Extensible access control markup language strategy searching method based on matching tree

A markup language and access control technology, applied in the field of information security, can solve problems affecting the evaluation efficiency of the policy evaluation engine, waste of computing resources, duplication of node information, etc., to achieve the effect of reducing the number of policies, avoiding waste of resources, and reducing costs

Active Publication Date: 2020-12-25
XIDIAN UNIV
View PDF12 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the similar structure of the matching tree and the merging tree, and the problems of space redundancy and duplication of node in...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Extensible access control markup language strategy searching method based on matching tree
  • Extensible access control markup language strategy searching method based on matching tree
  • Extensible access control markup language strategy searching method based on matching tree

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The embodiments of the present invention will be further described below in conjunction with the accompanying drawings, and those skilled in the art can easily understand other advantages and effects of the present invention from the content disclosed in this specification. The present invention can also be implemented or applied through other different specific examples, and the various details in this specification can also be modified and changed based on different viewpoints and applications without departing from the spirit of the present invention.

[0027] refer to figure 1 , the present invention is based on the matching tree Extensible Access Control Markup Language policy search method, the implementation steps are as follows:

[0028] Step 1: Obtain the original Extensible Access Control Markup Language policy.

[0029] The policy used in the present invention is written according to the existing Extensible Access Control Markup Language XACML language stand...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an extensible access control markup language strategy searching method based on a matching tree structure. The extensible access control markup language strategy searching method mainly solves the problems that in the prior art, strategy searching efficiency is low, and node information in a matching tree and a combination tree is repeated. According to the implementation scheme, the method includes forming an initial matching tree according to the structure and information of an original strategy, and removing repeated attributes under the same path in the initial matching tree; generating a path identifier according to the path of the initial matching tree, replacing the path information in the initial matching leaf node with the path identifier to obtain a simplified matching tree, and storing the path information and the corresponding path identifier in a mapping table; according to an access request sent by a user, searching a path identifier suitable for arule path on the matching tree, and finding a suitable strategy of the request in a strategy library by utilizing the mapping table. By optimizing the matching tree structure, the strategy migrationcost is reduced, the strategy search efficiency is improved, and the method can be used in the access control process using large-scale strategies.

Description

technical field [0001] The invention belongs to the technical field of information security, and further relates to a policy search method of Extensible Access Control Markup Language XACML, which can be used in the access control process using large-scale policies and improve search efficiency. Background technique [0002] In the environment of cloud computing and Internet of Things, the system is in an open environment, and security is more threatened. Access control guarantees the security of the system by granting permissions, which is one of the currently recognized methods to ensure the security of computing systems. Most of the existing access control is to evaluate the user's request through the preset strategy, and finally decide whether to authorize the specific resource requested by the user. [0003] XACML 3.0, as a general policy language standard approved by OASIS, has become the main language for describing security policies in access control systems with ri...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F16/901G06F16/81G06F16/835
CPCG06F16/9027G06F16/81G06F16/8373
Inventor 刘刚康宏昭宁田玉敏李燕飞吴震平刘妍
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap