Method and device for generating access controlling policy

An access control strategy and access control technology, applied in the field of network applications, can solve problems such as error-prone and difficult for users to define, and achieve the effects of ensuring accuracy, easy understanding and operation, and reducing burden

Inactive Publication Date: 2012-12-12
BEIHANG UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to propose a method and device for generating access control policies aimed at the problems in the prior art, so as to solve the problems in the prior art that users are difficult to define ABAC policies based on XACML and manually write complex ABAC policies based on XACML. Error-prone problems in the process of ABAC strategy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for generating access controlling policy
  • Method and device for generating access controlling policy
  • Method and device for generating access controlling policy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] figure 1 It is a flow chart of Embodiment 1 of the access control policy generation method of the present invention, as shown in figure 1 As shown, the method includes:

[0030] Step 101, generate an ABAC policy expression according to the ABAC policy information input by the user through the pre-established ABAC policy view template;

[0031] Step 102: Convert the ABAC policy expression into an XACML-based ABAC policy conforming to the XACML template according to the preset mapping rule between the ABAC policy view template and the XACML template.

[0032] In the technical solution of this embodiment, an ABAC policy expression is generated according to the input ABAC policy information, and then the ABAC policy expression is automatically converted into an XACML-based ABAC policy through the set mapping rules. In this process, the user only needs to pass through the ABAC policy view Templates input some simple ABAC policy information, no need to manually wr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses method and device for generating an access controlling policy. The method comprises the following steps of: generating an ABAC policy expression according to ABAC policy information input by a user through a pre-established attribute-based access control (ABAC) policy view template; and converting the ABAC policy expression into an ABAC policy which is based on XACML and conforms to the XACML template according to mapping rules of the preset ABAC policy view template and an extensible access control markup language (XACML) template. In the invention, the user only needs to input some simple ABAC policy information through the ABAC policy view template and does not need to write a complicated ABAC policy based on XACML in a manual mode, therefore, the problem that the user difficultly defines the ABAC policy based on XACML is solved, the problem that errors are made in the process of writing the complicated ABAC policy based on XACML in a manual mode by the useris avoided, and the accuracy of the ABAC policy based on XACML is ensured.

Description

technical field [0001] The invention relates to access control technology, in particular to a method and device for generating an access control policy, belonging to the field of network applications. Background technique [0002] In order to ensure that the network has sufficient security, the International Organization for Standardization ISO defines five security service functions in its network security system design standard (ISO7498-2), including: identity authentication service, access control service, data confidentiality service, data Integrity service and non-repudiation service. Among them, the access control service is a defense measure against unauthorized use of resources, which is used to prevent users from accessing various resources without authorization, so that the computer system can be used within the legal scope. Access control can effectively prevent illegal users from accessing system resources, and legal users from illegally accessing system resourc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/56G06F17/30
Inventor 郎波倪文婷江川葛琨雷凯
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap