Access control method, device and system

An access control and access control strategy technology, applied in the field of network communication, can solve the problem of inaccessible request access control and so on

Active Publication Date: 2011-08-03
科大天工智能装备技术(天津)有限公司
View PDF0 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Since the NETCONF protocol also has a mechanism that uses subtree filter expressions to describe the requested resources, but thi

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method, device and system
  • Access control method, device and system
  • Access control method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention more clear, the implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0023] see figure 1 , an embodiment of the present invention provides an access control method, the method comprising:

[0024] 101: A policy enforcement point (Policy Enforcement Point, PEP) receives a NETCONF access request, and the NETCONF access request carries requested resource information described by a subtree filter expression;

[0025] 102: The policy enforcement point provides the requested resource information described by the subtree filter expression to the policy decision point (Policy Decision Point, PDP), so that the policy decision point can use the requested resource information described by the subtree filter expression Match the resource information described by the XPATH expression in the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an access control system, belonging to the field of network communication. In the system, a policy implementation point transmits a decision request to a policy decision point, wherein requested resource information in the decision request is described by using a subtree filter expression; the policy decision point matches the requested resource information described by using the subtree filter expression with resource information described by adopting an extensible markup language path XPATH expression in an access control policy, makes a decision based on a matching result to allow or refuel the access to the requested resource information, and returns the decision to the policy implementation point; and the policy implementation point allows or refuses the access to the requested resource information based on the decision returned by the policy decision point. The invention solves the problem that the access control cannot be carried out on the access request of the requested resource described by using the subtree filter expression in the prior art, and the invention also discloses an access control method and device.

Description

technical field [0001] The invention relates to the field of network communication, in particular to an access control method, device and system. Background technique [0002] Access control is an indispensable security mechanism in network management. It is usually used to control users' access to certain information items, such as servers, directories, files and other network resources, through predefined access control policies. [0003] The existing network management is based on the NETCONF (Network Configuration, network configuration) protocol, and the access control based on the NETCONF protocol is implemented by using the XACML (eXtensible Access Control Markup Language, extensible access control markup language) specification. XACML is an open standard language based on XML (Extensible Markup Language, Extensible Markup Language). [0004] Usually, an access control policy is composed of one or more access control rules. XACML abstracts the rules into several attr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 张彬李国辉李岩
Owner 科大天工智能装备技术(天津)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap