Role optimization method and apparatus in RBAC permission system

An optimization method and role technology, applied in the direction of digital data authentication, etc., can solve the problems of the same or overlapping permissions, increase user access permissions, system security risks, etc., and achieve the effect of reducing system security risks and reducing the same or overlapping permissions.

Active Publication Date: 2016-10-05
ADVANCED NEW TECH CO LTD
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, as time goes by, there will be more and more resources that need to be controlled based on permissions, more and more corresponding permissions, and more and more roles. It is very easy for different roles to have the same or overlapping permissions. Happening
For example, when a new user requests access to a web site, the authorit

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Role optimization method and apparatus in RBAC permission system
  • Role optimization method and apparatus in RBAC permission system
  • Role optimization method and apparatus in RBAC permission system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to make the above objects, features and advantages of the present application more obvious and comprehensible, the present application will be further described in detail below in conjunction with the accompanying drawings and specific implementation methods.

[0052] refer to figure 1 , which shows a flow chart of the steps of an embodiment of a role optimization method in an RBAC authority system of the present application, which may specifically include the following steps:

[0053] Step 101, calculating the similarity between any two roles in the specified roles.

[0054] In this step, the specified role may be all roles or some roles that need to be optimized in the role-permission relationship table of a certain system under the RBAC authority system. The similarity between two roles can be calculated based on the permission sets of the two roles. Take the calculation of jaccard similarity as an example:

[0055] I ( ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the present application provides a role optimization method and device in the RBAC authority system. The method includes: calculating the similarity between any two roles in the specified roles; taking one of the specified roles as a starting point, and according to the traversal condition that the similarity between the roles is the largest, in the specified role. traversing the graph; determining similar roles according to the traversal results; determining an optimized role for the similar roles according to a set of identical permissions and a set of different permissions among the similar roles. The embodiment of the present application makes the set of permissions among the roles as completely independent as possible, and together represent a business meaning, thereby reducing the occurrence of the same or overlapping permissions in different roles, and further reducing the unreasonable assignment of roles to users. System security risks.

Description

technical field [0001] The present application relates to the technical field of access control, in particular to a role optimization method in the RBAC authority system and a role optimization device in the RBAC authority system. Background technique [0002] Permissions are the permission conditions required to operate one or a group of resources. Users are the owners of permissions. When users access a certain resource, they need to have corresponding permissions. Wherein, a resource is an object accessed by a user, and may be a webpage (URL resource), sensitive information (data resource), and the like. [0003] In the RBAC (Role-Based Access Control, role-based access control) permission system, permissions are associated with roles, and roles are the allocation unit and carrier of permissions. A role contains one or more permissions, which is a collection of certain permissions , By assigning a certain role to the user, the user can obtain the authority of the role, w...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/45
Inventor 张翔
Owner ADVANCED NEW TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap