Role-based permission control mechanism

A role and mechanism technology, applied in the field of role-based access control, can solve the problems of access and authorization difficulty, database resource management and authorization complexity, etc., to reduce burden and cost, ensure security, and maximize flexibility Effect

Inactive Publication Date: 2017-03-22
SHANGHAI CHUWA SOFTWARE
View PDF0 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In large-scale database application systems, there are often a large number of tables and views, which makes the management and authorization of database resources very complicated.
It is very difficult for users to directly manage the access of resources in the database and the granting of permissions. It requires users to have a thorough understanding of the database structure and the use of SQL language. Once the application system structure or security requirements change, A large number of complex and cumbersome authorization changes are required, which is very prone to some unexpected security holes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Role-based permission control mechanism
  • Role-based permission control mechanism
  • Role-based permission control mechanism

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] exist figure 1 In , all entities and steps of the role-based access control model are represented. The role-based access control model sets a new entity-role between users and permissions. Roles serve as an intermediary to connect user collections and authority collections, and users access database resources indirectly through roles. The association between a role and permissions can be regarded as a set of permissions owned by the role, and the association with users can be regarded as a collection of several users with the same identity. A user can be assigned multiple roles, and a role can also be assigned multiple users. There is a many-to-many relationship between users and roles. Similarly, a role can have multiple permissions, and a permission can also be assigned to multiple different roles. There is also a many-to-many relationship between roles and permissions. A user who logs in to the database application system can judge the database resources he can ac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A role-based permission control mechanism relates to the technical field of role-based access control, and in particular to a mechanism for database resources indirectly accessed by distributing a system application packaging access permission to a role and endowing a user with the role. The role links the user and the permission as an intermediate medium, the user indirectly accesses the database resources through the role. Role permission distribution of an access control model is to distribute an operation permission of a system function item of an application program layer to the role, the role controls the database resources through the function item of the operation system. The embodiment of the invention provides the role-based permission control mechanism which is a scheme for unified realization of the role-based permission management of the whole system in the application program layer. The database resources are indirectly accessed by distributing the system application packaging access permission to the role and endowing the user with the role, the burden and the cost of permission management are greatly reduced so that the permission management of the system is highly flexible.

Description

technical field [0001] The invention relates to the technical field of role-based access control, in particular to a system application encapsulating access authority to a role and assigning it to a user to indirectly access a database resource mechanism. Background technique [0002] Role-based access control (RBAC) is a new type of database permission management mechanism that has been studied the most and has the most mature thinking in recent years. It is considered to be an ideal candidate to replace traditional mandatory access control (MAC) and discretionary access control (DAC). . The basic idea of ​​role-based access control (RBAC) is to divide different roles according to different functional positions in the enterprise organization view, encapsulate the access rights of database resources in roles, and users access database resources indirectly by being assigned different roles . [0003] There are often a large number of tables and views in large database appli...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/31G06F21/62
CPCG06F21/31G06F21/6218
Inventor 路文彦孙煦峰赵亮陶余会
Owner SHANGHAI CHUWA SOFTWARE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap