Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System and method for multilevel cross-domain access control

An access control, cross-domain technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve the problem that the access control method cannot be directly applied to cross-domain access control, and the domain where the subject is located or the domain where the object is located cannot perform access control normally. and other issues, to achieve the effect of increasing the management of sexuality and realization of privileges

Active Publication Date: 2012-10-31
ZHENGZHOU XINDA JIEAN INFORMATION TECH
View PDF3 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Since each domain has its own access control system, when multiple domains interoperate, the subject and the object are not in the same domain. At this time, neither the domain where the subject resides nor the domain where the object resides can perform normal access control. Therefore, the original Intra-domain access control methods cannot be directly applied to cross-domain access control
[0004] The current cross-domain access control solution is to introduce a third-party cross-domain access control center, through which the access control of each domain is coordinated and controlled. However, in the secure access service platform, the access control domain is a Multi-level structure, the existing technical methods are all to solve the problem of cross-domain access control between peer domains, and cannot work in the case of multi-level management

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for multilevel cross-domain access control
  • System and method for multilevel cross-domain access control
  • System and method for multilevel cross-domain access control

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] A cross-domain access center, its implementation is as follows:

[0035] The cross-domain access centers are deployed in the national and provincial domains respectively, and can communicate with each other. figure 1 It is a topological structure diagram of cross-domain center deployment. Provincial cross-domain centers are connected to lower-level user management servers and access control servers. National cross-domain centers are connected to provincial cross-domain centers through dedicated lines. figure 2 It is a structural block diagram of the cross-domain center module. The cross-domain access center is mainly composed of three parts: the service layer, the management layer, and the database. The service layer is responsible for providing corresponding online services. its related data.

[0036] The service layer provides services such as cross-domain role application and query, through which lower-level domains can realize role mapping, and all services are pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a system and method for multilevel cross-domain access control in case of a multilevel administrative domain. The cross-domain access control is realized through a multilevel-role-based mapping mechanism; the method is realized based on all cross-domain access centers deployed in the entire country and provincial levels; the cross-domain access centers provide cross-domain role application and query services; and administrators can administrate all cross-domain access centers. The method comprises two steps of authorizing the cross-domain access control and carrying out access control on cross-domain access behaviors of users according to the authorization, wherein the authorizing of the cross-domain access control comprises the step of establishing corresponding cross-domain roles in related cross-domain access centers, and the control on user access comprises the steps of obtaining the access authority of cross-domain subjects to objects according to the mapping relationship between the cross-domain roles and domains where the subjects and the objects are located, and carrying out control by the domains where the objects are located. The system and the method are used for administrating the cross-domain access of three levels, i.e. a national level, a provincial level and a municipal level, in a security service platform, so that the cross-domain access control has the characteristics of self-government administration, user transparency and convenience in extension.

Description

technical field [0001] The invention belongs to the technical field of computer information security, and relates to a multi-level cross-domain access control system and control method in the case of multi-level management domains. The cross-domain access control is realized through a multi-level role-based mapping mechanism. Background technique [0002] The secure access service platform consists of two levels: national, provincial, and prefectural. There are application services at the national, provincial, and prefectural levels. Each node in each level is an access control domain. Users in one domain access applications in the domain, but in some cases, due to business requirements, users may need to access applications in other domains, and in this case, cross-domain access is required. [0003] Since each domain has its own access control system, when multiple domains interoperate, the subject and the object are not in the same domain. At this time, neither the subjec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 何骏张鲁国韩培胜梁松涛赵国磊刘熙胖王曙光栗芳
Owner ZHENGZHOU XINDA JIEAN INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com