Grid visit control method based on extendible markup language security policy

A technology that extends markup language and access control, and is used in data exchange networks, digital transmission systems, electrical components, etc., to achieve the effect of easy implementation, guaranteed compatibility, and simple content

Inactive Publication Date: 2010-07-07
NANJING UNIV OF POSTS & TELECOMM
View PDF0 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Technical problem; The purpose of the invention is to solve the dynamics involved in the grid computing access control process and the problems across different security domains

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Grid visit control method based on extendible markup language security policy
  • Grid visit control method based on extendible markup language security policy
  • Grid visit control method based on extendible markup language security policy

Examples

Experimental program
Comparison scheme
Effect test

example

[0103] Example: Only allow users to access a resource from 8:00 am to 8:00 pm; allow users to access resources when the CPU load of the resource is 80%; there is only one session When using a resource, the resource can be read, written, and executed, but when multiple sessions use the resource, the resource cannot be written.

[0104] Table 4-3 and Table 4-4 give the information description of the permission status and events in this example. Again we can use the Permission State Machine (PSM) to describe these situations. like Pic 4-1 0 is a schematic diagram of the permission state machine, where each node represents a state, each edge represents an event, and PS0 represents the prohibited state of the permission.

[0105] Table 3 permission state table

[0106] permissions

status number

Resource readable, writable and executable (P1, P2, P3)

PS1

Resource readable and executable (P1, P2)

PS2

Resource readable (P1)

PS3

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a grid visit control method based on an extendible markup language security policy, which aims at solving the problems of dynamics and span of different security domains in the grid calculation visit control process. The method comprises the following methods: limiting security domains on roles; defining the role inheriting relationship between different security domains; attaching the roles of the self domain to the roles of other domains through the authorized agency service to establish the role inheriting relationship between the domains; and giving corresponding resolutions for possibly meeting role inheriting relationship conflicts. The invention carries out the extension on the basis of a standard RBAC model, and gives a role visit control model based on the context through introducing two context mechanisms: main events and object events, the model can realize the dynamic authorization process, and formally describes the concrete realization process of the role state change caused by the main events and the permission state change caused by the object events, and at the same time, the analysis on the consistency in the state conversion process shows that the model maintains the consistency in the state conversion process.

Description

technical field [0001] The invention is a security solution for distributed computing. It is mainly used to solve the problem of access control in the grid environment, and belongs to the field of distributed computing software security technology. Background technique [0002] Grid Computing refers to linking scattered hardware, software, and information resources into a huge whole through a high-speed network, so that people can use geographically scattered resources to complete various large-scale tasks. complex computing and data processing tasks. Compared with previous concepts such as cooperative work and distributed computing, grid computing is more integrated, more convenient to use, and more fully and effectively utilized resources. It marks a new and higher level of modern information technology application. [0003] Security is one of the key issues of grid computing technology, especially with the commercial development and popularization of grid technology, t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/56
Inventor 王汝传郑卿王海艳王杨张琳邓勇
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap