Fine-grained cloud platform security access control method based on user identity capacity

A technology for secure access and user identity, applied in the field of fine-grained cloud platform security access control, can solve problems such as non-unique user attributes, unsuitable for pervasive cloud environment, and unclear division of permissions, achieving low cost and protection User privacy, the effect of avoiding communication bottlenecks

Active Publication Date: 2014-08-27
蜻蜓数字乡村研究院(苏州)有限公司
View PDF2 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the inherent and non-unique nature of user attributes, and different users may have multiple identical attributes, the process of fine-grained access faces the problem of unclear division of permissions
In the process of

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fine-grained cloud platform security access control method based on user identity capacity
  • Fine-grained cloud platform security access control method based on user identity capacity
  • Fine-grained cloud platform security access control method based on user identity capacity

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The invention will be described in further detail below in conjunction with the accompanying drawings.

[0032] Such as figure 1 with figure 2 As shown, in this embodiment, a fine-grained cloud platform security access control method based on user identity capability, the system of the present invention is composed of four functional entities: cloud, cloud server, user and DO. Among them, DO is the uploader and resource owner of cloud data, encrypts files and formulates related access strategies. Users are sharers of cloud data and have access rights to read, write, and execute files, but these rights can only be obtained after registration at DO. The cloud server undertakes an important task. It stores the identity-authority-ciphertext table uploaded by the DO. It is not only an agent of DO access control, but also a service provider of cloud computing storage. The cloud is a physical node composed of computer clusters, which only has the function of storage.

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a fine-grained cloud platform security access control method based on user identity capacity, and belongs to the technical field of resource access. According to the method, a file uploaded by a data owner is divided into control fields and ciphertext fields, the ciphertext fields are stored in cloud physical nodes, the control fields are stored by a cloud server, a cloud server agent conducts intervention control, network resources are distributed reasonably, burden of the data owner is relieved, a control list needs to be partially updated in the access permission redirection process, each globally unique document number identifier is associated with a globally unique user identity identifier, operation permissions of users are bounded so as to achieve fine-grained access control, an uploaded identity-permission-ciphertext list is encrypted, the confidentiality and the integrity of user information and file information are guaranteed, and information leakage risks are reduced at a third-party cloud platform.

Description

technical field [0001] The invention relates to a fine-grained cloud platform security access control method based on user identity capabilities, and belongs to the technical field of resource access. Background technique [0002] The traditional access control method needs to build a database to store the user identity-password relationship list, but the cloud computing center is "third-party, semi-trusted". If these databases are exposed to the cloud platform, the risk of being compromised will increase. Once a large number of user identities are stolen, tampered with, or deleted, immeasurable losses will be caused. At the same time, cloud computing allows a large number of users to perform online file access operations at the same time. If user access is not fine-grained, it may cause file misreading, accidental deletion, and information leakage. [0003] If the DO (Data Owner, data owner) is always online, fine-grained security access control and real-time update of use...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
Inventor 孙知信洪汉舒宫婧
Owner 蜻蜓数字乡村研究院(苏州)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap