Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Access control method, device, computer device and computer-readable storage medium

A technology for access control and access equipment, applied in the field of information security, can solve problems such as unrelated, complex authority judgment, etc., and achieve the effect of reducing complexity

Active Publication Date: 2022-06-07
BEIJING QIANXIN TECH +1
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the inventors found that, in order to improve the security of the access object, more trust evaluation rules need to be set when performing authority judgment, and each trust evaluation is responsible for being independent and unrelated to each other, which makes the authority judgment complicated. Therefore, an access method is provided. Control methods, devices, computer equipment, and computer-readable storage media to reduce the complexity of authority judgment have become a technical problem that needs to be solved urgently in this field

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method, device, computer device and computer-readable storage medium
  • Access control method, device, computer device and computer-readable storage medium
  • Access control method, device, computer device and computer-readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] The first embodiment of the present invention provides an access control method, which can be applied to a "zero trust" system. In the system, a trusted proxy service is set between an access object and an access subject. The access provided by this embodiment As an access control service, the control method judges the access request received by the trusted proxy service, and controls whether the trusted proxy service forwards the access request sent by the access subject to the access object. Judgmental complexity, specifically, figure 1 It is a flowchart of the access control method provided by Embodiment 1 of the present invention. As shown in the figure, the access control method provided by Embodiment 1 includes the following steps S101 to S105.

[0029] Step S101: Receive an access request.

[0030] Specifically, the access request sent by the access subject first reaches the trusted proxy service, and the trusted proxy service sends the access request to the acc...

Embodiment 2

[0046] The second embodiment of the present invention provides a preferred access control method, so as to perform authority judgment on the access request received by the trusted proxy service, and then control whether the trusted proxy service forwards the access request sent by the access subject to the access object, Some technical features are the same as those of the above-mentioned first embodiment, and the specific description and corresponding technical effects may refer to the above-mentioned first embodiment. Further, in the second embodiment, the security assessment model and the security assessment rule are set at the same time, and the security assessment rule is used as the trust baseline, so as to exert the controllability of the trust baseline and the flexibility of the analysis model, improve the accuracy of the trust calculation, and reduce the complexity of the trust calculation. probability of misjudgment. specifically, figure 2 A flow chart of the acces...

Embodiment 3

[0065] Corresponding to the above-mentioned first embodiment, the third embodiment of the present invention provides an access control apparatus, and the corresponding technical features and technical effects can be referred to the above, which will not be repeated here. image 3 A block diagram of an access control apparatus provided in Embodiment 3 of the present invention, such as image 3As shown, the apparatus includes an access request receiving module 301 , an access entity determining module 302 , an evaluation data acquisition module 303 , a first evaluation value calculation module 304 and a second evaluation value calculation module 305 .

[0066] The access request receiving module 301 is used to receive the access request; the access entity determination module 302 is used to determine the entity layer corresponding to the access request, wherein the entity layer includes four access entities, namely the access user, the access device, the access proxy service and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an access control method, device, computer equipment and computer-readable storage medium. The access control method includes: receiving an access request; determining the entity layer corresponding to the access request, wherein the entity layer includes four access entities, which are respectively an access user, an access device, an access proxy service, and a proxy service device; for each access entity, Obtain the security assessment data of the access entity, and calculate the security assessment value of the access entity according to the security assessment data; determine the security assessment value of the access request according to the security assessment values ​​of all the access entities; and when the security assessment value of the access request is less than the security threshold, Send a command to block access requests to the access proxy service. The present invention can reduce the complexity of authority judgment.

Description

technical field [0001] The present invention relates to the technical field of information security, and in particular, to an access control method, apparatus, computer device and computer-readable storage medium. Background technique [0002] Traditional access control methods are usually based on physical boundaries. With cloud services, mobile terminals, and web sites, physical boundaries are gradually disintegrating. At the same time, the diversification of external attacks and the intensification of internal threats are developing in parallel. Security measures at the border are failing. [0003] In order to improve the security effectiveness of access control in the existing environment, the prior art proposes an access control method. In this access control method, the access object is not directly exposed to the access subject, but the relationship between the access object and the access subject is The trusted proxy service is set up between the two, and the point ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/10H04L63/102H04L63/105H04L63/0281
Inventor 田礼军简明魏勇张泽洲
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products