First, user maintenance.
Because of different jobs, different system users are granted different rights to use system resources. When the user's job position changes, the user is granted new rights in time. Users need to be given greater access rights when promoting, so as to provide timely and effective services and give full play to the application of airborne geophysical data in scientific research and exploration. If users leave or retire, they must log off in time to ensure the security of system data. This process, that is, user maintenance, is completed by the system administrator, including the creation of system users, user authorization, user cancellation and so on.
1) Create a system user, for example, create a system user for a new employee and set the user's initial password (Figure 3-7).
Figure 3-7 Create User
2) User authorization, which grants the corresponding authority according to the user's current work (Figure 3-8).
3) Log off users, log off resigned or retired users, and protect system data security and user information. Logged-out users cannot log on to the system.
Figure 3-8 User Authorization
In addition, considering the safety of users and systems, the system suggests that users' passwords should be changed frequently to prevent password leakage and endanger system security. Using the same user password for a long time can easily lead to the user password being leaked. Therefore, when the user uses the same password days to change the password, the system will prompt the user to change the password (Figure 3-9). At the same time, the system requires the user's password to be at least 6 letters or numbers in length. Considering the working nature of some users, the user pause function is set. When users don't use the system for a long time (such as business trip), they can apply to suspend users in order to prevent others from maliciously stealing. Suspended users are protected by the system and cannot log in to the system. If necessary, apply to the system to re-enable the user account.
Figure 3-9 Modify User Information
Second, the role of maintenance.
A role is a group of people or positions who have the same access rights to the system, such as database administrator, main technicians, etc. The system uses roles to manage user groups and authorizes users by granting permissions to roles. Role maintenance is to create system roles and role authorization and manage roles according to requirements. If system roles are added or re-authorized as needed, the permissions of the roles will change, or the unused system roles will be cancelled.
This system divides the system roles (Table 3-9) according to the differences in data access and requirements of employees of different departments and levels in the center at present, and gives each role different system functions. At the same time, combined with the operating characteristics of data, control the data source of system functions. For example, some functions can only handle local data; Some functions can handle local data and database data. On the basis of ensuring the security of the system, the practicability of the system is improved.
Table 3-9 Predefined System Roles
Third, dictionary maintenance.
There are nearly 100 dictionary code tables in this system. With the continuous emergence of new methods of airborne geophysical survey, the progress of data processing methods and technologies, and the improvement of geological interpretation level of airborne geophysical data, the data dictionary entries in the airborne geophysical database will increase and change. In order to meet the needs of technical development, the system adopts data-driven technology to customize the data dictionary interface, that is, after defining the table name, dictionary code and name of the data dictionary, the customized interface program is called to generate the data dictionary interface that needs to be maintained and maintain the data dictionary. In addition, the system also provides the function of updating the local data dictionary to ensure the synchronization between the local data dictionary and the data dictionary in the database, and to maintain the unity and integrity of aviation geophysical information.
Fourth, user login parameter maintenance
User login parameters include the maximum number of times a user logs in, the maximum number of days to change the password compulsorily and the maximum number of days to change the password compulsorily, and the time limit for repeated login.
The maximum login times of users refers to the number of consecutive login failures allowed by the system. As shown in Figure 3- 10, the user failed to log in to the system for three consecutive times, and the system locked the user account, so the user was not allowed to log in to the system again.
Figure 3- 10 User Login Parameter Maintenance
The maximum number of days to change the password is that the system requires the user to change the user login password within the specified number of days. For users who have not changed their passwords for more than a specified number of days, the system will lock them and prohibit them from logging into the system.
The maximum number of days for non-mandatory password change means that users are advised to change their login password within a specified number of days; For users who have not changed their passwords for more than a specified number of days, the system will give a security prompt.
Repeated login time, the time when the user is allowed to log in to the system again, that is, the time when the system kills the user account.
User login parameter maintenance refers to user login parameter setting. Setting user login parameters reasonably for users with different permissions is one of the important means to ensure system security. The greater the user's authority, the greater the responsibility for system security. If it is breached, it will cause greater harm to system security. Therefore, the maximum number of times a user logs in should be set to a small value, and the repeated login time should be long to prevent malicious guessing of his user password. The time required to change the password (the maximum number of days to forcibly change the password) should be shorter than that of ordinary users.