SaaS resource access control method based on resource permission tree

A control method and resource access technology, applied in the field of SaaS resource access control based on resource permission tree, can solve the problems of ignoring the complexity of permission allocation and affecting the use and promotion of SaaS, and achieve low permission allocation, rapid positioning, and low complexity. Effect

Pending Publication Date: 2020-11-13
COMP APPL RES INST CHINA ACAD OF ENG PHYSICS
View PDF0 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, there have been attempts to combine the RBAC and ABAC models to achieve access control, but they have ignored the complexity of permission allocation. In the SaaS model, in order to ensure the data pr

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SaaS resource access control method based on resource permission tree
  • SaaS resource access control method based on resource permission tree
  • SaaS resource access control method based on resource permission tree

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The present invention will be further described below in conjunction with accompanying drawing:

[0034] The SaaS resource access control method based on the resource authority tree of the present invention comprises the following steps:

[0035] Step 1. Combining the H-RBAC model and the ABAC model, design a theoretical model of SaaS access control based on the resource authority tree, referred to as the H-RRBAC model.

[0036] Such as figure 1 As shown, in this step, the H-RRBAC model is improved based on the H-RBAC model and the ABAC model, and the improvements include:

[0037] 1.1. Introduce a resource-directed tree between the "role-resource" of the H-RBAC model, and assign permissions based on the resource-directed tree. One resource-directed tree represents a business scenario, and there are clear business between trees Boundary, the internal relationship between resources in the tree determines the implication of parent-child resource node permissions. When a r...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a SaaS resource access control method based on a resource permission tree, which comprises the following steps: firstly, designing a SaaS access control theoretical model basedon the resource permission tree in combination with an H-RBAC model and an ABAC model, and referring to an H-RRBAC model for short; then performing resource authority distribution and access controlbased on the H-RRBAC model, and the method specifically comprises the steps that SaaS platform resource registration is carried out, and a resource directed atom tree is automatically generated; a resource directed tree is generated; a resource permission tree of the role is constructed; a resource permission tree of the user is generated; and when the user accesses the service, the access of theuser to the resources based on the resource permission tree of the user is controlled. The method can adapt to different permission management scenes of different tenants in the SaaS mode, efficient and low-complexity permission allocation is achieved, and meanwhile the permission access control requirements of different tenants for different granularities and dynamic attribute changes of resources are met.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a SaaS resource access control method based on a resource authority tree. Background technique [0002] SaaS is the abbreviated name of Software-as-a-Service, which means software as a service, that is, providing software services through the network. As a software application model of cloud computing, SaaS clearly defines software as a service, provides customers with reproducible "standardized" service solutions, and solves problems such as software construction, operation and maintenance costs, and management costs in customer information construction. Especially popular with SMEs. Although SaaS has many advantages, there are still many problems, among which SaaS security has become the primary problem restricting the development of SaaS model. In order to reduce service usage costs, service providers mostly design SaaS with the idea of ​​single-instance multi-tena...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08G06F21/62
CPCG06F21/6218H04L63/105H04L63/20H04L67/10
Inventor 王桂华张伟燕陈志文黄聪敏周晓璐李丹平孔思淇周大力田艳慧雷小凤
Owner COMP APPL RES INST CHINA ACAD OF ENG PHYSICS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap