Access control strategy composition method based on attribute

A technology of access control strategy and synthesis method, which is applied in the field of access control strategy synthesis, can solve the problems of not involving the subtraction operator and the security threat of the voting operator, and achieve the effect of preventing illegal operations

Inactive Publication Date: 2015-06-03
HENAN POLYTECHNIC UNIV
View PDF2 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] There are the following technical problems in the various access control policy synthesis methods currently available: or the influence of environmental factors on policy synthesis i

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control strategy composition method based on attribute
  • Access control strategy composition method based on attribute
  • Access control strategy composition method based on attribute

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] An attribute-based access control policy synthesis method, the specific synthesis steps are as follows:

[0022] 1. Decompose the attribute-based access control policy towards the attribute layer; first decompose each attribute in the policy, and use ap i *val represents an attribute constraint, where ap i Indicates the i-th attribute, *∈{≤,≥,=,}, val is the value of the attribute, which is a number or text. Attribute constraints include subject attribute constraints, object attribute constraints, environment attribute constraints, subject trust degree constraints, and operation attribute constraints.

[0023] 2. Transform the result of step 1 into an attribute-based access control policy algebraic expression; use SAP i Indicates the i-th attribute of the subject, using OAP j Indicates the jth attribute of the object, using EAP k Represents the kth attribute of the environment, with Ts m Indicates the trust degree attribute of the mth subject, and OP is used to acc...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an access control strategy composition method based on attribute. When access control of cross-domain resources is achieved, an access control strategy composition method based on attribute is a key technique. According to the access control strategy composition method, by defining authorization of entities through attribute of the entities, the credibility, as an independent attribute predicate, of a main body is added into an attribute authorization item of an access control strategy, so that conventional strategy composition is expanded, the expression capability of strategy composition is improved, and the security of objects in a safety domain is ensured. According to the access control strategy composition method, six strategy composition operators with credibility are defined to achieve access control strategy composition, and whether a strategy synthesis structure can meet the requirements of protecting resources, of different strategy composition parties or not is verified by virtue of attribute of algebras expressed by conventional strategies.

Description

technical field [0001] The invention relates to an access control strategy synthesis method, which belongs to the field of computer communication. Background technique [0002] With the rapid development of the network, various emerging applications based on the Internet have an increasingly urgent need for interoperability among distributed systems. Most of these new applications are in a distributed state and need to cooperate and share with each other. In a heterogeneous environment, it is necessary to synthesize cross-domain security access control policies. Attribute-based access control is getting more and more attention. It not only supports RBAC model, but also can flexibly express fine-grained authorization. The process of access control policy synthesis is the process of generating a new access control policy from multiple access control policies. The process and method are complex, involving the security policy constraints of all parties participating in the acce...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 郭海儒李由由鞠水王国伟家晓艳贾宗璞魏晓娟
Owner HENAN POLYTECHNIC UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap