[go: up one dir, main page]

CN120301719A - A method and device for controlling communication rights in a conference - Google Patents

A method and device for controlling communication rights in a conference Download PDF

Info

Publication number
CN120301719A
CN120301719A CN202410178057.4A CN202410178057A CN120301719A CN 120301719 A CN120301719 A CN 120301719A CN 202410178057 A CN202410178057 A CN 202410178057A CN 120301719 A CN120301719 A CN 120301719A
Authority
CN
China
Prior art keywords
user
target
permission
authority
conference
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410178057.4A
Other languages
Chinese (zh)
Inventor
廖涛
祁国宁
范文涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Cloud Computing Technologies Co Ltd
Original Assignee
Huawei Cloud Computing Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Cloud Computing Technologies Co Ltd filed Critical Huawei Cloud Computing Technologies Co Ltd
Priority to PCT/CN2025/071720 priority Critical patent/WO2025149027A1/en
Publication of CN120301719A publication Critical patent/CN120301719A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • H04L12/1813Arrangements for providing special services to substations for broadcast or conference, e.g. multicast for computer conferences, e.g. chat rooms
    • H04L12/1818Conference organisation arrangements, e.g. handling schedules, setting up parameters needed by nodes to attend a conference, booking network resources, notifying involved parties
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • H04L12/1813Arrangements for providing special services to substations for broadcast or conference, e.g. multicast for computer conferences, e.g. chat rooms
    • H04L12/1822Conducting the conference, e.g. admission, detection, selection or grouping of participants, correlating users to one or more conference sessions, prioritising transmission
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

本申请提供了一种会议中通信权限控制方法,其特征在于,所述方法包括:获取管理人员配置的权限匹配规则,所述权限匹配规则包括多种权限类型之间的通信规则;响应于目标用户的获取请求,向所述目标用户发送所述目标用户对应的目标权限类型,所述目标用户所接入的会议中还包括至少一个与会用户;获取所述目标用户对应的目标终端发送的目标媒体数据,所述媒体数据携带有所述目标权限类型;根据所述目标权限类型、所述至少一个与会用户对应的权限类型以及所述权限匹配规则,确定是否向所述至少一个与会用户发送所述目标媒体数据,其中,每一与会用户对应一种权限类型。该方法利用权限匹配规则,有效地提升了会议中通信权限管理的便捷性和灵活性。

The present application provides a method for controlling communication rights in a conference, characterized in that the method includes: obtaining a permission matching rule configured by a management personnel, wherein the permission matching rule includes communication rules between multiple permission types; in response to an acquisition request of a target user, sending a target permission type corresponding to the target user to the target user, wherein the conference accessed by the target user also includes at least one participating user; obtaining target media data sent by a target terminal corresponding to the target user, wherein the media data carries the target permission type; and determining whether to send the target media data to the at least one participating user according to the target permission type, the permission type corresponding to the at least one participating user, and the permission matching rule, wherein each participating user corresponds to a permission type. The method utilizes permission matching rules to effectively improve the convenience and flexibility of communication rights management in a conference.

Description

Communication authority control method and device in conference
The present application claims priority from chinese patent application No. 202410044042.9 entitled "method and apparatus for controlling communication rights in conference", filed 1/11/2024, the entire contents of which are incorporated herein by reference.
Technical Field
The present application relates to the field of conferences, and in particular, to a method and apparatus for controlling communication rights in a conference.
Background
Because of information security, many enterprises are tightly regulated to share internal data. Meeting systems, one of the most commonly used systems for enterprises, naturally also need to adhere to the rules set by the enterprise. For example, an enterprise may require that content between different departments be not shareable, or that content between different regions be not shareable. In summary, each enterprise has its own unique appeal.
The current response to the above-mentioned requirements is mainly achieved by setting up network devices at the bottom of the conference system. The ports of the network devices responsible for the data exchange are typically set. For example, the audio is not allowed to be transmitted between the region a and the region B, and the port responsible for transmitting audio data in the network device is set to achieve the purpose.
But the communication authority control in the conference by the method of only relying on port setting can not meet the diversified demands of enterprises.
Disclosure of Invention
The application provides a method and a device for controlling communication authority in a conference.
The first aspect of the application provides a communication authority control method in a conference, which comprises the steps of obtaining an authority matching rule configured by a manager in a conference system, wherein the authority matching rule comprises a communication rule among a plurality of authority types, the conference system is used for holding a target conference, responding to an obtaining request of a target user, sending a target authority type corresponding to the target user, at least one conference user is further included in the conference accessed by the target user, obtaining target media data sent by a target terminal corresponding to the target user, the media data carries the target authority type, and determining whether to send the target media data to the at least one conference user according to the target authority type, the authority type corresponding to the at least one conference user and the authority matching rule, wherein each conference user corresponds to one authority type.
In addition, the method allows the manager to set the authority types of the conferees according to actual needs, does not limit the authority management units to the crowd corresponding to the network equipment ports, and effectively improves the flexibility of communication authority management in the conference.
In one possible implementation manner, one or more of the authority type configured by the manager and the authority parameters including a job number, a region, a department, an IP address, an access network type and a terminal equipment type are obtained, and the corresponding relation between the authority type configured by the manager and the authority parameters is recorded.
In a possible implementation manner, the acquisition request of the target user carries the authority parameters of the target user, determines the target authority type corresponding to the target user according to the authority type configured by the manager and the corresponding relation of the authority parameters based on the authority parameters of the target user, and sends the target authority type corresponding to the target user.
In one possible implementation, the media data comprises one or more of audio data, video data, shared data and message data, wherein the video data indicates data collected by cameras of the conference terminals, and the shared data indicates data of shared desktops collected by the conference terminals.
In a possible implementation manner, the at least one participating user includes a first participating user, and when it is determined that the target media data is not transmitted to the first participating user, first permission-free indication information is transmitted to the first participating user, where the first permission-free indication information is used to indicate that the first participating user does not have permission to receive the target media data.
For the participating users without permission to acquire the target media data, the purpose that the data received by the participating users with different permission types in the same conference are different can be achieved by using the non-permission indication information.
In a possible implementation, the at least one participating user includes a second participating user, and when it is determined that a portion of the target media data is not to be transmitted to the second participating user, second non-permission indication information indicating that the second participating user does not receive permission of the portion of the target media data and another portion of the target media data are transmitted to the second participating user.
For the conference users without authority to acquire the complete target media data, the aim of carrying out fine management on the media data which can be received by the conference users according to the authority type in the same conference can be achieved by utilizing the non-authority indication information. That is to say,
In a possible implementation manner, the permission matching rule includes a plurality of communication rules, and according to the permission matching rule, the target permission type and the permission type corresponding to the at least one participating user, whether to send the target media data to the at least one participating user is determined according to the order of priority of the plurality of communication rules in the permission matching rule from high to low.
In one possible implementation, the permission type comprises one or more of a high-security user, a normal user and an external user, wherein the high-security user and the normal user belong to the same enterprise, and the external user does not belong to the enterprise.
In one possible implementation, before the obtaining the permission matching rule configured by the manager, the method further includes starting the target conference. In one possible implementation, before the obtaining the permission matching rule configured by the manager, the method further includes starting the target conference.
The setting operation of the permission matching rule can occur before the meeting starts or during the meeting. Since the configuration action is relatively simple, it allows the manager to flexibly perform configuration.
In a possible implementation manner, the method further comprises the step of obtaining adjustment of the right matching rule by the manager, and determining whether to send the target media data to the at least one participating user according to the adjusted right matching rule, the right type corresponding to the at least one participating user and the target right type.
In the conference process, a manager can dynamically adjust the authority types of the conferees or update the communication rules among a plurality of authority types according to the actual holding condition of the conference, thereby realizing the real-time adjustment and application of the authority matching rules.
In a possible implementation, the rights matching rule further includes a target issue in the meeting, and the target media data is media data associated with the target issue.
When configuring the authority matching rule, the identification of the issue is added, so that the specific issue is associated with the authority matching rule, and finally, the aim of controlling the conference authority by taking the issue as a unit is fulfilled. Based on the method, the communication authority control in the conference can be realized more accurately and pertinently.
The second aspect of the application provides a communication authority control device in a conference, which comprises a communication module, a processing module and a processing module, wherein the communication module is used for acquiring an authority matching rule configured by a manager in the conference system, the authority matching rule comprises a communication rule among a plurality of authority types, the conference system is used for holding a target conference, the target user is responded to an acquisition request of the target user and is provided with at least one conference user, the conference accessed by the target user further comprises a target terminal which is used for acquiring target media data which is sent by the target terminal and is carried with the target authority type, and the processing module is used for determining whether to send the target media data to the at least one conference user according to the target authority type, the authority type which is corresponding to the at least one conference user and the authority matching rule, wherein each conference user corresponds to one authority type.
In a possible implementation manner, the communication module is further used for acquiring one or more of a permission type configured by the manager and a permission parameter, wherein the permission type is configured by the manager, the permission parameter comprises a work number, a region, a department, an IP address, an access network type and a terminal equipment type, and the processing module is used for recording the corresponding relation between the permission type configured by the manager and the permission parameter.
In a possible implementation manner, the acquisition request of the target user carries the permission parameter of the target user, the processing module is further configured to determine, based on the permission parameter of the target user, a target permission type corresponding to the target user according to the permission type configured by the manager and a corresponding relationship of the permission parameter, and the communication module is further configured to send the target permission type corresponding to the target user.
In one possible implementation, the media data comprises one or more of audio data, video data, shared data and message data, wherein the video data indicates data collected by cameras of the conference terminals, and the shared data indicates data of shared desktops collected by the conference terminals.
In a possible implementation manner, the at least one participating user includes a first participating user, the processing module is further configured to determine not to send the target media data to the first participating user, and the communication module is further configured to send first no permission indication information to the first participating user, where the first no permission indication information is used to indicate that the first participating user does not receive permission of the target media data.
In a possible implementation, the at least one participating user comprises a second participating user, the processing module is further configured to determine that no portion of the target media data is to be sent to the second participating user, and the communication module is further configured to send second non-permission indication information to the second participating user, and another portion of the target media data, the second non-permission indication information being configured to indicate that the second participating user does not receive permission for the portion of the target media data.
In a possible implementation manner, the permission matching rule includes a plurality of communication rules, and the processing module is further configured to determine whether to send the target media data to the at least one participating user according to the permission matching rule, the target permission type, and the permission type corresponding to the at least one participating user in order of priority of the plurality of communication rules in the permission matching rule from high to low.
In one possible implementation, the permission type comprises one or more of a high-security user, a normal user and an external user, wherein the high-security user and the normal user belong to the same enterprise, and the external user does not belong to the enterprise.
In a possible implementation manner, the processing module is further configured to open the target meeting before the permission matching rule configured by the administrator is obtained.
In a possible implementation, the rights matching rule further includes a target issue in the meeting, and the target media data is media data associated with the target issue.
A third aspect of the application provides a cluster of computing devices comprising at least one computing device, each computing device comprising a processor and a memory, the processor of the at least one computing device being operable to execute instructions stored in the memory of the at least one computing device to cause the computing device to perform a method as provided by the first aspect or any possible design of the first aspect.
A fourth aspect of the application provides a computer program product comprising instructions which, when executed by a cluster of computer devices, cause the cluster of computer devices to perform the method as provided by the first aspect or any of the possible designs of the first aspect.
A fifth aspect of the application provides a computer readable storage medium comprising computer program instructions which, when executed by a cluster of computing devices, performs a method as provided by the first aspect or any of the possible designs of the first aspect.
Drawings
In order to more clearly illustrate the technical method of the embodiments of the present application, the drawings used in the embodiments will be briefly described below.
Fig. 1 is a schematic diagram of an enterprise internal conference system according to an embodiment of the present application;
fig. 2 is a schematic diagram of a conference system according to an embodiment of the present application;
Fig. 3 is a schematic flow chart of a communication authority control method according to an embodiment of the present application;
FIG. 4 is a configuration interface provided by an embodiment of the present application;
FIG. 5 is a schematic illustration of another configuration interface provided by an embodiment of the present application;
FIG. 6 is a further configuration interface provided by an embodiment of the present application;
fig. 7 is a schematic structural diagram of a communication authority control device according to an embodiment of the present application;
FIG. 8 is a schematic diagram of a computing device according to an embodiment of the present application;
FIG. 9 is a schematic diagram of a computing device cluster according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of another computing device cluster according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application more apparent, the embodiments of the present application will be described in detail below with reference to the accompanying drawings. The terminology used in the description of the embodiments of the application herein is for the purpose of describing particular embodiments of the application only and is not intended to be limiting of the application.
Instant messaging (INSTANT MESSAGING, IM) instant messaging is commonly found in real-time communication systems that allow two or more people to communicate text messages, files, voice and video using a network in real-time.
The media data refers to video data, shared data, audio data, message data and the like sent by the conference terminals in the conference process.
Video data refers to data collected by cameras of the conference terminals, such as images of conference terminal users, surrounding environments of conference sites and the like.
The shared data refers to data collected by a shared desktop sent by the conference terminal, and specifically, the shared data may be desktop data of all or part of an area of the conference terminal, or may be display content of a certain application running on the conference terminal.
Audio data refers to sound data transmitted from a participating terminal, such as sound made by the participating terminal user himself or sound of video played by the participating terminal user, etc.
Message data refers to text messages sent by the participating terminals, such as text exchange content in chat windows of participating terminal users.
Fig. 1 illustrates an enterprise internal conference system architecture. Fig. 1 shows by way of example two departments, the sales department and the financial department. In a conference, a plurality of employees of the sales department and a plurality of employees of the financial department are included at the same time. Each employee is connected to the selective connection unit (SELECTIVE FORWARDING UNIT, SFU) through a terminal (such as a personal computer (personal computer, PC)), and establishes a data communication link through the SFU corresponding to each of the two departments, thereby realizing the access of the conference. Specifically, different data communication links are also established between the two SFUs according to the data types, and two ends of each communication link are ports dedicated to transmitting the data types in the respective SFUs. For example, the communication link 1 dedicated for transmitting video data is at both ends of the port SFU-S-1 and the port SFU-F-1, respectively, and the communication link 2 dedicated for transmitting shared data is at both ends of the port SFU-S-2 and the port SFU-F-2, respectively.
Typically, the information processed on the employee's computer desktop in the financial department is mostly information that requires internal security, such as salary information, corporate funds usage, or accounting information. Thus, an enterprise may require that the desktop sharing data of a financial department not be shared to other departments (including sales departments). To achieve this, the SFU at the gate side of the accounting department may be set, i.e. the port SFU-F-2 is specified to receive shared data only but not to transmit shared data. In this way, during the conference, staff of the participating financial department can see when they share their desktops, and staff of the participating sales department can see when they share their desktops. It is noted that at this point, the staff of the other financial departments participating in the meeting can see the shared desktop, because the colleagues between the colleagues of the financial departments may use another port for data transmission.
It is to be understood that by setting the port of the SFU, not only unidirectional control of data transmission can be achieved, but also bidirectional control can be performed as required. That is, in the above example, the financial department also cannot view the shared desktop of the sales department. In other words, the communication link between the corresponding SFUs of the two departments for transmitting the shared data is disabled, but this does not affect the employees of the two departments to participate in the same meeting.
From the above examples, it can be seen that by setting the ports of the network devices (such as SFU), the simple information security requirement of the enterprise can be met to a certain extent. But this method cannot meet the complex and diverse information security needs. For example, if an enterprise specifies that common employees of the sales department cannot receive shared data of the financial department, but that higher-level employees of the sales department (e.g., the ministry, etc.) have authority to receive shared data of the financial department. It is possible that this can only be achieved by extending new ports for high-level employees and even new network devices. In this way, for enterprises, the transformation cost and the transformation difficulty of the network equipment are obviously increased. In addition, although the underlying hardware of the conference system, the network devices (such as SFUs) need to be modified or set up outside the conference system, which also brings more workload to the information technology IT staff of the enterprise. Finally, because the management system of the network device is usually independent of the conference system, when a new rule needs to be issued, IT staff needs to be informed first, and then the IT staff uses the network device management system to manage and set the network device, in other words, the method cannot flexibly and timely manage and set the network device, and naturally cannot flexibly meet the information security needs of enterprises.
In view of this, the present application proposes a method for controlling communication rights in a conference. Specifically, the conference system can receive the authority matching rule configured by the enterprise manager at any time, and in the process of the conference, the conference management server and the media server realize communication authority control among multiple users according to the authority matching rule. Wherein the rights matching rule includes communication rights between meeting roles. According to the method, the port of the network equipment is not required to be set or modified, the control of the communication authority can be finished by means of the conference system, and the efficiency and the flexibility of the control of the communication authority are greatly improved.
Fig. 2 shows a conference system architecture to which the present application relates. In general, the conference system 100 includes a conference management server 101, a media server 102, and a terminal device 104. In some possible cases, the conference system 100 also includes a message server 103.
The conference management server 101 is configured to receive the rights matching rule configured by the enterprise administrator, and is configured to issue part or all of the rights matching rule to the media server 102 and the message server 103, so that the media server 102 and the message server 105 forward the received media data based on the received rights matching rule. Conference management server 101 may be a separate physical server or a cluster of physical servers. Of course, the functions of the conference management server 101 may be implemented by one virtualized instance (such as a virtual machine or a container) by using a virtualization technology, or the functions may be implemented by one virtualized instance cluster. In some possible implementations, the conference management server 101 may also provide a configuration interface for receiving rights match rules configured by enterprise administrators. The configuration interface will be described in detail below.
The media server 102 is further configured to establish a media data channel between the terminal devices in addition to the rights matching rule for obtaining part or all of the rights matching rule, so as to implement forwarding of media data between the terminal devices. The forwarding operation is performed based on the authority matching rule. It should be noted that, the media server 102 may be an SFU or a multipoint control unit (Multi Control Unit, MCU). It should be understood that the application is not limited to the implementation of the media server 102. In response to the presence of the media server 102, the conference management server 101 provides a display window for presenting video data and/or shared data of the end user.
The message server 103 is further configured to establish a message data channel between the terminal devices in addition to the permission matching rule for obtaining part or all of the permission matching rule, so as to implement forwarding of message data between the terminal devices. The forwarding operation is performed based on the authority matching rule. The conference management server 101 provides a chat window for presenting the end user's message data corresponding to the presence of the message server 103.
It should be noted that in some possible scenarios, the media server 102 may be used to process various types of media data, and thus the message server 103 is optional. In some possible scenarios there is a message server 103 dedicated to processing message data, in which case the media server 102 is dedicated to processing media data other than message data, and the message server 103 is dedicated to processing message data. The application does not limit the names or the number of the servers for processing the media data, namely, the special servers can be adopted for data transmission aiming at the media data such as video data, shared data, audio data, message data and the like. Illustratively, the following takes the media server 102 for processing the first three types of data and the message server 103 for processing the message data as an example.
The terminal device 104 is a multimedia device for accessing a conference, such as a mobile phone, a computer, or a tablet computer. In some possible implementations, the terminal device 104 may also be a virtual terminal provided based on a cloud handset service or a cloud desktop service. The end user accesses the conference using the terminal device 104 and the login credentials, and performs functions such as watching, speaking, chatting, video, and sharing. Corresponding to the presence of the terminal device 104, the conference management server 101 provides a login interface for obtaining and verifying login credentials of the user.
The communication authority control method 200 provided by the present application is described below based on fig. 3:
s201, configuring authority matching rules in a configuration interface provided by the conference management server 101 by enterprise management personnel;
the rights match rule indicates a communication rule between different rights types, and the rights types are introduced first before the rights match rule is introduced.
From the view of the mapping relationship, each user corresponds to one authority type, and the correspondence relationship between the user and the authority type can be configured by enterprise management personnel.
From the category division, the rights category can be simply divided into advanced users and general users. Correspondingly, the rights match rule should include a communication rule between the high-level user rights and the low-level user rights. In one possible implementation, the rights types may be divided into high-security users, normal users, and external users. Correspondingly, the permission matching rule includes the communication rule among the high-security user, the common user and the external user. It should be understood that the present application does not limit the number of division levels and naming of rights types. In other words, the enterprise manager may set the authority types with more hierarchical layers as required, and it should be understood that no matter how many authority types are, emphasis is placed on different settings in the communication rules between authority types of different hierarchies.
From the parameter configuration, the permission type can be configured according to the needs of enterprises. For example, it may be configured in units of one or more of a user, a department, a territory, an access network type, an internet protocol address (Internet Protocol Address, IP ADDRESS), a terminal device type, etc.
By way of example, FIG. 4 provides a schematic illustration of a configuration interface 300, with parameter selection control 301 and rights type selection control 302 included in configuration interface 300.
An enterprise administrator may select one or more parameters for setting as desired using parameter selection control 301. A drop-down menu is provided in the selection box for each parameter for selection by the enterprise manager. Alternatively, the enterprise manager may also directly enter in a text box to achieve the purpose of searching or direct entry. Specifically, the job number is used for identifying the identity of staff, generally speaking, the job number of each staff is unique, an enterprise manager can configure authority types for specific staff by setting the parameter, the region can comprise various countries, cities, regions or administrative regions where enterprise operation places are located, the enterprise manager can configure authority types for meeting participants in specific areas by setting the parameter, the IP address can comprise a plurality of IP addresses and a plurality of IP address sections, the enterprise manager can configure authority types for meeting participants with access points located in specific IP addresses or IP address sections by setting the parameter, the access network type comprises an enterprise intranet and an extranet, the enterprise manager can configure authority types for meeting participants with access points located in the enterprise intranet or the extranet by setting the parameter, the terminal equipment type comprises a mobile phone, a PC, a tablet computer and the like, and the enterprise manager can configure authority types for meeting participants with access terminal equipment of the types of a mobile phone, a PC, a tablet computer and the like by setting the parameter. After the setting of the parameters is completed, the permission types can be configured for the meeting participants conforming to the parameters. As shown in rights type selection control 302, clicking on the drop down menu, the enterprise administrator may select one of a plurality of options to configure.
As described above, the rights matching rule indicates a communication rule between different rights types, and the enterprise manager may set the rights matching rule through the configuration interface, or may upload a file or script carrying the rights matching rule to the conference management server 101, so as to complete the configuration action.
By way of example, fig. 5 provides a schematic illustration of a configuration interface 400. Configuration interface 400 includes rights type configuration control 401, communication rule configuration control 402, and add item control 403.
The rights type configuration control 401 includes a transmitting end and a receiving end. Enterprise manager can set up sender and receiving end as required. Four parameters, audio, video, share and message, are illustratively shown in the communication rule configuration control 402, corresponding to audio data, video data, share data and message data, respectively. The enterprise manager may choose to allow (v) or disallow (x) the four parameters as desired.
As shown in the first row, when the authority type of the transmitting end is a high-security user and the authority type of the receiving end is a normal user, the normal user can receive audio data, video data and message data from the high-security user in a conference, but cannot receive shared data of the high-security user, which may be because the desktop of the high-security user typically displays some contents related to security or inconvenient to display to the conference participants whose authority type is the normal user.
In some possible implementations, when an enterprise administrator is adding a row of rules using add control 403, a selection may be further made from "one-way" and "two-way" (not shown in the figures). Alternatively, "unidirectional" will be the default option and enterprise administrators may hook "bidirectional" as desired. The "unidirectional" indicates that the setting of the rule is only for the case that the "sending" sends media data to the "receiving end" in the conference, and the "bidirectional" indicates that the setting of the rule is for the case that the "sending end" sends media data to the "receiving end" in the conference, and also for the case that the "receiving end" sends media data to the "sending end" in the conference. For example, taking the first row as an example, when the user selects 'bidirectional' in setting, a rule is synchronously generated that when the authority type of the transmitting end is a common user and the authority type of the receiving end is a high-security user, the high-security user can receive audio data, video data and message data from the common user in a conference, but cannot receive shared data of the common user. This arrangement can effectively promote the efficiency of configuration by the enterprise manager.
Fig. 6 also provides, for example, a schematic illustration of a configuration interface 500. The permission matching rules shown in the configuration interface 500 include priority parameters, a sending end, a receiving end, data types and rules. The types of the sending end and the receiving end comprise high-security users, common users and all. All the indications include at least the above three, and optionally, any rights type, such as a newly added rights type, may also be included. The data types include audio, video, sharing and message, and correspond to audio data, video data, sharing data and message data, respectively. Rules include two options, enable and disable. The priority is stated, the smaller the number corresponding to the priority is, the higher the priority of the rule is. When the server needs to use the rights matching rule to determine whether to allow data communication, it checks one by one in order of priority from high to low. For example, when a meeting with authority types of high-security users, common users and external users exists in a meeting, and when the common users try to send message data to a chat window of the meeting, the server firstly compares rules with priority of 1, when determining that the rule sending end is not the common user, the server considers that the rule sending end cannot be matched, and instead compares rules with priority of 2, when determining that the second rule is that the meeting with the authority types of the common users is allowed to send all types of data (such as audio data, video data, shared data and message data) to the meeting with the authority types of the high-security users, and then sends the message data to the meeting with the high-security users according to the rule with priority of 2. Next, the rule with priority 3 will be compared, and according to the rule, the attendees with the authority type of the ordinary user are prohibited from sending message data to the attendees with the authority type of the external user, so that the server will not send message data to the attendees with the authority type of the external user. When all the rights types of the conferences have determined the rules for data transmission, the server will not perform further comparisons.
In some possible implementations, the server may provide a default spam rule, when one rights type attempts to send a particular type of data to another, if none of the rules set by the enterprise administrator can be matched with it, the server will utilize the spam rule to match, with the result that transmission of that type of data is prohibited. Alternatively, the enterprise administrator may review, delete, and modify spam as needed.
Similar to the rules shown in the configuration interfaces of fig. 4 and 5, enterprise administrators may add, delete, and modify as needed.
On the one hand, the occurrence time of the configuration operation of the permission type can be earlier than the occurrence time of the permission matching rule or later than the occurrence time of the permission matching rule; on the other hand, the occurrence time of the two types of operations can be preset before the meeting starts, or can be set in the meeting process.
S202, the conference management server 101 issues authority matching rules to the media server 102;
When the enterprise manager completes configuring the rights matching rule, the conference management server 101 will issue the complete or partial rights matching rule to the media server 102.
Optionally, a partial rights match rule refers to a rule that is related only to the media server 102. When the media server 102 is only used to process media data other than message data, the media server 102 will receive data types that are video, shared, audio, and all rights match rules.
S203, the conference management server 101 issues a right matching rule to the message server 103;
When the enterprise manager completes configuring the rights matching rule, the conference management server 101 will issue the complete or partial rights matching rule to the message server 103.
Optionally, a partial rights match rule refers to a rule that is related only to the message server 103. When the message server 103 is only used to process message data, the media server 102 will receive data of the type message and all rights match rules.
S204, a plurality of terminals acquire respective authority types from the conference management server 101;
taking end user a as an example, when the end user a tries to participate in a conference with the end device, the end device needs to first acquire its corresponding rights type from the conference management server 101. The attempt to participate in the conference by using the terminal device may be an action that the user opens or logs in to the conference application, or an action that the user clicks to confirm after inputting an account number and a password.
In some possible implementations, the terminal device may obtain its corresponding rights type without perception by the user. Taking an employee of an enterprise as an example, when the employee tries to access the conference, the terminal device corresponding to the end user a will send one or more of the following parameters, i.e. the job number, the type of the terminal device, the region to which the employee belongs, the department where the employee is located, the IP address of the access point, the type of the access network of the terminal device, and the type of the terminal device, to the conference management server 101. Corresponding to the rights type configuration interface 300, the conference management server 101 determines the rights type of the end user a according to the corresponding relationship between the parameters set by the enterprise manager and the rights type, and then returns the rights type to the end device.
In some possible implementations, when the terminal device tries to participate in the conference using the terminal device, the conference management server 101 may also send a permission matching rule to the terminal device, and the terminal device determines the corresponding permission type according to the permission matching rule.
In some possible implementations, when the terminal user a is joining the conference last time, the terminal device has the permission type of joining the conference last time. Therefore, the terminal device corresponding to the terminal user a will send the following parameters to the conference management server 101, possibly together with the rights type corresponding to the user last time. In this implementation, the terminal device receives the conference management server 101 may be the rights type, or may be a response message indicating that the rights type is unchanged.
S205, a plurality of terminal users establish a communication channel with a server by using the terminal equipment 104, login credentials and authority types;
After the terminal user a obtains the corresponding rights type in S204, the conference can be accessed by using the terminal device 104, the login credentials and the rights type. The login credentials include, but are not limited to, conference links, account numbers and passwords, face recognition information, fingerprint recognition information and the like.
After the conference management server 101 confirms that the terminal device accesses the conference, the terminal device will be instructed to establish a communication connection with the server. For example, the terminal device will establish a communication connection with the media server and the message server. Taking the example of the terminal device and the media server establishing communication connection, the conference management server 101 sends an instruction for indicating that the terminal device establishes communication connection with the media server, where the instruction carries an address (such as an IP address) of the media server 102, and the terminal device sends a communication channel establishment request carrying an authority type of the terminal device to the media server 102, and responds to the communication channel establishment request, the media server 102 establishes a communication channel with the terminal device. Because the communication channel established between the two devices belongs to the prior art, the application is not repeated. It should be noted that, while the communication channel is established, the media server 102 marks the terminal device according to the rights type carried in the communication channel establishment request. The establishment of a communication channel between the terminal device and the message server 103 can be referred to above.
S206, the terminal user A sends media data to the media server 102;
after the communication channel is established between the terminal device corresponding to the terminal user a and the media server 102, the terminal user a can participate in the conference, and the terminal device can receive and transmit data.
In the following, three examples of conference members, namely, an end user a, an end user B and an end user C, will be described, wherein when the end user a tries to share a document in the desktop of the conference member and explains the document, the media data sent upstream from the terminal device corresponding to the end user a to the media server 102 may include video data, audio data and shared data, where the video data is mainly used to display the personal image of the end user a, the audio data includes the data taught by the end user a, and the shared data is the data corresponding to the document included in the desktop of the end user a.
S207, the media server 102 sends media data to other terminal users according to the authority matching rule;
After the media server 102 receives the media data including video data, audio data, and shared data, it determines whether to send some or all of the media data to other end users according to the rights matching rules.
The authority type corresponding to the terminal user A is assumed to be a common user, the authority type corresponding to the terminal user B is assumed to be a high-security user, and the authority type corresponding to the terminal user C is assumed to be an external user. Taking the rights matching rule shown in fig. 6 as an example, first, according to the matching rule with priority 1, when it is confirmed that the transmitting end (high-security user) in the rule is inconsistent with the actual transmitting end (normal user), judgment is sequentially made according to the matching rule with priority 2, according to which the end user a can transmit any type of media data to the end user B, and therefore, the media server 102 will transmit all the received media data from the end user a to the end user B. Next, a judgment is made based on the matching rule of priority 3, and although the transmitting end and the receiving end in the matching rule of priority 3 agree with each other and the actual situation in this example, it is limited that the data type is message data, and thus, matching cannot be performed. Therefore, next, a determination is made according to a matching rule of priority 4, according to which the end user a can transmit audio data to the end user C, and thus the media server 102 will transmit the received audio data from the end user a to the end user C. At this time, it is not clear whether or not the video data and the shared data concerning the end user a can be transmitted to the end user C. Therefore, finally, judgment is performed according to the rule of the bottom of the highest priority, and the video data and the shared data of the terminal user A are forbidden to be sent to the terminal user C according to the rule of the bottom of the highest priority. To this end, the media server 102 sends media data from end user a to other end users according to the rights matching rules.
In one possible implementation, for audio data, shared data, and video data that are prohibited from being transmitted, a prompt will be made at the receiving end, for example, to display a word of "unauthorized content". Thus, by way of example as described above, the "unauthorized content" will be displayed on the corresponding terminal device of terminal user C to prompt terminal user C that it is not authorized to receive the audio data, video data and shared data sent by terminal user A.
S208, the terminal user A sends message data to the message server 103;
In one possible implementation, end user a, in addition to sharing the document in his desktop at the meeting and interpreting it, is sending a text message in the chat window, such as the storage address of the document it shares, in order for the meeting participants to view the document themselves. That is, the end user a further transmits message data to the message server 103.
S209, the message server 103 sends message data to other terminal users according to the authority matching rule;
after the message server 103 receives the above-described message data, it is determined whether to send the message data to other terminal users according to the rights matching rule.
Still taking the rights matching rule shown in fig. 6 as an example, according to a matching method similar to that in S207, it can be determined that the message sent by the end user a can be seen by the end user B, but the message sent by the end user a cannot be seen by the end user C.
In one possible implementation, for message data that is prohibited from being transmitted, a prompt will be made at the receiving end, for example, to display a typeface of "unauthorized content". Thus, for example, as described above, the "unauthorized content" will be displayed on the corresponding terminal device of terminal user C to prompt terminal user C that it is not authorized to receive the message data sent by terminal user a.
As described above, the message server 103 is not necessarily required as a server that processes message data exclusively, and thus the above-described steps S203, S208, and S209 are also optional.
It should be noted that, the above method flow may be not only aimed at the whole conference, but also aimed at one or several special issues in the conference. Specifically, when configuring the authority matching rule, the identification of the issue can be added, so that the specific issue is associated with the authority matching rule, and finally, the aim of controlling the conference authority by taking the issue as a unit is fulfilled. Based on the method, communication authority control in the conference can be realized more accurately and pertinently.
In summary, the present application proposes a method for controlling communication rights in a conference, where after a conference management server 101 obtains a rights matching rule configured by an enterprise manager, the rule is issued to a media server 102 and a message server 103. Meanwhile, before the terminal device enters the conference, the authority type corresponding to the terminal device is sent to the terminal device, so that the terminal device establishes communication connection with the media server 102 and the message server 103 based on the authority type. After receiving media data sent by one terminal device, the media server 102 and the message server 103 can determine whether to forward the media data to other terminal devices according to the permission matching rule, thereby realizing communication permission control in the conference.
In addition, the method allows the enterprise manager to set according to the needs, does not limit the authority management unit to the crowd corresponding to the network equipment port, and effectively improves the flexibility of communication authority management in the conference.
The present application also provides a communication authority control device 600, as shown in fig. 7, including:
The communication module 601 is configured to obtain, in step S201, a rights matching rule configured by an enterprise manager in a configuration interface provided by the conference management server 101, and further configured to obtain, in step S204, an obtaining request sent by at least one terminal, and send, based on the obtaining request, a response message carrying a rights type to the at least one terminal. In step S205, the communication module 601 is configured to receive login credentials and rights types of an end user. Further, the communication module 601 is further configured to obtain media data sent by the end user in step S206, where the media data includes one or more of audio data, video data, shared data, and message data. After receiving the media data sent by the end user, the communication module 601 is further configured to send the media data to other end users in S207.
The processing module 602 is configured to establish a communication channel with the terminal device according to the login credentials and the permission type of the terminal user in step S205. After acquiring the media data sent by the terminal device in step S206, the processing module 602 is configured to determine which users send media data and which users send no-rights indication information according to the rights matching rule. Optionally, for the user who sends the media data, it is also necessary to determine whether to send the complete media data or the partial media data to the partial user, which is determined according to the rights matching rule.
A storage module 603, configured to store the rights matching rule configured by the enterprise manager in step S201. Specifically, the permission matching rule further includes a permission type configured by the manager and a correspondence relationship between permission parameters. In one possible implementation, to implement the function of sending the no-authority indication message to the user in step S307, the storage module 603 is further configured to store the no-authority indication message.
The communication module 601, the processing module 602, and the storage module 603 may be implemented by software, or may be implemented by hardware. Illustratively, the implementation of the communication module 601 is described next using the communication module 601 as an example. Similarly, the implementation of the processing module 602 and the storage module 603 may refer to the implementation of the communication module 601.
Module as an example of a software functional unit, the communication module 601 may comprise code running on a computing instance. The computing instance may include at least one of a physical host (computing device), a virtual machine, and a container, among others. Further, the above-described computing examples may be one or more. For example, the communication module 601 may include code running on multiple hosts/virtual machines/containers. It should be noted that, multiple hosts/virtual machines/containers for running the code may be distributed in the same region (region), or may be distributed in different regions. Further, multiple hosts/virtual machines/containers for running the code may be distributed in the same availability zone (availability zone, AZ) or may be distributed in different AZs, each AZ comprising one data center or multiple geographically close data centers. Wherein typically a region may comprise a plurality of AZs.
Also, multiple hosts/virtual machines/containers for running the code may be distributed in the same virtual private cloud (virtual private cloud, VPC) or may be distributed in multiple VPCs. In general, one VPC is disposed in one region, and a communication gateway is disposed in each VPC for implementing inter-connection between VPCs in the same region and between VPCs in different regions.
Module as an example of a hardware functional unit, the communication module 601 may include at least one computing device, such as a server or the like. Alternatively, the communication module 601 may be a device or the like implemented using an application-specific integrated circuit (ASIC) or a programmable logic device (programmable logic device, PLD). The PLD may be implemented as a complex program logic device (complex programmable logical device, CPLD), a field-programmable gate array (FPGA) GATE ARRAY, a general-purpose array logic (GENERIC ARRAY logic, GAL), or any combination thereof.
The plurality of computing devices included in the communication module 601 may be distributed in the same region or may be distributed in different regions. The plurality of computing devices included in the communication module 601 may be distributed in the same AZ or may be distributed in different AZ. Likewise, multiple computing devices included in the communication module 601 may be distributed in the same VPC or may be distributed among multiple VPCs. Wherein the plurality of computing devices may be any combination of computing devices such as servers, ASIC, PLD, CPLD, FPGA, and GAL.
It should be noted that, in other embodiments, the communication module 601 may be configured to perform any step in the communication authority control method 200, the processing module 602 may be configured to perform any step in the communication authority control method 200, the storage module 603 may be configured to perform any step in the communication authority control method 200, the steps that the communication module 601, the processing module 602 and the storage module 603 are responsible for implementing may be specified as needed, and the communication module 601, the processing module 602 and the storage module 603 implement different steps in the communication authority control method 200 respectively to implement all functions of the communication authority control device 600.
In summary, the communication authority control device 600 may be a software functional unit, a hardware functional unit, or a combination of a software functional unit and a hardware functional unit. Illustratively, the communication right control device 600 may be a cloud management platform.
The cloud management platform is described as follows:
The cloud management platform is used for providing an access interface (such as an interface or an application program interface (Application Programming Interface, API)), the tenant can operate the client to remotely register a cloud account number and a password at the cloud management platform through the Cheng Jieru access interface, log in the cloud management platform, after the cloud management platform successfully authenticates the cloud account number and the password, the tenant can further pay for selecting and purchasing a virtual machine with a specific specification (a processor, a memory and a disk) at the cloud management platform, after pay for purchasing is successful, the cloud management platform provides a remote login account number password of the purchased virtual machine, and the client can remotely log in the virtual machine, and install and operate an application of the tenant in the virtual machine.
The cloud management platform logic functions are divided into a user console, a computing management service, a network management service, a storage management service, an authentication service and a mirror image management service. The user console provides interfaces or APIs to interact with tenants, the computing management service is used for managing servers running virtual machines and containers and bare metal servers, the network management service is used for managing network services (such as gateways, firewalls and the like), the storage management service is used for managing storage services (such as data bucket services), the authentication service is used for managing account passwords of tenants, and the mirror image management service is used for managing virtual machine mirrors.
The cloud management platform further provides a cloud management platform client, which is used for receiving the control plane command sent by the cloud management platform, creating the control plane command on the server and carrying out full life cycle management on the virtual machine.
Thus, tenants can create, manage, log in, and operate instances of virtual machines, containers, bare metal servers, and the like in a cloud data center through a cloud management platform.
The present application also provides a computing device 700. As shown in fig. 8, computing device 700 includes a bus 702, a processor 704, a memory 706, and a communication interface 708. Communication between processor 704, memory 706, and communication interface 708 is via bus 702. Computing device 700 may be a server or a terminal device. It should be understood that the present application is not limited to the number of processors, memories in computing device 700.
Bus 702 may be a peripheral component interconnect standard (PERIPHERAL COMPONENT INTERCONNECT, PCI) bus, or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The buses may be divided into address buses, data buses, control buses, etc. For ease of illustration, only one line is shown in fig. 8, but not only one bus or one type of bus. Bus 704 may include a path to transfer information between various components of computing device 700 (e.g., memory 706, processor 704, communication interface 708).
The processor 704 may include any one or more of a central processing unit (central processing unit, CPU), a graphics processor (graphics processing unit, GPU), a Microprocessor (MP), or a digital signal processor (DIGITAL SIGNAL processor, DSP).
The memory 706 may include volatile memory (RAM), such as random access memory (random access memory). The processor 704 may also include non-volatile memory (non-volatile memory), such as read-only memory (ROM), flash memory, mechanical hard disk (HARD DISK DRIVE, HDD) or solid state disk (SSD STATE DRIVE).
The memory 706 has stored therein executable program code that the processor 704 executes to implement the functions of the aforementioned communication module 601, processing module 602, and storage module 603, respectively, to thereby implement the communication right control method 200. That is, the memory 706 has stored thereon instructions for performing the communication rights control method 200.
Communication interface 703 enables communication between computing device 700 and other devices or communication networks using a transceiver module such as, but not limited to, a network interface card, transceiver, or the like.
The embodiment of the application also provides a computing device cluster. The cluster of computing devices includes at least one computing device. The computing device may be a server, such as a central server, an edge server, or a local server in a local data center. In some embodiments, the computing device may also be a terminal device such as a desktop, notebook, or smart phone.
As shown in fig. 9, the cluster of computing devices includes at least one computing device 700. The same instructions for performing the communication rights control method 200 may be stored in the memory 706 in one or more computing devices 700 in the computing device cluster.
In some possible implementations, portions of the instructions for performing the communication rights control method 200 may also be stored separately in the memory 706 of one or more computing devices 700 in the computing device cluster. In other words, a combination of one or more computing devices 700 may collectively execute instructions for performing the communication rights control method 200.
It should be noted that, the memory 706 in different computing devices 700 in the computing device cluster may store different instructions for performing part of the functions of the communication authority control apparatus 600. That is, the instructions stored by the memory 706 in the different computing devices 700 may implement the functionality of one or more of the communication module 601, the processing module 602, and the storage module 603.
In some possible implementations, one or more computing devices in a cluster of computing devices may be connected through a network. Wherein the network may be a wide area network or a local area network, etc. Fig. 10 shows one possible implementation. As shown in fig. 10, two computing devices 700A and 700B are connected by a network. Specifically, the connection to the network is made through a communication interface in each computing device. In this type of possible implementation, instructions to perform the functions of the communication module 601 are stored in the memory 706 in the computing device 700A. Meanwhile, the memory 706 in the computing device 700B has stored therein instructions that perform the functions of the processing module 602 and the storage module 603.
The manner of connection between clusters of computing devices shown in fig. 10 may be in view of the frequent interaction with enterprise administrators and end users required by the communication rights control method 200 provided by the present application, and thus in view of the functionality implemented by the processing module 602 and the storage module 603 being performed by the computing device 700B.
It should be appreciated that the functionality of computing device 700A shown in fig. 10 may also be performed by multiple computing devices 700. Likewise, the functionality of computing device 700B may also be performed by multiple computing devices 700.
Embodiments of the present application also provide a computer program product comprising instructions. The computer program product may be software or a program product containing instructions capable of running on a computing device or stored in any useful medium. The computer program product, when run on at least one computing device, causes the at least one computing device to perform the communication rights control method 200.
The embodiment of the application also provides a computer readable storage medium. The computer readable storage medium may be any available medium that can be stored by a computing device or a data storage device such as a data center containing one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid state disk), etc. The computer-readable storage medium includes instructions that instruct a computing device to perform the communication rights control method 200.
It should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present invention, and not for limiting the same, and although the present invention has been described in detail with reference to the above-mentioned embodiments, it should be understood by those skilled in the art that the technical solution described in the above-mentioned embodiments may be modified or some technical features may be equivalently replaced, and these modifications or substitutions do not make the essence of the corresponding technical solution deviate from the protection scope of the technical solution of the embodiments of the present invention.

Claims (23)

1. A method for controlling communication rights in a conference, the method comprising:
acquiring a right matching rule configured by a manager in a conference system, wherein the right matching rule comprises communication rules among a plurality of right types, and the conference system is used for holding a target conference;
Responding to an acquisition request of a target user, and sending a target authority type corresponding to the target user, wherein the target conference accessed by the target user also comprises at least one conference participating user;
acquiring target media data sent by a target terminal corresponding to the target user, wherein the media data carries the target authority type;
and determining whether to send the target media data to the at least one participating user according to the target authority type, the authority type corresponding to the at least one participating user and the authority matching rule, wherein each participating user corresponds to one authority type.
2. The method of claim 1, wherein the obtaining the administrator configured rights match rule comprises:
acquiring the authority type configured by the manager and one or more of the following authority parameters:
the type of the work number, the region, the department, the IP address, the type of the access network and the type of the terminal equipment;
and recording the corresponding relation of the authority types and the authority parameters configured by the manager.
3. The method according to claim 2, wherein the obtaining request of the target user carries the permission parameter of the target user, and the sending, in response to the obtaining request of the target user, the target permission type corresponding to the user includes:
determining a target authority type corresponding to the target user according to the authority type configured by the manager and the corresponding relation of the authority parameters based on the authority parameters of the target user;
and sending the target authority type corresponding to the target user.
4. A method according to any one of claims 1 to 3, wherein the media data comprises one or more of the following:
Audio data, video data, shared data and message data, wherein the video data indicates data collected by cameras of the conference terminals, and the shared data indicates data of shared desktops collected by the conference terminals.
5. The method of any of claims 1-4, wherein the at least one participating user comprises a first participating user, the method further comprising:
And when the target media data is not transmitted to the first conference user, transmitting first non-authority indication information to the first conference user, wherein the first non-authority indication information is used for indicating that the first conference user does not receive the authority of the target media data.
6. The method of claim 5, wherein the at least one participating user comprises a second participating user, the method further comprising:
and when the fact that the target media data of the part are not sent to the second conference user is determined, sending second non-authority indication information and the target media data of the other part to the second conference user, wherein the second non-authority indication information is used for indicating that the second conference user does not receive the authority of the target media data of the part.
7. The method according to any one of claims 1 to 6, wherein the rights matching rule includes a plurality of communication rules, and wherein determining whether to send the target media data to the at least one participating user based on the target rights type, the rights type corresponding to the at least one participating user, and the rights matching rule includes:
And determining whether to send the target media data to the at least one participating user according to the priority order of the communication rules in the permission matching rule from high to low, the permission matching rule, the target permission type and the permission type corresponding to the at least one participating user.
8. A method according to any one of claims 1 to 7, wherein the rights types include one or more of the following:
The system comprises a high-security user, a common user and an external user, wherein the high-security user and the common user belong to the same enterprise, and the external user does not belong to the enterprise.
9. The method according to any one of claims 1 to 8, wherein before the obtaining the administrator configured rights match rule, the method further comprises:
and starting the target meeting.
10. The method of any of claims 1 to 9, wherein the rights matching rule further comprises a target topic in the meeting, the target media data being media data associated with the target topic.
11. A communication right control device in a conference, characterized by comprising:
The system comprises a communication module, a meeting system, a target user, a meeting user, a target user terminal, a meeting user terminal, a target media data transmission module and a communication module, wherein the communication module is used for acquiring a right matching rule configured by a manager in the meeting system, the right matching rule comprises a communication rule among a plurality of right types, and the meeting system is used for holding a target meeting;
And the processing module is used for determining whether to send the target media data to the at least one conference user according to the target authority type, the authority type corresponding to the at least one conference user and the authority matching rule, wherein each conference user corresponds to one authority type.
12. The device of claim 11, wherein the communication module is further configured to obtain one or more of a permission type configured by the manager and a permission parameter, including a job number, a region, a department, an IP address, an access network type, and a terminal device type, and the processing module records a correspondence between the permission type configured by the manager and the permission parameter.
13. The apparatus of claim 12, wherein the request for obtaining the target user carries a permission parameter of the target user, the processing module is further configured to determine, based on the permission parameter of the target user, a target permission type corresponding to the target user according to a permission type configured by the manager and a correspondence of the permission parameter, and the communication module is further configured to send, to the target user, the target permission type corresponding to the target user.
14. The apparatus of any of claims 11 to 13, wherein the media data comprises one or more of audio data, video data, shared data, and message data, wherein the video data is indicative of data collected by cameras of the participant terminals, and the shared data is indicative of data of a shared desktop collected by the participant terminals.
15. The apparatus according to any one of claims 11 to 14, wherein the at least one participating user comprises a first participating user, wherein the processing module is further configured to determine not to send the target media data to the first participating user, and wherein the communication module is further configured to send first non-permission indication information to the first participating user, wherein the first non-permission indication information is configured to indicate that the first participating user does not have permission to receive the target media data.
16. The apparatus of claim 15 wherein the at least one participating user comprises a second participating user, the processing module further configured to determine not to send a portion of the target media data to the second participating user, the communication module further configured to send second non-permission indication information to the second participating user indicating that the second participating user does not have permission to receive the portion of the target media data, and another portion of the target media data.
17. The apparatus according to any one of claims 11 to 16, wherein the permission matching rule comprises a plurality of communication rules, and wherein the processing module is further configured to determine whether to send the target media data to the at least one participating user according to the permission matching rule, the target permission type, and the permission type corresponding to the at least one participating user in an order of priority of the plurality of communication rules in the permission matching rule from high to low.
18. The apparatus of any one of claims 11 to 17, wherein the permission types include one or more of a high-security user, a normal user, and an external user, wherein the high-security user and the normal user belong to the same enterprise and the external user does not belong to the enterprise.
19. The apparatus of any one of claims 11 to 18, wherein the processing module is further configured to initiate the target meeting before the obtaining of the administrator configured permission match rule.
20. The apparatus of any of claims 11 to 19, wherein the rights matching rule further comprises a target topic in the meeting, the target media data being media data associated with the target topic.
21. A cluster of computing devices, comprising at least one computing device, each computing device comprising a processor and a memory;
the processor of the at least one computing device is configured to execute instructions stored in the memory of the at least one computing device to cause the cluster of computing devices to perform the method of any one of claims 1 to 9.
22. A computer program product containing instructions which, when executed by a cluster of computer devices, cause the cluster of computer devices to perform the method of any of claims 1 to 9.
23. A computer readable storage medium comprising computer program instructions which, when executed by a cluster of computing devices, perform the method of any of claims 1 to 9.
CN202410178057.4A 2024-01-11 2024-02-08 A method and device for controlling communication rights in a conference Pending CN120301719A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2025/071720 WO2025149027A1 (en) 2024-01-11 2025-01-10 Method and apparatus for controlling communication permission in conference

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2024100440429 2024-01-11
CN202410044042 2024-01-11

Publications (1)

Publication Number Publication Date
CN120301719A true CN120301719A (en) 2025-07-11

Family

ID=96284069

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410178057.4A Pending CN120301719A (en) 2024-01-11 2024-02-08 A method and device for controlling communication rights in a conference

Country Status (2)

Country Link
CN (1) CN120301719A (en)
WO (1) WO2025149027A1 (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060048224A1 (en) * 2004-08-30 2006-03-02 Encryptx Corporation Method and apparatus for automatically detecting sensitive information, applying policies based on a structured taxonomy and dynamically enforcing and reporting on the protection of sensitive data through a software permission wrapper
JP6451227B2 (en) * 2014-11-06 2019-01-16 富士ゼロックス株式会社 Information processing apparatus, information processing system, program, and recording medium
CN106951795B (en) * 2016-01-07 2020-07-21 阿里巴巴集团控股有限公司 Application data access isolation method and device
CN114827134B (en) * 2022-07-01 2022-09-20 深圳乐播科技有限公司 Differentiated pushing method, related device and display method for cloud conference desktop
CN116305074A (en) * 2023-03-24 2023-06-23 远光软件股份有限公司 Enterprise information management method based on authority configuration and related equipment thereof

Also Published As

Publication number Publication date
WO2025149027A1 (en) 2025-07-17

Similar Documents

Publication Publication Date Title
US11870782B2 (en) Management of hosted channel membership in a communication platform
US20230412539A1 (en) Limited functionality interface for communication platform
US8578465B2 (en) Token-based control of permitted sub-sessions for online collaborative computing sessions
US20230379276A1 (en) System and Method for Processing Messages from an External Communication Platform
US8819120B1 (en) Method and system for group communications
JP7491967B2 (en) Apparatus and method for managing external permission grants and external messaging communication requests in a group-based communication system - Patents.com
US11757811B2 (en) System and method for processing user messages among organizations
RU2541847C2 (en) Controlling access to secured application features using client trust levels
JP2024532326A (en) Integrated workspace on a communication platform
US20050044157A1 (en) Universal encrypted internet messaging
US20130061335A1 (en) Method, Apparatus, Computer Readable Media for a Storage Virtualization Middleware System
US7966376B2 (en) Preventing the capture of chat session text
US20030018725A1 (en) System and method for using an instant messaging environment to establish a hosted application sharing session
CN115398433A (en) Method, apparatus and computer program product for managing organizational connections in a group-based communication system
KR20100014631A (en) Emulation of visit locking and lobbying in a distributed conferencing system
CN113079078B (en) Operation method and device of message server
US20230029402A1 (en) Shared channel invitation paths
US20060288010A1 (en) Networking at a convention
US9237140B1 (en) Acceptance of policies for cross-company online sessions
US9740850B2 (en) Controlling which users from an organization are to be part of a community space in an easy and error-free manner
US7325065B1 (en) Identifying unauthorized communication systems using a system-specific identifier
CN120301719A (en) A method and device for controlling communication rights in a conference
EP4523377B1 (en) Safety-measure centric temporal containers for real-time creation during a digital meeting
RU2485706C1 (en) Method and system for controlling electronic mail message collection
US12068873B2 (en) Domain and invite management in a group-based communication system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication