A data access control method
A technology of data access and authority control, applied in the direction of digital data protection, digital data authentication, etc., can solve the problems of heavy workload, complicated use, unclear logic, etc., and achieve the effect of improving quality, facilitating expansion, and facilitating expansion
Active Publication Date: 2017-04-12
INSPUR SOFTWARE CO LTD
View PDF3 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
In order to meet the above data access requirements, the system often mixes data access control logic and business logic together, resulting in unclear logic, cumbersome and difficult maintenance, and a large workload
[0003] The data access control methods in the prior art usually have the following deficiencies: (1) The abstraction of the data model is not enough: most of them are based on relational databases, relying on database tables to implement, complex and cumbersome to use, and not easy to expand
In a traditional relational database, the same type of data may be stored in different data tables. In this way, when defining data access control, it is necessary to define the same data access control on different tables. It is also very cumbersome to modify and maintain, and many changes are required. place
(2) The abstraction of the permission context model is not enough: Most of them establish several fixed data models, such as users and departments, which make it difficult to modify and expand when the data access control requirements change
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment
[0039] The data access authority control method of the present invention comprises the following steps:
[0040] a) Build a data model
[0041] Abstract data into data types and data objects. The data types describe collections of data with the same properties. The data type in the system may be a database table or object entity type, or it may be a virtual type (abstract data collection);
[0042] A data object is an instance of a type, or a record in a database;
[0043] b) Establish an inheritance system between data types
[0044] First establish the root type, and all data types inherit the root type directly or indirectly; the inheritance relationship is also established between data types according to their nature;
[0045] c) Build a user model
[0046] as attached figure 1 As shown, the user model is used to describe and limit the scope of users, including users, roles, organizations to which users belong, and related objects related to users that can affect use...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a data access authority control method, which belongs to the field of data authority control. The method includes the following steps: a) establishing a data model; b) establishing an inheritance system between data types; c) establishing a user model; d) creating a domain-specific language for data access rights; e) defining data access rights; Access proxy; g) Judgment on authority; h) Return the result to the user through the data access proxy. Compared with the prior art, the control method of the present invention is characterized in that the data access authority is separated from the business logic, implemented in a proxy mode, transparent to developers, easy to use, expandable and portable, and has good promotion and application value.
Description
technical field [0001] The invention relates to a data access control method, in particular to a data access authority control method. Background technique [0002] In modern software systems, users tend to be diversified, business logic is complex, and the requirements for data security and confidentiality are getting higher and higher. Different users access different types of data; for the same type of data, some users can access part of it, or some users can only access certain attributes of the data. In order to meet the above data access requirements, the system often mixes data access control logic and business logic together, resulting in unclear logic, cumbersome and difficult maintenance, and a large workload. [0003] The data access control methods in the prior art usually have the following deficiencies: (1) The abstraction of the data model is not enough: most of them are based on relational databases, relying on database tables to implement, complicated and c...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/30
CPCG06F21/60
Inventor 蔡卫卫董玉全魏子重
Owner INSPUR SOFTWARE CO LTD