Supercharge Your Innovation With Domain-Expert AI Agents!

A method of operating access control policy rules

An access control policy and operation method technology, applied in the operation field of access control policy rules, can solve problems such as dragging down hardware equipment, occupying firewall system resources, failure, etc., to solve the problem of quantity limitation, improve the efficiency of research and judgment, and reduce the number of Effect

Active Publication Date: 2018-06-19
RUN TECH CO LTD BEIJING
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The number of rules in the access control policies of large-scale enterprise-level firewalls or national-level firewalls changes very quickly, often exceeding 1 million. Such a large number of rules will greatly affect the performance of the firewall, and even drag down hardware devices. In addition, due to the rapid change of the access control policy, many access control policy rules will conflict and become invalid, seriously occupying the resources of the firewall system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method of operating access control policy rules
  • A method of operating access control policy rules
  • A method of operating access control policy rules

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0021] figure 2 It is a schematic flowchart of the operation method of the access control policy rule provided by Embodiment 1 of the present invention. This embodiment is applicable to the integration of access control policy rules.

[0022] see figure 2 , the operation method of the access control policy rule provided in this embodiment may specifically include the following:

[0023] Step 110: Obtain the newly generated access control policy rule as the first rule to be operated, obtain any access control policy rule in the access control policy rule set as the second rule to be operated, and determine the difference between the first rule to be operated and the first rule to be operated. Whether the number and type of firewall policy elements contained in the two pending operation rules are the same;

[0024] This embodiment is used to merge or merge the newly generated access control policy rules with the access control policies in the access control policy set, so a...

Embodiment 2

[0050] In this embodiment, on the basis of the first embodiment above, the process of merging the first to-be-operated rule and the second to-be-operated rule is further explained. image 3 It is a schematic flowchart of the operation method of the access control policy rule provided by Embodiment 2 of the present invention, as shown in image 3 As shown, the operation method of the access control policy rule provided in this embodiment may specifically include the following:

[0051] Step 210: Obtain the newly generated access control policy rule as the first rule to be operated, obtain any access control policy rule in the access control policy rule set as the second rule to be operated, and determine the difference between the first rule to be operated and the first rule to be operated. Whether the number and type of firewall policy elements contained in the two pending operation rules are the same;

[0052] Step 220, if yes, sequentially judge whether all the same firewal...

Embodiment 3

[0067] This embodiment provides an operation method of access control policy rules on the basis of the above embodiments. In the method, the integration of the first operation rule and the second operation rule is carried out in the virtual rule table. After confirmation by the user, the corresponding operation Access control policy rules stored in hardware. Figure 5 It is a schematic flowchart of the operation method of the access control policy rule provided by Embodiment 3 of the present invention, as shown in Figure 5 As shown, the operation method of the access control policy rule provided in this embodiment may specifically include the following:

[0068] Step 310: According to the access control policy rule set actually stored in the hardware, a corresponding virtual access control policy rule table is formed in the memory, which is used to realize the virtual operation before the actual operation on the access control policy rules.

[0069] Directly operating the ac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for operating an access control policy rule. The method comprises the following steps: obtaining a newly generated access control policy rule as a first rule to be operated, obtaining any access control policy rule in an access control policy rule set as a second rule to be operated, and judging whether the number and the type of firewall policy elements in the first rule to be operated and the second rule to be operated are same or not; if so, sequentially judging whether all the same firewall policy elements in the first rule to be operated and the second rule to be operated satisfy a combination condition or not; if so, combining the first rule to be operated with the second rule to be operated; if not, sequentially judging all the same firewall policy elements in the first rule to be operated and the second rule to be operated satisfy a merging condition or not; and if so, merging the first rule to be operated with the second rule to be operated.

Description

technical field [0001] The embodiment of the present invention relates to the field of network security, in particular to an operation method of access control policy rules. Background technique [0002] In the era of the rise of global mobile Internet, big data and cloud computing, the attention of network security is constantly increasing. [0003] Firewalls occupy the largest market share in the field of network security. The policy management and processing performance of access control policies (ACL, AccessControl List) have become the key technologies of firewalls. Such as figure 1 shown. [0004] The number of rules in the access control policies of large-scale enterprise-level firewalls or national-level firewalls changes very quickly, often exceeding 1 million. Such a large number of rules will greatly affect the performance of the firewall, and even drag down hardware devices. In addition, the rapid change of the access control policy will cause many access cont...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/10H04L63/107
Inventor 欧阳明
Owner RUN TECH CO LTD BEIJING
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com