Data access controlling method crossing safety area based on role mapping

A technology of data access control and role mapping, applied to electrical components, transmission systems, etc., can solve problems that affect the degree of data sharing, cannot function normally, cannot adapt to scale, and achieve the effect of avoiding typical violations of security constraints

A technology of data access control and role mapping, applied to electrical components, transmission systems, etc., can solve problems that affect the degree of data sharing, cannot function normally, cannot adapt to scale, and achieve the effect of avoiding typical violations of security constraints

CN103166944AInactive Publication Date: 2013-06-19中国人民解放军63928部队
2 Cites 3 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data access controlling method crossing safety area based on role mapping
  • Data access controlling method crossing safety area based on role mapping
  • Data access controlling method crossing safety area based on role mapping

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention will be further described below in conjunction with accompanying drawing.

[0037] Such as figure 1 , a method for controlling data access across security domains based on role mapping, the method comprising the following steps:

[0038] (1) Receive and monitor the request message of role mapping, and analyze the role mapping path;

[0039] (2) Judging whether it is safe to establish a mapping with the role of the current domain, and at the same time discover and solve the role decay inheritance;

[0040](3) Forward the request message based on the domain mapping table and the historical path table, discover the target domain and establish a safe role mapping path with it.

[0041] Described step (1) comprises the following steps:

[0042] (1-1) Monitor the request message of the source domain user, and judge the message type;

[0043] (1-2) After the data access request is monitored, the path analysis function Extract including the variable re...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a data access controlling method a crossing safety area based on role mapping and belongs to the technical field of computer information processing. The method includes the following steps that request information mapped by a role is received and monitored. The role mapping way is analyzed. Whether the establishment of the mapping with the present domain is safe or not is judged. The role declining inheritance is found and solved at the same time. The request information based on a domain mapping table and a history routing table is transmitted. A target domain is found. A safe role mapping way is set up with the target domain. The fact that the cross-domain role mapping safety is evaluated, the role mapping request is monitored and analyzed, the safe way is judged and selected and the information is transmitted based on the domain mapping table and the history routing table is adopted, thus the problem of typically violating security constraint possibly triggered in the process of the cross-domain role mapping is effectively avoided. The data access controlling method crossing safety area based on the role mapping is suitable for the environment with large scale and dynamic changing of the safety domain.

Description

technical field [0001] The invention belongs to the technical field of computer information processing, and in particular relates to a method for controlling data access across security domains based on role mapping. Background technique [0002] At present, there are not many researches in China and abroad on data access control across security domains. The main work focuses on role-based access control RBAC (Role-Based Access Control) model extension - cross-domain data based on role mapping In terms of access control, the focus of the research is how to solve the violation of security constraints caused by role conflicts in the process of cross-domain role mapping. [0003] The role-based inter-domain access control model IRBAC (Interoperable Role-Based Access Control) is the prototype of the concept of cross-domain data access control. This model establishes role mapping through the conversion relationship of roles to achieve interoperability between two domains. In add...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
19 Jun 2013
Publication
CN103166944A
IPC
H04L29/06
Inventors
汪晓庆; 谷天阳