[go: up one dir, main page]

CN112651011B - Login verification method, device and equipment for operation and maintenance system and computer storage medium - Google Patents

Login verification method, device and equipment for operation and maintenance system and computer storage medium Download PDF

Info

Publication number
CN112651011B
CN112651011B CN202011554002.7A CN202011554002A CN112651011B CN 112651011 B CN112651011 B CN 112651011B CN 202011554002 A CN202011554002 A CN 202011554002A CN 112651011 B CN112651011 B CN 112651011B
Authority
CN
China
Prior art keywords
account
verified
user
verification
maintenance
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011554002.7A
Other languages
Chinese (zh)
Other versions
CN112651011A (en
Inventor
宋鹏飞
刘延鹏
高原
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Zhuyun Technology Co ltd
Original Assignee
Shenzhen Bamboocloud Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Bamboocloud Technology Co ltd filed Critical Shenzhen Bamboocloud Technology Co ltd
Priority to CN202011554002.7A priority Critical patent/CN112651011B/en
Publication of CN112651011A publication Critical patent/CN112651011A/en
Application granted granted Critical
Publication of CN112651011B publication Critical patent/CN112651011B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention relates to the technical field of computer operation and maintenance, and discloses a single sign-on method, a single sign-on device, a single sign-on equipment and a computer readable medium, wherein the method comprises the following steps: receiving a user login request sent by a user to be verified through an SSH client, wherein the user login request comprises a user name to be verified, verification mode information and authorization information to be verified corresponding to the verification mode information; verifying the authorization information to be verified according to the verification mode information and the user name to be verified; when the verification passes, determining the access authority level corresponding to the verification mode information; acquiring a list of associated accounts of a user to be verified, determining that an accessible account list corresponding to the user to be verified is displayed through an SSH client according to the access authority level and the associated account list, acquiring account selection information sent by the SSH client, and determining a target account to be logged in corresponding to a target server to be operated and maintained and logging in. Through the mode, the embodiment of the invention improves the efficiency and the safety of account verification in operation and maintenance.

Description

Login verification method, device and equipment for operation and maintenance system and computer storage medium
Technical Field
The embodiment of the invention relates to the technical field of computer operation and maintenance, in particular to a login verification method, device and equipment of an operation and maintenance system and a computer storage medium.
Background
With the continuous improvement of enterprise informatization construction, enterprises need to construct a large number of application systems with different functions, and therefore operation and maintenance management needs to be performed on each application system. And the operation and maintenance operation is carried out based on the operation and maintenance account number in each application system on the SSH protocol login server, which is a main means for daily operation and maintenance of enterprises.
However, with the increasing number of servers and systems, the operation and maintenance account passwords used by different systems are different, and in the prior art, the operation and maintenance account passwords in the system requiring operation and maintenance on each server can only be recorded in a manual document writing manner, but in this way, user login information of multiple sets of application systems on each server needs to be maintained, so that the workload of operation and maintenance personnel is increased, and the efficiency of operation and maintenance management is reduced.
Disclosure of Invention
In view of the above problems, embodiments of the present invention provide an operation and maintenance system login verification method, apparatus, device and computer storage medium, which are used to solve the problems of low login security and tedious login process of an operation and maintenance system in the prior art, and improve operation and maintenance login efficiency and security.
According to an aspect of an embodiment of the present invention, there is provided an operation and maintenance system login verification method, including:
in an optional manner, the method is applied to an SSH server, where the SSH server establishes a connection with an SSH client according to an SSH protocol, and the SSH server establishes a connection with one or more servers to be operated and maintained, and the method includes:
receiving a user login request sent by a user to be verified through the SSH client, wherein the user login request comprises a user name to be verified, verification mode information and authorization information to be verified corresponding to the verification mode information;
verifying the authorization information to be verified according to the verification mode information and the user name to be verified;
when the authorization information to be verified passes verification, determining the access authority level corresponding to the verification mode information;
acquiring a list of associated accounts of the user to be verified, and determining an accessible account list corresponding to the user to be verified according to the access permission level and the list of associated accounts, wherein the list of associated accounts comprises one or more accounts to be operated and maintained corresponding to one or more servers to be operated and maintained;
displaying the accessible account list through the SSH client, acquiring account selection information of the accessible account list, which is sent by the SSH client, and determining a target account to be logged in corresponding to a target server to be operated and maintained from the accessible account list according to the account selection information;
logging in the target account to be logged in, so that the user to be authenticated enters the target account to be logged in through the SSH client to perform operation and maintenance operation.
In an optional manner, the method further comprises:
determining a target verification mode according to the verification mode information;
matching the target verification mode with an optional verification mode corresponding to the user name to be verified in a preset operation and maintenance user database;
when the matching is successful, determining legal authorization information corresponding to the user name to be verified in the matched optional verification mode, wherein the operation and maintenance user database comprises a plurality of specific operation and maintenance user names and the legal authorization information corresponding to each operation and maintenance user name in at least one optional verification mode;
and matching the legal authorization information with the authorization information to be verified, and determining that the authorization information to be verified passes the verification under the condition that the authorization information to be verified is matched with the legal authorization information.
In an optional manner, the target verification method includes a combined verification manner composed of at least one sub-verification manner, where the sub-verification manner at least includes LDAP verification, mobile token verification, static password verification, RSA token verification, dynamic link token verification, Radius verification, AD verification, VASCO verification, and SMS short message verification.
In an optional manner, the accessible account list includes one or more accessible accounts respectively corresponding to one or more accessible servers to be maintained, and the method further includes:
acquiring authority level limiting information of each account to be operated and maintained on the user to be verified;
matching the access authority level with authority level limit information corresponding to each account to be operated and maintained;
and taking the matched account to be operated and maintained as the accessible account, and taking the server to be operated and maintained where the accessible account is located as the accessible server.
In an optional manner, the method further comprises:
receiving an account login request sent by the user to be verified through the SSH client;
sending the account login request to the target to-be-operated and maintained server so as to enable the target to-be-operated and maintained server to log out the target to-be-logged-in account;
and after the target account to be logged in logs out, displaying the accessible account list through the SSH client.
In an optional manner, the method further comprises:
determining the access authority level of each sub-authentication mode;
and determining the access authority level of the target authentication mode according to the access authority level of each sub-authentication mode.
In an optional manner, the method further comprises:
acquiring configuration information of a verification mode;
and determining the selectable verification mode corresponding to each operation and maintenance user name in the operation and maintenance user database according to the verification mode configuration information.
According to another aspect of the embodiments of the present invention, there is provided an operation and maintenance system login verification apparatus, including:
the receiving module is used for receiving a user login request sent by a user to be authenticated through the SSH client, wherein the user login request comprises a user name to be authenticated, authentication mode information and authorization information to be authenticated corresponding to the authentication mode information;
the verification module is used for verifying the authorization information to be verified according to the verification mode information and the user name to be verified;
the first determining module is used for determining the access authority level corresponding to the authentication mode information when the authentication of the authorization information to be authenticated is passed;
a second determining module, configured to obtain a list of associated accounts of the user to be authenticated, and determine, according to the access permission level and the list of associated accounts, a list of accessible accounts corresponding to the user to be authenticated, where the list of associated accounts includes one or more accounts to be operated and maintained corresponding to one or more servers to be operated and maintained, respectively;
the login module is used for displaying the accessible account list through the SSH client, acquiring account selection information of the accessible account list, which is sent by the SSH client, and determining a target account to be logged in corresponding to a target server to be operated and maintained from the accessible account list according to the account selection information;
and the operation and maintenance module is used for logging in the target account to be logged in so as to enable the user to be authenticated to enter the target account to be logged in through the SSH client to perform operation and maintenance operation.
According to another aspect of the embodiments of the present invention, an operation and maintenance system login verification device is provided, which includes: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction causes the processor to execute the operation of the operation and maintenance system login verification method in any one of the foregoing embodiments.
According to another aspect of the embodiments of the present invention, there is provided a computer-readable storage medium, where at least one executable instruction is stored, and when the executable instruction is executed on an operation and maintenance system login verification device, the operation and maintenance system login verification device executes the operation of the operation and maintenance system login verification method according to any one of the foregoing embodiments.
The method comprises the steps of firstly receiving a user login request sent by a user to be verified through an SSH client, wherein the user login request comprises a user name to be verified, verification mode information and authorization information to be verified corresponding to the verification mode information, then verifying the authorization information to be verified according to the verification mode information and the user name to be verified, when the authorization information to be verified passes verification, determining an access authority level corresponding to the verification mode information, acquiring an associated account list of the user to be verified, and determining an accessible account list corresponding to the user to be verified according to the access authority level and the associated account list. And displaying the accessible account list through the SSH client, acquiring account selection information of the accessible account list sent by the SSH client, determining a target account to be logged in corresponding to the target server to be operated and maintained from the accessible account list according to the account selection information, and finally logging in the target account to be logged in, so that a user to be authenticated enters the target account to be logged in through the SSH client to perform operation and maintenance operation.
The method and the device are different from the problems of low operation and maintenance efficiency and low safety caused by adopting a springboard machine or a client to fill in login information when an SSH protocol is adopted to remotely log in the operation and maintenance system in the prior art.
The foregoing description is only an overview of the technical solutions of the embodiments of the present invention, and the embodiments of the present invention can be implemented according to the content of the description in order to make the technical means of the embodiments of the present invention more clearly understood, and the detailed description of the present invention is provided below in order to make the foregoing and other objects, features, and advantages of the embodiments of the present invention more clearly understandable.
Drawings
The drawings are only for purposes of illustrating embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a schematic flowchart illustrating a login verification method for an operation and maintenance system according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram illustrating an operation and maintenance system login authentication apparatus according to an embodiment of the present invention;
fig. 3 shows a schematic structural diagram of an operation and maintenance system login authentication device according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the invention are shown in the drawings, it should be understood that the invention can be embodied in various forms and should not be limited to the embodiments set forth herein.
Fig. 1 shows a flowchart of an operation and maintenance system login authentication method according to an embodiment of the present invention, where the method is executed by an operation and maintenance system login authentication device. The specific operation and maintenance system login authentication device may be an SSH server, the SSH server and an SSH client establish a connection according to an SSH protocol, the SSH protocol is a Secure Shell protocol, and is an encrypted network transmission protocol, communication between the client and the server is realized by establishing a Secure tunnel in a network, the SSH server establishes a connection with one or more servers to be operated and maintained, each server to be operated and maintained has one or more account numbers to be operated and maintained, and each account number to be operated and maintained corresponds to a different operation authority, as shown in fig. 1, the method includes the following steps:
step 101: and receiving a user login request sent by a user to be verified through the SSH client, wherein the user login request comprises a user name to be verified, verification mode information and authorization information to be verified corresponding to the verification mode information.
The user names to be verified have specificity, namely each user to be verified corresponds to a uniquely determined operation and maintenance operation main body with a real name system, so that the operation and maintenance operation can be traced back and monitored conveniently.
Based on the authentication principle of the SSH protocol, a plurality of authentication modes exist in the authentication stage for a user to be authenticated to select. Therefore, the verification mode information may include a verification mode identifier, and the corresponding target verification mode is determined by querying in a preset verification mode identifier table according to the verification mode identifier. Different target verification modes have different corresponding verification safety degrees according to different reverse cracking difficulties, for example, the verification safety degrees of mobile phone token verification, AD verification and SMS short message verification are smaller than the safety degrees of LDAP verification and static password verification. The verification safety degree of a single verification mode is smaller than that of a plurality of verification modes which are combined for verification, for example, the verification safety degree of the mobile phone token verification is smaller than the static password plus the verification safety degree of the mobile phone token.
Step 102: and verifying the authorization information to be verified according to the verification mode information and the user name to be verified.
In actual operation and maintenance work, one operation and maintenance person may need to respectively operate a plurality of to-be-operated and maintained accounts on a plurality of servers, different to-be-operated and maintained accounts may respectively correspond to different to-be-operated and maintained systems, and operation and maintenance operations that may be executed by the different to-be-operated and maintained accounts are different. Therefore, different operation and maintenance accounts have different requirements on the security degree of the login verification process. For example, the more important account to be operated and maintained in the system to be operated and maintained or the account to be operated and maintained with a higher operation authority level in a certain system to be operated and maintained has a higher requirement on the security degree corresponding to the login authentication mode.
Based on the SSH protocol, the SSH client selects the verification mode when performing identity verification before establishing a session with the SSH server, so that the operation and maintenance account numbers accessible in the verification mode can be correspondingly set according to different verification modes, thereby performing multi-level access control on the operation and maintenance personnel.
Step 102 also includes steps 1021-1024.
Step 1021: and determining a target verification mode according to the verification mode information.
The verification mode information comprises a verification mode identifier sent by a user to be verified, and the target verification mode is determined according to a preset corresponding relation table between the verification mode identifier and the target verification mode. If the authentication mode corresponding to the identifier "username-1" is the combination of LDAP authentication and mobile phone token authentication, and the authentication mode corresponding to the identifier "username-2" is the combination of static password authentication and RSA token authentication.
Because the difficulty of cracking of the verification of a single factor is low and the safety is not high, in one embodiment of the invention, a plurality of verification modes are adopted for combined verification, namely, the target verification method comprises a combined verification mode consisting of at least one sub-verification mode.
In an embodiment of the present invention, the sub-authentication methods at least include LDAP authentication, mobile token authentication, static password authentication, RSA token authentication, dynamic token authentication, Radius authentication, AD authentication, VASCO authentication, and SMS short message authentication.
Step 1022: and matching the target verification mode with the optional verification mode corresponding to the user name to be verified in a preset operation and maintenance user database.
Firstly, the operation and maintenance user database comprises a plurality of specific operation and maintenance user names and corresponding legal authorization information of each operation and maintenance user name in at least one optional verification mode.
Each operation and maintenance user name corresponds to a uniquely determined operation and maintenance individual, and in an alternative embodiment, for example, the operation and maintenance user name "Alice 123" corresponds to a uniquely determined real-name individual Alice, and the operation and maintenance user name "Bob 234" corresponds to a uniquely determined real-name individual Bob, etc., so that the security of the operation and maintenance process can be improved, and it is ensured that each operation and maintenance operation can be traced back to a unique real-name individual.
In order to implement multi-level and fine-grained control on the access authority of the operation and maintenance user on the operation and maintenance account, the process for determining the selectable authentication modes corresponding to different operation and maintenance user names may include the following steps:
first, authentication mode configuration information is acquired. The authentication mode configuration information comprises a user name to be configured and authentication mode configuration information corresponding to the user name to be configured, wherein the authentication mode configuration information comprises an authentication mode identification to be configured, a validity period corresponding to the authentication mode identification to be configured, an access authority level, an operation and maintenance protocol, an operation and maintenance port, a current starting state and an operation and maintenance purpose, and the operation and maintenance protocol refers to a remote operation communication protocol adopted by a user after logging in an operation and maintenance account.
And then determining the selectable verification mode corresponding to each operation and maintenance user name in the operation and maintenance user database according to the verification mode configuration information. Specifically, the user name to be configured may be matched with each operation and maintenance user name in the operation and maintenance user database, and the verification mode information corresponding to the matched operation and maintenance user name may be updated according to the verification mode configuration information.
And when the operation and maintenance user name is not matched, adding the user name to be configured as a newly added operation and maintenance user name into an operation and maintenance user database, and correspondingly filling corresponding verification mode configuration information according to the verification mode configuration information.
Step 1023: and when the matching is successful, determining the legal authorization information corresponding to the matched optional verification mode of the user name to be verified.
Step 1024: and matching the legal authorization information with the authorization information to be verified, and determining that the authorization information to be verified passes the verification under the condition that the authorization information to be verified is matched with the legal authorization information.
According to different verification principles, the corresponding legal authorization information of different verification modes is different, for example, the legal authorization information in the mobile phone token verification mode is a mobile phone token password, and the legal authorization information in the SMS short message verification mode is a short message verification code.
Step 103: and when the authorization information to be verified passes the verification, determining the access authority level corresponding to the verification mode information.
The access permission level refers to the highest access permission level for which each authentication mode can access the operation and maintenance account. Because the requirements of different accounts to be operated and maintained on the security degree of the login verification process are different, for example, the requirements of the operation and maintenance account in a more core operation and maintenance system or the operation and maintenance account with higher operation authority level on the security degree corresponding to the login verification mode are higher, the access authority level corresponding to the verification mode is determined for different verification modes based on the security degree of the verification process.
In an optional embodiment of the present invention, for example, the token authentication of the mobile phone, the AD authentication, the SMS short message authentication correspond to the authority of the common account, the LDAP authentication, the static password authentication correspond to the level of the privileged account, and the operation and maintenance authority of the level of the privileged account is greater than the level of the common account, that is, an operation and maintenance user who can access the operation and maintenance account at the level of the privileged account can access the operation and maintenance account at the level of the common account.
The process of determining the access privilege level further comprises steps 1031-1032:
step 1031: and determining the access authority level of each sub-authentication mode.
In an optional embodiment of the present invention, the access permission level of each sub-authentication mode may be determined according to the historical operation and maintenance alarm data, for example, the authentication mode of the operation and maintenance account corresponding to each alarm in the historical operation and maintenance alarm data is obtained, the historical alarm frequency corresponding to each sub-authentication mode is determined, and the access permission level of the sub-authentication mode with the historical alarm frequency greater than a preset threshold is determined as the normal permission level.
Step 1032: and determining the access authority level of the target authentication mode according to the access authority level of each sub-authentication mode.
When the target verification mode only comprises one sub-verification mode, the access authority level of the sub-verification mode is the access authority level of the target verification mode, and when the target verification mode comprises a plurality of sub-verification modes, the highest access authority level in the access authority levels of each sub-verification mode is obtained to be used as the access authority level of the target verification mode.
Step 104: acquiring a list of associated accounts of the user to be verified, and determining an accessible account list corresponding to the user to be verified according to the access permission level and the list of associated accounts, wherein the list of associated accounts comprises one or more accounts to be operated and maintained corresponding to one or more servers to be operated and maintained respectively.
That is, in the case that the user to be authenticated passes authentication, and thus successfully accesses the SSH server through the SSH client, the SSH client can remotely access one or more to-be-shipped dimension accounts on the to-be-shipped dimension host connected to the SSH server and to which the user to be authenticated has access right.
The accessible account lists comprise one or more accessible accounts corresponding to one or more accessible servers to be operated and maintained respectively, and the accessible account lists comprise one or more accessible accounts corresponding to one or more accessible servers to be operated and maintained respectively. Step 104 may specifically include the following:
step 1041: and acquiring authority level limiting information of each account to be operated and maintained on the user to be verified.
The authority level limiting information of the to-be-operated and maintained account refers to the lowest access authority level corresponding to the verification mode of the to-be-operated and maintained account to be logged in. If the associated account list includes the following three accounts to be operated and maintained: the method comprises the steps that a to-be-transported and maintained host A-to-be-transported and maintained account 001, a to-be-transported and maintained host A-to-be-transported and maintained account 002 and a to-be-transported and maintained host B-to-be-transported and maintained account 003 are adopted, and authority level limitation information corresponding to the three to-be-transported and maintained accounts is a common account, a privileged account and a privileged account respectively.
Step 1042: and matching the access authority level with authority level limit information corresponding to each account to be operated and maintained.
Step 1043: and taking the matched account to be operated and maintained as the accessible account, and taking the server to be operated and maintained where the accessible account is located as the accessible server.
With reference to the example of the associated account list in step 1041, when the target verification mode is a mobile token authentication mode, the corresponding access permission level is a common account level, and the accessible account here is a to-be-operated and maintained host a-to-be-operated and maintained account 001.
When the target verification mode is a combined verification mode of an LDAP (lightweight directory access protocol) authentication mode and a mobile token authentication mode, the corresponding access authority level is a privilege account level, and the accessible accounts are a to-be-operated and to-be-operated and to-be-operated and to-be-operated and to-be-to-be.
Step 105: displaying the accessible account list through the SSH client, acquiring account selection information of the accessible account list sent by the SSH client, and determining a target account to be logged in corresponding to a target server to be operated and maintained from the accessible account list according to the account selection information.
The account selection information includes a target accessible account name. In an optional embodiment, the account selection information further includes an operation and maintenance protocol, the user to be authenticated may perform operation and maintenance operation according to the operation and maintenance protocol after logging in the accessible account, and the operation and maintenance protocol may include an SSH protocol, a Telnet protocol, an SFTP protocol, and the like.
Step 106: logging in the target account to be logged in, so that the user to be authenticated enters the target account to be logged in through the SSH client to perform operation and maintenance operation.
In order to realize single sign-on and avoid the need of secondary verification when an operation and maintenance person logs in a new accessible account each time, steps 1061-1063 may be further included after logging in the target account to be logged in step 106.
Step 1061: and receiving an account login request sent by the user to be verified through the SSH client.
The account logout request may be an exit request sent by the user to be authenticated on the SSH client.
Step 1062: and sending the account login request to the target to-be-operated and maintained server so as to log out the target to-be-logged-in account on the target to-be-operated and maintained server.
Step 1063: and after the target account to be logged in logs out, displaying the accessible account list through the SSH client.
After the target account to be logged in logs out, the user to be authenticated can directly select the operation and maintenance account to be accessed again in the accessible account list displayed on the SSH client, so that other accessible accounts can be logged in for operation and maintenance operations, and authentication of the SSH client does not need to be performed again. Therefore, the time cost for repeatedly logging in by the operation and maintenance personnel is saved, and the operation and maintenance efficiency of the operation and maintenance personnel is improved.
Fig. 2 is a schematic structural diagram illustrating an operation and maintenance system login authentication apparatus according to an embodiment of the present invention. As shown in fig. 2, the apparatus 200 includes: the system comprises a receiving module 201, a verification module 202, a first determination module 203, a second determination module 204, a login module 205 and an operation and maintenance module 206.
A receiving module 201, configured to receive, through the SSH client, a user login request sent by a user to be authenticated, where the user login request includes a user name to be authenticated, authentication mode information, and authorization information to be authenticated corresponding to the authentication mode information;
the verification module 202 is configured to verify the authorization information to be verified according to the verification mode information and the user name to be verified;
the first determining module 203 is configured to determine, when the authorization information to be verified passes verification, an access permission level corresponding to the verification mode information;
a second determining module 204, configured to obtain an associated account list of the user to be authenticated, and determine, according to the access permission level and the associated account list, an accessible account list corresponding to the user to be authenticated, where the associated account list includes one or more accounts to be operated and maintained corresponding to one or more servers to be operated and maintained, respectively;
the login module 205 is configured to display the accessible account list through the SSH client, acquire account selection information of the accessible account list sent by the SSH client, and determine a target account to be logged in corresponding to a target server to be operated and maintained from the accessible account list according to the account selection information;
and the operation and maintenance module 206 is configured to log in the target account to be logged in, so that the user to be authenticated enters the target account to be logged in through the SSH client to perform operation and maintenance operation.
In an optional manner, the verification module 202 is further configured to:
determining a target verification mode according to the verification mode information;
matching the target verification mode with an optional verification mode corresponding to the user name to be verified in a preset operation and maintenance user database;
when the matching is successful, determining legal authorization information corresponding to the user name to be verified in the matched optional verification mode, wherein the operation and maintenance user database comprises a plurality of specific operation and maintenance user names and the legal authorization information corresponding to each operation and maintenance user name in at least one optional verification mode;
and matching the legal authorization information with the authorization information to be verified, and determining that the authorization information to be verified passes the verification under the condition that the authorization information to be verified is matched with the legal authorization information.
In an optional manner, the verification module 202 is further configured to:
acquiring authority level limiting information of each account to be operated and maintained on the user to be verified;
matching the access authority level with authority level limit information corresponding to each account to be operated and maintained;
and taking the matched account to be operated and maintained as the accessible account, and taking the server to be operated and maintained where the accessible account is located as the accessible server.
In an optional manner, the login module 205 is further configured to:
receiving an account login request sent by the user to be verified through the SSH client;
sending the account login request to the target to-be-operated and maintained server so as to enable the target to-be-operated and maintained server to log out the target to-be-logged-in account;
and after the target account to be logged in logs out, displaying the accessible account list through the SSH client.
The specific implementation process of the operation and maintenance system login verification device in the embodiment of the present invention is the same as the steps of the operation and maintenance system login verification method, and details are not described here.
The operation and maintenance system login verification device receives the operation and maintenance account login request through the SSH client, realizes unified operation and maintenance system remote login entries, determines the corresponding accessible account list according to the verification mode of the operation and maintenance personnel, and performs hierarchical access control on the operation and maintenance personnel, so that the operation and maintenance efficiency and the safety are improved.
Fig. 3 is a schematic structural diagram of an operation and maintenance system login verification device according to an embodiment of the present invention, and a specific implementation of the operation and maintenance system login verification device is not limited in the specific embodiment of the present invention.
As shown in fig. 3, the operation and maintenance system login verification device may include: a processor (processor)302, a communication Interface 304, a memory 306, and a communication bus 308.
Wherein: the processor 302, communication interface 304, and memory 306 communicate with each other via a communication bus 308. A communication interface 304 for communicating with network elements of other accounts, such as clients or other servers. The processor 302 is configured to execute the program 310, and may specifically perform the relevant steps in the embodiment of the login verification method for the operation and maintenance system.
In particular, program 310 may include program code comprising computer-executable instructions.
The processor 302 may be a central processing unit CPU, or an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits configured to implement an embodiment of the present invention. The operation and maintenance system login authentication device comprises one or more processors, which can be the same type of processor, such as one or more CPUs; or may be different types of processors such as one or more CPUs and one or more ASICs.
And a memory 306 for storing the program 410. Memory 306 may comprise high-speed RAM memory and may also include non-volatile memory (non-volatile memory), such as at least one disk memory.
Specifically, the program 310 may be invoked by the processor 302 to cause the operation and maintenance system login authentication device to perform the following operations:
receiving a user login request sent by a user to be verified through the SSH client, wherein the user login request comprises a user name to be verified, verification mode information and authorization information to be verified corresponding to the verification mode information;
verifying the authorization information to be verified according to the verification mode information and the user name to be verified;
when the authorization information to be verified passes verification, determining the access authority level corresponding to the verification mode information;
acquiring a list of associated accounts of the user to be verified, and determining an accessible account list corresponding to the user to be verified according to the access permission level and the list of associated accounts, wherein the list of associated accounts comprises one or more accounts to be operated and maintained corresponding to one or more servers to be operated and maintained;
displaying the accessible account list through the SSH client, acquiring account selection information of the accessible account list, which is sent by the SSH client, and determining a target account to be logged in corresponding to a target server to be operated and maintained from the accessible account list according to the account selection information;
logging in the target account to be logged in, so that the user to be authenticated enters the target account to be logged in through the SSH client to perform operation and maintenance operation.
In an alternative manner, the program 310 may specifically be invoked by the processor 302 to cause the operation and maintenance system login authentication device to perform the following operations:
determining a target verification mode according to the verification mode information;
matching the target verification mode with an optional verification mode corresponding to the user name to be verified in a preset operation and maintenance user database;
when the matching is successful, determining legal authorization information corresponding to the user name to be verified in the matched optional verification mode, wherein the operation and maintenance user database comprises a plurality of specific operation and maintenance user names and the legal authorization information corresponding to each operation and maintenance user name in at least one optional verification mode;
and matching the legal authorization information with the authorization information to be verified, and determining that the authorization information to be verified passes the verification under the condition that the authorization information to be verified is matched with the legal authorization information.
In an alternative manner, the program 310 may specifically be invoked by the processor 302 to cause the operation and maintenance system login authentication device to perform the following operations:
acquiring authority level limiting information of each account to be operated and maintained on the user to be verified;
matching the access authority level with authority level limit information corresponding to each account to be operated and maintained;
and taking the matched account to be operated and maintained as the accessible account, and taking the server to be operated and maintained where the accessible account is located as the accessible server.
In an alternative manner, the program 310 may specifically be invoked by the processor 302 to cause the operation and maintenance system login authentication device to perform the following operations:
receiving an account login request sent by the user to be verified through the SSH client;
sending the account login request to the target to-be-operated and maintained server so as to enable the target to-be-operated and maintained server to log out the target to-be-logged-in account;
and after the target account to be logged in logs out, displaying the accessible account list through the SSH client.
In an alternative manner, the program 310 may specifically be invoked by the processor 302 to cause the operation and maintenance system login authentication device to perform the following operations:
determining the access authority level of each sub-authentication mode;
and determining the access authority level of the target authentication mode according to the access authority level of each sub-authentication mode.
In an alternative manner, the program 310 may specifically be invoked by the processor 302 to cause the operation and maintenance system login authentication device to perform the following operations:
acquiring configuration information of a verification mode;
and determining the selectable verification mode corresponding to each operation and maintenance user name in the operation and maintenance user database according to the verification mode configuration information.
The specific implementation process of the operation and maintenance system login verification device in the embodiment of the present invention is the same as the steps of the operation and maintenance system login verification method, and details are not described here. The operation and maintenance system login verification device receives the operation and maintenance account login request through the SSH client, realizes unified operation and maintenance system remote login entries, determines the corresponding accessible account list according to the verification mode of the operation and maintenance personnel, and performs hierarchical access control on the operation and maintenance personnel, so that the operation and maintenance efficiency and the safety are improved.
The embodiment of the invention provides a computer-readable storage medium, wherein at least one executable instruction is stored in the storage medium, and when the executable instruction runs on an operation and maintenance system login verification device, the operation and maintenance system login verification device is enabled to execute the operation and maintenance system login verification method in any method embodiment.
The executable instructions may be specifically configured to cause the operation and maintenance system login verification device to perform the following operations:
receiving a user login request sent by a user to be verified through the SSH client, wherein the user login request comprises a user name to be verified, verification mode information and authorization information to be verified corresponding to the verification mode information;
verifying the authorization information to be verified according to the verification mode information and the user name to be verified;
when the authorization information to be verified passes verification, determining the access authority level corresponding to the verification mode information;
acquiring a list of associated accounts of the user to be verified, and determining an accessible account list corresponding to the user to be verified according to the access permission level and the list of associated accounts, wherein the list of associated accounts comprises one or more accounts to be operated and maintained corresponding to one or more servers to be operated and maintained;
displaying the accessible account list through the SSH client, acquiring account selection information of the accessible account list, which is sent by the SSH client, and determining a target account to be logged in corresponding to a target server to be operated and maintained from the accessible account list according to the account selection information;
logging in the target account to be logged in, so that the user to be authenticated enters the target account to be logged in through the SSH client to perform operation and maintenance operation.
The executable instructions may be specifically configured to cause the operation and maintenance system login verification device to perform the following operations:
determining a target verification mode according to the verification mode information;
matching the target verification mode with an optional verification mode corresponding to the user name to be verified in a preset operation and maintenance user database;
when the matching is successful, determining legal authorization information corresponding to the user name to be verified in the matched optional verification mode, wherein the operation and maintenance user database comprises a plurality of specific operation and maintenance user names and the legal authorization information corresponding to each operation and maintenance user name in at least one optional verification mode;
and matching the legal authorization information with the authorization information to be verified, and determining that the authorization information to be verified passes the verification under the condition that the authorization information to be verified is matched with the legal authorization information.
The executable instructions may be specifically configured to cause the operation and maintenance system login verification device to perform the following operations:
acquiring authority level limiting information of each account to be operated and maintained on the user to be verified;
matching the access authority level with authority level limit information corresponding to each account to be operated and maintained;
and taking the matched account to be operated and maintained as the accessible account, and taking the server to be operated and maintained where the accessible account is located as the accessible server.
The executable instructions may be specifically configured to cause the operation and maintenance system login verification device to perform the following operations:
receiving an account login request sent by the user to be verified through the SSH client;
sending the account login request to the target to-be-operated and maintained server so as to enable the target to-be-operated and maintained server to log out the target to-be-logged-in account;
and after the target account to be logged in logs out, displaying the accessible account list through the SSH client.
The executable instructions may be specifically configured to cause the operation and maintenance system login verification device to perform the following operations:
determining the access authority level of each sub-authentication mode;
and determining the access authority level of the target authentication mode according to the access authority level of each sub-authentication mode.
The executable instructions may be specifically configured to cause the operation and maintenance system login verification device to perform the following operations:
acquiring configuration information of a verification mode;
and determining the selectable verification mode corresponding to each operation and maintenance user name in the operation and maintenance user database according to the verification mode configuration information.
The specific implementation process of the computer readable medium of the embodiment of the present invention is the same as the steps of the foregoing operation and maintenance system login verification method, and details are not described here. The computer readable medium of the embodiment of the invention receives the operation and maintenance account login request through the SSH client, realizes the unified remote login entry of the operation and maintenance system, determines the corresponding accessible account list according to the verification mode of the operation and maintenance personnel, and performs hierarchical access control on the operation and maintenance personnel, thereby improving the operation and maintenance efficiency and safety.
The embodiment of the invention provides an operation and maintenance system login verification device, which is used for executing the operation and maintenance system login verification method.
The embodiment of the invention provides a computer program, which can be called by a processor to enable an operation and maintenance system login verification device to execute the operation and maintenance system login verification method in any method embodiment.
Embodiments of the present invention provide a computer program product, where the computer program product includes a computer program stored on a computer-readable storage medium, where the computer program includes program instructions, and when the program instructions are run on a computer, the computer is caused to execute the operation and maintenance system login verification method in any of the above method embodiments.
The algorithms or displays provided herein are not inherently related to any particular computer, virtual system, or other account. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. In addition, embodiments of the present invention are not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the embodiments of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the invention and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim.
Those skilled in the art will appreciate that the modules in the account number in an embodiment may be adaptively changed and placed in one or more account numbers different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or account so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names. The steps in the above embodiments should not be construed as limiting the order of execution unless specified otherwise.

Claims (10)

1. An operation and maintenance system login verification method is applied to an SSH server, the SSH server and an SSH client establish connection according to an SSH protocol, the SSH server establishes connection with one or more servers to be operated and maintained, and the method comprises the following steps:
receiving a user login request sent by a user to be verified through the SSH client, wherein the user login request comprises a user name to be verified, verification mode information and authorization information to be verified corresponding to the verification mode information;
verifying the authorization information to be verified according to the verification mode information and the user name to be verified;
when the authorization information to be verified passes verification, determining the access authority level corresponding to the verification mode information;
acquiring a list of associated accounts of the user to be verified, and determining an accessible account list corresponding to the user to be verified according to the access permission level and the list of associated accounts, wherein the list of associated accounts comprises one or more accounts to be operated and maintained corresponding to one or more servers to be operated and maintained;
displaying the accessible account list through the SSH client, acquiring account selection information of the accessible account list, which is sent by the SSH client, and determining a target account to be logged in corresponding to a target server to be operated and maintained from the accessible account list according to the account selection information;
logging in the target account to be logged in, so that the user to be authenticated enters the target account to be logged in through the SSH client to perform operation and maintenance operation.
2. The method according to claim 1, wherein the verifying the authorization information to be verified according to the verification mode information and the user name to be verified further comprises:
determining a target verification mode according to the verification mode information;
matching the target verification mode with an optional verification mode corresponding to the user name to be verified in a preset operation and maintenance user database;
when the matching is successful, determining legal authorization information corresponding to the user name to be verified in the matched optional verification mode, wherein the operation and maintenance user database comprises a plurality of specific operation and maintenance user names and the legal authorization information corresponding to each operation and maintenance user name in at least one optional verification mode;
and matching the legal authorization information with the authorization information to be verified, and determining that the authorization information to be verified passes the verification under the condition that the authorization information to be verified is matched with the legal authorization information.
3. The method according to claim 2, wherein the target authentication manner comprises a combined authentication manner consisting of at least one sub-authentication manner, and the sub-authentication manner at least comprises LDAP authentication, mobile token authentication, static password authentication, RSA token authentication, dynamic link token authentication, Radius authentication, AD authentication, VASCO authentication, and SMS short message authentication.
4. The method according to claim 1, wherein the accessible account list includes one or more accessible accounts corresponding to one or more accessible servers to be maintained, the obtaining of the list of associated accounts of the user to be authenticated, and the determining of the list of accessible accounts corresponding to the user to be authenticated according to the access permission level and the list of associated accounts further comprise:
acquiring authority level limiting information of each account to be operated and maintained on the user to be verified;
matching the access authority level with authority level limit information corresponding to each account to be operated and maintained;
and taking the matched account number to be operated and maintained as the accessible account number, and taking the server to be operated and maintained where the accessible account number is located as the accessible server to be operated and maintained.
5. The method of claim 1, further comprising, after logging in the target account to be logged in:
receiving an account login request sent by the user to be verified through the SSH client;
sending the account login request to the target to-be-operated and maintained server so as to enable the target to-be-operated and maintained server to log out the target to-be-logged-in account;
and after the target account to be logged in logs out, displaying the accessible account list through the SSH client.
6. The method according to claim 3, wherein when the authorization information to be verified is verified, determining the access right level corresponding to the verification mode information further comprises:
determining the access authority level of each sub-authentication mode;
and determining the access authority level of the target authentication mode according to the access authority level of each sub-authentication mode.
7. The method according to claim 2, wherein before matching the target authentication method with the selectable authentication method corresponding to the user name to be authenticated in a preset operation and maintenance user database, the method further comprises:
acquiring configuration information of a verification mode;
and determining the selectable verification mode corresponding to each operation and maintenance user name in the operation and maintenance user database according to the verification mode configuration information.
8. An operation and maintenance system login verification device, characterized in that the device comprises:
the system comprises a receiving module, a verification module and a verification module, wherein the receiving module is used for receiving a user login request sent by a user to be verified through an SSH client, and the user login request comprises a user name to be verified, verification mode information and authorization information to be verified corresponding to the verification mode information;
the verification module is used for verifying the authorization information to be verified according to the verification mode information and the user name to be verified;
the first determining module is used for determining the access authority level corresponding to the authentication mode information when the authentication of the authorization information to be authenticated is passed;
a second determining module, configured to obtain a list of associated accounts of the user to be authenticated, and determine, according to the access permission level and the list of associated accounts, a list of accessible accounts corresponding to the user to be authenticated, where the list of associated accounts includes one or more accounts to be operated and maintained corresponding to one or more servers to be operated and maintained, respectively;
the login module is used for displaying the accessible account list through the SSH client, acquiring account selection information of the accessible account list, which is sent by the SSH client, and determining a target account to be logged in corresponding to a target server to be operated and maintained from the accessible account list according to the account selection information;
and the operation and maintenance module is used for logging in the target account to be logged in so as to enable the user to be authenticated to enter the target account to be logged in through the SSH client to perform operation and maintenance operation.
9. An operation and maintenance system login verification device, comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction causes the processor to execute the operation of the operation and maintenance system login verification method according to any one of claims 1-7.
10. A computer-readable storage medium, wherein the storage medium stores at least one executable instruction, and when the executable instruction is executed on an operation and maintenance system login authentication device, the operation and maintenance system login authentication device executes the operation of the operation and maintenance system login authentication method according to any one of claims 1 to 7.
CN202011554002.7A 2020-12-24 2020-12-24 Login verification method, device and equipment for operation and maintenance system and computer storage medium Active CN112651011B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011554002.7A CN112651011B (en) 2020-12-24 2020-12-24 Login verification method, device and equipment for operation and maintenance system and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011554002.7A CN112651011B (en) 2020-12-24 2020-12-24 Login verification method, device and equipment for operation and maintenance system and computer storage medium

Publications (2)

Publication Number Publication Date
CN112651011A CN112651011A (en) 2021-04-13
CN112651011B true CN112651011B (en) 2022-03-11

Family

ID=75362726

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011554002.7A Active CN112651011B (en) 2020-12-24 2020-12-24 Login verification method, device and equipment for operation and maintenance system and computer storage medium

Country Status (1)

Country Link
CN (1) CN112651011B (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113553570A (en) * 2021-07-27 2021-10-26 未鲲(上海)科技服务有限公司 Information output method, device and storage medium
CN113792285B (en) * 2021-08-05 2024-01-26 广东核电合营有限公司 Nuclear power station service authority control method and device and terminal equipment
CN113992354A (en) * 2021-09-28 2022-01-28 新华三信息安全技术有限公司 Identity authentication method, device, equipment and machine readable storage medium
CN114301799A (en) * 2021-11-23 2022-04-08 航天信息股份有限公司 Remote operation and maintenance method and device based on ganymed-ssh2
CN114157483B (en) * 2021-12-02 2024-04-05 北京金山云网络技术有限公司 Login method, login device, electronic equipment and storage medium
CN114629889B (en) * 2022-03-15 2024-03-15 北京天融信网络安全技术有限公司 Remote control link establishment method, device, equipment and medium
CN114742479B (en) * 2022-06-10 2022-09-06 深圳竹云科技股份有限公司 Account identification method, account identification device, server and storage medium
CN115242476B (en) * 2022-07-14 2024-02-06 上海擎朗智能科技有限公司 Login verification method, login verification device, login verification medium and electronic equipment
CN116566702A (en) * 2023-05-23 2023-08-08 广州启睿信息科技有限公司 A unified user account login and management method and device
CN118612096A (en) * 2024-07-09 2024-09-06 北京建恒信安科技有限公司 A method and device for verifying operation and maintenance identity security
CN118886046B (en) * 2024-10-09 2025-01-24 北塘湾(天津)科技发展有限公司 Access control method, electronic device and storage medium
CN119598530A (en) * 2024-11-20 2025-03-11 北京中科昊芯科技有限公司 A method, device, equipment and medium for security protection of on-chip firmware

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103248699B (en) * 2013-05-16 2014-07-16 广西中烟工业有限责任公司 Multi-account processing method of single sign on (SSO) information system
US10757091B2 (en) * 2018-10-25 2020-08-25 International Business Machines Corporation Certificate-based single sign-on (SSO) from mobile applications over the internet
CN111200579B (en) * 2018-11-16 2023-10-31 北京奇虎科技有限公司 User login method, client and system
CN110324344B (en) * 2019-07-05 2021-11-02 秒针信息技术有限公司 Account information authentication method and device
CN110620782A (en) * 2019-09-29 2019-12-27 深圳市珍爱云信息技术有限公司 Account authentication method and device, computer equipment and storage medium
CN111324875A (en) * 2020-02-17 2020-06-23 支付宝(杭州)信息技术有限公司 User data operation authority control and account management method, device and system

Also Published As

Publication number Publication date
CN112651011A (en) 2021-04-13

Similar Documents

Publication Publication Date Title
CN112651011B (en) Login verification method, device and equipment for operation and maintenance system and computer storage medium
US20230370265A1 (en) Method, Apparatus and Device for Constructing Token for Cloud Platform Resource Access Control
US10073958B2 (en) Security system for verification of user credentials
US10237254B2 (en) Conditional login promotion
CN106330850B (en) Security verification method based on biological characteristics, client and server
US20180234464A1 (en) Brokered authentication with risk sharing
US20240037250A1 (en) Using machine-learning models to determine graduated levels of access to secured data for remote devices
CN113742676A (en) Login management method, device, server, system and storage medium
US20170279798A1 (en) Multi-factor authentication system and method
CN111064749B (en) Network connection method, device and storage medium
CN105162775A (en) Logging method and device of virtual machine
US20150142974A1 (en) Multiple Profiles on a Shared Computing Device
CN107770192A (en) Identity authentication method and computer-readable recording medium in multisystem
CN113132402A (en) Single sign-on method and system
CN110365483A (en) Cloud platform authentication method, client, middleware and system
CN111241523B (en) Authentication processing method, apparatus, device and storage medium
US20220417020A1 (en) Information processing device, information processing method, and non-transitory computer readable storage medium
CN102546166A (en) Method, system and device for identity authentication
CN105162774A (en) Virtual machine login method, virtual machine login method and device for terminal
CN113506108B (en) Account management method, device, terminal and storage medium
CN120641895A (en) System and method for multi-factor authentication
CN117376000A (en) Block chain-based data processing method, device, equipment and storage medium
CN114500031B (en) System, method, electronic equipment and medium for acquiring BI report based on single sign-on
CN104917755A (en) Login method based on mobile communication terminal and short message
CN113901428A (en) Login method and device of multi-tenant system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder

Address after: 518000 East, 3rd floor, incubation building, China Academy of science and technology, 009 Gaoxin South 1st Road, Nanshan District, Shenzhen City, Guangdong Province

Patentee after: Shenzhen Zhuyun Technology Co.,Ltd.

Address before: 518000 East, 3rd floor, incubation building, China Academy of science and technology, 009 Gaoxin South 1st Road, Nanshan District, Shenzhen City, Guangdong Province

Patentee before: SHENZHEN BAMBOOCLOUD TECHNOLOGY CO.,LTD.

CP01 Change in the name or title of a patent holder
CP02 Change in the address of a patent holder

Address after: 518000 4001, Block D, Building 1, Chuangzhi Yuncheng Lot 1, Liuxian Avenue, Xili Community, Xili Street, Nanshan District, Shenzhen, Guangdong

Patentee after: Shenzhen Zhuyun Technology Co.,Ltd.

Address before: 518000 East, 3rd floor, incubation building, China Academy of science and technology, 009 Gaoxin South 1st Road, Nanshan District, Shenzhen City, Guangdong Province

Patentee before: Shenzhen Zhuyun Technology Co.,Ltd.

CP02 Change in the address of a patent holder