Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Fine grain authority management method based on classification method

A classification method and resource classification technology, applied in the field of classification-based fine-grained rights management, can solve practical limitations, do not support resource query, cannot add other branches and sub-branches, etc.

Inactive Publication Date: 2009-07-29
汪金保
View PDF0 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] 1. The head office administrator can only add branches, not branches
[0010] 2. Beijing branch administrators can only add sub-branches of Beijing branch, but cannot add branches, and cannot add other branches and sub-branches
[0028] 2. Does not support resource query
its usefulness is limited

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fine grain authority management method based on classification method
  • Fine grain authority management method based on classification method
  • Fine grain authority management method based on classification method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0060] 5.2. Resource classification method

[0061] Resource classification method: define the classification rules of resources, directly evaluate the attributes of a given resource and a given subject (the given subject is optional), so as to determine whether the resource belongs to the category, without prior displaying the resources into a certain category .

[0062] The resource classification method is basically similar to the subject classification method, with one significant difference: the resource classification input parameters are: resource, subject, context and data source. And the input parameter of subject classification has no resources.

[0063] Resource classification rules, expressions, and expression values ​​are consistent with subject classification and will not be repeated.

[0064] Resource Classification Example 1:

[0065] name

rule

describe

Branches

String parent=

RESOURCE. get("parent");

...

Embodiment 2

[0102] An enterprise's customer relationship system maintains customer operations. The fine-grained permission control requirements are:

[0103] 1. Ordinary sales staff, maintain the customers developed by themselves;

[0104] 2. Sales department manager, maintain all customers;

[0105] 3. Users who are blacklisted by the company administrator cannot maintain any customers.

[0106] Using this fine-grained authorization decision-making method, in order to maintain customer operations, set the following authorization decision-making strategy:

[0107] priority

subject classification

Resource Classification

Authorization relationship

Reason for refusal

1

For blacklist

household

all customers

reject

Blacklist users are not allowed to maintain any

client

2

general sale

personnel

self-developed customers

allow

Ordinary salespeople can only protect themselves

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a dynamic and intelligent subject and resource classification method and a fine-grain authority management method based on the classification method. The subject classification method is a dynamic and intelligent classification method and realized by various algorithms carried out to subjects, subject properties, context and data sources. As to a given subject, only an algorithm rule is required for determining whether the subject belongs to a class. The resource classification method is quite similar to the subject classification method and can carry out the algorithm to resources and resource properties. Both a fine-grain authorization decision-making method and a fine-grain authorization inquiry method are applied to the filed of authority management. The fine-grain authorization decision-making method defines authority decision strategies based on subject classification and resources classification. When a certain subject requests operation to a certain resource, the strategies are assessed to permit or deny the request. If the request is denied, refusal reasons are returned. The fine-grain authority inquiry method defines authority inquiry strategies based on the subject classification and a data inquiry template. When a certain subject requests certain inquiry, the strategies are assessed and inquiry results are returned. The authority strategies based on classification are characterized by simpleness, strong reusability, easy implementation and the like.

Description

1. Technical field [0001] The subject classification method and the resource classification method are dynamic and intelligent classification methods. It can be used in rights management, identity authentication and other fields. The fine-grained authorization decision-making method and the fine-grained authorization query method based on the classification method are applied in the field of computer software system authority management. Manage the subject's access rights to resources, and manage the subject's query rights to resources. 2. Background technology [0002] In computer systems, especially network systems, resources are put together and shared together, and these resources can be pictures, databases, texts, computers, etc. When a user requests to operate a certain resource, in order to ensure the safe and normal operation of the system, the system will judge the permissions of the user and the resource to ensure that the user has the permission to operate the r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F21/31
Inventor 汪金保王磊
Owner 汪金保
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com