CN103455889A - Computer user identity access control system in power industry - Google Patents
Computer user identity access control system in power industry Download PDFInfo
- Publication number
- CN103455889A CN103455889A CN2013104132630A CN201310413263A CN103455889A CN 103455889 A CN103455889 A CN 103455889A CN 2013104132630 A CN2013104132630 A CN 2013104132630A CN 201310413263 A CN201310413263 A CN 201310413263A CN 103455889 A CN103455889 A CN 103455889A
- Authority
- CN
- China
- Prior art keywords
- user
- module
- data
- management
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
电力行业计算机用户身份准入控制系统,包括数据库服务器、Web服务器/应用服务器和多个用户终端,它们之间通过网络连接。本发明的有益效果是:1、通过电子化流程管理,有效地减轻了一线工作人员的工作量,规范了运行维护工作,降低了管理难度。2、基层单位可通过系统实现申请状态流程进度查看,全面掌握用户目前审批进度状态。3、通过精细化管理,提高了用户准入申请的效率,提高了DHCP和IP地址的全局管理效率,方便及时地进行DHCP和IP地址的扩充、调整与回收。4、强大的辅助DHCP功能处理,有效地协助管理员进行IP地址管理分配,极大的减轻了网络管理员的工作量。5、全面细致的系统操作日志审计,确保数据安全可靠。
The computer user identity admission control system in the electric power industry includes a database server, a Web server/application server and multiple user terminals, which are connected through a network. The beneficial effects of the present invention are as follows: 1. Through the electronic process management, the workload of the front-line staff is effectively reduced, the operation and maintenance work is standardized, and the difficulty of management is reduced. 2. Grass-roots units can check the progress of the application status process through the system, and fully grasp the current approval progress status of users. 3. Through refined management, the efficiency of user access application is improved, the overall management efficiency of DHCP and IP addresses is improved, and the expansion, adjustment and recovery of DHCP and IP addresses are convenient and timely. 4. Powerful auxiliary DHCP function processing, effectively assisting administrators in IP address management and allocation, greatly reducing the workload of network administrators. 5. Comprehensive and detailed system operation log audit to ensure data safety and reliability.
Description
[technical field] the present invention relates to a kind of power industry computer user identity access control system.
[background technology] electric system adopts informatization and operation, and routine office work and the operation maintenance work in each work position is managed.Increasing along with computer terminal quantity, safety management for computer equipment, and the management of the management of user profile and Unit account of plant there are the following problems: 1, man-machine correspondence is inaccurate, whether truly can't examine whether corresponding, corresponding with the computing machine information of user; 2, network and manage the employing manual control, work efficiency is not high, can not carry out electronic user-network access, change, cancellation etc. and examine flow process, and the workload of computing machine daily servicing is large; 3, IP address assignment difficult management, every maintenance work difficulty of terminal device IP address and DHCP action scope improves, and has the inconsistent phenomenon of IP address and MAC Address in the part producing system, causes user profile inaccurate.
[summary of the invention] the present invention is directed to the problems referred to above, and a kind of power industry computer user is provided the identity access control system.
This power industry computer user identity access control system, is characterized in that, comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in described database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in described Web server/application server; Described user's access administration module is accepted and is examined user's network admittance, change or cancellation application, and the user information data data of formation are imported the basic data administration module into; The DHCP service management module completes distribution and the management to user's IP address, and the user information data data of formation are imported the basic data administration module into; The account data that in the basic data administration module, recording user computer information and user information data form, the account data are carried out the computerized information safety management by access data scrubbing module; The quick consumer positioning access device of data statistic analysis module and port; The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note; The daily record of each operating process in Operation Log audit module records network admittance flow process; The log-on message of computer statistics analysis module supervisory computer and antivirus software mount message.
The basic data administration module can be realized organizational structure, subscriber data, computing machine, network equipment ledger management, and guarantees that the user is correctly corresponding with computing machine.
Operation Log audit module is inquired by classification the log information of all kinds of operation notes of native system; All kinds of operation informations that convenient understanding native system occurs; Operation Log comprises that DHCP deletion daily record, modification daily record, increase daily record, computer are deleted daily record, the user logins daily record; Daily record data can be exported as to the Excel file.
User's access administration module system is realized electronic approval process of user's access, change, cancellation; The network manager can realize that access, change, cancellation examine very easily by system, and grass-roots unit can realize that application status flow process progress checks by system, grasps the user comprehensively and examines at present progress status.
The DHCP service management module can complete DHCP action scope management, and the additions and deletions that the action scope management mainly comprises action scope change looks into and lease situation processing capacity; Divide according to the business of system ip address and constituent parts or function, constituent parts is arranged to different DHCP action scopes, according to business demand, user terminal demand and develop into each action scope distributing IP address or IP address field; IP address is wherein arranged to the IP specific properties, as retained IP address and dynamic IP address allocation simultaneously; The relevant secondary attribute that arranges for IP address in action scope.
Access data scrubbing module can realize the in violation of rules and regulations management of computing machine, system by with DHCP, IMS interface, the network manager can be at any time to user isolation, networking, thereby realizes the user network access, the improving information safety level.
The data statistic analysis module can effectively improve keeper's work efficiency, system by with network device interface, realize IP, MAC Address collection, fast consumer positioning access device and port; Can also allow the keeper know at short notice the global ip address service condition, effectively promote IP address resource utilization factor.
The SMS platform administration module can be notified user and keeper with the note form in time by the situation of accepting of access, improves Information Service Quality.
The computer statistics analysis module can make the keeper understand in time registration scenarios and the antivirus software installation situation of computing machine, and the arrangement personnel process in time.
The invention has the beneficial effects as follows: 1, by electronic workflow management, effectively alleviated front man's workload, standard operation maintenance work, improved work efficiency, reduced management difficulty.2, grass-roots unit can realize that application status flow process progress checks by system, grasps the user comprehensively and examines at present progress status.3, by fine-grained management, improved the efficiency of user's access application, improved global administration's efficiency of DHCP and IP address, easily and timely carry out expansion, the adjustment of DHCP and IP address and reclaim.4, powerful auxiliary DHCP function treatment, the person of assisting management is carried out the IP address management distribution effectively, has alleviated greatly network manager's workload.5, comprehensive careful System Operation Log audit, guarantee that data security is reliable.6, the user applies for networking, approval networks, nullify IP address and violation computer user, and the SMS notice all can be arranged, and has promoted Information Service Quality.
[accompanying drawing explanation]
Fig. 1 is structural representation of the present invention
Fig. 2 is FB(flow block) of the present invention
[embodiment] is described below enforcement of the present invention below in conjunction with accompanying drawing:
In Fig. 1 and Fig. 2, power industry computer user's identity access control system comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in Web server/application server.
The user that need to enter Intranet proposes network admittance, change or nullifies application by user's access administration module, and the keeper is accepted and examines user's network admittance, change or cancellation application by user's access administration module.The keeper completes distribution and the management to user's IP address by the DHCP service management module simultaneously.The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note.The daily record of each operating process in Operation Log audit module records network admittance flow process.After user's network admittance, change or cancellation have been applied for, user computer data and user information data will form account and be recorded in the basic data administration module.The keeper can carry out the computerized information safety management to the account data in the basic data administration module by access data scrubbing module; By the data statistic analysis module, consumer positioning access device and port, know the global ip address service condition in the short time fast.The keeper can understand registration scenarios and the antivirus software installation situation of computing machine by the computer statistics analysis module, arrangement personnel process in time.
Claims (1)
1. power industry computer user identity access control system, is characterized in that, comprises database server, Web server/application server and a plurality of user terminal, between them, by network, connects; Basic data administration module and Operation Log audit module are installed in described database server; User's access administration module, DHCP service management module, access data scrubbing module, data statistic analysis module, SMS platform administration module and computer statistics analysis module are installed in described Web server/application server; Described user's access administration module is accepted and is examined user's network admittance, change or cancellation application, and the user information data data of formation are imported the basic data administration module into; The DHCP service management module completes distribution and the management to user's IP address, and the user information data data of formation are imported the basic data administration module into; The account data that in the basic data administration module, recording user computer information and user information data form, the account data are carried out the computerized information safety management by access data scrubbing module; The quick consumer positioning access device of data statistic analysis module and port; The SMS platform administration module is respectively to user, keeper's transmission work prompting and job schedule note; The daily record of each operating process in Operation Log audit module records network admittance flow process; The log-on message of computer statistics analysis module supervisory computer and antivirus software mount message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013104132630A CN103455889A (en) | 2013-09-12 | 2013-09-12 | Computer user identity access control system in power industry |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013104132630A CN103455889A (en) | 2013-09-12 | 2013-09-12 | Computer user identity access control system in power industry |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103455889A true CN103455889A (en) | 2013-12-18 |
Family
ID=49738227
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013104132630A Pending CN103455889A (en) | 2013-09-12 | 2013-09-12 | Computer user identity access control system in power industry |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103455889A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104184616A (en) * | 2014-08-08 | 2014-12-03 | 国家电网公司 | Intelligent management system for local area network resources |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1929483A (en) * | 2006-09-19 | 2007-03-14 | 清华大学 | Admittance control method for IPv6 switch-in network true source address access |
| CN101068183A (en) * | 2007-06-28 | 2007-11-07 | 杭州华三通信技术有限公司 | Network access control method and network access control system |
| US8190755B1 (en) * | 2006-12-27 | 2012-05-29 | Symantec Corporation | Method and apparatus for host authentication in a network implementing network access control |
-
2013
- 2013-09-12 CN CN2013104132630A patent/CN103455889A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1929483A (en) * | 2006-09-19 | 2007-03-14 | 清华大学 | Admittance control method for IPv6 switch-in network true source address access |
| US8190755B1 (en) * | 2006-12-27 | 2012-05-29 | Symantec Corporation | Method and apparatus for host authentication in a network implementing network access control |
| CN101068183A (en) * | 2007-06-28 | 2007-11-07 | 杭州华三通信技术有限公司 | Network access control method and network access control system |
Non-Patent Citations (3)
| Title |
|---|
| 王颖: "网络准入控制系统的研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》, 15 March 2012 (2012-03-15) * |
| 钱扬: "企业网网络准入控制及终端安全防护研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》, 15 May 2013 (2013-05-15) * |
| 陈沛金: "准入控制系统在电力行业的深入设计与应用", 《现代计算机(专业版)》, no. 30, 25 October 2012 (2012-10-25) * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104184616A (en) * | 2014-08-08 | 2014-12-03 | 国家电网公司 | Intelligent management system for local area network resources |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103400246B (en) | A kind of nuclear power plant's risk monitoring system based on cloud framework and monitoring method | |
| CN104601723B (en) | Power Marketing Management System SOA framework based on internal services bus | |
| CN104135461A (en) | Firewall policy processing method and device | |
| CN108769289A (en) | A Visual Management System of Network Address Resources | |
| CN104902032A (en) | Multifunctional enterprise smart cloud platform | |
| CN115695165B (en) | Firewall automatic operation and maintenance method, system, electronic equipment and storage medium | |
| CN101447064B (en) | Auditing management system and auditing management method | |
| CN105376077A (en) | Network behavior information processing method, log transmitting method, network behavior information processing device and system | |
| CN106506513A (en) | Firewall policy data analysis device and method based on network traffic | |
| CN104680303A (en) | Construction method for SNMP (simple network management protocol)-based business index monitoring system | |
| CN110321381A (en) | Power information equipment management system | |
| CN112787853B (en) | Automatic generation method and device of network change scheme and related equipment | |
| CN111783053A (en) | An interactive unified big data programming computing platform | |
| CN105335669A (en) | Permission configuration method and system used for photovoltaic monitoring system | |
| CN104113866B (en) | The processing method and processing device of wireless controller daily record | |
| CN115330204A (en) | Digital resource management system | |
| CN102184325A (en) | Real-time dynamic electric energy and line loss analysis system based on uniform information model | |
| CN103455889A (en) | Computer user identity access control system in power industry | |
| CN207882957U (en) | A kind of safe big data intelligent analysis system | |
| CN116228195A (en) | Data processing method, device, equipment and storage medium applicable to work orders | |
| CN202904322U (en) | Network type operation ticket system | |
| CN105139324B (en) | A kind of design method for e _-Government Service | |
| CN105354679A (en) | Trinity attendance management method based on fixed point, area and roaming | |
| CN110751238A (en) | A charging station operation management integrated system | |
| CN116015798A (en) | A virtual cloud platform management system based on hybrid cloud sharing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20131218 |