Unlock instant, AI-driven research and patent intelligence for your innovation.

An access control method and independent access controller

An access controller and access control technology, which is applied in the direction of instruments, electrical digital data processing, digital data protection, etc., can solve the problems of low reliability of access control, lack of identity protection, lack of write operation authority, etc., and achieve mandatory access Effect of controlling and preventing malicious code and intrusion behavior

Active Publication Date: 2018-02-09
陆宝华
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The invention solves the problems of low reliability of access control under the operating system, insecure storage of user identity information, and lack of identity protection during operation after login of legal identity users
However, this invention is a safeguard measure for the access control rules of the original operating system, and is not an independent access control system. The problem to be solved is still to verify and protect the user identity security and legality of the operating system. It does not have the user's permission to read and write the object, and it can arbitrate, cache, monitor and unpack the data read, written and operated by the user. Therefore, it is still possible to cause viruses and Trojans to directly enter the operating system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An access control method and independent access controller
  • An access control method and independent access controller
  • An access control method and independent access controller

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0059] Such as figure 2 As shown, the independent access controller includes: an access control rule storage module, an access arbitration unit, a data cache module, an import / export and its unpacking module, a log storage module and an authentication unit. The access arbitration unit includes at least one access arbitrator. Each access arbitrator in the access arbitration unit is connected to the access control rule storage module, the data cache module and the log storage module. An import / export and unpacking processing module for data unpacking processing is also connected between the data cache module and the server. At least one access arbiter forms at least one access channel with the data cache module. The independent access controller also includes an authentication unit, which includes a system user login authentication module, a security officer authentication module and an auditor authentication module. The system user login authentication module used for syste...

Embodiment 2

[0074] Such as image 3 Shown is a schematic diagram of a single-user access controller. The user has a client installed on the smart terminal. The client side transparently encrypts the user's login information to avoid being intercepted by other users on the Internet. At the same time, the user's login information, server resources to be accessed and other information can be packaged. When a user initiates access to a certain resource of the server, the packaging information will be written (write-only operation) to the login information pre-module of the user login. At the same time, the access arbitrator reads information related to the user from the access control rule storage module. The information includes: 1. User identity information for identity authentication. 2. User tag information used to identify the user's security attributes, departments and corresponding rights. 3. The access control list used to finally confirm the legitimacy of this visit. The access...

Embodiment 3

[0081] According to a preferred embodiment, the stand-alone access controller is set in a cloud environment. On the same physical device, start the computing environment and the independent access monitor environment at the same time, and ensure migration along with the computing environment. After starting a virtual machine in the virtual machine management layer, a virtual machine can be divided into two zones by using the sandbox technology. Security officers and auditors log in through the cloud portal and perform identity authentication with strong authentication.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an access control method of a stand-alone access controller. The method is characterized in that an access arbiter, which confirms authorized entry of a user in a manner of an access control rule storage module, indicates the user to access to a server through at least one access channel formed by at least one access arbiter and a data caching module, wherein the arbiter, based on the access result of the access control rule storage module, indicates an import / export and shelling processing module to performing import / export and shelling processing on the data to which the user accesses. The invention solves the problems that, in the existing system, access control reliability is low, user identity information is not safe, data written by the user with authorized status after logging in is lack of being monitored and protected, and vulnerabilities of an operating system and application programs are vulnerable to be exploited.

Description

technical field [0001] The invention relates to the field of computer information security, in particular to an independent access control method. Background technique [0002] Access control is a technology that restricts the user's access to certain information items or the use of certain control functions according to the user's identity and a defined group to which he belongs. Access control is a technique that is used in almost all systems, both computerized and non-computerized. Access control is usually used by system administrators to control users' access to network resources such as servers, directories, and files. [0003] Access control is: give a set of methods to identify, organize, and host all the functions in the system, organize and identify all the data for hosting, and then provide a simple and unique interface. One end of this interface is One end of the application system is the permission engine. What the authority engine can answer is: who has the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06F21/60
CPCG06F21/60G06F21/604H04L63/10
Inventor 陆宝华
Owner 陆宝华