CN113742664B

CN113742664B - Monitoring and auditing method, equipment and system

Info

Publication number: CN113742664B
Application number: CN202010477774.9A
Authority: CN
Inventors: 胡兵; 张诚哲; 虞雷; 谢记年
Original assignee: Nail Holding Cayman Co ltd
Current assignee: Nail Holding Cayman Co ltd
Priority date: 2020-05-29
Filing date: 2020-05-29
Publication date: 2024-03-29
Anticipated expiration: 2040-05-29
Also published as: CN113742664A

Abstract

The embodiment of the invention provides a monitoring and auditing method, equipment and a system, wherein the monitoring method comprises the following steps: detecting a permission processing event initiated by a target user; monitoring the processing process of the authority processing event by the authority system to obtain a monitoring result; and if the monitoring result is abnormal, determining that the authority system is abnormal. The embodiment of the invention improves the monitoring efficiency and accuracy.

Description

Monitoring and auditing method, equipment and system

Technical Field

The present invention relates to the field of computer technologies, and in particular, to a monitoring and auditing method, device, and system.

Background

Authentication refers to the authorization system verifying whether a user has the right to perform a certain operation. Typically, the user may apply for authentication to the rights system when he wants to perform a target operation on a target object. And the authority system inquires whether the target user has the right to execute the target operation on the target object according to the authentication request initiated by the target user, if so, returns the existence authority to enable the user to execute the target operation on the target object, and if not, returns the nonexistence authority to enable the user to be unable to execute the target operation on the target object. The target object may include, for example: an object with a rights setting requirement, such as a database, a software system, an application program, or an enterprise organization architecture.

In the prior art, in order to confirm whether the authentication result of the authority system for checking the user authority is accurate, the authentication result of the authority system can be obtained and checked by adopting a manual auditing mode. For example, the authentication behavior requested by the user and the corresponding authentication result may be displayed in the display, and then the auditor may manually audit the authentication result based on the user identity information to confirm the accuracy of the authentication result of the authorization system.

However, the method of auditing the authentication result of the authority system by adopting a manual mode needs to consume a great deal of labor cost, so that auditing efficiency is poor.

Disclosure of Invention

In view of the above, the embodiments of the present invention provide a monitoring and auditing method, device, and system, so as to solve the technical problem in the prior art that a great deal of labor cost is required to be consumed in a manual auditing method for the authentication result of the authority system, resulting in poor auditing efficiency.

In a first aspect, an embodiment of the present invention provides a monitoring method, including:

detecting a permission processing event initiated by a target user;

monitoring the processing process of the authority processing event by the authority system to obtain a monitoring result;

And if the monitoring result is abnormal, determining that the authority system is abnormal.

In a second aspect, an embodiment of the present invention provides an auditing method, including:

detecting a permission processing event initiated by a target user;

acquiring a processing result of the authority system on the authority processing event;

performing audit processing on the processing result to obtain an audit result;

and outputting the auditing result.

In a third aspect, an embodiment of the present invention provides a monitoring device, including: a storage component and a processing component; the storage component is configured to store one or more computer instructions, the one or more computer instructions being configured to be invoked by the processing component;

the processing assembly is configured to:

detecting a permission processing event initiated by a target user;

In a fourth aspect, an embodiment of the present invention provides an auditing apparatus, including: a storage component and a processing component; the storage component is configured to store one or more computer instructions, the one or more computer instructions being configured to be invoked by the processing component;

The processing assembly is configured to:

detecting a permission processing event initiated by a target user;

performing audit processing on the processing result to obtain an audit result;

outputting the audit result

In a fifth aspect, an embodiment of the present invention provides a monitoring system, including: user equipment, monitoring equipment and authority processing equipment;

the user equipment is used for: detecting a permission processing request initiated by a target user, and sending the permission processing request to permission processing equipment;

the rights processing device is used for: receiving the permission processing request sent by the user equipment; responding to the permission processing request, and calling up a permission system to execute permission processing operation corresponding to the permission processing request so as to generate a permission processing event;

the monitoring device is used for: acquiring an authority processing event sent by the authority processing equipment; monitoring the processing process of the authority system of the authority processing equipment on the authority processing event to obtain a monitoring result; and if the monitoring result is abnormal, determining that the authority system is abnormal.

In a sixth aspect, there is provided an auditing system, comprising: user equipment, audit equipment and authority processing equipment;

the auditing equipment is used for: acquiring an authority processing event sent by an authority processing device; acquiring a processing result of the authority system on the authority processing event; performing audit processing on the processing result to obtain an audit result; and outputting the auditing result.

The embodiment of the invention can detect the permission processing event initiated by the target user. And then, the processing process of the permission processing event by the permission system can be monitored, and a monitoring result is obtained. And acquiring the authority processing event to automatically monitor the processing process of the authority processing event so as to confirm whether the authority processing event has abnormal processing. After the monitoring result is obtained, if the monitoring result is abnormal, it may be determined that the rights system is abnormal. The authentication of the authority system is wrong, so that the automatic monitoring of the authentication event is realized, and the auditing efficiency of the authority system is improved. Meanwhile, due to the fact that the authority processing event is monitored, abnormal authentication events of the authority system can be found in time, quick error correction can be achieved, authentication errors possibly generated in the authority authentication can be timely made up, and effectiveness and accuracy of the authority system authentication are improved.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a flow chart of one embodiment of a monitoring method provided by an embodiment of the present invention;

FIG. 2 is a flow chart of yet another embodiment of a monitoring method according to an embodiment of the present invention;

FIG. 3 is a flow chart of yet another embodiment of a monitoring method according to an embodiment of the present invention;

FIG. 4 is a flow chart of yet another embodiment of a monitoring method provided by an embodiment of the present invention;

FIG. 5 is a flow chart of yet another embodiment of a monitoring method provided by an embodiment of the present invention;

FIG. 6 is a flow chart of yet another embodiment of a monitoring method provided by an embodiment of the present invention;

FIG. 7 is a flow chart of yet another embodiment of a monitoring method provided by an embodiment of the present invention;

FIG. 8 is a flow chart of yet another embodiment of a monitoring method provided by an embodiment of the present invention;

Fig. 9 is an application example diagram of a monitoring method according to an embodiment of the present invention;

FIG. 10 is a flow chart of one embodiment of an audit method provided by an embodiment of the present invention;

FIG. 11 is a schematic structural diagram of an embodiment of a monitoring device according to an embodiment of the present invention;

FIG. 12 is a schematic diagram of one embodiment of an audit device provided in accordance with an embodiment of the present invention;

FIG. 13 is a schematic diagram of an embodiment of a monitoring system according to an embodiment of the present invention;

fig. 14 is a schematic structural diagram of an embodiment of an audit system according to an embodiment of the present invention.

Detailed Description

For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, the "plurality" generally includes at least two, but does not exclude the case of at least one.

It should be understood that the term "and/or" as used herein is merely one relationship describing the association of the associated objects, meaning that there may be three relationships, e.g., a and/or B, may represent: a exists alone, A and B exist together, and B exists alone. In addition, the character "/" herein generally indicates that the front and rear associated objects are an "or" relationship.

The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to an identification", depending on the context. Similarly, the phrase "if determined" or "if identified (stated condition or event)" may be interpreted as "when determined" or "in response to a determination" or "when identified (stated condition or event)" or "in response to an identification (stated condition or event), depending on the context.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a product or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such product or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a commodity or system comprising such elements.

The technical scheme of the embodiment of the application can be applied to an audit scene of the authentication result. By intercepting the authority processing event initiated by the user, the processing process of the event is automatically monitored by the authority system so as to confirm whether the authority system is normal or not, and the monitoring efficiency of the authority event is improved,

Authentication in the prior art refers to the right that the entitlement system verifies whether the user performs a certain operation. In order to confirm the validity and accuracy of the authentication of the rights system, a manual verification of the authentication result may be generally adopted to confirm whether the authentication result of the rights system is accurate, thereby determining whether the rights system is abnormal. And judging whether the authentication behavior is normal or not through the audit of the authentication result of the authority system. However, the method for auditing the authentication result by adopting the manual operation consumes a great deal of labor cost, and has lower manual auditing efficiency, so that the auditing efficiency of the authentication result is poor.

In the embodiment of the application, the permission processing event initiated by the target user can be detected. And then, the processing process of the permission processing event by the permission system can be monitored, and a monitoring result is obtained. And acquiring the authority processing event to automatically monitor the processing process of the authority processing event so as to confirm whether the authority processing event has abnormal processing. After the monitoring result is obtained, if the monitoring result is abnormal, it may be determined that the rights system is abnormal. The authentication of the authority system is wrong, so that the automatic monitoring of the authentication event is realized, and the auditing efficiency of the authority system is improved. Meanwhile, due to the fact that the authority processing event is monitored, abnormal authentication events of the authority system can be found in time, quick error correction can be achieved, authentication errors possibly generated in the authority authentication can be timely made up, and effectiveness and accuracy of the authority system authentication are improved.

Embodiments of the present application will be described in detail below with reference to the accompanying drawings.

As shown in fig. 1, a flowchart of an embodiment of an information processing method according to an embodiment of the present application may include the following steps:

101: and detecting a permission processing event initiated by the target user.

The information processing method provided by the embodiment of the application can be used in electronic equipment or a system for executing the method. The electronic device may include, for example: and a computer, a notebook and other terminals. The system may be, for example, the same device system as the rights system, and communicate with the terminal where the rights system is located to obtain the rights handling event.

The target user may be the user that initiated the rights handling request. The target user may send a rights handling request to the rights system. The authority system acquires an authority processing request sent by a target user and executes an authority processing operation corresponding to the request. The rights system may specifically refer to the entirety for the integration of rights processing related functions. The rights system may be integrated in particular as a rights management application.

Optionally, the permission processing event may be obtained by intercepting a permission processing request initiated by a user, and obtaining a permission processing result corresponding to the permission processing request. The rights processing request may include rights processing parameters input by a user, and the rights processing result may include a processing result of the rights processing parameters in the rights processing request by the rights system, where the rights processing result is obtained based on the rights processing parameters.

102: and monitoring the processing process of the permission processing event by the permission system to obtain a monitoring result.

The processing of the rights processing event by the rights processing system may include: the authority processing system acquires the authority processing parameters of the authority processing event, and performs authority examination on the authority processing parameters to acquire an authority processing result. The process of monitoring the authority system to process the authority processing event specifically may include: and monitoring the authority processing parameters obtained by the authority processing system and monitoring the authority processing results obtained by the authority processing system. Thus, the monitoring result may include: and monitoring results of the rights processing parameters and monitoring results of the rights processing results.

The authority system is an authority identification system for detecting the authority of the authority processing request initiated by the user so as to confirm whether the user has an authority use event corresponding to the authority processing request.

103: if the monitoring result is abnormal, determining that the authority system is abnormal.

The monitoring result is obtained by monitoring the processing process of the permission processing event by the permission system. And whether the authority system normally processes the authentication event can be confirmed through the monitoring result.

When the monitoring result is abnormal, the abnormal processing process of the authority system on the authority processing event can be determined. When the monitoring result is normal, the permission system is indicated that no abnormality exists in the processing process of the permission processing event.

In the embodiment of the application, the permission processing event initiated by the target user can be detected. And then, the processing process of the permission processing event by the permission system can be monitored, and a monitoring result is obtained. And acquiring the authority processing event to automatically monitor the processing process of the authority processing event so as to confirm whether the authority processing event has abnormal processing. After the monitoring result is obtained, if the monitoring result is abnormal, it may be determined that the rights system is abnormal. The authentication of the authority system is wrong, so that the automatic monitoring of the authentication event is realized, and the monitoring efficiency of the authority system is improved. Meanwhile, due to the fact that the authority processing event is monitored, abnormal authentication events of the authority system can be found in time, quick error correction can be achieved, authentication errors possibly generated in the authority authentication can be timely made up, and effectiveness and accuracy of the authority system authentication are improved.

As shown in fig. 2, a flowchart of still another embodiment of an information processing method according to an embodiment of the present application may include the following steps:

201: and detecting a permission query event initiated by the target user.

202: and monitoring the authentication process of the authority system on the authority inquiry event to obtain a monitoring result.

203: if the monitoring result is abnormal, determining that the authority system is abnormal.

The permission query event is a message event formed by a permission query request initiated by a target user aiming at a permission system, a query process corresponding to the permission query request and an obtained query result. The authority system can perform authority inquiry operation according to the authority inquiry parameters corresponding to the authority inquiry event so as to determine the authority inquiry result corresponding to the authority inquiry event. The authentication process of the authority inquiry event by the monitoring authority system is the monitoring of the operation process formed by the authority inquiry of the authority inquiry parameter corresponding to the authority inquiry event by the authority system.

In the embodiment of the application, after the permission query event initiated by the target user is detected, the authentication process of the permission system on the permission query event can be monitored, and a monitoring result is obtained. By monitoring the authentication process of the authority system, whether the authentication process of the authority system is abnormal or not can be timely found, so that whether the monitoring result is abnormal or not can be confirmed. If the monitoring result shows abnormality, the permission system abnormality can be determined.

In some embodiments, the rights inquiry parameters of the rights inquiry event may be monitored.

As shown in fig. 3, a flowchart of still another embodiment of an information processing method according to an embodiment of the present application may include:

301: and detecting a permission query event initiated by the target user.

302: and acquiring the permission query parameters of the permission query event input permission system.

303: and determining a monitoring result according to the permission query parameter.

304: if the monitoring result is abnormal, determining that the authority system is abnormal.

Wherein, the permission query event can be triggered for the target user. The permission system may detect a permission query request triggered by the target user, thereby confirming that the user triggered the permission query event. The authority system can perform authority inquiry according to the authority inquiry parameters corresponding to the authority inquiry event so as to determine an authority inquiry result corresponding to the authority inquiry parameters.

In the embodiment of the application, the permission query parameters can be monitored aiming at the permission query event. By monitoring the permission query parameters, whether errors of the query parameters occur in the permission query process can be determined, so that the query process of the permission query event can be accurately monitored.

As one embodiment, determining the monitoring result according to the permission query parameter may include:

Acquiring a first object role corresponding to a target user in the permission query parameters and an authentication object of the target user requesting authentication;

acquiring at least one second object role corresponding to the authentication object;

if the first object role can be included in the at least one second object role, determining a monitoring result according to the first object role;

if the first object role cannot be included in the at least one second object role, determining that the monitoring result is abnormal.

Multiple authentication objects may be included in the rights system. The authentication object may be an object for which the rights system needs to perform rights monitoring. In some embodiments, the authentication object may include: memory parameters, network data, disk reading speed, system load rate and the like of the computer cluster can also comprise flow, success rate, error number and the like of an application program, running status of a process or a thread, or framework, message queue access, buffer or database access of a network base layer. For example, authenticating an object in the management scenario of some enterprise organization architectures may also include: various organizations or organizations requiring rights management, or may also include various data requiring rights management, etc.

The object role may refer to the identity assigned by the system to the user managing the authentication object. When the user has the identity of a certain object role, the user can acquire the management authority of the object role on the authentication object. An authentication object may correspond to multiple roles, for example, the viewing authority of an enterprise employee roster may be an authentication object, and both "human resource manager" and "overall manager" have the authority to view the enterprise employee roster, in the authority system, the "human resource manager" and "overall manager" are two object roles respectively, whereas in the enterprise, the a user has the object role of "human resource manager", the B user has the object role of "overall manager", and the a user or the B user has the authority to query the enterprise employee roster, but, if the object role of the C user is "software engineer", the C user does not have the authority to query the enterprise employee roster.

The authority system stores an authentication object, an object role corresponding to the authentication object and an association relation of users with the object role in advance so as to perform authority inquiry on authority inquiry events initiated by any target user. Taking the above example as an example, when the authority system initiates the authority query event of querying the employee roster of the enterprise, the authority system may determine the object role of the user a first, query whether the user a belongs to the role of "human resource manager", and then query whether the object role of "human resource manager" has the authority of querying the employee roster of the enterprise, based on this example, query that the user a has the authority of querying, and at this time, the authority system may feed back the information having the authority of querying.

In the permission query process, the monitoring efficiency can be improved by monitoring the permission query parameters.

If the object role of the target user does not belong to the object role of the authentication object, at this time, the authentication range corresponding to the authentication object of the user request authentication is different from the authentication range corresponding to the user request authentication, which indicates that the authentication parameters of the authority system are abnormal, and the monitoring result is abnormal.

If the role of the target user belongs to the object role of the authentication request, the identity of the target user can be further verified to ensure the normal operation of the authentication system.

As one possible implementation, if the at least one second object role may include a first object role, determining the monitoring result according to the first object role may include:

if the at least one second object role can comprise a first object role, acquiring at least one candidate user in the first object role;

if the target user can be included in the at least one candidate user, determining that the monitoring result is normal;

if the target user is not included in the at least one candidate user, determining that the monitoring result is abnormal.

In the embodiment of the application, by monitoring the authority inquiry parameters, the authority inquiry event can be primarily monitored at the initial stage of the authority inquiry, and then the data corresponding to the authority inquiry singular number can be accurately monitored.

The authentication result may be monitored.

As shown in fig. 4, a flowchart of still another embodiment of an information processing method according to an embodiment of the present application may include:

401: and detecting a permission query event initiated by the target user.

402: and acquiring an authentication result of the authority system on the authority inquiry event.

403: and determining a monitoring result according to the authentication result.

404: if the monitoring result is abnormal, determining that the authority system is abnormal.

In the embodiment of the application, the query result of the permission query event is monitored, and the authentication result of the permission system can be monitored in real time through monitoring the query result, so that whether the authentication system is accurate to permission query or not is determined, and the monitoring accuracy is improved.

In the embodiment shown in fig. 4, when the authentication result of the rights system is monitored, the rights record corresponding to the rights system may be used for monitoring. As one embodiment, the rights inquiry event may include: permission query parameters.

After obtaining the authentication result of the rights system on the rights inquiry event, the method may further include:

acquiring an authentication object of a target user requesting authentication in the permission query parameters and query time;

and determining a first authority record of the authentication object in the authority system according to the inquiry time.

Wherein, according to the authentication result, determining the monitoring result may include:

and determining a monitoring result according to the first authority record and the authentication result.

The rights inquiry parameters can include an authentication object and an inquiry time. The authentication object is an object requiring rights monitoring. The query time is the time when the user initiates a rights query request to authenticate his rights. The inquiry time can be included in an event, and the first permission record of the authentication object in the permission system can be obtained through the determination of the inquiry time, namely, all the permission records in the permission system before the inquiry time can be obtained, and the first permission record is obtained. Through the first authority record, whether a record of authority corresponding to the authentication result given to the target user exists in the authority system can be determined, if the record exists, the authentication result can be determined to be normal, and if the record does not exist, the authentication result can be determined to be abnormal.

In one possible design, determining the monitoring result according to the first permission record and the authentication result may include:

if the authentication result is abnormal according to the first authority record, the monitoring result is abnormal.

When the authentication result is checked according to the first authority record, whether the authentication result is abnormal or not can be determined according to the first authority record, and if so, the monitoring result is abnormal.

In yet another possible design, if the authentication result is determined to be normal according to the first permission record, the monitoring result is determined to be normal.

By acquiring the first authority record, the authentication result can be operated according to the change of the authority record in time, and the like, so that the authentication result can be accurately checked in real time, and the checking efficiency is improved.

In practical application, if the target user has the authority to execute the A operation on the authentication object, the first authority record has the authority record to set the A operation for the target user to execute the A operation on the authentication object, and the deletion record of the authority record is added on the basis of the authority record to set the A operation for the target user.

As a possible implementation manner, if the authentication result is determined to be abnormal according to the first permission record, determining that the monitoring result is abnormal may include:

Determining a first target authority which is requested to be identified by a target user based on the authority inquiry parameter;

if the first permission record does not have the permission adding record for setting the first target permission for the target user or the permission deleting record for deleting the first target permission for the target user exists, and the authentication result is that the first target permission exists for the target user, determining that the authentication result is abnormal.

If the authentication result is abnormal, determining that the monitoring result is abnormal.

When the authentication result is checked by using the authority record, a first target authority of the target user for authentication can be acquired first. Namely, a target user corresponding to a user initiated authority examination event requests a first target authority for authority identification. And using the first permission record to identify whether a permission adding record for setting the first target permission for the target user exists in the first permission record so as to determine whether the authentication result is abnormal.

If the permission adding record for setting the first target permission for the target user does not exist, and the authentication result is that the first target permission exists for the target user, determining that the authentication result is abnormal. If the authority deleting record for deleting the first target authority for the target user exists, and the authentication result is that the first target authority exists for the target user, determining that the authentication result is abnormal.

In still other embodiments, if there is a permission addition record that sets the first target permission for the target user and there is no permission deletion record that deletes the first target permission for the target user in the first permission record, and the authentication result is that the first target permission exists for the target user, it is determined that the authentication result is normal. If the authentication result is normal, the monitoring result is determined to be normal.

In practical application, if the target user does not have the authority to execute the A operation on the authentication object, the first authority record does not have the authority record for setting the A operation on the authentication object for the target user, or has the authority to delete the A operation on the authentication object for the target user on the basis of setting the authority for executing the A operation on the authentication object for the target user.

As yet another possible implementation, if the price tag result is determined to be abnormal according to the first permission record, determining that the monitoring result is abnormal may include:

if the permission adding record for setting the first target permission for the target user exists in the first permission record, the permission deleting record for deleting the first target permission for the target user does not exist in the first permission record, and the authentication result is that the target user does not exist the first target permission, determining that the authentication result is abnormal.

In this embodiment of the present application, the permission query parameter may include a first target permission that the target user requests to identify. The authentication result of the first target authority, which is requested to be identified by the target user, can be checked by the authority system through the confirmation of whether the first authority record exists in the authority adding record for setting the first target authority for the target user and the confirmation of whether the authority deleting record for deleting the first target authority exists for the target user, so that whether the authentication result is abnormal or not is determined, real-time and automatic monitoring of the authentication result is realized, and monitoring efficiency and accuracy are improved.

If the first permission record does not have the permission adding record for setting the first target permission for the target user or the permission deleting record for deleting the first target permission for the target user exists, and the authentication result is that the target user does not have the first target permission, the authentication result is determined to be normal. If the authentication result is normal, the monitoring result is determined to be normal.

To obtain an accurate rights record, as an embodiment, determining the first rights record of the authentication object in the rights system according to the query time may include:

All rights records of the authentication object before the query time in the rights system are determined as first rights records.

In practical application, whether the permission adding record for setting the first target permission for the target user exists in the first permission record can be determined by examining the object role of the authentication object and the user corresponding to the object role.

As a possible implementation manner, whether the permission adding record for setting the first target permission for the target user exists in the first permission record may be determined by:

determining a first object role corresponding to a target user in the permission query parameters and an authentication object of the target user requesting authentication;

it is determined whether there is a record in the first rights record in which a first object role having a first target right is set for the authentication object, and the target user is added to the first object role.

If there is a record in the first authority record in which a first object role having a first target authority is set for the authentication object and the target user is added to the first object role, it may be determined that there is an authority addition record in the first authority record in which the first target authority is set for the target user.

If the first object role with the first target authority set for the authentication object does not exist in the first authority record, and the target user is added to the record of the first object role, it may be determined that an authority adding record for setting the first target authority for the target user does not exist in the first authority record.

As yet another possible implementation manner, whether there is a permission adding record in the first permission record that sets the first target permission for the target user may also be determined by:

determining whether a new object role is set for the authentication object in the first permission record, adding the target user into the new object role, and giving a permission adding record of the first target permission to the new object role.

If a new object role is set for the authentication object in the first authority record, adding the target user into the new object role, and assigning the authority adding record of the first target authority to the new object role, it can be determined that the authority adding record for setting the first target authority for the target user exists in the first authority record.

If a new object role is not set for the authentication object in the first permission record, adding the target user into the new object role, and giving the permission adding record of the first target permission to the new object role, it can be determined that the permission adding record for setting the first target permission for the target user does not exist in the first permission record.

determining whether a new object role is set for the authentication object in the first authority record, assigning a first target authority to the new object role, and adding the target user into the authority adding record in the new object role assigned with the first target authority.

If the first authority record exists, a new object role is set for the authentication object, a first target authority is given to the new object role, a target user is added into the authority adding record in the new object role given with the first target authority, and the authority adding record for setting the first target authority for the target user is determined to exist in the first authority record.

If the first authority record does not exist to set a new object role for the authentication object, the first target authority is given to the new object role, the target user is added into the authority adding record in the new object role given with the first target authority, and it is determined that the authority adding record which sets the first target authority for the target user does not exist in the first authority record.

The target user can request to change the authority of each authenticated object in the authority system besides the authority inquiry of the authority system.

As shown in fig. 5, a flowchart of an embodiment of an information processing method according to an embodiment of the present application may include:

501: and detecting a permission change event initiated by the target user.

502: and monitoring the changing process of the permission changing event by the permission system to obtain a monitoring result.

503: if the monitoring result is abnormal, determining that the authority system is abnormal.

The authority change event is a message event composed of an authority change request initiated by a target user aiming at an authority system, an authority change process corresponding to the authority change request and an obtained authority change result. The authority system can perform authority change operation on the authority change parameters corresponding to the authority change event so as to determine a change result corresponding to the authority change event. The monitoring authority system monitors the change process of the authority change event, namely the operation process formed by performing authority change on the authority change parameter corresponding to the authority change event by the authority system.

In the embodiment of the application, after the permission change event initiated by the target user is detected, the change process of the permission system on the permission change event can be monitored, and a monitoring result is obtained. By monitoring the modification process of the authority system, whether the modification process of the authority system is abnormal or not can be timely found, so that whether the monitoring result is abnormal or not can be determined. If the monitoring result shows abnormality, the permission system abnormality can be determined.

In some embodiments, the authority change parameters corresponding to the authority change event may be monitored. The rights change event may include: the rights change parameters.

As shown in fig. 6, a flowchart of an embodiment of an information processing method according to an embodiment of the present application may include:

601: and detecting a permission change event initiated by the target user.

602: and acquiring the authority change parameters used by the authority system when processing the authority change event.

603: and determining a monitoring result according to the permission change parameter.

604: if the monitoring result is abnormal, determining that the authority system is abnormal.

Wherein the rights change event may be triggered for the target user. The permission system may detect a permission change request triggered by the target user, thereby confirming that the user triggered the permission change event. The authority system can carry out authority change according to the authority change parameters corresponding to the authority change events so as to determine the authority change results corresponding to the authority change parameters.

In the embodiment of the application, the permission change parameters can be monitored aiming at the permission change event. By monitoring the authority change parameters, whether errors of the change parameters occur in the authority change process can be determined, so that the change process of the authority change event can be accurately monitored.

As one embodiment, determining the monitoring result according to the authority change parameter may include:

acquiring a first change object of a target user request change permission in the permission change parameter;

acquiring a second change object aimed at when the permission change is executed based on the permission change parameter in the permission system;

and determining a monitoring result according to the first changing object and the second changing object.

In the embodiment of the application, the first change object of which the target user requests to change and the second change object used when the permission system responds to the permission change request of the user to change the permission are monitored, so that the monitoring of the permission change range is realized, whether the object of which the permission is changed has a pertinence error or not is confirmed, the accuracy monitoring of the monitored object is realized, and the accuracy and the effectiveness of the monitoring are improved.

As one possible implementation manner, determining the monitoring result according to the first change object and the second change object may include:

and if the first changing object is different from the second changing object, determining that the monitoring result is abnormal.

In one possible design, the method may further include: and if the first changing object is the same as the second changing object, determining that the monitoring result is normal.

And if the monitoring result is abnormal, determining that the authority system is abnormal. If the monitoring result is normal, determining that the authority system is normal.

In some embodiments, the authority change result corresponding to the authority change event may be monitored. The rights change event may include: and (5) changing the authority.

As shown in fig. 7, a flowchart of still another embodiment of an information processing method according to an embodiment of the present application may include:

701: and detecting a permission change event initiated by the target user.

702: and acquiring a permission change result of the permission system on the permission change event.

703: and determining a monitoring result according to the permission change result.

704: if the monitoring result is abnormal, determining that the authority system is abnormal.

In the embodiment of the application, the authority change result of the authority change event is monitored, and the authority change effect of the authority system can be monitored in real time through monitoring the change result, so that whether the authority change accuracy of the authentication system is high or not is determined, and the monitoring accuracy is improved.

When monitoring the rights change result, the rights change parameter may be used to determine the rights change record according to the change time in the rights change parameter, thereby determining whether the rights change is abnormal according to the rights change record. As one embodiment, the rights change event may include: the permission change parameter;

The method may further comprise:

acquiring a first change object and change time of a target user requesting change permission in permission change parameters;

determining a second permission record of the first change object in the permission system according to the change time;

wherein, according to the permission change result, determining the monitoring result may include:

and determining a monitoring result according to the second permission record and the permission change result.

In the embodiment of the application, the second permission record corresponding to the change time is obtained, so that the permission change result is monitored according to the second permission record, and the monitoring result is determined. The second permission record can be used for monitoring the permission change result of the permission change event triggered by the target user according to the permission change record corresponding to time, an accurate monitoring basis is provided, and the monitoring accuracy and effectiveness are improved.

As one possible implementation manner, according to the second permission record and the permission change result, determining the monitoring result may include:

and if the permission change result is normal according to the second permission record, determining that the monitoring result is normal.

And if the permission change result is confirmed to be abnormal according to the second permission record, determining that the monitoring result is abnormal.

And the permission change result can be accurately monitored through the second permission record.

In practical applications, the rights change event may include: a rights addition event, a rights modification event, or a rights deletion event.

As one embodiment, the rights change event may include: rights addition events. The rights change result may include: the rights increase results.

In one possible design, if the permission change result is confirmed to be normal according to the second permission record, determining that the monitoring result is normal may include:

determining a second target authority of the target user requesting change based on the authority change parameter;

if the permission adding record for setting the second target permission for the target user exists in the second permission record, the permission modifying record for modifying the second target permission for the target user does not exist, and the permission deleting record for deleting the second target permission for the target user does not exist, determining that the permission adding result is normal;

if the permission adding result is normal, the monitoring result is determined to be normal.

In yet another possible design, if the permission change result is confirmed to be abnormal according to the second permission record, determining that the monitoring result is abnormal may include:

if the second permission record does not have a permission adding record for setting the second target permission for the target user or a permission deleting record for deleting the second target permission for the target user or a permission modifying record modified for the target user to have the second target permission, determining that the permission adding result is abnormal;

And if the second permission record does not contain a permission adding record for setting the second target permission for the target user, or contains a permission modifying record for modifying the second target permission for the target user, or contains a permission deleting record for deleting the second target permission for the target user, determining that the permission adding result is normal.

As yet another embodiment, the rights change event may include: rights delete event. The rights change result may include: and deleting the authority.

If the permission deleting record for deleting the second target permission for the target user exists after the permission adding record of the second target permission is set for the target user in the second permission record, and the permission modifying record modified for the target user to have the second target permission does not exist, determining that the permission deleting result is normal;

if the right deleting result is normal, determining that the monitoring result is normal.

if the permission adding record of the second target permission is set for the target user in the second permission record, the permission deleting record for deleting the second target permission for the target user does not exist, or the permission modifying record modified for the target user to have the second target permission exists, and the permission deleting result is determined to be abnormal;

if the authority deleting result is abnormal, determining that the monitoring result is abnormal.

As a possible implementation manner, whether the permission adding record for setting the second target permission for the target user exists in the second permission record may be determined by:

Determining a second object role corresponding to the target user in the permission modification parameter and a change object of the permission modification request of the target user;

it is determined whether there is a rights addition record in the second rights record that sets a second object role having a second target right for the change object.

As yet another possible implementation, whether there is a permission modification record in the second permission record that is modified for the target user to have the second target permission is determined by:

and determining whether a history object role corresponding to the history authority record of the change object is changed into a second object role in the second authority record, and setting an authority modification record of a second target authority for the changed second object role.

As yet another possible implementation manner, whether there is a permission deletion record in the second permission record that deletes the second target permission for the target user is determined by:

Determining whether a permission deletion record for deleting a second object role with a second target permission for the change object exists in the second permission record, or determining whether a permission deletion record for deleting a second target permission for the second object role of the change object exists in the second permission record.

In some embodiments, the target user may include a plurality and the target user-initiated rights management event may include at least one.

As shown in fig. 8, a flowchart of still another embodiment of an information processing method according to an embodiment of the present application may include the following steps:

801: and detecting at least one authority processing event initiated by each of the plurality of target users to obtain a plurality of authority processing events.

802: the method comprises the steps that a monitoring authority system respectively obtains monitoring results respectively corresponding to a plurality of authority processing events for the processing process of the plurality of authority processing events;

803: determining whether the authority processing process of the authority system on the plurality of authority processing events is abnormal or not according to the monitoring results respectively corresponding to the plurality of authority processing events;

804: if the authority system is abnormal in the authority processing process of the plurality of authority processing events, determining that the authority system is abnormal.

In some embodiments, if the authority system processes the plurality of authority processing events normally, it is determined that the authority system is normal.

In the embodiment of the application, the event processing processes of a plurality of authority processing events are monitored at the same time, so that the monitoring base number is improved, the possibility of abnormal confirmation of the authority system caused by abnormal monitoring of the authority processing processes is reduced, the monitoring effectiveness is improved, and the negative influence of error monitoring on the authority system is reduced.

As an embodiment, the processing result of the rights system for any rights processing event may include the first processing result or the second processing result.

For example, when the rights processing event is a rights query event, the processing result of the rights system on the rights query event may include: with or without rights. When the authority processing event is an authority changing event, the processing result of the authority system on the authority changing event may include: either changed or unchanged.

Wherein, according to the monitoring results respectively corresponding to the plurality of authority processing events, determining whether the authority processing process of the authority system on the plurality of authority processing events is abnormal may include:

the statistical authority system processes the first quantity of the first processing results and the second quantity of the second processing results in the processing results obtained by processing the plurality of authority processing events respectively;

Calculating the ratio of the first quantity to the second quantity to obtain a first ratio;

if the difference between the first proportion and the reference proportion meets the proportion difference condition, determining that the authority processing process of the authority system for the plurality of authority processing events is abnormal;

if the difference between the first proportion and the reference proportion does not meet the proportion difference condition, determining that the authority processing process of the authority system for the plurality of authority processing events is normal.

In some embodiments, the reference ratio may be determined by:

acquiring a plurality of historical processing events processed by the authority system and historical processing results respectively corresponding to the plurality of historical processing events; wherein the historical processing result may include the first processing result or the second processing result.

Counting the third number of the first processing results and the fourth number of the second processing results in the history processing results respectively corresponding to the plurality of history processing events;

and calculating the ratio of the third quantity to the fourth quantity to obtain a reference ratio.

In some embodiments, the entitlement system may be configured in the first monitoring device. The reference ratio may also be determined by:

establishing an association relation between a first proportion and first monitoring equipment;

Acquiring a second proportion associated with a second monitoring device different from the first monitoring device; the method comprises the steps that when a permission system in a second monitoring device monitors the processing process of a plurality of permission processing events and the permission system of the second monitoring device is abnormal to the permission processing process of the plurality of permission processing events, the permission system in the second monitoring device is determined to be abnormal; the plurality of rights handling events consists of at least one handling event initiated by a plurality of target users each for a rights system of the second monitoring device;

the second ratio is determined as the reference ratio.

The calculation mode of the second proportion by the second monitoring device is the same as the calculation mode of the first proportion by the first monitoring device, and will not be described herein.

As yet another embodiment, after determining that the rights system is abnormal, the method may further include:

generating abnormal prompt information of abnormal system work for the authority system;

and outputting abnormal prompt information.

For easy understanding, the target user initiates the permission processing request by using the mobile phone; the permission processing equipment is a cloud server for processing the permission processing request; the monitoring device is a computer, and the technical scheme of the application is described in detail by taking the example of monitoring the authority processing process.

As shown in fig. 9, the target user U1 may initiate 901 a rights handling request using the mobile phone M1, for example, the rights handling request is a rights inquiry request. The rights processing device M2 may receive the rights processing request sent by the mobile phone M1, and in response to the rights processing request, invoke the rights system to perform a rights processing operation corresponding to the rights processing request, and generate a rights processing event. Thereafter, the rights processing device M2 may report 902 the rights processing event to the monitoring device M3.

The monitoring device M3 may acquire the rights handling event sent by the rights handling device, and obtain the monitoring result 904 by monitoring 903 the processing procedure of the rights handling event by the rights system of the rights handling device M2. Thereafter, if the monitoring result is confirmed to be abnormal, it may be determined 905 that the authority system of the authority processing apparatus M2 is abnormal. Taking the authority processing event as an authority query event as an example, the monitoring device M3 may monitor the authentication result of the authority system on the authority query event. If the target user does not have the authority, and the authentication result is that the target user has the authority, the monitoring result is abnormal, and if the monitoring result is abnormal, the authority system is determined to be abnormal. Or if the target user has the authority and the authentication result is that the target user does not have the authority, indicating that the monitoring result is abnormal, and if the monitoring result is abnormal, determining that the authority system is abnormal.

In general, in order to timely inform the rights manager of the abnormal rights system, the monitoring device M3 may generate an abnormality notification of the abnormal rights system operation, and output the abnormality notification to prompt the rights manager of the abnormal rights system operation. For example, in practical application, taking the abnormal prompt information as the text prompt information as an example, assuming that the abnormal prompt information is "authority system abnormality of the a authority processing device", the monitoring device M3 may have a display screen L1, and may output abnormal text information through the display screen L1: "abnormality of the authority system of the a-authority processing apparatus", wherein in fig. 9, the a-authority processing apparatus is the authority processing apparatus M2, and a is the apparatus identification identifying the authority processing apparatus M2.

As shown in fig. 10, a flowchart of an embodiment of an audit method provided in an embodiment of the present application may include:

1001: and detecting a permission processing event initiated by the target user.

1002: and obtaining a processing result of the permission processing event by the permission system.

1003: and auditing the processing result to obtain an auditing result.

1004: and outputting an audit result.

The auditing method provided by the embodiment of the application can be executed by an auditing device, and the auditing device can comprise: the embodiment of the application does not limit the specific type of the audit device too much when the computer, the notebook and the like execute. The auditing method provided by the embodiment of the application can also be applied to servers such as cloud servers, common servers and the like, and rights processing events can be obtained through interaction with rights equipment.

The audit device or the server can acquire the authority processing event through an interface with the authority system, and acquire a processing result.

The rights handling event may be acquired. The authority system corresponding to the authority equipment can timely report the audit equipment in the form of an event to the authority processing request initiated by the target user.

And performing audit processing on the processing result, namely judging whether the audit processing result is abnormal or not. If the processing result is abnormal, generating an audit result of the abnormal processing result; if the processing result is normal, generating an audit result with normal processing result.

After the audit result is obtained, the embodiment of the application enables the user focusing on the audit result to acquire the audit result in time by outputting the audit result, so that the working state or the working capacity of the authority system is monitored in real time, and the monitoring efficiency is improved.

In one possible design, outputting the audit result may include: based on the audit result, an audit result interface is generated, and the audit result is output.

When the audit result interface is generated based on the audit result, the audit result interface can be generated according to the audit result, the authority system and the audited processing result so as to prompt the accuracy of the audit result.

In the embodiment of the application, the processing result of the permission processing event by the permission system can be obtained by detecting the permission processing event initiated by the target user, so that the processing result is subjected to audit processing to obtain an audit result. By auditing the authority processing event, the operation capability of the authority system can be accurately monitored to determine the operation effect of the authority system and obtain an accurate auditing result. And then, the user concerned with the authority system can timely acquire the running state of the authority system by outputting the auditing result so as to timely process the abnormal authority system when the auditing result is abnormal, and the stability of the authority system is improved.

As one embodiment, the rights handling event may include: rights query events.

Wherein, obtaining the processing result of the permission processing event by the permission system may include:

acquiring an authentication result of the authority system on the authority inquiry event;

performing audit processing on the processing result, the obtaining the audit result may include:

and auditing the authentication result to obtain an auditing result.

In some embodiments, the permission query event may include: inquiring the authority parameters;

the method may further comprise:

determining a first authority record of the authentication object in the authority system according to the inquiry time;

wherein, audit processing is performed on the authentication result, and obtaining the audit result may include:

and auditing the authentication result by using the first authority record to obtain an auditing result.

And when the authentication result is checked, the audit of the authority record can be completed.

As one possible implementation manner, performing audit processing on the authentication result by using the first authority record, and obtaining the audit result may include:

if the first permission record does not contain a permission adding record for setting the first target permission for the target user or contains a permission deleting record for deleting the first target permission for the target user, and the authentication result is that the target user has the first target permission, determining that the authentication result is abnormal;

and generating an audit result with abnormal authentication result.

As yet another possible implementation manner, performing an audit process on the authentication result using the first permission record, and obtaining the audit result may include:

if the permission adding record for setting the first target permission for the target user exists in the first permission record and the permission deleting record for deleting the first target permission for the target user does not exist in the first permission record, and the authentication result is that the first target permission does not exist for the target user, determining that the authentication result is abnormal;

and generating an audit result with abnormal authentication result.

In one possible design, whether there is a permission addition record in the first permission record that sets the first target permission for the target user may be determined by:

it is determined whether there is a record in the first authority record in which a first object role having a first target authority is set for the authentication object and the target user is added to the first object role.

In yet another possible design, whether there is a permission addition record in the first permission record that sets the first target permission for the target user may be determined by:

In yet another possible design, whether there is a record in the first permission record that sets the first target permission for the target user may be determined by:

Optionally, determining the first rights record of the authentication object in the rights system according to the query time may include:

As yet another embodiment, the rights handling event may include: a rights change event;

Acquiring a permission change result of a permission system on a permission change event;

wherein, performing audit processing on the processing result, obtaining the audit result may include:

and auditing the authority change result to obtain an auditing result.

In some embodiments, the rights change event may include: the permission change parameter;

the method may further comprise:

optionally, performing an audit process on the rights change result, and obtaining the audit result may include:

and auditing the authority change result by using the second authority record to obtain an auditing result.

As one possible implementation manner, performing audit processing on the authority change result by using the second authority record, where obtaining the audit result may include:

if the auditing authority changing result is normal according to the second authority record, determining the auditing result that the authority changing result is normal;

if the auditing authority change result is abnormal according to the second authority record, determining the auditing result of the authority change result abnormality.

In one possible design, the rights change event may include: a rights addition event; the rights change result may include: a permission increase result;

if the auditing authority change result is normal according to the second authority record, determining the auditing result that the authority change result is normal may include:

if the right adding result is determined to be normal, determining an audit result of the right adding result being normal.

In yet another possible design, the rights change event may include: a rights delete event; the rights change result may include: deleting the authority;

optionally, if the auditing authority change result is normal according to the second authority record, determining the auditing result that the authority change result is normal may include:

If the permission adding record of the second target permission is set for the target user in the second permission record, the permission deleting record for deleting the second target permission for the target user exists and the permission modifying record modified for the target user to have the second target permission does not exist, and the permission deleting result is determined to be normal;

if the right deleting result is determined to be normal, determining an audit result of the right deleting result being normal.

In yet another possible design, the rights change event may include: a rights addition event; the rights change result may include: a permission increase result;

optionally, if the authority change result is abnormal according to the second authority record, determining the audit result of the authority change result abnormality may include:

if the permission adding result is determined to be abnormal, determining an audit result of the permission adding result abnormality.

In yet another possible design, the rights change event may include: a rights delete event; the rights change result may include: and deleting the authority.

if the permission adding record of the second target permission is set for the target user in the second permission record, the permission deleting record for deleting the second target permission for the target user is not present or the permission modifying record modified by the target user to have the second target permission is present, and the permission deleting result is determined to be abnormal;

if the authority deleting result is abnormal, determining an audit result of the authority deleting result abnormality.

As yet another possible implementation, whether there is a permission modification record in the second permission record that is modified for the target user to have the second target permission may be determined by:

As yet another possible implementation manner, whether there is a permission deletion record in the second permission record that deletes the second target permission for the target user may be determined by:

Some steps in the embodiments of the present application are the same as those in the embodiments of fig. 1 to 9, and for brevity of description, details of each step and implementation of the method may refer to the description in the foregoing embodiments.

As shown in fig. 11, a schematic structural diagram of an embodiment of a monitoring device according to an embodiment of the present application may include: a storage component 1101 and a processing component 1102; storage component 1101 is configured to store one or more computer instructions for invocation by processing component 1102;

the processing component 1102 may be configured to:

detecting a permission processing event initiated by a target user; monitoring the processing process of the authority processing event by the authority system to obtain a monitoring result; if the monitoring result is abnormal, determining that the authority system is abnormal.

As one embodiment, the rights handling event may include: permission query events;

the processing component monitors the processing procedure of the permission processing event by the permission system, and the obtaining of the monitoring result may specifically include:

and monitoring the authentication process of the authority system on the authority inquiry event to obtain a monitoring result.

The process of the processing component monitoring the authority system for the authority inquiry event authentication process, the obtaining of the monitoring result may specifically include:

acquiring a permission query parameter of a permission query event input permission system;

and determining a monitoring result according to the permission query parameter.

As a possible implementation manner, the determining, by the processing component, the monitoring result according to the permission query parameter may specifically include:

if the first object role is not included in the at least one second object role, determining that the monitoring result is abnormal.

Further optionally, if the at least one second object role may include a first object role, the determining, according to the first object role, the monitoring result may specifically include:

As yet another embodiment, the processing component monitors an authentication process of the rights system for the rights inquiry event, and obtaining the monitoring result specifically may include:

and determining a monitoring result according to the authentication result.

As one possible implementation, the permission query event may include: inquiring the authority parameters;

the processing assembly may also be configured to:

the processing component determines the monitoring result according to the authentication result, and the determining of the monitoring result specifically may include:

In some embodiments, the determining, by the processing component, the monitoring result according to the first permission record and the authentication result may specifically include:

Further optionally, if the processing component determines that the authentication result is abnormal according to the first permission record, determining that the monitoring result is abnormal may specifically include:

In some embodiments, if the processing component determines that the authentication result is abnormal according to the first permission record, determining that the monitoring result is abnormal may specifically include:

As a possible implementation manner, the determining, by the processing component, the first permission record of the authentication object in the permission system according to the query time may specifically include:

In one possible design, the processing component determines whether there is a permission addition record in the first permission record that sets the first target permission for the target user by:

In yet another possible design, the processing component determines whether there is a record in the first permission record that sets the first target permission for the target user by:

in one possible design, the monitoring of the processing procedure of the authority system on the authority processing event may specifically include

And monitoring the changing process of the permission changing event by the permission system to obtain a monitoring result.

in one possible design, monitoring the modification process of the rights system on the rights modification event may specifically include:

acquiring a permission change parameter used by the permission system when processing a permission change event;

And determining a monitoring result according to the permission change parameter.

Further optionally, in one possible design, determining the monitoring result according to the permission change parameter may specifically include:

In one possible design, the determining, by the processing component, the monitoring result according to the first modification object and the second modification object may specifically include:

In some embodiments, the rights change event may include: a permission change result;

the processing component monitors the change process of the permission system on the permission change event, and the obtaining of the monitoring result specifically may include:

and determining a monitoring result according to the permission change result.

the processing assembly may also be configured to:

the processing component determines the monitoring result according to the permission change result, and the determining of the monitoring result specifically may include:

In some embodiments, the determining, by the processing component, the monitoring result according to the second permission record and the permission change result may specifically include:

if the right change result is normal according to the second right record, the monitoring result is determined to be normal;

and if the permission change result is abnormal according to the second permission record, determining that the monitoring result is abnormal.

In some embodiments, the rights change event may include: a rights addition event; the rights change result may include: a permission increase result;

if the processing component confirms that the permission change result is normal according to the second permission record, the determining that the monitoring result is normal may specifically include:

If the right adding result is determined to be normal, the monitoring result is determined to be normal.

As yet another embodiment, the rights change event may include: a rights delete event; the rights change result may include: deleting the authority;

if the right deleting result is determined to be normal, the monitoring result is determined to be normal.

As yet another embodiment, the rights change event may include: a rights addition event; the rights change result may include: a permission increase result;

if the processing component confirms that the permission change result is abnormal according to the second permission record, the determining that the monitoring result is abnormal specifically may include:

if the permission adding result is determined to be abnormal, the monitoring result is determined to be abnormal.

If the authority deleting result is abnormal, the monitoring result is abnormal.

Alternatively, the processing component may determine whether there is a permission addition record in the second permission record that sets the second target permission for the target user by:

Alternatively, the processing component may determine whether there is a permission modification record in the second permission record that is modified for the target user to have the second target permission by:

Alternatively, the processing component may determine whether there is a permission deletion record in the second permission record that deletes the second target permission for the target user by:

As one embodiment, the rights change event may include: a rights modification event, a rights addition event, or a rights deletion event.

As yet another example, the target user may include a plurality and the target user-initiated rights management event may include at least one;

the detecting, by the processing component, the permission processing event initiated by the target user may specifically include:

detecting at least one authority processing event initiated by each of a plurality of target users to obtain a plurality of authority processing events;

the method comprises the steps that a monitoring authority system respectively obtains monitoring results corresponding to authority processing events for processing processes of the authority processing events;

If the monitoring result is abnormal, the processing component determines that the permission system is abnormal specifically may include:

determining whether the authority processing process of the authority system on the plurality of authority processing events is abnormal or not according to the monitoring results respectively corresponding to the plurality of authority processing events;

if the authority system is abnormal in the authority processing process of the plurality of authority processing events, determining the authority system.

As a possible implementation manner, the processing result of any authority processing event by the authority system may include a first processing result or a second processing result;

the determining whether the authority processing process of the authority system on the plurality of authority processing events is abnormal or not according to the monitoring results respectively corresponding to the plurality of authority processing events can specifically include:

In one possible design, the processing component may determine the reference ratio by:

acquiring a plurality of historical processing events processed by the authority system and historical processing results respectively corresponding to the plurality of historical processing events; wherein the historical processing result may include a first processing result or a second processing result;

counting a third number of the first processing results and a fourth number of the second processing results in the historical processing results respectively corresponding to the plurality of historical processing events;

In one possible design, the entitlement system is configured in the first monitoring device;

the processing component may determine the reference ratio by:

The second ratio is determined as the reference ratio.

As yet another embodiment, the processing component may be further configured to:

and outputting abnormal prompt information.

The monitoring device of fig. 10 may perform the monitoring method of the embodiment shown in fig. 1 to 9, and its implementation principle and technical effects will not be described again. The specific manner in which the steps performed by the processing component in the above embodiments are described in detail in relation to the embodiments of the method will not be described in detail herein.

Furthermore, the embodiment of the present application also provides a computer readable storage medium, where the storage medium is used to store a computer program, and the computer program can execute the monitoring method as in the foregoing embodiment when executed.

As shown in fig. 12, which is a schematic structural diagram of an embodiment of an audit device provided in an embodiment of the present application, a monitoring device may include: a storage component 1201 and a processing component 1202; the storage component 1201 is for storing one or more computer instructions for invocation by the processing component 1202;

the processing component 1202 may be configured to:

detecting a permission processing event initiated by a target user; acquiring a processing result of the authority system on the authority processing event; auditing the processing result to obtain an auditing result; and outputting an audit result.

optionally, the processing component acquiring the processing result of the permission processing event by the permission processing system may specifically include: acquiring an authentication result of the authority system on the authority inquiry event;

the processing component performs audit processing on the processing result, and obtaining the audit result specifically may include:

and auditing the authentication result to obtain an auditing result.

the processing assembly may also be configured to:

the processing component performs audit processing on the authentication result, and obtaining the audit result specifically may include:

As a possible implementation manner, the processing component performs audit processing on the authentication result by using the first permission record, and obtaining the audit result specifically may include:

and generating an audit result with abnormal authentication result.

As yet another possible implementation manner, the processing component performs audit processing on the authentication result by using the first permission record, and obtaining the audit result specifically may include:

and generating an audit result with abnormal authentication result.

As yet another possible implementation manner, the determining, by the processing component, the first permission record of the authentication object in the permission system according to the query time may specifically include:

In one possible design, the processing component may determine whether there is a permission addition record in the first permission record that sets the first target permission for the target user by:

determining a first object role corresponding to a target user in the permission query parameters and an authentication object of the target user requesting authentication; it is determined whether there is a record in the first authority record in which a first object role having a first target authority is set for the authentication object and the target user is added to the first object role.

In yet another possible design, the processing component may determine whether there is a permission addition record in the first permission record that sets the first target permission for the target user by:

determining a first object role corresponding to a target user in the permission query parameters and an authentication object of the target user requesting authentication; determining whether a new object role is set for the authentication object in the first permission record, adding the target user into the new object role, and giving a permission adding record of the first target permission to the new object role.

In yet another possible design, the processing component may determine whether there is a record in the first permission record that sets the first target permission for the target user by:

Determining a first object role corresponding to a target user in the permission query parameters and an authentication object of the target user requesting authentication; determining whether a new object role is set for the authentication object in the first authority record, assigning a first target authority to the new object role, and adding the target user into the authority adding record in the new object role assigned with the first target authority.

the processing component obtaining the processing result of the permission processing event by the permission processing system specifically may include:

and acquiring a permission change result of the permission system on the permission change event.

and auditing the authority change result to obtain an auditing result.

the processing assembly may also be configured to:

The processing component performs audit processing on the authority change result, and obtaining the audit result specifically may include:

In some embodiments, the processing component performs an audit process on the rights change result by using the second rights record, and obtaining the audit result specifically may include:

As one possible implementation, the rights change event may include: a rights addition event; the rights change result may include: a permission increase result;

if the processing component is normal to the audit authority change result according to the second authority record, determining the audit result that the authority change result is normal specifically may include:

As yet another possible implementation, the rights change event may include: a rights delete event; the rights change result may include: deleting the authority;

As yet another possible implementation, the rights change event may include: a rights addition event; the rights change result may include: a permission increase result;

if the processing component is abnormal according to the second permission record, the auditing result of the abnormal permission change result can be determined specifically by:

In one possible design, the processing component may determine whether there is a permission addition record in the second permission record that sets the second target permission for the target user by:

determining a second object role corresponding to the target user in the permission modification parameter and a change object of the permission modification request of the target user; it is determined whether there is a rights addition record in the second rights record that sets a second object role having a second target right for the change object.

In yet another possible design, the processing component may determine whether there is a permission modification record in the second permission record that is modified for the target user to have the second target permission by:

determining a second object role corresponding to the target user in the permission modification parameter and a change object of the permission modification request of the target user; and determining whether a history object role corresponding to the history authority record of the change object is changed into a second object role in the second authority record, and setting an authority modification record of a second target authority for the changed second object role.

In yet another possible design, the processing component may determine whether there is a permission deletion record in the second permission record that deletes the second target permission for the target user by:

determining a second object role corresponding to the target user in the permission modification parameter and a change object of the permission modification request of the target user; determining whether a permission deletion record for deleting a second object role with a second target permission for the change object exists in the second permission record, or determining whether a permission deletion record for deleting a second target permission for the second object role of the change object exists in the second permission record.

As shown in fig. 13, a schematic structural diagram of an embodiment of a monitoring system according to an embodiment of the present application may include: user device 1301, monitoring device 1302, and rights handling device 1303.

The user equipment 1301 is configured to: detecting a permission processing request initiated by a target user, and sending the permission processing request to permission processing equipment.

The rights processing device 1303 is configured to: receiving an authority processing request sent by user equipment; in response to the rights handling request, the invoking rights system performs a rights handling operation corresponding to the rights handling request to generate a rights handling event.

The monitoring device 1302 is configured to: acquiring an authority processing event sent by an authority processing device; monitoring the processing process of the authority processing event by the authority system of the authority processing equipment to obtain a monitoring result; if the monitoring result is abnormal, determining that the authority system is abnormal.

Wherein, the authority processing device is configured with an authority system.

The specific structure, specific monitoring steps and modes of the monitoring device in the embodiments of the present application may refer to the monitoring device shown in fig. 11, and are not described herein again.

In the monitoring system shown in fig. 13, the user equipment is a mobile phone, the monitoring equipment is a cloud server authority processing equipment is a computer, and examples of the user equipment, the monitoring equipment and the authority processing equipment in the monitoring system are only schematic and do not limit the types of equipment of the user equipment, the monitoring equipment and the authority processing equipment in the embodiment of the application, and in the embodiment of the application, the specific types of the user equipment, the monitoring equipment and the authority processing equipment are not excessively limited, so that any electronic equipment or terminal capable of realizing each step provided in the embodiment of the application can form a scheme protected by the application.

As shown in fig. 14, a schematic structural diagram of an embodiment of an audit system provided in an embodiment of the present application may include: user device 1401, audit device 1402, and rights handling device 1403.

The user equipment 1401 is for: detecting a permission processing request initiated by a target user, and sending the permission processing request to permission processing equipment.

The rights processing device 1403 is configured to: receiving an authority processing request sent by user equipment; in response to the rights handling request, the invoking rights system performs a rights handling operation corresponding to the rights handling request to generate a rights handling event.

The auditing device 1402 is configured to: acquiring an authority processing event sent by an authority processing device; acquiring a processing result of the authority system on the authority processing event; auditing the processing result to obtain an auditing result; and outputting an audit result.

The specific structure, specific auditing steps and modes of the auditing apparatus in the embodiments of the present application may refer to the auditing apparatus shown in fig. 12, and are not described herein.

In the audit system shown in fig. 14, the user device is a tablet computer, the audit device is a cloud server, and the rights processing device is a computer, and examples of the user device, the audit device and the rights processing device in the audit system are only schematic, and do not limit the types of the user device, the audit device and the rights processing device in the embodiment of the application, but do not excessively limit specific types of the user device, the audit device and the rights processing device in the embodiment of the application, and any electronic device or terminal capable of implementing each step provided in the embodiment of the application can form a scheme protected by the application.

The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.

From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by adding necessary general purpose hardware platforms, or may be implemented by a combination of hardware and software. Based on such understanding, the foregoing aspects, in essence and portions contributing to the art, may be embodied in the form of a computer program product, which may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.

Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.

Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims

1. A method of monitoring, comprising:

detecting a permission processing event initiated by a target user, wherein the permission processing event corresponds to a permission processing request initiated by the target user to a permission system;

monitoring the authority processing parameters and/or the authority processing results corresponding to the authority processing events obtained by the authority system to obtain monitoring results;

if the monitoring result is abnormal, determining that the authority system is abnormal;

the method for monitoring the authority processing result corresponding to the authority processing event obtained by the authority system comprises the following steps: and determining a permission record corresponding to the permission processing event based on the permission processing parameter corresponding to the permission processing event obtained by the permission system, and monitoring a permission processing result corresponding to the permission processing event obtained by the permission system by utilizing the permission record to obtain a monitoring result.

2. The method of claim 1, wherein the rights handling event comprises: permission query events;

the step of monitoring the authority processing parameters and/or the authority processing results corresponding to the authority processing events obtained by the authority system, and the step of obtaining the monitoring results comprises the following steps: monitoring authority inquiry parameters and/or authentication results corresponding to the authority inquiry events obtained by the authority system to obtain monitoring results;

the determining, based on the permission processing parameters corresponding to the permission processing event obtained by the permission system, a permission record corresponding to the permission processing event includes: determining a first permission record corresponding to the permission query event based on permission query parameters corresponding to the permission query event obtained by the permission system;

and monitoring the authority processing result corresponding to the authority processing event obtained by the authority system by utilizing the authority record, wherein the obtaining of the monitoring result comprises the following steps: and monitoring an authentication result corresponding to the permission query event obtained by the permission system by utilizing the first permission record to obtain a monitoring result.

3. The method of claim 2, wherein monitoring the permission query parameters corresponding to the permission query event obtained by the permission system, and obtaining the monitoring result comprises:

Acquiring a first object role corresponding to the target user in the permission query parameter and an authentication object of the target user requesting authentication;

if the first object role is included in the at least one second object role, determining the monitoring result according to the first object role;

and if the first object role is not included in the at least one second object role, determining that the monitoring result is abnormal.

4. The method of claim 3, wherein if the first object role is included in the at least one second object role, determining the monitoring result according to the first object role comprises:

if the at least one second object role comprises the first object role, acquiring at least one candidate user in the first object role;

if the target user is included in the at least one candidate user, determining that the monitoring result is normal;

and if the target user is not included in the at least one candidate user, determining that the monitoring result is abnormal.

5. The method of claim 3, wherein the determining the first permission record corresponding to the permission query event based on the permission query parameter corresponding to the permission query event obtained by the permission system comprises:

Acquiring an authentication object of the target user requesting authentication in the permission query parameters and query time;

6. The method of claim 2, wherein monitoring the authentication result using the first permission record, and obtaining a monitoring result comprises:

and if the authentication result is determined to be abnormal according to the first authority record, determining that the monitoring result is abnormal.

7. The method of claim 6, wherein if the authentication result is determined to be abnormal based on the first authority record, determining the monitoring result to be abnormal comprises:

determining a first target authority which is requested to be identified by the target user based on the authority inquiry parameter;

if the first permission record does not contain a permission adding record for setting the first target permission for the target user or a permission deleting record for deleting the first target permission for the target user, and the authentication result is that the target user has the first target permission, determining that the authentication result is abnormal;

And if the authentication result is abnormal, determining that the monitoring result is abnormal.

8. The method of claim 6, wherein if the authentication result is determined to be abnormal based on the first authority record, determining the monitoring result to be abnormal comprises:

if the first permission record contains a permission adding record for setting the first target permission for the target user and does not contain a permission deleting record for deleting the first target permission for the target user, and the authentication result is that the first target permission does not exist for the target user, determining that the authentication result is abnormal;

9. The method of claim 5, wherein determining a first rights record for the authentication object in the rights system based on the query time comprises:

and determining all authority records of the authentication object before the inquiry time in the authority system as the first authority record.

10. The method according to claim 7 or 8, wherein the presence or absence of a permission increase record in the first permission record that sets the first target permission for the target user is determined by:

Determining a first object role corresponding to the target user in the permission query parameters and an authentication object of the target user requesting authentication;

determining whether a record exists in the first rights record that sets the first object role with the first target rights for the authentication object and adds the target user to the first object role.

11. The method according to claim 7 or 8, wherein the presence or absence of a permission increase record in the first permission record that sets the first target permission for the target user is determined by:

12. The method according to claim 7 or 8, wherein the presence or absence of a permission increase record in the first permission record that sets the first target permission for the target user is determined by:

determining whether a new object role is set for the authentication object in the first authority record, endowing the first target authority for the new object role, and adding the target user into an authority adding record in the new object role endowed with the first target authority.

13. The method of claim 1, wherein the rights handling event comprises: a rights change event;

monitoring the authority processing parameters and/or the authority processing results corresponding to the authority processing events obtained by the authority system, wherein the obtaining of the monitoring results comprises the following steps: the authority system obtains the authority change parameters and/or the authority change results corresponding to the authority change events, and obtains monitoring results;

the determining, based on the permission processing parameters corresponding to the permission processing event obtained by the permission system, a permission record corresponding to the permission processing event includes: determining a second authority record corresponding to the authority change event based on the authority change parameter corresponding to the authority change event obtained by the authority system;

And monitoring the authority processing result corresponding to the authority processing event obtained by the authority system by utilizing the authority record, wherein the obtaining of the monitoring result comprises the following steps: and monitoring the authority change result by using the second authority record to obtain a monitoring result.

14. The method of claim 13, wherein monitoring the rights modification parameters corresponding to the rights modification event obtained by the rights system, and obtaining the monitoring result comprises:

acquiring a first change object of the permission change parameter, wherein the first change object requests the target user to change the permission;

and determining the monitoring result according to the first changing object and the second changing object.

15. The method of claim 14, wherein determining the monitoring result from the first change object and the second change object comprises:

and if the first change object is different from the second change object, determining that the monitoring result is abnormal.

16. The method of claim 13, wherein the determining, based on the rights change parameters corresponding to the rights change event obtained by the rights system, a second rights record corresponding to the rights change event comprises:

Acquiring a first change object of the permission request of the target user in the permission change parameter and change time;

and determining a second permission record of the first change object in the permission system according to the change time.

17. The method of claim 13, wherein monitoring the rights change result using the second rights record, the monitoring result comprising:

if the right change result is confirmed to be normal according to the second right record, the monitoring result is confirmed to be normal;

18. The method of claim 17, wherein the rights change event comprises: a rights addition event; the authority change result comprises: a permission increase result;

and if the right change result is confirmed to be normal according to the second right record, determining that the monitoring result is normal comprises:

And if the permission adding result is determined to be normal, determining that the monitoring result is normal.

19. The method of claim 17, wherein the rights change event comprises: a rights delete event; the authority change result comprises: deleting the authority;

if the second permission record exists in the permission deletion record for deleting the second target permission for the target user after the permission addition record of the second target permission is set for the target user and does not exist in the permission modification record modified for the target user to have the second target permission, determining that the permission deletion result is normal;

and if the right deleting result is determined to be normal, determining that the monitoring result is normal.

20. The method of claim 17, wherein the rights change event comprises: a rights addition event; the authority change result comprises: a permission increase result;

And if the permission change result is confirmed to be abnormal according to the second permission record, determining that the monitoring result is abnormal comprises the following steps:

if the second permission record does not exist in the permission adding record for setting the second target permission for the target user or the permission deleting record for deleting the second target permission for the target user or the permission modifying record modified for the target user to have the second target permission, determining that the permission adding result is abnormal;

and if the permission adding result is determined to be abnormal, determining that the monitoring result is abnormal.

21. The method of claim 17, wherein the rights change event comprises: a rights delete event; the authority change result comprises: deleting the authority;

If the second permission record does not exist in the permission deletion record for deleting the second target permission for the target user or the permission modification record modified by the target user to have the second target permission after the permission addition record of the second target permission is set for the target user, determining that the permission deletion result is abnormal;

and if the authority deleting result is abnormal, determining that the monitoring result is abnormal.

22. A method according to any one of claims 18 to 21, wherein the presence or absence of a permission increase record in the second permission record that sets the second target permission for a target user is determined by:

determining a second object role corresponding to the target user in the permission modification parameters and a modification object of the permission modification request of the target user;

determining whether a rights addition record for setting a second object role having the second target rights for the change object exists in the second rights record.

23. A method according to any of claims 18-21, wherein the presence or absence of a permission modification record in the second permission record that is modified for the target user to have the second target permission is determined by:

and determining whether a history object role corresponding to the history authority record of the change object is changed into the second object role in the second authority record, and setting an authority modification record of the second target authority for the changed second object role.

24. A method according to any one of claims 18 to 21, wherein the presence or absence of a rights deletion record in the second rights record for deleting the second target rights for the target user is determined by:

determining whether a permission deletion record for deleting the second object role with the second target permission for the change object exists in the second permission record or determining whether a permission deletion record for deleting the second target permission for the second object role of the change object exists in the second permission record.

25. The method of claim 13, wherein the rights change event comprises: a rights modification event, a rights addition event, or a rights deletion event.

26. The method of claim 1, wherein the target user comprises a plurality of, the target user initiated rights handling event comprising at least one;

the detecting the permission processing event initiated by the target user comprises the following steps:

monitoring the processing process of the authority system on the authority processing event, wherein the obtaining of the monitoring result comprises the following steps:

monitoring the processing processes of the authority system on the authority processing events respectively to obtain monitoring results corresponding to the authority processing events respectively;

and if the monitoring result is abnormal, determining that the authority system is abnormal comprises:

and if the authority processing process of the authority system on the plurality of authority processing events is abnormal, determining that the authority system is abnormal.

27. The method of claim 26, wherein the processing results of any rights processing event by the rights system include a first processing result or a second processing result;

the determining whether the authority processing process of the authority system on the plurality of authority processing events is abnormal according to the monitoring results respectively corresponding to the plurality of authority processing events comprises:

counting a first number of first processing results and a second number of second processing results in processing results obtained by the authority system for processing the plurality of authority processing events respectively;

if the difference between the first proportion and the reference proportion meets a proportion difference condition, determining that the authority processing process of the authority system on the plurality of authority processing events is abnormal;

and if the difference between the first proportion and the reference proportion does not meet the proportion difference condition, determining that the authority processing process of the authority system on the plurality of authority processing events is normal.

28. The method of claim 27, wherein the reference ratio is determined by:

Acquiring a plurality of history processing events processed by the authority system and history processing results respectively corresponding to the plurality of history processing events; wherein the history processing result includes the first processing result or the second processing result;

counting a third number of the first processing results and a fourth number of the second processing results in the history processing results respectively corresponding to the plurality of history processing events;

and calculating the ratio of the third quantity to the fourth quantity to obtain the reference ratio.

29. The method of claim 27, wherein the entitlement system is configured in a first monitoring device;

the method further comprises the steps of:

establishing an association relation between the first proportion and the first monitoring equipment;

acquiring a second proportion associated with a second monitoring device different from the first monitoring device; the method comprises the steps that when a processing process of a plurality of authority processing events by an authority system in a second monitoring device is monitored and the authority processing process of the plurality of authority processing events by the authority system of the second monitoring device is abnormal, the abnormality of the authority system in the second monitoring device is determined; the plurality of rights handling events consists of at least one handling event initiated by a plurality of target users each for a rights system of the second monitoring device;

The second ratio is determined to be the reference ratio.

30. The method according to claim 1, wherein after determining that the rights system is abnormal if the monitoring result is abnormal, the method further comprises:

generating abnormal prompt information of abnormal system operation for the authority system;

and outputting the abnormal prompt information.

31. An auditing method, comprising:

acquiring a right processing parameter corresponding to the right processing event obtained by the right system and a right processing result;

determining a permission record corresponding to the permission processing event based on the permission processing parameter;

utilizing the authority record to carry out audit processing on the authority processing result to obtain an audit result;

and outputting the auditing result.

32. The method of claim 31, wherein the rights handling event comprises: permission query events;

the obtaining the rights processing parameters corresponding to the rights processing event obtained by the rights system and the rights processing result comprises the following steps: acquiring a permission query parameter and an authentication result corresponding to the permission query event acquired by the permission system;

The determining, based on the rights processing parameter, a rights record corresponding to the rights processing event includes: determining a first permission record corresponding to the permission query event based on the permission query parameter;

and utilizing the authority record to carry out audit processing on the authority processing result, wherein the obtaining of the audit result comprises the following steps: and carrying out audit processing on the authentication result by using the first authority record to obtain the audit result.

33. The method of claim 32, wherein determining, based on the permission query parameters, a first permission record corresponding to the permission query event comprises:

34. The method of claim 33, wherein the performing an audit process on the authentication result using the first permission record, the obtaining the audit result comprises:

and generating the audit result with abnormal authentication result.

35. The method of claim 33, wherein the performing an audit process on the authentication result using the first permission record, the obtaining the audit result comprises:

and generating the audit result with abnormal authentication result.

36. The method of claim 31, wherein the rights handling event comprises: a rights change event;

The obtaining the rights processing parameters corresponding to the rights processing event obtained by the rights system and the rights processing result comprises the following steps: acquiring a permission change parameter corresponding to the permission change event obtained by the permission system and a permission change result;

the determining, based on the rights processing parameter, a rights record corresponding to the rights processing event includes: determining a second permission record corresponding to the permission change event based on the permission change parameter;

and utilizing the authority record to carry out audit processing on the authority processing result, wherein the obtaining of the audit result comprises the following steps: and carrying out audit processing on the authority change result by using the second authority record to obtain the audit result.

37. The method of claim 36, wherein determining a second rights record corresponding to the rights change event based on the rights change parameter comprises:

38. The method of claim 37, wherein the performing an audit process on the rights change result using the second rights record, the obtaining the audit result comprises:

if the authority change result is normal according to the second authority record, determining an audit result that the authority change result is normal;

if the authority change result is abnormal according to the second authority record, determining an audit result of the authority change result abnormality.

39. The method of claim 38, wherein the rights change event comprises: a rights addition event; the authority change result comprises: a permission increase result;

and if the authority change result is normal according to the second authority record, the auditing result that the authority change result is normal is determined, wherein the determining of the auditing result that the authority change result is normal comprises:

And if the right adding result is determined to be normal, determining an audit result of the right adding result being normal.

40. The method of claim 38, wherein the rights change event comprises: a rights delete event; the authority change result comprises: deleting the authority;

41. The method of claim 38, wherein the rights change event comprises: a rights addition event; the authority change result comprises: a permission increase result;

If the authority change result is abnormal according to the second authority record, the auditing result of the authority change result abnormality comprises the following steps:

and if the permission adding result is determined to be abnormal, determining an audit result of the permission adding result abnormality.

42. The method of claim 38, wherein the rights change event comprises: a rights delete event; the authority change result comprises: deleting the authority;

if the authority deleting result is determined to be abnormal, determining an audit result of the authority deleting result abnormality.

43. A monitoring device, comprising: a storage component and a processing component; the storage component is configured to store one or more computer instructions, the one or more computer instructions being configured to be invoked by the processing component;

the processing assembly is configured to:

44. An auditing apparatus, comprising: a storage component and a processing component; the storage component is configured to store one or more computer instructions, the one or more computer instructions being configured to be invoked by the processing component;

the processing assembly is configured to:

and outputting the auditing result.

45. A monitoring system, comprising: user equipment, monitoring equipment and authority processing equipment;

the rights processing device is used for: receiving the permission processing request sent by the user equipment; responding to the permission processing request, and calling up a permission system to execute a permission processing operation corresponding to the permission processing request so as to generate a permission processing event, wherein the permission processing event corresponds to the permission processing request initiated by the target user to the permission system;

The monitoring device is used for: acquiring an authority processing event sent by the authority processing equipment; monitoring the authority processing parameters and/or the authority processing results corresponding to the authority processing events obtained by the authority system to obtain monitoring results; if the monitoring result is abnormal, determining that the authority system is abnormal;

46. An auditing system, comprising: user equipment, audit equipment and authority processing equipment;

The auditing equipment is used for: acquiring an authority processing event sent by an authority processing device; acquiring a right processing parameter corresponding to the right processing event obtained by the right system and a right processing result; determining a permission record corresponding to the permission processing event based on the permission processing parameter; utilizing the authority record to carry out audit processing on the authority processing result to obtain an audit result; and outputting the auditing result.