Unlock instant, AI-driven research and patent intelligence for your innovation.

A database access control method and system supporting business security marks

A security marking and access control technology, applied in relational databases, database models, digital data protection, etc., can solve problems such as narrow scope of application, no support for database objects, and increased system complexity, achieving wide applicability, reducing dependencies, The effect of reducing complexity

Active Publication Date: 2021-04-20
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF12 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this method, there are several problems: 1) The user security tag information is carried in the user request. If the credibility or correctness of the user security tag is to be verified, the database management system needs to access the specified system, which increases the complexity of the system. ;2) It only supports the security mark of row data, and does not support database objects such as libraries, tables, columns, etc., and its scope of application is narrow; 3) The returned data set does not have a security mark, and the reserved security attribute information in the database cannot be provided to the follow-up Handle related objects used

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A database access control method and system supporting business security marks
  • A database access control method and system supporting business security marks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to make the objects and advantages of the invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the embodiments described here are only used to illustrate and explain the present invention, not to limit the present invention.

[0026] 1. Business security flag configuration

[0027] The service security mark M is a tuple group including various service security attributes, M=. Where C is the security level; G is multiple business security attributes G i set of , G={g 1 , g 2 ,...g n}, g i It can be business security attributes such as business categories, work groups, roles, and environmental requirements; F is the operation control attribute f j set of , F={f 1 ,f 2 ,... f m}, f j It can be operational attributes such as read-write control, print control, burn control, and copy control.

[0028] The business security mark of the d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a database access control method and system supporting service safety marks. The method is as follows: 1) the database management system performs identity authentication on the access user, and after passing the authentication, extracts the service security mark of the user object corresponding to the user; 2) when the user object after the authentication passes an access request, the database management system Request to obtain the business security mark of the database object that the user object intends to access; 3) The data management system checks the matching between the business security mark of the user object and the business security mark of the database object that the user object intends to access, and if the check passes, the execution is allowed For the access request, return the accessed data set and the business security marks of each database object in the data set; otherwise, refuse to execute the access request. The invention enables other systems to correctly understand the business security nature of the data set after the data set enters other system environments.

Description

technical field [0001] The invention relates to a database access control method supporting service safety marks. The method supports the realization of data resource access control based on business security marks, and belongs to the field of computer information security. Background technique [0002] The user rights management of the database system determines the access rights of various subjects in the system to system resources, and is one of the important foundations of database system security. In a database system, users are generally divided into two categories: administrator users and ordinary users. Common users have permissions related to user applications, while administrators can access and manage all resources in the database system. The two types of users may present different risks when accessing system resources. [0003] The risk of the administrator is that the administrator has the "supreme" authority, and once a malicious attacker has the administra...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/62G06F16/28
CPCG06F21/6227G06F2221/2141G06F16/284
Inventor 于海波陈超刘坤颖肖俊超
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI