Whole-process control method for secure access of application program based on trusted computing
An application program and trusted computing technology, applied in the direction of digital data authentication, platform integrity maintenance, etc., can solve problems such as inability to use application program security control, and achieve the effect of precise security control
Pending Publication Date: 2022-04-22
BEIJING UNIV OF TECH
View PDF1 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0002] The patent application for invention with the publication number CN102904889 titled "Compulsory Access Control System and Method for Cross-platform Unified Management" discloses an access control system that supports cross-platform unified management, mainly based on whether the subject and object security signs in the obtained access request conform to The system security policy in this system judges whether the access request is safe, and cannot be used in the security control of the whole process of application program access
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0029] Implementation thinking of the present invention is as follows:
[0030] 1. Using the sample comparison method, the results are credible, and it is convenient to expand the number of samples with the increase of implementation, and the reliability is also improved accordingly.
[0031] 2. On the basis of trusted computing: the combination of the subject's natural person identity and social person identity is realized, the access authority is included in the subject's natural person category, and the work unit and work permit number are included in the subject's social person category. The combination of the two The identity characteristics of the subject are formed, and the safety factor of subject identification is improved.
[0032] In the object identification, the characteristic information of the application program as the object is distinguished from the identification of the data file during the access operation process as the sub-object, that is, the data integr...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a trusted computing-based whole-process control method for secure access of an application program, and belongs to the field of access control of the application program. The method is characterized in that a system CPUS performs credible calculation on a subject characteristic value of a visitor to be tested to obtain a subject metric value, similarly converts an object characteristic value into an object metric value, and converts a data file characteristic value serving as each access operation in an object into a sub-object metric value; and the access control CPUC compares the three metric values of the tested volunteer and the person to be tested, which are stored in the cache sub-module controlled by the access service CPUN. The method comprises the following steps: firstly, judging whether various subject metric values in a sample database are equal to a to-be-tested visitor, and if not, giving an alarm; otherwise, sequentially judging the object metric value and the sub-object metric value, and sequentially alarming if the object metric value and the sub-object metric value do not exist; otherwise, all access operations of the to-be-tested visitor in the whole access process are passed, and the CPU s is requested to take out the corresponding object from the hard disk through the proxy access module of the CPU C to be output. The method has the characteristics of simplicity, rapidness and accuracy.
Description
technical field [0001] The invention relates to a whole-process control method for secure access of application programs based on trusted computing, belonging to the technical field of process control security for application program access. Background technique [0002] The invention patent application with the publication number CN102904889 titled "Compulsory Access Control System and Method for Cross-platform Unified Management" discloses an access control system that supports cross-platform unified management, mainly based on whether the subject and object security signs in the obtained access request conform to The system security policy in this system judges whether the access request is safe or not, and cannot be used in the security control of the whole process access of the application program. Contents of the invention [0003] The purpose of the present invention is to provide a method of how to realize the security of the access process in the whole process whe...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06F21/44G06F21/57
CPCG06F21/44G06F21/57
Inventor 张建标刘超胡俊黄浩翔
Owner BEIJING UNIV OF TECH