Access control method and device, computer equipment and computer readable storage medium

A technology for access control and access equipment, applied in the field of information security, can solve problems such as unrelated, complex authority judgment, etc., and achieve the effect of reducing complexity

Active Publication Date: 2020-05-19
BEIJING QIANXIN TECH +1
View PDF9 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the inventors found that, in order to improve the security of the access object, more trust evaluation rules need to be set when performing authority judgment, and each trust evaluation is responsible for being independent and unrelated to each other, which makes th

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method and device, computer equipment and computer readable storage medium
  • Access control method and device, computer equipment and computer readable storage medium
  • Access control method and device, computer equipment and computer readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] Embodiment 1 of the present invention provides an access control method, which can be applied to a "zero trust" system. In this system, a trusted proxy service is set between the access object and the access subject. The access control method provided by this embodiment As an access control service, the control method judges the authority of the access request received by the trusted proxy service, and controls whether the trusted proxy service forwards the access request sent by the access subject to the access object. Through this method, the authority can be reduced. The complexity of judging, specifically, figure 1 It is a flow chart of the access control method provided by Embodiment 1 of the present invention. As shown in the figure, the access control method provided by Embodiment 1 includes the following steps S101 to S105.

[0029] Step S101: Receive an access request.

[0030] Specifically, the access request sent by the access subject first reaches the trust...

Embodiment 2

[0046] Embodiment 2 of the present invention provides a preferred access control method to judge the authority of the access request received by the trusted proxy service, and then control whether the trusted proxy service forwards the access request sent by the access subject to the access object, Part of the technical features are the same as those in the first embodiment above, and for the specific description and corresponding technical effects, please refer to the first embodiment above. Further, in the second embodiment, the security assessment model and the security assessment rules are set at the same time, and the security assessment rules are used as the trust baseline, so as to give full play to the controllability of the trust baseline and the flexibility of the analysis model, improve the accuracy of trust calculation, and reduce the risk of trust calculation. probability of misjudgment. specifically, figure 2 The flow chart of the access control method provided...

Embodiment 3

[0065] Corresponding to the above-mentioned first embodiment, the third embodiment of the present invention provides an access control device, the corresponding technical features and technical effects can be referred to above, and will not be repeated here. image 3 The block diagram of the access control device provided for Embodiment 3 of the present invention, such as image 3As shown, the device includes an access request receiving module 301 , an access entity determining module 302 , an evaluation data obtaining module 303 , a first evaluation value calculation module 304 and a second evaluation value calculation module 305 .

[0066] The access request receiving module 301 is used to receive the access request; the access entity determination module 302 is used to determine the entity layer corresponding to the access request, wherein the entity layer includes four access entities, which are respectively the access user, the access device, the access proxy service and t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an access control method and device, computer equipment and a computer readable storage medium. The access control method comprises the following steps: receiving an access request; determining an entity layer corresponding to the access request, wherein the entity layer comprises four access entities which are respectively an access user, an access device, an access proxy service and a proxy service device; for each access entity, obtaining security evaluation data of the access entity, and calculating a security evaluation value of the access entity according to the security evaluation data; determining a security evaluation value of the access request according to the security evaluation values of all the access entities; when the security evaluation value of theaccess request is less than the security threshold, sending a command of blocking the access request to the access proxy service. According to the invention, the complexity of authority judgment can be reduced.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to an access control method, device, computer equipment and computer-readable storage medium. Background technique [0002] Traditional access control methods are usually based on physical boundaries, and with cloud services, mobile terminals, and network websites, physical boundaries have gradually disintegrated. Border security measures are failing. [0003] In order to improve the security and effectiveness of access control in the existing environment, an access control method is proposed in the prior art. In this access control method, the access object will not be directly exposed to the access subject, but between the access object and the access subject. Set up a trusted proxy service in between, and at the same time put forward the view of "zero trust" for the access subject, and the access control service will judge the authority of the access request...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/10H04L63/102H04L63/105H04L63/0281
Inventor 田礼军简明魏勇张泽洲
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap