CN101051937A - User's power managing method and system based on XML - Google Patents
User's power managing method and system based on XML Download PDFInfo
- Publication number
- CN101051937A CN101051937A CN 200610078825 CN200610078825A CN101051937A CN 101051937 A CN101051937 A CN 101051937A CN 200610078825 CN200610078825 CN 200610078825 CN 200610078825 A CN200610078825 A CN 200610078825A CN 101051937 A CN101051937 A CN 101051937A
- Authority
- CN
- China
- Prior art keywords
- parameter
- permission levels
- module
- equipment
- command set
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses method for managing user authority based on XML. Using XML file, the method describes information of equipment or information of service, and sets up field of authority to partition grades of authority in the formed description table. Partitioning grades of authority for users makes users with different grades of authority possess different authorities to access equipment or service. The invention also discloses the system of using the method.
Description
Technical field
The present invention relates to a kind of method for managing user right and system, belong to the network management technology field.
Background technology
The system architecture of modern communications progressively develops to the modularization direction, and this modularization has comprised the modularization of hardware, the modularization and the professional modularization of software, and modular platform can guarantee the opening and the extensibility of system.For telecommunication apparatus supplier, adopt open, standardized standard criterion to design, develop, can integrated easily existing third party's software-component, shorten the development time, pooling of resources focuses on core competitiveness on the function of specific high value.For telecom operators, then can there be diversified telecommunication apparatus supplier to select, thereby shortens the time that service is put on market.At present increasing Carrier Requirements software, hardware can be supported open interface, support secondary development, can increase and unload application flexibly, do not influence each other between guaranteeing to use.
The increasing that problem is the unified management difficulty that modularization is brought.For buyer (as telecom operators), the equipment that has several different manufacturers in system, how in soft, the hardware module and the business of same maintenance platform management different manufacturers, and having identical maintenance interface and way to manage, is to need a key issue solving.
XML is the abbreviation of Extensible Markup Language, i.e. extending mark language.It is a kind of SGML that simplifies, and is the subclass of SGML.The same with SGML, it also is a kind of metalanguage of creating SGML.
The mark of XML can be expanded, and the mark that allows definition quantity not limit is described the data in the document, and what focus on is the description of data.XML except widely applying in technique of internet and document description, has also born an important role as explorative DDL in exchanges data.As a kind of and received text platform independence, XML can be read and write by all program languages.
The content of the main data of description of XML file, the structure of data is by DTD (type definition document) file description, the demonstration of data can realize that then it is the language of HTML or extended formatting that XSL (extensible style language) is used for the XML data translation by XSL (extensible style language) file.By separating that XML, DTD, XSL can realize that data content, data structure and data show, help realizing the sharing of data, the expansion of data and the customization of data.
Fig. 1 has shown the typical networking of present network management system.In general, network management system has a super keeper, and he has the highest weight limit of system management, is responsible for each system maintenance person and divides authority, can only read the state of all devices such as attendant 1, attendant 2 can dispose the parameter of all devices etc.Manage the mutual of information by SNMP, WBEM agreements such as (based on the business administrations of WEB) between network management system and the equipment.
In existing scheme, super administrator configurations flexibility is limited, but such as disposing certain attendant some equipment is had read-only write permission, and can not carry out the authority configuration at the specifying information of device interior.In general, in the inside of each equipment, a permissions list is arranged also, it is provided with different authorities for the user of different brackets, as shown in Figure 2.User such as grade 1 has only the basic parameter of equipment to check authority, and the user of grade 2 has checking of basic parameter and disposes authority, and the user of grade 3 has checking of basic parameter and advanced parameters and disposes authority or the like.Because the command set of these grade correspondences of equipment of different manufacturers is different certainly, therefore on network management system, can't effectively be configured, such as specifying attendant 1 to have the authority of actuating equipment 1 and equipment 2 middle grades 2 command sets that the user has to the access rights in the equipment.In a single day realize this function if desired on existing scheme, need to collect the command set on all devices, and have new equipment to add, the authority of network management system also needs to be configured again, this obviously can cause the very big reduction of efficient.
Summary of the invention
An object of the present invention is to make network management system to carry out automatic distinguishing to the inside Permission Levels of different manufacturers, dissimilar equipment.
Another object of the present invention is to be implemented on the network management system, can unify the different rights grade for attendant's configuration device inside, can or show specific equipment interface according to the particular command collection in the authority actuating equipment.
Another object of the present invention is to make operator can control the business that it provided flexibly.
The invention provides a kind of method for managing user right based on XML, this method is utilized XML file description facility information or business information, and in the description list that forms the rights field of dividing Permission Levels is set; In addition the user is divided Permission Levels, make user have different equipment or Operational Visit authority with different rights grade.
At the application scenarios of many equipment, the invention provides a kind of method for managing user right based on XML, make the manager unify control to the access rights of distinct device inside easily.In this regard, described facility information is the information of equipment inner module, parameter, command set or the WEB page, described method is specially: each equipment of network management system management is incited somebody to action separately the module by the XML file description, parameter, command set or the WEB page after powering on description list reports network management system, is provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list; Described network management system is carried out automatic distinguishing according to the description list of receiving to the Permission Levels of the module in the equipment, parameter, command set or the WEB page, only can carry out with authority and operates accordingly so that have the attendant of different rights grade.
If certain attendant's Permission Levels is more than or equal to the Permission Levels of certain module, parameter, command set or the WEB page in certain equipment, then network management system shows corresponding contents on the interface, allows this attendant's executable operations; If certain attendant's Permission Levels is less than the Permission Levels of certain module, parameter, command set or the WEB page in certain equipment, then network management system shows and goes beyond one's commission prompting or do not show corresponding contents on the interface, does not allow this attendant's executable operations.
In the description list of described module, parameter, command set or the WEB page, if certain module, parameter, command set or the WEB page do not have rights field, then described module, parameter, command set or the WEB page are inherited the Permission Levels of upper level, if no upper level is then handled by default Permission Levels.
Described default Permission Levels are for allowing all attendant's module for reading and writing, parameter, command set or the WEB page.
In another aspect of the present invention, described business information is the information of different business and professional relevant parameter, described method is specially: storage is provided with the rights field of the access rights of professional and professional relevant parameter being divided Permission Levels by the description list of the professional and professional relevant parameter of XML file description in the described description list on service server; After the user is through the authentication login, service server is found out this user's Permission Levels according to user login information, Permission Levels with professional and professional relevant parameter compare then, if Permission Levels are professional more than or equal to certain and/or the Permission Levels of professional relevant parameter, then has this authority professional and/or professional relevant parameter of visit, as less than, then do not have access rights.
In the present invention, Permission Levels can be by numeral.
The present invention also provides the system of a kind of utilization based on the method for managing user right of XML, comprises
Equipment based on the conventional management agreement;
Adapter with the corresponding setting of above-mentioned equipment based on the conventional management agreement, described adapter is used for the information translation based on each module of equipment, parameter, command set or the WEB page of conventional management agreement is the description list by the XML file description, and the description list after will changing reports network management system, is provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list;
Be used for described equipment based on the conventional management agreement is unified the network management system of maintenance management, described network management system is carried out automatic distinguishing according to the XML file of receiving to the Permission Levels of the module in the equipment, parameter, command set or the WEB page, and the Permission Levels of distributing distinct device inside for different personnel.
In the present invention, described adapter is integrated in described device interior based on the conventional management agreement.
The present invention also provides the system of a kind of utilization based on the method for managing user right of XML, comprises
Equipment based on the XML description, after the described device power, to report by the description list of module, parameter, command set or the WEB page of XML file description, be provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list;
Be used for the said equipment is unified the network management system of maintenance management, described network management system is carried out automatic distinguishing according to the XML file of receiving from the said equipment to the Permission Levels of the module in the equipment, parameter, command set or the WEB page, and the Permission Levels of distributing distinct device inside for different personnel.
Beneficial effect of the present invention is:
1. the equipment supplier according to a preconcerted arrangement can be flexibly distributes different user rights to disparate modules, parameter, command set or the WEB page, and different, Equipment Control ability flexibly is provided;
2. operator can carry out rights management to distinct device easily, and operator can make a cover standard or make the pairing operation of each Permission Levels jointly approximately with the equipment supplier;
3. the interpolation of attendant's authority is simple, and newly added equipment does not need to change the authority configuration on the network management system.
4. the method for the invention is amplified to user side, can realize single-sign-on, and the user of different rights has different application, different user experiences.In professional and parameter, rights field is set, can realizes flexible control, help the integrated service operation business.
Description of drawings
Fig. 1 is the Organization Chart of existing network management system.
Fig. 2 is the device command sets schematic diagram.
Fig. 3 is the Organization Chart of a kind of system of application the method for the invention.
Fig. 4 is the Organization Chart of the another kind of system of application the method for the invention.
Embodiment
Further specify exemplary embodiments of the present invention below in conjunction with accompanying drawing.
Usually, the equipment of being managed by network management system can have one or more modules, in the module one or more parameters can be arranged.In addition, in the XML file, can be a command set with the sets definition of some parameter and module, and command set define corresponding access limit for this reason.
In described many equipment users right management method, can store description list in each equipment of network management system management, and be provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list by module, parameter, command set or the WEB page of XML file description.
After described each device power, separately XML file is reported network management system, after described network management system receives, store the XML file of each equipment, so that network management system reads and disposes parameter.Described network management system is carried out automatic distinguishing according to the description list of receiving to the Permission Levels of the module in the equipment, parameter, command set or the WEB page, only can carry out with authority and operates accordingly so that have the attendant of different rights grade.
Permission Levels can adopt numeral or other character representation mode.For example
For example, can divide the access limit of each equipment inner module by the Permission Levels field, the XML file format can be as follows:
<?xml?version="1.0"encoding="GB2312"?>
<equipment 〉
<device name〉...</device name 〉
<module 〉
<module reads authority〉Permission Levels</module reads authority 〉
<module writes authority〉Permission Levels</module writes authority 〉
<module title〉...</the module title 〉
<parameter 〉
<parameter name〉...</parameter name 〉
<parameter type〉...</parameter type 〉
<parameter value〉...</parameter value 〉
</parameter 〉
</module 〉
<module 〉
<module reads authority〉Permission Levels</module reads authority 〉
<module writes authority〉Permission Levels</module writes authority 〉
<module title〉...</the module title 〉
<parameter 〉
<parameter name〉...</parameter name 〉
<parameter type〉...</parameter type 〉
<parameter value〉...</parameter value 〉
</parameter 〉
</module 〉
</equipment 〉
For example, can divide the access limit of the parameter in each equipment by the Permission Levels field, the XML file format can be as follows:
<?xml?version="1.0"encoding="GB2312"?>
<equipment 〉
<device name〉...</device name 〉
<module 〉
<module title〉...</the module title 〉
<parameter 〉
<parameter name〉...</parameter name 〉
<parameter type〉...</parameter type 〉
<parameter value〉...</parameter value 〉
<parameter reads authority〉Permission Levels</parameter reads authority 〉
<parameter writes authority〉Permission Levels</parameter writes authority 〉
</parameter 〉
</module 〉
<module 〉
<module title〉...</the module title 〉
<parameter 〉
<parameter name〉...</parameter name 〉
<parameter type〉...</parameter type 〉
<parameter value〉...</parameter value 〉
<parameter reads authority〉Permission Levels</parameter reads authority 〉
<parameter writes authority〉Permission Levels</parameter writes authority 〉
</parameter 〉
</module 〉
</equipment 〉
For example, can divide the access limit of command set in each equipment by the Permission Levels field, the XML file format can be as follows:
<?xml?version="1.0"encoding="GB2312"?>
<equipment 〉
<device name〉...</device name 〉
<command set 〉
<command set title〉...</the command set title 〉
<command set reads authority〉Permission Levels</command set reads authority 〉
<command set writes authority〉Permission Levels</command set writes authority 〉
<module 〉
<module title〉...</the module title 〉
<parameter 〉
<parameter name〉...</parameter name 〉
<parameter type〉...</parameter type 〉
<parameter value〉...</parameter value 〉
</parameter 〉
</module 〉
</command set 〉
</equipment 〉
For example, can divide the access limit of the WEB page in each equipment by the Permission Levels field, the XML file format can be as follows:
<?xml?version="1.0"encoding="GB2312"?>
<equipment 〉
<device name〉...</device name 〉
<WEB the page 〉
<WEB page URL〉...</WEB page URL 〉
<WEB the page reads authority〉Permission Levels</the WEB page reads authority 〉
<WEB the page writes authority〉Permission Levels</the WEB page writes authority 〉
</WEB the page 〉
</equipment 〉
In the description list of described module, parameter, command set or the WEB page by the XML file description, if certain module, parameter, command set or the WEB page do not have rights field, then described module, parameter, command set or the WEB page are inherited the Permission Levels of upper level, if no upper level is then handled by default Permission Levels.Described default Permission Levels can specify and revise as required.Described default Permission Levels are for allowing all attendant's module for reading and writing, parameter, command set or the WEB page.
The attendant is when information such as enquiry module, parameter, command set or the WEB page, network management system can be according to attendant's Permission Levels, and the information of module, parameter, command set or WEB page generation corresponding user interfaces, the power user only needs dispose corresponding Permission Levels for each attendant on network management system.
For example, if certain attendant's Permission Levels more than or equal to the Permission Levels that read of certain module, parameter in certain equipment, then network management system shows corresponding contents on the interface, allows this attendant that these modules and parameter are read; If certain attendant's Permission Levels is less than the Permission Levels that read of certain module, parameter in certain equipment, then network management system shows and goes beyond one's commission prompting or do not show corresponding contents on the interface, does not allow this attendant that these modules and parameter are read.The write permission grade of module and parameter also similarly, when attendant's Permission Levels less than the certain module of equipment, parameter write Permission Levels the time, then this attendant can not be to the operation of making amendment of these modules and parameter.
For command set, if the not definition of parameter in the command set and Permission Levels, then parameter and module are inherited the access limit of this command set.When attendant's Permission Levels during less than the Permission Levels of command set, the attendant can not carry out these command sets; When attendant's Permission Levels during more than or equal to the Permission Levels of command set, the attendant can carry out these command sets.
In addition, a plurality of WEB maintain pages are arranged generally in the equipment, can be at the different access limit of each page setup, the authority definition of the definition of page authority and above-mentioned module, parameter is similar.When attendant's authority access limit, show when then visiting this page and go beyond one's commission prompting or do not show this page less than certain WEB page; When attendant's authority access limit, then allow this attendant to visit this page more than or equal to certain WEB page.
By method of the present invention, different equipment manufacturers can carry out grade control by own parameter, module, command set or the WEB page to equipment, for different parameters, module, command set or the WEB page are specified different access limits, and on the network management system of operator, can make things convenient for, efficiently different attendants be carried out rights management, only need carry out simple authority configuration, different attendants just can visit the corresponding command collection, module, parameter or the page of distinct device according to Permission Levels, realizes unified efficiently rights management.
Hereinafter implementation method of the present invention is described, but this embodiment is not used for limiting the present invention with a typical embodiment.
Be the XML description document of an Ethernet switch below:
<?xml?version="1.0"encoding="GB2312"?>
<equipment 〉
<device name〉Ethernet switch</device name 〉
<module 〉
<module reads authority〉2</module reads authority 〉
<module writes authority〉3</module writes authority 〉
<module title〉wan interface</the module title 〉
<parameter 〉
<parameter name〉interface rate</parameter name 〉
<parameter type〉int</parameter type 〉
<parameter value〉100</parameter value 〉
</parameter 〉
</module 〉
<module 〉
<module reads authority〉1</module reads authority 〉
<module writes authority〉2</module writes authority 〉
<module title〉LAN interface</the module title 〉
<parameter 〉
<parameter name〉interface rate</parameter name 〉
<parameter type〉iht</parameter type 〉
<parameter value〉10</parameter value 〉
</parameter 〉
</module 〉
</equipment 〉
From the description document analysis, Ethernet switch has two modules: wan interface and LAN interface, each module have 1 parameter: interface rate.Parameter type is an integer type, and parameter value is respectively 100 and 10.Two modules have the different authorities that read and write.
Be the XML description document of a DVD equipment below:
<?xml?version="1.0"encoding="GB2312"?>
<equipment 〉
<device name〉DVD player</device name 〉
<module 〉
<module title〉playing module</the module title 〉
<parameter 〉
<parameter name〉the broadcast chapters and sections</parameter name 〉
<parameter type〉int</parameter type 〉
<parameter value〉2</parameter value 〉
<parameter reads authority〉1</parameter reads authority 〉
<parameter writes authority〉2</parameter writes authority 〉
</parameter 〉
<parameter 〉
<parameter name〉broadcasting speed</parameter name 〉
<parameter type〉int</parameter type 〉
<parameter value〉100</parameter value 〉
</parameter 〉
</module 〉
</equipment 〉
From the description document analysis, DVD player has 1 module, and this module has two parameters, and first parameter has corresponding access limit, and second parameter is to use the authority of acquiescence.Here the assumed by default authority is that all attendants can both read and write.
Network management system is carried out unified rights management to these two equipment: it is 1 (the lowest class) that super keeper gives attendant's 1 specified right grade, for attendant's 2 specified right grades are 2, for attendant's 3 specified right grades are 3.Then make 3 different attendants have different modules and parameter control ability based on device interior.
Attendant 1 authority is as follows:
Ethernet switch LAN mouth read authority;
The broadcasting speed that the broadcast chapters and sections of DVD player read authority, DVD player reads and is provided with authority.
Attendant 2 authority is as follows:
The authority that reads that reads and be provided with authority, WAN mouth of Ethernet switch LAN mouth;
The broadcasting speed that the broadcast chapters and sections of DVD player read and be provided with authority, DVD player reads and is provided with authority.
Attendant 3 authority is as follows:
Ethernet switch LAN mouth read and be provided with authority, the WAN mouth read and be provided with authority;
The broadcasting speed that the broadcast chapters and sections of DVD player read and be provided with authority, DVD player reads and is provided with authority.
The present invention also provides a kind of system for carrying out said process of utilizing, and as shown in Figure 3, described system comprises the equipment of describing based on XML, and the network management system that is used for the said equipment is unified maintenance management.
After the described device power based on the XML description, to report by the description list of module, parameter, command set or the WEB page of XML file description, be provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list; The described Description (description) that reports process to be equivalent in UPnP (UPnP) agreement reports process.Described network management system is carried out automatic distinguishing according to the XML file of receiving from the said equipment to the Permission Levels of the module in the equipment, parameter, command set or the WEB page.Described network management system provides rights management for super keeper, and can be the Permission Levels that different attendants distributes distinct device inside.
The present invention also provides another kind to utilize system for carrying out said process, as shown in Figure 4, described system comprises the equipment based on the conventional management agreement, as equipment based on the snmp management agreement, with adapter, and be used for described equipment based on the conventional management agreement is unified the network management system of maintenance management based on the corresponding setting of equipment of conventional management agreement.
Described adapter is used for the information translation based on each module of equipment, parameter, command set or the WEB page of conventional management agreement is the description list by the XML file description, and the description list after will changing reports network management system, is provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list.Adapter is to be used to carry out the conversion that legacy protocol and XML describe, such as the MIB of the SNMP conversion (existing at present legacy protocol as the mapping method of MIB to XML, just has not been described in detail this here) to XML.Adapter can be integrated in the device interior based on the conventional management agreement, also can be used as a specific installation and exists.The purpose that adapter is set mainly be for the existing equipment compatibility.Certainly, in new system architecture shown in Figure 3, can not have this unit of adapter, armamentarium all is based on the equipment that XML describes.
Described network management system is carried out automatic distinguishing according to the XML file of receiving to the Permission Levels of the module in the equipment, parameter, command set or the WEB page.Described network management system provides rights management for super keeper, and can be the Permission Levels that different attendants distributes distinct device inside.
The present invention also provides a kind of method for managing user right that is primarily aimed at integrated service operator.Many kinds of service application may have been defined at carrier side, as telephone service, video traffic, data service or the like, every kind of business comprises the relevant parameter of many business, can be described with the XML file at carrier side for these business and parameter, promptly, be provided with the rights field of the access rights of professional and professional relevant parameter being divided Permission Levels in the described description list at the description list of carrier side (usually on the service server in operator) storage by the professional and professional relevant parameter of XML file description.Permission Levels can adopt numeral or other character representation mode.
Carrier side is specified corresponding Permission Levels at different customer groups simultaneously, after the user is through the authentication login, service server is found out this user's Permission Levels according to user login information, Permission Levels with professional and professional relevant parameter compare then, if Permission Levels are professional more than or equal to certain and/or the Permission Levels of professional relevant parameter, then have this authority professional and/or professional relevant parameter of visit, as less than, then do not have access rights.
Like this, after the user of the different rights grade login, what see is different homepages, can realize different application and user experience.
Such as, two kinds of business are arranged: video traffic and data service, they are defined as follows
<?xml?version="1.0"encoding="GB2312"?>
<business 〉
<Business Name〉data service</Business Name 〉
<service authority〉2</service authority 〉
<parameter 〉
<parameter name〉speed of surfing the Internet 1</parameter name 〉
<parameter grade〉2</the parameter grade 〉
<parameter type〉int</parameter type 〉
<parameter value〉10Mbps</parameter value 〉
</parameter 〉
<parameter 〉
<parameter name〉speed of surfing the Internet 2</parameter name 〉
<parameter grade〉3</the parameter grade 〉
<parameter type〉int</parameter type 〉
<parameter value〉100Mbps</parameter value 〉
</parameter 〉
</business 〉
<?xml?version="1.0"encoding="GB2312"?>
<business 〉
<Business Name〉video traffic</Business Name 〉
<service authority〉1</service authority 〉
<parameter 〉
<parameter name〉video coding rate 1</parameter name 〉
<parameter grade〉1</the parameter grade 〉
<parameter type〉int</parameter type 〉
<parameter value〉220Kbps</parameter value 〉
</parameter 〉
<parameter 〉
<parameter name〉video coding rate 2</parameter name 〉
<parameter grade〉2</the parameter grade 〉
<parameter type〉int</parameter type 〉
<parameter value〉768Kbps</parameter value 〉
</parameter 〉
</business 〉
For example have three users (first, second, third) to open an account, operator distributes Permission Levels 1,2,3 to them respectively, then:
User's first has the video traffic rights of using of 220Kbps;
User's second has the video traffic rights of using of 768Kbps and the data service rights of using of 10Mbps;
User third has the video traffic rights of using of 768Kbps and the data service rights of using of 100Mbps;
Adopt said method, distribute the process of authority simple to the user, and the adjustment of user right is also simple, such as having increased a kind of new business newly, if according to original method, need to revise each user's authority, and use this method of the present invention, do not need to revise user's authority, only need authority at fixed this kind business of the XML of new business document and relevant parameter.
Above-described embodiment, the present invention embodiment a kind of more preferably just, common variation and replacement that those skilled in the art carries out in the technical solution of the present invention scope all should be included in protection scope of the present invention.
Claims (10)
1. the method for managing user right based on XML is characterized in that, utilizes XML file description facility information or business information, and in the description list that forms the rights field of dividing Permission Levels is set; In addition the user is divided Permission Levels, make user have different equipment or Operational Visit authority with different rights grade.
2, the method for managing user right based on XML according to claim 1, it is characterized in that, described facility information is the information of equipment inner module, parameter, command set or the WEB page, described method is specially: each equipment of network management system management is incited somebody to action separately the module by the XML file description, parameter, command set or the WEB page after powering on description list reports network management system, is provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list; Described network management system is carried out automatic distinguishing according to the description list of receiving to the Permission Levels of the module in the equipment, parameter, command set or the WEB page, only can carry out with authority and operates accordingly so that have the attendant of different rights grade.
3. the method for managing user right based on XML according to claim 2, it is characterized in that: if certain attendant's Permission Levels is more than or equal to the Permission Levels of certain module, parameter, command set or the WEB page in certain equipment, then network management system shows corresponding contents on the interface, allows this attendant's executable operations; If certain attendant's Permission Levels is less than the Permission Levels of certain module, parameter, command set or the WEB page in certain equipment, then network management system shows and goes beyond one's commission prompting or do not show corresponding contents on the interface, does not allow this attendant's executable operations.
4. the method for managing user right based on XML according to claim 2, it is characterized in that: in the description list of described module, parameter, command set or the WEB page, if certain module, parameter, command set or the WEB page do not have rights field, then described module, parameter, command set or the WEB page are inherited the Permission Levels of upper level, if no upper level is then handled by default Permission Levels.
5. the method for managing user right based on XML according to claim 4 is characterized in that: described default Permission Levels are for allowing all attendant's module for reading and writing, parameter, command set or the WEB page.
6. the method for managing user right based on XML according to claim 1, it is characterized in that, described business information is the information of different business and professional relevant parameter, described method is specially: storage is provided with the rights field of the access rights of professional and professional relevant parameter being divided Permission Levels by the description list of the professional and professional relevant parameter of XML file description in the described description list on service server; After the user is through the authentication login, service server is found out this user's Permission Levels according to user login information, Permission Levels with professional and professional relevant parameter compare then, if Permission Levels are professional more than or equal to certain and/or the Permission Levels of professional relevant parameter, then has this authority professional and/or professional relevant parameter of visit, as less than, then do not have access rights.
7. according to the described method for managing user right based on XML of arbitrary claim in the claim 1 to 6, it is characterized in that: Permission Levels are by numeral.
8. a utilization is based on the system of the method for managing user right of XML, and it is characterized in that: described system comprises
Equipment based on the conventional management agreement;
Adapter with the corresponding setting of above-mentioned equipment based on the conventional management agreement, described adapter is used for the information translation based on each module of equipment, parameter, command set or the WEB page of conventional management agreement is the description list by the XML file description, and the description list after will changing reports network management system, is provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list;
Be used for described equipment based on the conventional management agreement is unified the network management system of maintenance management, described network management system is carried out automatic distinguishing according to the description list of receiving to the Permission Levels of the module in the equipment, parameter, command set or the WEB page, and the Permission Levels of distributing distinct device inside for different personnel.
9. system according to claim 8 is characterized in that: described adapter is integrated in described device interior based on the conventional management agreement.
10. a utilization is based on the system of the method for managing user right of XML, and it is characterized in that: described system comprises
Equipment based on the XML description, after the described device power, to report by the description list of module, parameter, command set or the WEB page of XML file description, be provided with the rights field of the access limit of equipment inner module, parameter, command set or the WEB page being divided Permission Levels in the described description list;
Be used for the said equipment is unified the network management system of maintenance management, described network management system is carried out automatic distinguishing according to the XML file of receiving from the said equipment to the Permission Levels of the module in the equipment, parameter, command set or the WEB page, and the Permission Levels of distributing distinct device inside for different personnel.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100788250A CN100544278C (en) | 2006-05-10 | 2006-05-10 | A kind of method for managing user right and system based on XML |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100788250A CN100544278C (en) | 2006-05-10 | 2006-05-10 | A kind of method for managing user right and system based on XML |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101051937A true CN101051937A (en) | 2007-10-10 |
| CN100544278C CN100544278C (en) | 2009-09-23 |
Family
ID=38783147
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100788250A Expired - Fee Related CN100544278C (en) | 2006-05-10 | 2006-05-10 | A kind of method for managing user right and system based on XML |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100544278C (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009152736A1 (en) * | 2008-06-16 | 2009-12-23 | 华为技术有限公司 | Method and apparatus for creating and deploying service |
| CN101853358A (en) * | 2010-05-11 | 2010-10-06 | 南京赛孚科技有限公司 | Method for implementing file object authority management |
| WO2011032501A1 (en) * | 2009-09-16 | 2011-03-24 | 华为终端有限公司 | Method, device and system for forwarding document content in extensible markup language document management |
| CN101388797B (en) * | 2008-11-05 | 2011-05-11 | 杭州华三通信技术有限公司 | Method for realizing authority control in network management and network management system |
| CN102055763A (en) * | 2010-12-14 | 2011-05-11 | 山东中创软件工程股份有限公司 | Rights management method and system |
| CN102307114A (en) * | 2011-09-21 | 2012-01-04 | 北京神州绿盟信息安全科技股份有限公司 | Management method of network |
| CN102647296A (en) * | 2012-04-05 | 2012-08-22 | 重庆先迈通信技术有限公司 | Business registering method based on authorization setting |
| CN103428023A (en) * | 2012-05-25 | 2013-12-04 | 中兴通讯股份有限公司 | Operation configuration method and device |
| CN104517062A (en) * | 2013-09-26 | 2015-04-15 | 中兴通讯股份有限公司 | Method and device for sub authority document management based on document object model |
| CN104580063A (en) * | 2013-10-10 | 2015-04-29 | 中兴通讯股份有限公司 | A network management security authentication method and device, and network management security authentication system |
| CN104796432A (en) * | 2015-05-07 | 2015-07-22 | 浪潮电子信息产业股份有限公司 | Data protection method and safety bastion host |
| CN106341393A (en) * | 2016-08-18 | 2017-01-18 | 广州市迪士普音响科技有限公司 | Method and system for making modules of wisdom platform compatible |
| CN106453290A (en) * | 2016-09-29 | 2017-02-22 | 广州鹤互联网科技有限公司 | Signature initiating user management method and device |
| CN103971036B (en) * | 2013-01-28 | 2017-03-01 | 深圳学无国界教育科技有限公司 | Page column authority control system and method |
| CN107784224A (en) * | 2017-11-23 | 2018-03-09 | 北京奇虎科技有限公司 | Authority adaptation method, device and electronic equipment |
| CN108259214A (en) * | 2017-08-31 | 2018-07-06 | 新华三技术有限公司 | A kind of configuration order management method, device and machine readable storage medium |
| CN108696480A (en) * | 2017-04-07 | 2018-10-23 | 沈机(上海)智能系统研发设计有限公司 | Industrial service right management method, device and machine tool |
| CN108768239A (en) * | 2018-05-11 | 2018-11-06 | 航天新长征电动汽车技术有限公司 | A kind of configuration method of electric machine controller parameter |
| CN109934008A (en) * | 2018-10-12 | 2019-06-25 | 王龙 | A kind of multitask document file management system based on Permission Levels |
| CN112714140A (en) * | 2019-10-24 | 2021-04-27 | 海信电子科技(武汉)有限公司 | Data transmission method, device and system |
| CN113343302A (en) * | 2021-06-22 | 2021-09-03 | 深圳壹账通智能科技有限公司 | Project file management method and device, electronic equipment and storage medium |
| CN113821782A (en) * | 2021-11-19 | 2021-12-21 | 深圳市明源云科技有限公司 | Data authority control method and device and computer readable storage medium |
-
2006
- 2006-05-10 CN CNB2006100788250A patent/CN100544278C/en not_active Expired - Fee Related
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009152736A1 (en) * | 2008-06-16 | 2009-12-23 | 华为技术有限公司 | Method and apparatus for creating and deploying service |
| CN101388797B (en) * | 2008-11-05 | 2011-05-11 | 杭州华三通信技术有限公司 | Method for realizing authority control in network management and network management system |
| WO2011032501A1 (en) * | 2009-09-16 | 2011-03-24 | 华为终端有限公司 | Method, device and system for forwarding document content in extensible markup language document management |
| US9690951B2 (en) | 2009-09-16 | 2017-06-27 | Huawei Device Co., Ltd. | Method, device and system for forwarding document content in extensible markup language document management |
| US8880643B2 (en) | 2009-09-16 | 2014-11-04 | Huawei Device Co., Ltd. | Method, device and system for forwarding document content in extensible markup language document management |
| CN101853358A (en) * | 2010-05-11 | 2010-10-06 | 南京赛孚科技有限公司 | Method for implementing file object authority management |
| CN102055763A (en) * | 2010-12-14 | 2011-05-11 | 山东中创软件工程股份有限公司 | Rights management method and system |
| CN102055763B (en) * | 2010-12-14 | 2013-04-03 | 山东中创软件工程股份有限公司 | Rights management method and system |
| CN102307114A (en) * | 2011-09-21 | 2012-01-04 | 北京神州绿盟信息安全科技股份有限公司 | Management method of network |
| CN102647296A (en) * | 2012-04-05 | 2012-08-22 | 重庆先迈通信技术有限公司 | Business registering method based on authorization setting |
| CN102647296B (en) * | 2012-04-05 | 2014-05-14 | 重庆先迈通信技术有限公司 | Business registering method based on authorization setting |
| CN103428023A (en) * | 2012-05-25 | 2013-12-04 | 中兴通讯股份有限公司 | Operation configuration method and device |
| CN103971036B (en) * | 2013-01-28 | 2017-03-01 | 深圳学无国界教育科技有限公司 | Page column authority control system and method |
| CN104517062A (en) * | 2013-09-26 | 2015-04-15 | 中兴通讯股份有限公司 | Method and device for sub authority document management based on document object model |
| CN104580063A (en) * | 2013-10-10 | 2015-04-29 | 中兴通讯股份有限公司 | A network management security authentication method and device, and network management security authentication system |
| CN104796432A (en) * | 2015-05-07 | 2015-07-22 | 浪潮电子信息产业股份有限公司 | Data protection method and safety bastion host |
| CN106341393A (en) * | 2016-08-18 | 2017-01-18 | 广州市迪士普音响科技有限公司 | Method and system for making modules of wisdom platform compatible |
| CN106453290A (en) * | 2016-09-29 | 2017-02-22 | 广州鹤互联网科技有限公司 | Signature initiating user management method and device |
| CN108696480A (en) * | 2017-04-07 | 2018-10-23 | 沈机(上海)智能系统研发设计有限公司 | Industrial service right management method, device and machine tool |
| CN108259214A (en) * | 2017-08-31 | 2018-07-06 | 新华三技术有限公司 | A kind of configuration order management method, device and machine readable storage medium |
| CN108259214B (en) * | 2017-08-31 | 2021-03-23 | 新华三技术有限公司 | Configuration command management method, device and machine-readable storage medium |
| CN107784224B (en) * | 2017-11-23 | 2021-02-05 | 北京奇虎科技有限公司 | Permission adaptation method and device and electronic equipment |
| CN107784224A (en) * | 2017-11-23 | 2018-03-09 | 北京奇虎科技有限公司 | Authority adaptation method, device and electronic equipment |
| CN108768239A (en) * | 2018-05-11 | 2018-11-06 | 航天新长征电动汽车技术有限公司 | A kind of configuration method of electric machine controller parameter |
| CN109934008B (en) * | 2018-10-12 | 2021-01-15 | 深圳市中欧瑞安科技有限公司 | Multi-task document management system based on permission level |
| CN109934008A (en) * | 2018-10-12 | 2019-06-25 | 王龙 | A kind of multitask document file management system based on Permission Levels |
| CN112714140A (en) * | 2019-10-24 | 2021-04-27 | 海信电子科技(武汉)有限公司 | Data transmission method, device and system |
| CN113343302A (en) * | 2021-06-22 | 2021-09-03 | 深圳壹账通智能科技有限公司 | Project file management method and device, electronic equipment and storage medium |
| WO2022267178A1 (en) * | 2021-06-22 | 2022-12-29 | 深圳壹账通智能科技有限公司 | Project file management method and apparatus, electronic device, and storage medium |
| CN113821782A (en) * | 2021-11-19 | 2021-12-21 | 深圳市明源云科技有限公司 | Data authority control method and device and computer readable storage medium |
| CN113821782B (en) * | 2021-11-19 | 2022-02-25 | 深圳市明源云科技有限公司 | Data authority control method and device and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100544278C (en) | 2009-09-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101051937A (en) | User's power managing method and system based on XML | |
| CN1278557C (en) | Information delivery system, method, information processing apparatus, and method | |
| CN1143208C (en) | Apparatus and method for conversion of messages | |
| CN100336018C (en) | Portable terminal, method, program, and storage medium for managing application start | |
| CN101061688A (en) | Network management apparatus and method based on simple network management protocol | |
| CN1533535A (en) | Information processing device and method, content distribution device and method and computer program | |
| CN1946235A (en) | User identifying module service and method and system for using personalized tailered issuing | |
| CN1407454A (en) | Method and system for synchronizing multi-shifting device | |
| CN1820473A (en) | Method, terminal device and server for transmission operation message in fixed and/or mobile network | |
| CN1892639A (en) | Theme change system, portable communication device,server apparatus and computer program | |
| CN1859332A (en) | System, device and method for synchronously processing e-mail using data | |
| CN101060427A (en) | A system and method for realizing the remote software updating | |
| CN1615480A (en) | Translating configuration files among network devices | |
| CN1742480A (en) | Information processing device, information processing method, and computer program | |
| CN1637710A (en) | Method and system for scheduling invocation of web service in data processing basic structure | |
| CN1787459A (en) | Method and system for transmitting order to lower levels | |
| CN101056208A (en) | Service tracking method, network device, O&M controller, and service request device | |
| CN1768373A (en) | Information processing device, information processing method, and computer program | |
| CN1497898A (en) | Resource management system | |
| CN1745369A (en) | Information processing device, information processing method, and computer program | |
| CN101046812A (en) | Method of data base table recording structure and detection and its device | |
| CN1770708A (en) | Information processing system and method, electronic appliance, and information processing method | |
| CN1820514A (en) | System architecture method and computer program product for managing telecommunication networks | |
| CN101069359A (en) | Method of changing idle screen template type of mobile communication terminal, computer readable recording medium in which program for executing the same is recorded and mobile communication terminal | |
| CN101080077A (en) | Maintenance method of device management tree and terminal device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090923 Termination date: 20160510 |