Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Inter-domain access control method based on dynamic self regulation

A self-adjusting and dynamic technology, applied in the field of cross-domain authorized access control, which can solve the problems of coarse-grained authority control, difficult mapping relationships, and lack of evolutionary semantics.

Inactive Publication Date: 2013-09-04
INST OF INFORMATION ENG CAS
View PDF3 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Solve the problems in the current interoperability scenarios, such as the granularity of permission control is too coarse, the mapping relationship is not easy to change, and the lack of evolutionary semantics
[0010] The present invention aims at the problems of too coarse granularity of authority control, hard to change mapping relationship and lack of evolution semantics existing in most current inter-domain interoperability policy integration schemes, and creates a directed role graph DRG to model RBAC (Role Based Access Control) , using the attribute constraint space to construct the evolution semantics between nodes, the mapping rule adjustment mechanism is realized through the threshold evaluation related to the constraint satisfaction coefficient and safety evaluation coefficient, and a set of request-driven dynamic self-adjusting inter-domain mapping rule evolution model is given. implementation plan

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Inter-domain access control method based on dynamic self regulation
  • Inter-domain access control method based on dynamic self regulation
  • Inter-domain access control method based on dynamic self regulation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] In order to make the purpose, advantages and technical solutions of the present invention clearer, the present invention will be further described in detail below through specific implementation and in conjunction with the accompanying drawings.

[0053] This scheme mainly includes the following two aspects: first, use the attribute constraint space to construct the evolution semantics between nodes; second, realize the adjustment of mapping rules through the threshold evaluation related to constraint satisfaction coefficient and safety evaluation coefficient. The following will be introduced separately, and finally give a security analysis. Its basic implementation steps are:

[0054] 1) When an external domain user enters this domain for the first time, he needs to request permission; the system in this domain will randomly select an upper-level role node connected to a node with permission on the node of the directed role graph according to the directed edge, and per...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an inter-domain access control method based on dynamic self regulation. The problems of too rough access control granularity, difficulty in change of mapping relation, lack of evolution semantic and the like in the current inter-domain interoperation scene are solved. In order to solve the problems of too rough access control granularity, difficulty in change of mapping relation, lack of evolution semantic and the like in most inter-domain interoperation policy integrating schemes, a DRG (Directional Role Diagram) is created to model RBAC (Role-Based policies Access Control), evolution semantic between nodes is established by using an attribute constrain space, a mapping rule regulating mechanism is realized through related threshold estimation of constrain satisfactory factors, safety estimation factors and the like, and a complete evaluation implementation scheme is presented. By the scheme, 'an initial domain role identifier acquired through a management way' and 'a collaboration domain role identifier acquired through a mapping way' are differentiated clearly, so that the traditional security constraint of attribute level violation on a mapping rule is broken through.

Description

technical field [0001] The invention belongs to the field of cross-domain authorization access control of information security, and in particular relates to a dynamic self-adjustment-based inter-domain access control method. Background technique [0002] With the development of cloud computing and new generation network technology and the requirements of information security, various departments, industries, and regions have established their own access control systems in their own domains, and enterprises and institutions in different domains have emerged. With more and more business transactions, cross-domain secure access has become an inevitable requirement for large-scale distributed environments, especially multi-domain environments for new-generation network technologies. After cross-domain authentication solves the problem of identity authentication, the next problem to be solved is the distribution of user access rights in different domains, that is, the problem of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/911H04L29/06
Inventor 王雅哲吴月修王瑜
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com