Dynamic access control framework facing internal attack

A dynamic access control and internal attack technology, applied in the direction of electrical components, transmission systems, etc., can solve the problems of ignoring the cumulative risk of users, ignoring constraints, and only considering, so as to prevent illegal and malicious access behaviors and protect Network resources, effects of access prevention

Active Publication Date: 2019-03-19
NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
View PDF9 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, the existing dynamic access control model dynamically adjusts user permissions through context information to prevent external attacks brought by unauthorized users to the system. The existing risk-aware access control framework analyzes the historical access behavior of users, Restricting users' access capabilities can solve internal attacks to a certain extent, but most of them only consider the risks brought by current access requests to the system, and do not consider the cumulative risks of users. At the same time, they do not consider strategic constraints.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic access control framework facing internal attack
  • Dynamic access control framework facing internal attack
  • Dynamic access control framework facing internal attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0075] In order to make the technical solutions of the present invention clearer and clearer to those skilled in the art, the present invention will be further described in detail below in conjunction with the examples and accompanying drawings, but the embodiments of the present invention are not limited thereto.

[0076] Such as figure 1 As shown, the internal attack-oriented dynamic access control framework of this embodiment specifically includes the following steps:

[0077] Step 1) Submit access request phase:

[0078] The user submits the current access request, the policy enforcement point intercepts the access request, and forwards the access request to the policy decision point. In the stage of submitting the access request, the access request contains two attributes: access user and access right, and the access right includes access activity and object;

[0079] Step 2) Calculation of user enabled role set:

[0080] According to the current environment model and t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a dynamic access control framework facing internal attacks, and belongs to the technical field of information security access control. The dynamic access control framework comprises a submission of an access request, a calculation of user enablement roles, a calculation of enablement roles permissions, a selection of the enablement roles, a reduction of candidate enablementroles, and a calculation of risk values. According to the dynamic access control framework facing the internal attacks, the satisfiability of environmental constraints in an access control policy isevaluated by using an environment model, thereby achieving dynamic adjustment of user authority, and preventing accesses of illegal users; permission ranges of legal users are constrained according tostrategy constraints and risk analysis, thereby avoiding internal attacks of malicious users; and a triple control of access requests is achieved by analyzing environmental information, the strategyconstraints, and access risks, thereby preventing illegal and malicious access behaviors can in time, more effectively protecting network resources, and guaranteeing safe and efficient operation of the system.

Description

technical field [0001] The invention relates to a dynamic access control framework, in particular to an internal attack-oriented dynamic access control framework, and belongs to the technical field of information security access control. Background technique [0002] In order to correctly authorize all kinds of information resources on the network, at present, researchers mainly use access control mechanisms to block illegal users from accessing resources. But in real life, not all legitimate users are trusted users, and some legitimate users may abuse the obtained permissions and damage the use of enterprises. , 28% of respondents said they had suffered internal attacks, and 32% of respondents believed that internal attacks were more harmful than external attacks. [0003] The role-based access control model RBAC can effectively reduce the complexity of authorization management compared with other access control models, such as mandatory access control and autonomous acces...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/101H04L63/102
Inventor 黄志球曹彦杨阳吴德香王子豪
Owner NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap