[go: up one dir, main page]

WO2018126388A1 - Procédé de gestion de partage de base de données - Google Patents

Procédé de gestion de partage de base de données Download PDF

Info

Publication number
WO2018126388A1
WO2018126388A1 PCT/CN2017/070248 CN2017070248W WO2018126388A1 WO 2018126388 A1 WO2018126388 A1 WO 2018126388A1 CN 2017070248 W CN2017070248 W CN 2017070248W WO 2018126388 A1 WO2018126388 A1 WO 2018126388A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
list
database
management method
resource
Prior art date
Application number
PCT/CN2017/070248
Other languages
English (en)
Chinese (zh)
Inventor
王志全
Original Assignee
深圳市前海中康汇融信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市前海中康汇融信息技术有限公司 filed Critical 深圳市前海中康汇融信息技术有限公司
Priority to PCT/CN2017/070248 priority Critical patent/WO2018126388A1/fr
Publication of WO2018126388A1 publication Critical patent/WO2018126388A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications

Definitions

  • the present invention relates to the field of database access control, and in particular to a database sharing management method based on user rights.
  • Database is an important part of modern computer applications, and it is a tool for people to effectively store, share and process data.
  • Database sharing technology abstracts the process of communicating with the outside of the database and simplifies the process of client access to the database by providing a shared interface.
  • the data in the database may be more confidential. If the user's access to the database is not managed effectively, and the user is allowed to obtain the desired data at will, the security of the database is not guaranteed.
  • the present invention provides a database sharing management method, including: storing user rights information including a shared resource list, a privacy resource list, and a corresponding user list; receiving a read request of the user, wherein the read request includes a user's account, a password, and a target resource; matching the read request with the user right information, and generating a matching result; and acquiring the target resource in the database according to the matching result, and sending the corresponding resource
  • the reading result is given to the user.
  • the step of matching the read request with the user right information and generating a matching result comprises: checking whether the user's account and password are correct; if correct, confirming whether the target resource is in the In the shared resource list; if the target resource is in the shared resource list, the matching result is generated to indicate that the read request matches the user rights information.
  • the step of matching the read request with the user right information and generating a matching result may further include: if the target resource is in the shared privacy list, continuing to determine whether the user is Corresponding to the user list of the target resource; and if the user is in the user list, generating the matching result to indicate that the read request matches the user rights information.
  • the database sharing management method further includes: setting the user rights information including the shared resource list, the privacy resource list, and the corresponding user list.
  • the step of setting the shared resource list, the privacy resource list, and the user rights information of the corresponding user list further comprises: setting a resource usage time in the shared resource list.
  • the step of acquiring the target resource in the database according to the matching result, and correspondingly sending the read result to the user comprises: starting timing when sending the read result, and After the resource usage time expires, the user no longer has permission to read the target resource.
  • the step of setting the shared resource list, the privacy resource list, and the user right information of the corresponding user list may further comprise: receiving a setting instruction from a server.
  • the database sharing management method may further include: storing a read history related to the read request.
  • the user rights information includes administrator rights information, and if the matching result indicates that the user is an administrator, the user has sharing rights to all database resources.
  • the user rights information includes creator rights information, if the matching result indication The user is a creator, and the user has modification and sharing rights to all database resources.
  • the database sharing management method provided by the present invention is capable of efficiently managing operations on shared data in a database.
  • FIG. 1 is a block diagram of a database sharing management method in accordance with an embodiment of the present invention.
  • FIG. 2 is a block diagram of a database sharing management method in accordance with another embodiment of the present invention.
  • FIG. 3 is a block diagram showing a database sharing management method according to still another embodiment of the present invention.
  • FIG. 1 is a block diagram of a database sharing management method 100 in accordance with an embodiment of the present invention. As shown in FIG. 1, the database sharing management method 100 includes the following steps:
  • Step 102 Store user rights information including a shared resource list, a privacy resource list, and a corresponding user list.
  • database resources can be divided into two groups: shared resources and private resources.
  • a shared resource refers to a resource in a database that is exposed to the outside, and a private resource refers to a resource that can be read only by a specific user (for example, a database creator).
  • the user rights information includes administrator rights information, and if the matching result indicates that the user is an administrator, the user has sharing rights to all database resources.
  • the user rights information includes creator authority information, if the matching result indicates If the user is a creator, the user has modification and sharing rights to all database resources.
  • Step 104 Receive a user's read request (eg, a user's account, password, and target resource), wherein the read request includes the user's account, password, and target resource.
  • a user's read request eg, a user's account, password, and target resource
  • Step 106 Match the read request with the user right information, and generate a matching result (for example, a matching success or a matching failure).
  • the step 106 may include:
  • the matching result is generated to indicate that the read request matches the user right information.
  • the step 106 may further include:
  • target resource is in the shared privacy list, continuing to determine whether the user is in the user list corresponding to the target resource;
  • the matching result is generated to indicate that the read request matches the user rights information.
  • Step 108 Acquire the target resource in the database according to the matching result, and send a read result (for example, a read success or a read failure, and a read information related to the target resource) to the office.
  • a read result for example, a read success or a read failure, and a read information related to the target resource
  • FIG. 2 is a block diagram of a database sharing management method 200 in accordance with another embodiment of the present invention.
  • the database sharing management method 200 of FIG. 2 is similar to the database sharing management method 100 of FIG.
  • the database sharing management method 200 can include the following steps:
  • Step 210 Set the user rights information including the shared resource list, the privacy resource list, and the corresponding user list.
  • Step 102 Store user rights information including a shared resource list, a privacy resource list, and a corresponding user list.
  • Step 104 Receive a read request of the user (for example, a user's account, password, and target resource),
  • the read request includes a user's account, password, and target resource.
  • Step 106 Match the read request with the user right information, and generate a matching result (for example, a matching success or a matching failure).
  • Step 108 Acquire the target resource in the database according to the matching result, and send a read result (for example, a read success or a read failure, and a read information related to the target resource) to the office.
  • a read result for example, a read success or a read failure, and a read information related to the target resource
  • step 210 may further include: setting a resource usage time in the shared resource list. For example, timing is initiated when the read result is sent in step 108, and after the resource usage time expires, the user no longer has permission to read the target resource.
  • step 210 may further include receiving a setup instruction from a server (not shown).
  • database sharing management method 300 is a block diagram of a database sharing management method 300 in accordance with yet another embodiment of the present invention.
  • database share management method 300 in FIG. 3 is similar to database share management method 200 in FIG.
  • the database sharing management method 300 can include the following steps:
  • Step 210 Set the user rights information including the shared resource list, the privacy resource list, and the corresponding user list.
  • Step 102 Store user rights information including a shared resource list, a privacy resource list, and a corresponding user list.
  • Step 104 Receive a user's read request (eg, a user's account, password, and target resource), wherein the read request includes the user's account, password, and target resource.
  • a user's read request eg, a user's account, password, and target resource
  • Step 106 Match the read request with the user right information, and generate a matching result (for example, a matching success or a matching failure).
  • Step 108 Acquire the target resource in the database according to the matching result, and send a read result (for example, a read success or a read failure, and a read information related to the target resource) to the office.
  • a read result for example, a read success or a read failure, and a read information related to the target resource
  • Step 310 Store a read history related to the read request.
  • the database sharing management method provided by the present invention is capable of efficiently managing operations on shared data in a database.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé de gestion de partage de base de données, comprenant les étapes consistant : à stocker des informations d'autorisation d'utilisateur comprenant une liste de ressources partagées, une liste de ressources privées et des listes d'utilisateurs correspondantes; à recevoir une demande de lecture d'un utilisateur, la demande de lecture comprenant un compte, un mot de passe et une ressource cible d'utilisateur; à mettre en correspondance la demande de lecture avec les informations d'autorisation d'utilisateur afin de générer un résultat de mise en correspondance; et à acquérir, en fonction du résultat de mise en correspondance, la ressource cible dans la base de données, et à envoyer à l'utilisateur un résultat de lecture correspondant. Le procédé de gestion de partage de base de données de la présente invention permet une gestion efficace d'opérations sur des données partagées dans une base de données.
PCT/CN2017/070248 2017-01-05 2017-01-05 Procédé de gestion de partage de base de données WO2018126388A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/070248 WO2018126388A1 (fr) 2017-01-05 2017-01-05 Procédé de gestion de partage de base de données

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/070248 WO2018126388A1 (fr) 2017-01-05 2017-01-05 Procédé de gestion de partage de base de données

Publications (1)

Publication Number Publication Date
WO2018126388A1 true WO2018126388A1 (fr) 2018-07-12

Family

ID=62788851

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/070248 WO2018126388A1 (fr) 2017-01-05 2017-01-05 Procédé de gestion de partage de base de données

Country Status (1)

Country Link
WO (1) WO2018126388A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114841652A (zh) * 2022-01-27 2022-08-02 杭州锘崴信息科技有限公司 一种工序环节共享的方法及系统
CN118133322A (zh) * 2024-05-06 2024-06-04 上海合见工业软件集团有限公司 Eda软件设计数据共享方法、电子设备和介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101340460A (zh) * 2008-08-11 2009-01-07 深圳市戴文科技有限公司 一种信息共享及查询方法、系统及移动终端和服务器
CN101853307A (zh) * 2010-06-12 2010-10-06 无锡语意电子政务软件科技有限公司 一种笔记的创建方法及其相应的网络搜索系统及方法
US7996469B1 (en) * 2004-10-20 2011-08-09 Complatform LLC Method and system for sharing files over networks
CN102333076A (zh) * 2011-07-21 2012-01-25 上海互联网软件有限公司 文件共享系统及方法、网络信息整合系统及方法
CN103020223A (zh) * 2012-12-12 2013-04-03 中国联合网络通信集团有限公司 文件共享处理方法、装置和系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7996469B1 (en) * 2004-10-20 2011-08-09 Complatform LLC Method and system for sharing files over networks
CN101340460A (zh) * 2008-08-11 2009-01-07 深圳市戴文科技有限公司 一种信息共享及查询方法、系统及移动终端和服务器
CN101853307A (zh) * 2010-06-12 2010-10-06 无锡语意电子政务软件科技有限公司 一种笔记的创建方法及其相应的网络搜索系统及方法
CN102333076A (zh) * 2011-07-21 2012-01-25 上海互联网软件有限公司 文件共享系统及方法、网络信息整合系统及方法
CN103020223A (zh) * 2012-12-12 2013-04-03 中国联合网络通信集团有限公司 文件共享处理方法、装置和系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114841652A (zh) * 2022-01-27 2022-08-02 杭州锘崴信息科技有限公司 一种工序环节共享的方法及系统
CN118133322A (zh) * 2024-05-06 2024-06-04 上海合见工业软件集团有限公司 Eda软件设计数据共享方法、电子设备和介质

Similar Documents

Publication Publication Date Title
CN108293045B (zh) 本地和远程系统之间的单点登录身份管理
CN102622311B (zh) Usb移动存储设备访问控制方法、装置及系统
US9819672B1 (en) Sharing access tokens with trusted users
US8838961B2 (en) Security credential deployment in cloud environment
US20240422163A1 (en) Blockchain folding
US8621036B1 (en) Secure file access using a file access server
WO2018112946A1 (fr) Procédé, dispositif et système d'enregistrement et d'autorisation
CN109831435B (zh) 一种数据库操作方法、系统及代理服务器和存储介质
US8863255B2 (en) Security credential deployment in cloud environment
CN109344631B (zh) 区块链的数据修改及区块验证方法、装置、设备和介质
US11190346B2 (en) Secure device ownership transfer using an ephemeral device transfer token generated using elliptic curve cryptography
CN105516059B (zh) 一种资源访问控制方法和装置
CN110311895B (zh) 基于身份验证的会话权限校验方法、系统及电子设备
US11403412B2 (en) Accessing encrypted user data at a multi-tenant hosted cloud service
CN111917711B (zh) 数据访问方法、装置、计算机设备和存储介质
US10178183B2 (en) Techniques for prevent information disclosure via dynamic secure cloud resources
TW201337631A (zh) 機密資訊洩漏防止系統、機密資訊洩漏防止方法、及電腦可讀取之記錄媒體
KR20160084997A (ko) 비밀번호 기반 역할 및 권한 부여 장치 및 방법
US10162950B2 (en) Methods and apparatus for using credentials to access computing resources
CN108289074B (zh) 用户账号登录方法及装置
WO2021260495A1 (fr) Gestion sécurisée d'un environnement d'automatisation de processus robotique
US20130305328A1 (en) Systems and methods for passing password information between users
WO2018126388A1 (fr) Procédé de gestion de partage de base de données
CN111817860B (zh) 一种通信认证方法、装置、设备及存储介质
CN119691723A (zh) 服务授权方法及相关装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17889565

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 05/11/2019)

122 Ep: pct application non-entry in european phase

Ref document number: 17889565

Country of ref document: EP

Kind code of ref document: A1