Cloud database access control model based on PBAC model
An access control and database technology, applied in the field of cloud database access control models, can solve problems such as failure to prevent trusted users from accessing data and data leakage, and achieve the effect of eliminating hidden dangers, improving efficiency, and ensuring correctness
Inactive Publication Date: 2016-07-20
NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
View PDF3 Cites 2 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0016] The purpose of the present invention is to propose a cloud database access control model based on the PBAC model to solve the problem that the cloud database cannot prevent trusted users from accessing data and cause data leakage
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 2
[0069] Embodiment 1 of the present invention introduces the application of the access control model based on rule reasoning and purpose in the traffic database. The data table structure contained in the database is shown in the following table:
[0070]
[0071] Through the query records of traffic controllers and drivers, the following purpose rule set is constructed:
[0072] QVR:-role=trafficmanager&&timeINwork_time&&C_attributioncontainsposition;
[0073] QD:-role=driver&&car_owner==driver_id&&car_state=In_Inspection;
[0074] Among them, rule 1 means that when the traffic controller initiates a request to inquire about violations of vehicles within the jurisdiction during working hours, the access purpose of querying violation records (QVR) is granted;
[0075] Rule 2 means that when a driver initiates a request to inquire about the deduction status of his vehicle participating in this year's annual inspection, the access purpose of inquiring deduction records (QD) is...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention relates to a cloud database access control model based on a PBAC model and belongs to the technical field of database security in computer databases. According to the cloud database access control model, the rule mining technology is utilized, frequent rule subsets are constructed according to historical access data of a user, and furthermore an access control rule set having the user characteristics is obtained. Based on this, the access purpose of the user serves as a database to judge whether the standard requested by the user is allowed or not, by the adoption of the rule inference mechanism, environmental variables and request information of the user serve as input, rule matching and derivation are conducted in the access control rule set, and the access purpose is dynamically distributed for the user. Furthermore, the inclusive relation of the access purpose is analyzed in a Name Node and a Data Node respectively, and access control is conducted based on the comparison result.
Description
technical field [0001] The invention relates to a cloud database access control model based on a PBAC model and belongs to the technical field of database security in computer databases. Background technique [0002] With the rapid development of technologies such as relational databases and cloud databases, more and more practical applications choose databases as data storage tools. Since the private data stored in it is closely related to the user's personal privacy, once it is leaked, it will cause immeasurable losses. In response to this security requirement, since the 1970s, excellent access control models such as discretionary access control, mandatory access control, and role-based access control have emerged successively. [0003] Although database access control has been developed for many years and tends to be perfect, there are still hidden dangers in security. For example, in the famous "Prism Gate" incident in 2007, Snowden, an employee of the National Securit...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06F21/62G06F17/30
CPCG06F21/6218G06F16/2465
Inventor 秦小麟高翰卿王宁王潇逸
Owner NANJING UNIV OF AERONAUTICS & ASTRONAUTICS