Database forced access control method and system based on policy

A mandatory access control and database technology, applied in the field of data processing, can solve the problems of slow data access response and low access efficiency, and achieve the effect of simplifying management and configuration work

Inactive Publication Date: 2011-05-18
INST OF SOFTWARE - CHINESE ACAD OF SCI +2
View PDF0 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The existing multi-level security model is managed through security labels, which ensures the strict

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database forced access control method and system based on policy
  • Database forced access control method and system based on policy
  • Database forced access control method and system based on policy

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0061] Example 1

[0062] This example implements mandatory access control on the employee information table of a common database. The employee information table includes 5 fields, number, name, salary, and department. The information stored in the data table is as follows:

[0063]

[0064] The process of using this method to perform spatial query access control on each data table in the database is as follows:

[0065] 1) Create an index tree for the spatial data table in the database. The index tree is an R+ index tree. The index field is {salary, age}. The tree has three layers of nodes including the root node. The node space division effect is as follows Figure 4 Shown.

[0066] 2) Overlay and store the mandatory access control security label setting strategy layer by layer on the nodes of the index tree;

[0067] a. First set up a security label set L, each element of which is composed of two components, the first is the category category, the value is any subset of {Dep1, Dep2}...

Example Embodiment

[0087] Example 2:

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a database forced access control method and system based on a policy. The method comprises the following steps of: (1) establishing a multi-dimensional index tree for a data table in a database; (2) stacking layer by layer and storing forced access control safety tag setting policies into nodes of the multi-dimensional index tree; and (3) performing user access control on the multi-dimensional index tree with stacked policies. The system comprises a front end and a rear end, the front end comprises a policy managing assembly and an index tree assembly, and the rear endcomprises an access control assembly and a policy modifying assembly. When the database forced access control system is in use, a manager only needs to manage a few of forced access control safety tag setting policies in the mass database so as to greatly reduce the wastes of time and labors. The policies are stacked on the index tree so that the safety tag calculation of the data and the access control based on the safety tag can be integrated with the retrieve process of the data to shorten the additional retrieve time. The executing efficiency and the response rate of the data access are increased.

Description

technical field [0001] The invention relates to a database access method and system, in particular to a policy-based database mandatory access control method and system, belonging to the technical field of data processing. Background technique [0002] With the rapid development of information technology, information data is developing in an explosive manner. In 2009, the global information volume still reached 800,000 PB, an increase of 62% over the previous year. The International Data Corporation predicts that this number will reach 1.2ZB in 2010, about eight times that of 2007. With the rapid development of data volume, the security of databases storing massive data has become a serious challenge. [0003] Discretionary access control and mandatory access control are two important database security techniques. Autonomous access control technology allows users to independently define data access rights, that is, subjects with access permissions can directly or indirectl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F17/30
Inventor 张妍陈驰冯登国张敏徐震张明波谢炯陈荣国周成虎熊伟景宁
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap