Data authority control method and data authority control system based on RBAC (role-based access control) model extension

A data permission and model technology, applied in the computer field, can solve problems such as inflexible adaptation to business needs, inflexible data permission control, and large code redundancy, so as to improve flexibility, save storage space, and code redundancy low effect

Active Publication Date: 2013-04-17
DATANG SOFTWARE TECH
View PDF5 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The technical problem to be solved by the present invention is to provide a data authority control method and system based on RBAC model expansion, which solves the problem of large code redundancy and inflexi...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data authority control method and data authority control system based on RBAC (role-based access control) model extension
  • Data authority control method and data authority control system based on RBAC (role-based access control) model extension
  • Data authority control method and data authority control system based on RBAC (role-based access control) model extension

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to make the above objects, features and advantages of the present invention more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0055] refer to figure 2 , which shows a data permission control method based on the RBAC model extension of the present invention, which may specifically include:

[0056] Step 100, configure the corresponding relationship between user objects and attributes, the corresponding relationship between each attribute and each resource class; configure the corresponding relationship between each resource class and each aspect class, and the aspect class is used to intercept access to the resource class access request.

[0057] In order to illustrate the application environment of the present invention more clearly, first introduce the present invention based on figure 1 The extended model structure of the RBAC model, refer to imag...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a data authority control method and a data authority control system based on RBAC (role-based access control) model extension and relates to the technical field of computers. The method includes: configuring corresponding relation of user objects and attributes and corresponding relation of the attributes with resource classes; and configuring corresponding relation of the resource classes with aspect classes. Based on the configurations, a data authority control process includes: when a user object of a login system sends an access request for requesting access to a resource class, intercepting the access request through the aspect class corresponding to the resource class; extracting attribute information of the user object to be assigned to a first object of the resource class by the aspect class according to the required attribute information corresponding to the resource class; and acquiring a data result set from a database by the resource class according to the attribute information of the first object. The method and the system aim at that service logic of resources is completely separated from data authority, flexibility of the system aiming at data authority control is improved, and the method and the system are high in expansibility, low in code redundancy and space-saving.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a data authority control method and system based on RBAC model extension. Background technique [0002] The construction of enterprise application systems involves authority management: one is function operation authority, and the other is data operation authority. Among them, functional authority can be understood as: what can be done, such as adding sales orders. Data permissions can be understood as: where and what can be done, such as checking the sales order of Zhang San of the Haidian Sales Department of the Beijing Branch. [0003] For authority control, the authority control system is basically built based on the RBAC (ROLE-BASED ACCESSCONTROL, role-based access control) model. refer to figure 1 , which is the core model of RBAC. In RBAC, permissions are associated with roles, and users gain the permissions of those roles by becoming members of the appropriate roles...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/30
Inventor 赵雨佳王强赵守来
Owner DATANG SOFTWARE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap