to insufficient permission information;
Administrative center sets filtering rule according to equipment and the permission size of signal, according to filtering rule to the login that succeeded
All signal lists that the user can check are returned in equipment used by a user.
2. the authority control method of the acquisition of information according to claim 1 under distributed cooperation environment, which is characterized in that
The method also includes:
Administrative center's change is in the equipment of logging state, user perhaps signal permission and to corresponding equipment, user or signal
Sending permission update notification.
3. the authority control method of the acquisition of information according to claim 2 under distributed cooperation environment, which is characterized in that
The method also includes:
Also judge whether the permission of equipment is greater than the user using the equipment after administrative center change user or equipment permission
Permission, if the then login of the kick out user.
4. the authority control method of the acquisition of information according to claim 2 under distributed cooperation environment, which is characterized in that
The method also includes:
Also judge whether the permission of the equipment is higher than the permission of signal after the permission of administrative center's change signal or equipment, if
Then the signal increases in the signal list that user can check, otherwise deletes the signal from the signal list that user can check
It removes.
5. the authority control method of the acquisition of information according to claim 1-4 under distributed cooperation environment,
It is characterized in that,
The signal in user selection signal list after logining successfully simultaneously directly is initiated the connection to signal;
Equipment used by a user receives the data that signal is sent and is shown locally.
6. a kind of authority control system of the acquisition of information under distributed cooperation environment, which is characterized in that including administrative center, institute
Stating administrative center includes:
Registration request processing module, for the registration request of receiving device, user or signal, be arranged ID number, login password and
Permission simultaneously returns to ID number and login password;
Equipment and signal login module are changed this after being verified and are set for receiving and verifying the log-on message of equipment and signal
Standby and signal variable attribute information simultaneously returns to authority information;
User log-in block, the log-on message issued for receiving user using the equipment logined successfully, if user right is big
Then judge that the user logins successfully in or equal to equipment permission, change the variable attribute description information of user and returns to user right
Otherwise information judges that the user fails, returns to insufficient permission information;
Signal list obtain module, for according to the permission size of equipment and signal set filtering rule, according to filtering rule to
Succeeded login equipment used by a user on return to all signal lists that the user can check.
7. the authority control system of the acquisition of information according to claim 6 under distributed cooperation environment, which is characterized in that
Registration request processing module is also used to change equipment, user or the signal permission for being in logging state, and to corresponding equipment, use
Family or signal sending permission update notification.
8. the authority control system of the acquisition of information according to claim 7 under distributed cooperation environment, which is characterized in that
Administrative center further include:
Cancellation module judges whether the permission of equipment is greater than after changing user or equipment permission for registration request processing module
Using the permission of the user of the equipment, if the then login of the kick out user.
9. the authority control system of the acquisition of information according to claim 7 under distributed cooperation environment, which is characterized in that
Administrative center further include:
Signal list update module judges the equipment after changing the permission of signal or equipment for registration request processing module
Whether permission is higher than the permission of signal, if then the signal increases in the signal list that user can check, otherwise by the signal
It is deleted from the signal list that user can check.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410722053.4A CN104410640B (en) | 2014-12-03 | 2014-12-03 | A kind of authority control method and system of the acquisition of information under distributed cooperation environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410722053.4A CN104410640B (en) | 2014-12-03 | 2014-12-03 | A kind of authority control method and system of the acquisition of information under distributed cooperation environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104410640A CN104410640A (en) | 2015-03-11 |
| CN104410640B true CN104410640B (en) | 2019-04-16 |
Family
ID=52648238
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410722053.4A Expired - Fee Related CN104410640B (en) | 2014-12-03 | 2014-12-03 | A kind of authority control method and system of the acquisition of information under distributed cooperation environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104410640B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108156111B (en) * | 2016-12-02 | 2021-12-03 | 北大方正集团有限公司 | Method and device for processing network service authority |
| CN111125684B (en) * | 2019-12-16 | 2024-01-30 | 南京国电南自轨道交通工程有限公司 | Multi-control-room authority handing-over method for SCADA (supervisory control and data acquisition) system control center |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1481112A (en) * | 2002-09-12 | 2004-03-10 | 联想(北京)有限公司 | Service renting and authorizing method for realizing resource sharing in household network |
| CN101056343A (en) * | 2007-06-19 | 2007-10-17 | 华为技术有限公司 | Method and call terminal for multiple users to use the same call terminal |
| CN101110702A (en) * | 2007-08-14 | 2008-01-23 | 中兴通讯股份有限公司 | Method for command line interface authority classification and system thereof |
| CN102148867A (en) * | 2011-02-09 | 2011-08-10 | 杭州华三通信技术有限公司 | Method and device for accessing page based on user permission |
| CN103986734A (en) * | 2014-06-05 | 2014-08-13 | 东信和平科技股份有限公司 | Authentication management method and authentication management system applicable to high-security service system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7031962B2 (en) * | 2001-03-27 | 2006-04-18 | Bea Systems, Inc. | System and method for managing objects and resources with access rights embedded in nodes within a hierarchical tree structure |
| CN101146243A (en) * | 2006-09-15 | 2008-03-19 | 华为技术有限公司 | A service subscription method, system and corresponding device |
| JP5814639B2 (en) * | 2011-06-09 | 2015-11-17 | キヤノン株式会社 | Cloud system, cloud service license management method, and program |
-
2014
- 2014-12-03 CN CN201410722053.4A patent/CN104410640B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1481112A (en) * | 2002-09-12 | 2004-03-10 | 联想(北京)有限公司 | Service renting and authorizing method for realizing resource sharing in household network |
| CN101056343A (en) * | 2007-06-19 | 2007-10-17 | 华为技术有限公司 | Method and call terminal for multiple users to use the same call terminal |
| CN101110702A (en) * | 2007-08-14 | 2008-01-23 | 中兴通讯股份有限公司 | Method for command line interface authority classification and system thereof |
| CN102148867A (en) * | 2011-02-09 | 2011-08-10 | 杭州华三通信技术有限公司 | Method and device for accessing page based on user permission |
| CN103986734A (en) * | 2014-06-05 | 2014-08-13 | 东信和平科技股份有限公司 | Authentication management method and authentication management system applicable to high-security service system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104410640A (en) | 2015-03-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101834878B (en) | Multiuser system privilege management method and instant messaging system applying same | |
| CN1988489B (en) | Intelligent system and method for monitoring house | |
| EP2658207B1 (en) | Authorization method and terminal device | |
| CN100492991C (en) | Method, system and network element for network element management | |
| CN106993151A (en) | A kind of Videoconference Management System and method | |
| CN105227344A (en) | Based on software defined network analogue system and the method for OpenStack | |
| CN101217368A (en) | A network logging on system and the corresponding configuration method and methods for logging on the application system | |
| CN101453357B (en) | A network management control method and network management control system | |
| CN109817347A (en) | Inline diagnosis platform, its right management method and Rights Management System | |
| CN103516674B (en) | Quickly and the method for network device online and control device | |
| CN109413080B (en) | Cross-domain dynamic authority control method and system | |
| CN103188332B (en) | A kind of remote desktop access control management method, equipment and system | |
| CN105827598A (en) | Method and system for strengthening WiFi security of access router | |
| WO2014114065A1 (en) | License management authentication method and system for passive optical network device | |
| CN109063576A (en) | Management method and device for flight movement node | |
| CN102571380A (en) | Multi-instance GIS platform unified user management method and system | |
| CN104410640B (en) | A kind of authority control method and system of the acquisition of information under distributed cooperation environment | |
| CN104038501A (en) | Cluster management system and cluster management method for display terminal | |
| CN101945086A (en) | Security system access business platform for video type security gateway and information transmission method | |
| CN101090336A (en) | Command line interface authority hierarchical method for network equipment | |
| CN105704154B (en) | A kind of service processing method based on RESTful, apparatus and system | |
| CN104349137B (en) | A kind of centralized control method and its centralized control system based on more set safeguard management platforms | |
| CN107835161B (en) | Method, system and the computer storage medium of inside and outside user's unified management | |
| CN101193129A (en) | Generation method and device for authentication user name | |
| CN104050535B (en) | The distribution method and system of service authority |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190416 Termination date: 20211203 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |