32results about How to "Flexible Authorization" patented technology

The invention relates to a searchable encryption method based on wildcard character in cloud storage safety. The method comprises the following steps that: setting a document to be uploaded; extracting a keyword set; encrypting the keyword set; selecting a random number as a document encryption key, and encrypting the document encryption key; encrypting the document to be uploaded to obtain a ciphertext, and sending the ciphertext to a cloud computing platform; input a query keyword set, generating a query trapdoor, carrying out signature, and sending the signature to the cloud computing platform; verifying a query signature by the cloud computing platform, and executing a search algorithm by the cloud computing platform; transmitting a keyword index and the query trapdoor into a keyword matching protocol to obtain an encryption matching result; carrying out decryption to obtain a search result; according to the search result, returning a corresponding ciphertext by the cloud computing platform; and recovering the document encryption key, and recovering the document. By use of the method, the keyword search of at most two wildcard characters can be supported, the wildcard character can appear on any position of the keyword, and a plurality of random characters can be represented.

The invention discloses an identification cryptographic technique-based electronic passport extended access control system and an identification cryptographic technique-based authentication method. The authentication method comprises the following steps that: a key service centre provides a key service; a passport verification center makes an application for sensitive biological characteristic information-reading authority, the key service center issues an authorization smart card to perform authorization, and the passport verification center distributes the authorization smart card to a verification terminal controlled thereby; and a passport issuing center applies the key service center for an authentication key and a public parameter for authentication and writes the authentication key and the public parameter into passport smart card of an electronic passport. During passport verification, the authorization smart card and the passport smart card implement an identification cryptographic algorithm-based authentication protocol to judge if the verification terminal has the authority to read sensitive biological characteristic data. The system and the method avoid loopholes in authentication trust transmission in a European proposal, save the establishment of a complicate PKI system, and allow for low system construction cost. Compared with Singaporean EAC, the method provides flexible authorization for a certifying organization, and can still authorize the certifying organization after the issue of a passport.

The invention provides a static authentication method capable of aiming at SQL (Structured Query Language) analytical query. The method comprises the following steps of: S1: obtaining the SQL analytical query submitted by a user; S2: constructing a genealogical tree from the SQL analytical query; S3: on the basis of the genealogical tree, extracting a data access request of the SQL analytical query; and S4: on the basis of an access control rule, authenticating the data access request. Compared with an existing database access control technology, the static authentication method combines the characteristics of the analytical query to support simultaneous access to a plurality of columns and control for an operation. Therefore, by use of the method, the SQL analytical query can be more flexibly and accurately authenticated. Meanwhile, by use of the method, an administrator is permitted to carry out permission management through the compiling of the access control rule, in addition, no extra burdens are brought to users, and therefore, the static authentication method exhibits better availability. Finally, the method carries out authentication only on the basis of the SQL analytical query, so that an authentication process is more efficient, and the method is suitable for a large-scale data analysis scene.

The invention discloses an OCS traffic authorization method, an OCS, a server and a readable storage medium. The method is used for solving the technical problem that in the prior art, the mode of carrying out dynamic authorization configuration by an OCS is not flexible enough, and consequently the authorization configuration accuracy of a user is low. Therefore, the flexibility of flow authorization configuration is improved, different flow authorizations can be realized for different users to meet the actual flow service requirements of the users as much as possible, and the flow service experience of the users is enhanced. The method comprises the following steps: creating a flow authorization model according to Internet behavior data of a terminal user and service characteristics of an ordering service; obtaining a traffic service request sent by a terminal device corresponding to the terminal user; inputting the traffic service request into the traffic authorization model to obtain predicted traffic authorization information for the traffic service request; and sending the predicted flow authorization information to a PGW, so that the predicted flow authorization informationis forwarded to the terminal equipment through the PGW.

The invention discloses a Boolean keyword searchable encryption method supporting a large-scale user group, which realizes flexible access strategy matching and fine-grained access control on the premise of facing large-scale users based on a recursive attribute set structure, an access tree structure and a recursive keyword set structure. Firstly, a more flexible data user attribute organization mode and more flexible access strategy matching are supported, and more efficient access control is achieved. According to the method, the access tree is used for representing the access strategy, and the data user attributes are organized in a recursive collection structure, so that more efficient access strategy matching is realized. In addition, the method also supports a more flexible keyword organization mode and Boolean keyword retrieval. According to the method and the device, the keywords are organized into the recursive set, and flexible keyword organization and Boolean keyword search are realized through a Boolean matching operation method.

The invention provides a speaking right queuing queue user authorization method applied to a broadband cluster system, and the method comprises the steps: when a new user applies for a speaking rightand it is determines that the user needs to queue, putting the user into a speaking right queuing queue, and recording the queuing duration of the user; when it is determined that the current speakingright user releases the speaking right and the user in the speaking right queuing queue is not empty, determining the comprehensive priority of each user in the speaking right queuing queue accordingto the user priority, the user queuing duration, the preset priority adjustment step length and the preset priority adjustment time of the user; and selecting the user with the highest comprehensivepriority to grant the speaking right. The scheme can flexibly authorize the speaking right for users in different application scenarios, and the user experience is improved.