CN120110816B - A spatial authentication method and system for spatiotemporal data services - Google Patents
A spatial authentication method and system for spatiotemporal data servicesInfo
- Publication number
- CN120110816B CN120110816B CN202510604452.9A CN202510604452A CN120110816B CN 120110816 B CN120110816 B CN 120110816B CN 202510604452 A CN202510604452 A CN 202510604452A CN 120110816 B CN120110816 B CN 120110816B
- Authority
- CN
- China
- Prior art keywords
- user
- grid
- administrative
- grids
- area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
本发明涉及数据访问控制领域,提供一种时空数据服务的空间鉴权方法及系统,对各级行政区空间要素区域进行格网划分,得到每个行政区空间要素区域对应的格网集合;根据用户所在行政区划代码,找到用户所在行政区划的格网集合;判断用户所在行政区划的格网集合中是否存在与用户请求访问范围之间的距离小于第一设定阈值的格网,若存在,则用户具有访问权限,否则,用户不具有访问权限。本发明通过对空间要素不同尺度格网划分,形成时空格网模型,客户端在访问空间服务时,获取用户行政区编码、访问范围,传入模型,结合本发明的高效格网匹配算法,得到访问范围命中情况,服务端仅处理命中格网请求,最终实现空间范围鉴权。
The present invention relates to the field of data access control, and provides a spatial authentication method and system for spatiotemporal data services, which performs grid division on spatial element areas of administrative districts at all levels to obtain a grid set corresponding to the spatial element area of each administrative district; finds the grid set of the administrative district where the user is located according to the administrative district code where the user is located; and determines whether there is a grid in the grid set of the administrative district where the user is located whose distance from the user's requested access range is less than a first set threshold. If so, the user has access rights, otherwise, the user does not have access rights. The present invention forms a spatiotemporal grid model by dividing spatial elements into grids of different scales. When accessing spatial services, the client obtains the user's administrative district code and access range, and passes them into the model. In combination with the efficient grid matching algorithm of the present invention, the access range hit situation is obtained. The server only processes the hit grid request, and finally realizes spatial range authentication.
Description
Technical Field
The present invention relates to the field of data access control, and more particularly, to a spatial authentication method and system for space-time data service.
Background
With the rapid development of 3S technology, various industries have been deeply applied to space-time data, such as traffic navigation data, space-time positioning data, river water area data, administrative division range data, three-area three-line data, real estate data, etc., which affect the aspects of people' S life. The storage, visualization and application of the space-time data are generally carried by the space-time data service, which is a very basic and important use form, but because most of the space-time data are secret data, the data security requirement is high, and the data in the space ranges which can be used by personnel with different levels and role authorities are different, the use of the space-time data service is required to have the capacity of space authentication. How to efficiently and accurately solve the problem of space authentication, thereby improving the access control requirement of space service is a core problem to be solved.
The current method for controlling the access authority of the user mainly comprises the steps of taking space elements of different administrative areas as different layers, and pushing only a data layer of the administrative area where the user is located according to the administrative area code where the user is located when the user accesses. Although the method can effectively control the access data authority of the user, the spatial data organization process is complex and the data redundancy is higher.
Disclosure of Invention
Aiming at the technical problems in the prior art, the invention provides a space authentication method and a space authentication system for space-time data service, which solve the problems of complicated data organization process and large calculation amount in the prior art.
According to a first aspect of the present invention, there is provided a spatial authentication method for a spatio-temporal data service, comprising:
step 1, performing grid division on space element areas of each administrative area to obtain a grid set corresponding to each administrative area space element area, wherein the space element areas of each administrative area are irregular areas;
Step 2, obtaining a user access request, wherein the user access request comprises an administrative division code where a user is located and a user request access range;
Step3, according to the administrative division codes of the user, finding out the grid set of the administrative division of the user;
And step 4, judging whether a grid with the distance smaller than a first set threshold value from the user request access range exists in the grid set of the administrative division where the user is located, if so, the user has access right, otherwise, the user does not have access right.
According to a second aspect of the present invention, there is provided a spatial authentication system for a spatio-temporal data service, comprising:
The grid dividing module is used for dividing the grid of each administrative area space element area to obtain a grid set corresponding to each administrative area space element area, wherein each administrative area space element area is an irregular area;
the acquisition module is used for acquiring administrative division codes where the user is located and a user request access range;
The searching module is used for searching the grid set of the administrative division where the user is located according to the administrative division code where the user is located;
the judging module is used for judging whether a grid with the distance smaller than a first set threshold value from the user request access range exists in the grid set of the administrative division where the user is located, if so, the user has access right, otherwise, the user does not have access right.
According to a third aspect of the present invention, there is provided an electronic device comprising a memory, a processor for executing the steps of a spatial authentication method for implementing a spatio-temporal data service when a computer management class program stored in the memory.
According to a fourth aspect of the present invention, there is provided a computer readable storage medium having stored thereon a computer management class program which when executed by a processor performs the steps of a method of spatial authentication of a spatio-temporal data service.
According to the space authentication method and the space authentication system for the space data service, the space element grids with different scales are divided to form the space grid model, when a client accesses the space service, the encoding and access range of a user administrative area are acquired, and the space authentication model is transmitted into the client, and the access range hit condition is obtained by combining the efficient grid matching algorithm, so that the server only processes hit grid requests, and finally the space range authentication is realized.
Drawings
FIG. 1 is a flow chart of a space authentication method for space-time data service provided by the invention;
FIG. 2 is a schematic diagram of an administrative area space element area and circumscribed rectangle;
FIG. 3 is a block diagram of a spatial authentication system for space-time data services according to the present invention;
fig. 4 is a schematic hardware structure of one possible electronic device according to the present invention;
fig. 5 is a schematic hardware structure of a possible computer readable storage medium according to the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention. In addition, the technical features of each embodiment or the single embodiment provided by the invention can be combined with each other at will to form a feasible technical scheme, and the combination is not limited by the sequence of steps and/or the structural composition mode, but is necessarily based on the fact that a person of ordinary skill in the art can realize the combination, and when the technical scheme is contradictory or can not realize, the combination of the technical scheme is not considered to exist and is not within the protection scope of the invention claimed.
Fig. 1 is a flow chart of a spatial authentication method for space-time data service provided by the invention, and as shown in fig. 1, the method includes:
Step 1, grid division is carried out on space element areas of each administrative area to obtain a grid set corresponding to the space element areas of each administrative area, wherein the space element areas of each administrative area are irregular areas.
It can be understood that the space element region data of each level of administrative district of province, city, county and village is collected first, and then the space element region of each level of administrative district is subjected to grid division. For example, the map space element of a certain city comprises space elements of each administrative area, the space element area of each administrative area is divided into grids, and the space element area of each administrative area is divided into a plurality of small grids for subsequent accurate search.
In one possible embodiment of the present invention, the step 1 of performing grid division on the space element areas of each administrative area to obtain a grid set corresponding to each administrative area space element area includes:
and 11, acquiring the circumscribed rectangle of each administrative area space element area as an initial grid.
The step 11 of obtaining the circumscribed rectangle of each administrative area space element area as an initial grid includes:
wherein, the For the geographic coordinates of the ith data in the administrative space element area,In the horizontal direction of the axis of abscissa,In the vertical coordinate of the drawing, the drawing is,、、、And forming an external rectangle for the border range of the administrative area space element region according to the border range of the administrative area space element region.
It will be appreciated that referring to fig. 2, the inner square is the administrative space element area, the outer rectangular box is the circumscribed rectangle of the administrative space element area, as the initial grid containing the administrative space element area. The boundary line of the initial grid is available、、、To show that the four borderlines may form a rectangle.
And step 12, calculating the intersection ratio of the initial grid and the administrative area space element area.
It can be understood that the intersection ratio of the initial grid and the space element area of the administrative area is calculated, and a specific calculation formula is as follows:
wherein, the Representing the intersection area of the jth grid with the administrative space element area,Representing the mesh area.
And step 13, stopping grid division if the intersection ratio is greater than or equal to a second set threshold value, and performing step 14 on the initial grid by dividing the initial grid into four equal parts along the x direction and the y direction if the intersection ratio is less than the second set threshold value.
It will be appreciated that step 12 calculates the intersection ratio of the initial mesh and the administrative space element region, and if the intersection ratio is equal to or greater than the second set threshold (intersection ratio threshold), the mesh is used as a leaf node, and further division is stopped. Otherwise, if the intersection ratio is smaller than the second set threshold, then further recursive partitioning of the initial mesh is required. Specifically, the initial grid is equally divided into four small grids according to the x direction and the y direction.
The cross ratio threshold is determined according to the balance point of safety and performance, if the safety requirement is high, the cross ratio threshold can be adjusted to refine the grid, otherwise, if the safety is not high and the performance requirement is high, the cross ratio threshold can be adjusted to control the grid.
In the embodiment of the invention, the positive direction of the x axis is eastward, the negative direction is westward, the positive direction of the y axis is northward, the negative direction is southerly, and the representation of the four small grids is as follows:
wherein, the 、、、Respectively a grid after four times of the grid,Is half the width of the quarter front grid,Is half the height of the quarter front grid.
And 14, repeating the step 12 and the step 13 until the intersection ratio of each grid and the administrative area space element area is more than or equal to a second set threshold value, and acquiring a grid set corresponding to each administrative area space element area.
It can be understood that after dividing the grids four and the like, continuously calculating the intersection ratio of each grid and the administrative area space element area, then judging whether the intersection ratio is greater than or equal to a second set threshold, and if the intersection ratio of all the divided grids and the administrative area space element area is greater than the second set threshold, stopping continuously dividing to obtain a grid set corresponding to each administrative area element area.
It should be noted that, the present invention does not perform hierarchical storage on each administrative space element, and the plurality of administrative space elements are stored in one layer, so that the complex data organization is not generated.
And 2, acquiring a user access request, wherein the user access request comprises an administrative division code in which the user is located and a user request access range.
It is understood that, when a user accesses a space element region of an administrative area, the user can only access the space element of the administrative area where the user is located, and cannot access the space elements of other administrative areas. Therefore, when receiving the user access request, the administrative division code of the user and the access range requested by the user are acquired. Wherein, the administrative division code of the user can be obtained according to the user number.
And step 3, finding out a grid set of the administrative division where the user is located according to the administrative division code of the user.
It can be understood that, in step 1, a grid set of space element areas of each administrative district is obtained, and in this step, the grid set of the administrative district where the user is located is obtained according to the administrative district code where the user is located.
The quick and accurate range matching algorithm is also the key of the invention, and the corresponding relation between the administrative division codes and the grids is obtained through the step 1:
Wherein: Representing the grid set generated in the step 1, wherein the key is an administrative division code, Code is divided for the administrative region in which the user is located.
And step 4, judging whether a grid with the distance smaller than a first set threshold value from the user request access range exists in the grid set of the administrative division where the user is located, if so, the user has access right, otherwise, the user does not have access right.
It can be understood that after the grid set of the administrative division where the user is located and the user request access range are obtained, whether the user request access range is in the grid set of the administrative division where the user is located is judged, if yes, the user has access authority, and the space element query in the user request access range can be searched and pushed to the user. If the user request access range is not in the grid set of the administrative division where the user is located, the user does not have access rights, and the user is not allowed to access the space elements in the request access range.
In determining whether the user request access range is in the grid set of the administrative division in which the user is located, it is actually a process in which the user request access range matches the grids in the grid set of the administrative division in which the user is located.
In a possible embodiment of the present invention, the step 4 of determining whether a mesh with a distance smaller than a first set threshold from the access range requested by the user exists in the mesh set of the administrative division where the user is located, if so, the user has access rights, otherwise, the user does not have access rights includes:
and step 41, calculating the center point coordinates of the access range requested by the user and the center point coordinates of each grid in the grid set of the administrative division where the user is located respectively.
It can be understood that, the center point coordinates of the user request access range and the center point coordinates of each grid in the grid set are calculated respectively, and the center point coordinates can be expressed as:
wherein x and y are the abscissa and ordinate of the center point of the user request access range or grid, 、、、Requesting an access range or a frame range of the mesh for the user.
Step 42, sorting the user request access range and all grids based on each center point coordinate.
It will be appreciated that the user request access range and all grids are ordered according to the x-axis coordinates of the user request access range and the center point of the grid. For example, the user request access range and all grids are sorted in ascending order according to the x-coordinate.
Wherein, the The order of ordered space grids comprises the access range requested by a user and the arrangement order of all grids, and a and b are grid objects.
And step 43, retrieving grids with a distance meeting a first condition from the grid set of the administrative division where the user is located according to the x coordinate of the central point of the user request access range and the x coordinate of each grid in the grid set of the administrative division where the user is located, so as to obtain a plurality of candidate grids.
In a possible embodiment of the present invention, step 43 includes:
step 431, positioning the adjacent grids of the user request access range by a binary search method according to the x coordinate of the center point of the user request access range and the x coordinate of each grid in the grid set of the administrative division where the user is located.
It can be appreciated that based on the X-coordinate of the center point of the user request access range, the quick location to the nearby grid index is achieved by a binary search:
In the formula, As a result of the binary search,A binary search function for the package.
The binary search method is an existing search method, and is not described in detail herein. Specifically, based on the x-coordinate of the center point of the user request access range, a grid with a distance within a set threshold value from the x-coordinate of the center point of the user request access range is found out from the grid set by a binary search method, and is called a nearby grid.
And step 432, searching all grids with the distance meeting the first condition from the nearby grids along the positive direction and the negative direction of the x-axis by taking the nearby grids as starting positions, and taking the nearby grids and all the searched grids meeting the first condition as candidate grids.
Wherein, the grid with x coordinate meeting the condition is searched to the west and the east respectively by taking the nearby index as the starting position:
In the formula, 、Index sets for exploration in the west and east directions, index is a binary search starting index, w is a range grid width,、Is a retrieval function of the package.
It can be understood that, the nearby grids in the user request access range obtained by searching in step 431 are taken as the searching start positions, two-part searching is performed along the positive x-axis direction and the negative x-axis direction, all grids with the distances between the two directions and the nearby grids meeting the first condition are found, and the nearby grids and all the grids meeting the first condition are taken as candidate grids. The first condition may be a set distance.
And step 44, judging whether a plurality of candidate grids exist in which the distance from the y coordinate of the center point of the user request access range meets a second condition according to the y coordinate of the center point of the user request access range and the y coordinate of each candidate grid, if so, the user has access right, otherwise, the user does not have access right.
It will be appreciated that step 43 finds grids in the collection of grids that are closer to the x-coordinate of the user's request range, at which time it is also necessary to verify whether the y-axis coordinates of these grids are also closer to the y-coordinate of the user's request access range, and only if both the x-coordinate and the y-coordinate of the grids are closer to both the x-coordinate and the y-coordinate of the user's request access range, they are considered to match.
In verifying the y-coordinate of the candidate grids, if one candidate grid exists, the y-coordinate of the candidate grid satisfies the following conditionThe user has access rights, otherwise, the user does not have access rights;
wherein, the Is the firstThe y-coordinates of the center points of the candidate grids are spaced from the y-coordinates of the center points of the user request access range,Requesting the user for the height of the access range.
When the user needs to access the administrative district space element area, an access request can be sent to the Ngnix server, wherein the user access request comprises an administrative district code where the user is and a user request access range. When Ngnix server receives the access request of user, it jumps to space service through authority verification API, space service judges if the access range of user request is in the corresponding grid set of administrative division generation where user is located, if yes, it shows that the user has access authority, and space element data in the access range is pushed to user through Ngnix server. If the access request scope of the user is not in the grid set corresponding to the administrative division where the user is located, the user is not provided with the access right, and then a notification of refusing access is sent to the user through Ngnix server, so that the authentication of the access request of the user is achieved.
Referring to fig. 3, a space authentication system for space-time data service provided by the present invention includes:
The grid dividing module 301 is configured to perform grid division on the space element areas of each administrative area, so as to obtain a grid set corresponding to each administrative area space element area;
the acquiring module 302 is configured to acquire an administrative division code in which the user is located and a user request access range;
the searching module 303 is configured to search a grid set of the administrative division in which the user is located according to the code of the administrative division in which the user is located;
The judging module 304 is configured to judge whether a grid with a distance smaller than a first set threshold value from the user request access range exists in the grid set of the administrative division where the user is located, if so, the user has access rights, otherwise, the user does not have access rights.
It can be understood that the spatial authentication system for the spatial data service provided by the present invention corresponds to the spatial authentication method for the spatial data service provided by the foregoing embodiments, and the relevant technical features of the spatial authentication system for the spatial data service may refer to the relevant technical features of the spatial authentication method for the spatial data service, which are not described herein again.
Referring to fig. 4, fig. 4 is a schematic diagram of an embodiment of an electronic device according to an embodiment of the invention. As shown in fig. 4, an embodiment of the present invention provides an electronic device 400, including a memory 410, a processor 420, and a computer program 411 stored on the memory 410 and executable on the processor 420, wherein the processor 420 implements steps of a spatial authentication method for a spatio-temporal data service when executing the computer program 411.
Referring to fig. 5, fig. 5 is a schematic diagram of an embodiment of a computer readable storage medium according to the present invention. As shown in fig. 5, the present embodiment provides a computer-readable storage medium 500 on which a computer program 511 is stored, which computer program 511, when executed by a processor, implements the steps of a spatial authentication method for spatio-temporal data services.
The space authentication method and the space authentication system for the space-time data service are based on intelligent grid division and grid efficient matching mechanisms and technologies, control the authority of map access of a user each time, extract administrative division codes of the user when the user requests to access the map each time, search a grid set responding to administrative areas according to the administrative division codes of the user, calculate the space matching performance of the user request access range through a grid rapid matching algorithm, and finally filter and intercept map services according to the matching performance by combining with an Nginx server technology. The scheme considers the safety and performance trade-off point when the user accesses the map, if the safety requirement is high, the cross ratio threshold value can be adjusted to refine the grid, otherwise, if the safety is not high and the performance requirement is high, the safety requirement can be controlled by adjusting the threshold value.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and for those portions of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create a system for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (8)
1. A method for spatial authentication of a spatio-temporal data service, comprising:
step 1, performing grid division on space element areas of each administrative area to obtain a grid set corresponding to each administrative area space element area;
Step 2, obtaining a user access request, wherein the user access request comprises an administrative division code where a user is located and a user request access range;
Step3, according to the administrative division codes of the user, finding out the grid set of the administrative division of the user;
Step 4, judging whether a grid with the distance smaller than a first set threshold value from the user request access range exists in a grid set of the administrative division where the user is located, if so, the user has access rights, otherwise, the user does not have access rights;
Step 1, performing grid division on space element areas of each administrative area to obtain a grid set corresponding to each administrative area space element area, including:
step 11, obtaining an external rectangle of each administrative area space element area as an initial grid;
Step 12, calculating the intersection ratio of the initial grid and the administrative area space element area;
Step 13, stopping grid division if the intersection ratio is greater than or equal to a second set threshold, and respectively halving the initial grids along the x direction and the y direction to form four grids if the intersection ratio is less than the second set threshold, and executing step 14;
And 14, repeating the step 12 and the step 13 until the intersection ratio of each grid and the administrative area space element area is more than or equal to a second set threshold value, and acquiring a grid set corresponding to each administrative area space element area.
2. The space authentication method for space-time data service according to claim 1, wherein the step 11 of obtaining the bounding rectangle of each administrative space element area as an initial grid includes:
;
;
;
;
;
Wherein, the For the geographic coordinates of the ith data in the administrative space element area,In the horizontal direction of the axis of abscissa,In the vertical coordinate of the drawing, the drawing is,、、、Forming an external rectangle for the border range of the administrative area space element area according to the border range of the administrative area space element area;
step 12, calculating an intersection ratio of the initial grid and the administrative area space element area, including:
;
wherein, the Representing the intersection area of the jth grid with the administrative space element area,Representing the mesh area;
In the step 13, if the intersection ratio is smaller than a second set threshold, the initial grids are respectively halved along the x direction and the y direction to form four grids: ;
;
;
wherein, the 、、、Respectively a grid after four times of the grid,Is half the width of the quarter front grid,Is half the height of the quarter front grid.
3. The space authentication method of space-time data service according to claim 1, wherein the step 4 of determining whether there is a mesh with a distance smaller than a first set threshold from the access range requested by the user in the set of meshes of the administrative division in which the user is located, if there is a mesh with access right, the user has no access right, otherwise, the method includes:
respectively calculating the center point coordinate of the user request access range and the center point coordinate of each grid in the grid set of the administrative division where the user is located;
Based on each center point coordinate, sequencing the user request access range and all grids;
Searching grids with the distance which meets a first condition with the x coordinate of the central point of the user request access range from the grid set of the administrative division where the user is located according to the x coordinate of the central point of the user request access range and the x coordinate of each grid in the grid set of the administrative division where the user is located, so as to obtain a plurality of candidate grids;
And judging whether a plurality of candidate grids exist in which the distance from the y coordinate of the central point of the user request access range meets a second condition or not according to the y coordinate of the central point of the user request access range and the y coordinate of each candidate grid, if so, the user has access right, otherwise, the user does not have access right.
4. The space authentication method of claim 3, wherein the retrieving, from the set of grids of the administrative division in which the user is located, grids whose distance from the x-coordinate of the center point of the user request access range satisfies a first condition according to the x-coordinate of the center point of the user request access range and the x-coordinate of each grid in the set of grids of the administrative division in which the user is located, to obtain a plurality of candidate grids includes:
Positioning nearby grids of the user request access range through a binary search method according to the x coordinate of the central point of the user request access range and the x coordinate of each grid in the grid set of the administrative division where the user is located;
and searching all grids with the distance meeting the first condition from the adjacent grids along the positive direction and the negative direction of the x axis by taking the adjacent grids as starting positions, and taking the adjacent grids and all the searched grids meeting the first condition as candidate grids.
5. A space authentication method for a spatio-temporal data service according to claim 3, wherein said determining whether there is a candidate mesh whose distance from the y-coordinate of the center point of the user request access range satisfies a second condition among the plurality of candidate meshes based on the y-coordinate of the center point of the user request access range and the y-coordinate of each of the candidate meshes, if there is, the user has access right, otherwise, the user does not have access right includes:
if there is a candidate mesh satisfying The user has access rights, otherwise, the user does not have access rights;
wherein, the Is the firstThe y-coordinates of the center points of the candidate grids are spaced from the y-coordinates of the center points of the user request access range,Requesting the user for the height of the access range.
6. A spatial authentication system for a spatio-temporal data service, comprising:
the grid dividing module is used for dividing grids of the space element areas of each administrative area to obtain a grid set corresponding to each administrative area space element area;
the acquisition module is used for acquiring administrative division codes where the user is located and a user request access range;
The searching module is used for searching the grid set of the administrative division where the user is located according to the administrative division code where the user is located;
the judging module is used for judging whether a grid with the distance smaller than a first set threshold value from the user request access range exists in the grid set of the administrative division where the user is located, if so, the user has access right, otherwise, the user does not have access right;
The grid dividing module is configured to divide the grids of the space element areas of each administrative area to obtain a grid set corresponding to each administrative area space element area, and includes:
acquiring an external rectangle of each administrative area space element area as an initial grid;
Calculating the intersection ratio of the initial grid and the administrative area space element area;
And if the intersection ratio is smaller than the second set threshold, respectively halving the initial grids along the x direction and the y direction to form four grids, and continuously dividing each grid until the intersection ratio of each grid and the administrative space element area is larger than or equal to the second set threshold, so as to obtain a grid set corresponding to each administrative space element area.
7. An electronic device comprising a memory, a processor configured to implement the spatial authentication method of the spatio-temporal data service of any of claims 1-5 when executing a computer management class program stored in the memory.
8. A computer readable storage medium, having stored thereon a computer management class program which, when executed by a processor, implements the spatial authentication method of a spatio-temporal data service according to any of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202510604452.9A CN120110816B (en) | 2025-05-12 | 2025-05-12 | A spatial authentication method and system for spatiotemporal data services |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202510604452.9A CN120110816B (en) | 2025-05-12 | 2025-05-12 | A spatial authentication method and system for spatiotemporal data services |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN120110816A CN120110816A (en) | 2025-06-06 |
| CN120110816B true CN120110816B (en) | 2025-07-22 |
Family
ID=95881461
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202510604452.9A Active CN120110816B (en) | 2025-05-12 | 2025-05-12 | A spatial authentication method and system for spatiotemporal data services |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN120110816B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118520126A (en) * | 2024-01-11 | 2024-08-20 | 二十一世纪空间技术应用股份有限公司 | Dynamic management and access control method for remote sensing image service |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP5563545B2 (en) * | 2011-12-06 | 2014-07-30 | ヤフー株式会社 | Information processing apparatus and method |
| US9037111B2 (en) * | 2012-07-30 | 2015-05-19 | Ncr Corporation | Location aware authentication techniques |
| CN110888880A (en) * | 2019-11-19 | 2020-03-17 | 武汉光谷信息技术股份有限公司 | Proximity analysis method, device, equipment and medium based on spatial index |
| CN114640661A (en) * | 2020-12-15 | 2022-06-17 | 武汉市探测者科技有限公司 | Spatial data authority control method based on spatial range |
| CN115396136A (en) * | 2022-05-06 | 2022-11-25 | 南京航空航天大学 | An access control and authorization method based on domain division control and role mirroring |
| CN115758440A (en) * | 2022-10-24 | 2023-03-07 | 九江市自然资源局 | Gridding-based universal longitudinal regional authority control method |
| CN119006615B (en) * | 2024-10-24 | 2025-01-21 | 武汉光谷信息技术股份有限公司 | A geospatial business calibration method and system |
-
2025
- 2025-05-12 CN CN202510604452.9A patent/CN120110816B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118520126A (en) * | 2024-01-11 | 2024-08-20 | 二十一世纪空间技术应用股份有限公司 | Dynamic management and access control method for remote sensing image service |
Also Published As
| Publication number | Publication date |
|---|---|
| CN120110816A (en) | 2025-06-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110597943B (en) | Interest point processing method and device based on artificial intelligence and electronic equipment | |
| Pelanis et al. | Indexing the past, present, and anticipated future positions of moving objects | |
| US11232184B2 (en) | Verification request authentication machine | |
| CN103092853B (en) | The method for building up of a kind of spatial index, using method and device | |
| CN110263117B (en) | Method and device for determining POI (Point of interest) data | |
| CN112861972A (en) | Site selection method and device for exhibition area, computer equipment and medium | |
| CN107766377A (en) | A kind of monitoring data querying method and device | |
| KR102029450B1 (en) | Method and system for providing user location information using gridding map | |
| CN117351368B (en) | Natural village boundary acquisition method and device, electronic equipment and storage medium | |
| CN115050185B (en) | Method, system and storage medium for judging compliance of vehicle operation range | |
| CN106803825B (en) | anonymous area construction method based on query range | |
| CN113435502B (en) | Site flow determination method, device, equipment and storage medium | |
| WO2023124470A1 (en) | Region coding method and apparatus, device and storage medium | |
| CN115002753A (en) | False location privacy protection method, system, medium, and device based on obfuscated queries | |
| CN116245907B (en) | Multi-target tracking method and device in dense scene based on density clustering | |
| Wu et al. | GLUE: a parameter-tuning-free map updating system | |
| CN120110816B (en) | A spatial authentication method and system for spatiotemporal data services | |
| CN119339017B (en) | Data display methods, equipment, media and products based on land and resources survey | |
| CN116049889A (en) | Differential privacy track release method and device based on prefix tree | |
| CN113268770B (en) | Anonymous privacy protection method for trajectory k based on user activity | |
| CN107247716B (en) | Method and device for increasing electronic eye information, navigation chip and server | |
| CN114491307B (en) | Equipment aggregation method and device | |
| CN104123382B (en) | A kind of image set abstraction generating method under Social Media | |
| CN114445760B (en) | A scene recognition method, system, storage medium and terminal device | |
| WO2018082252A1 (en) | Detection processing method, apparatus and device for mobile terminal and computer storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |