Permission access control method and system based on policy management

A technology for policy management and access control, applied in transmission systems, digital transmission systems, digital data protection, etc., to solve problems such as frequent addition or deletion, direct access to objects by users or devices, and unauthorized user access to objects.

Pending Publication Date: 2022-04-29
百安居信息技术(上海)有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the face of the distributed and diffuse organization and user data in the enterprise, the old authority center can no longer support cross-tenant, cross-account system, cross-terminal, and separation of application and identity data. Under traditional IAM, in a specific access Enforcing so many rules in a request is very complex and prone to errors since there is no clear view of which rules will be applied to this request
And in the case of multiple applications, you may also face problems such as frequent addition or deletion of objects, unauthorized user access to objects, direct access to objects by users or devices, and the need to establish multiple access control models
It is no longer possible to control the granularity of permissions between systems by relying on personnel to maintain roles

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Permission access control method and system based on policy management
  • Permission access control method and system based on policy management
  • Permission access control method and system based on policy management

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] Embodiments of the present invention are described below through specific examples, and those skilled in the art can easily understand other advantages and effects of the present invention from the content disclosed in this specification. The present invention can also be implemented or applied through other different specific implementation modes, and various modifications or changes can be made to the details in this specification based on different viewpoints and applications without departing from the spirit of the present invention. It should be noted that, in the case of no conflict, the following embodiments and features in the embodiments can be combined with each other. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0022] It should be noted that the diagrams provided in the following embodiments a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an authority access control method and system based on policy management. The method comprises the following steps: constructing an access controller to intercept an access request sent by a user terminal to an access object; verifying the user identity information through an access authentication protocol adopted by the user; authority strategy rules are obtained according to the user identity information and combined to generate access decision information, and the access decision information comprises an authorization decision; and if the authorization decision is passing, sending the access request to an access object, otherwise, returning access failure information. According to the method and the device, the problem that access cannot be realized due to the fact that objects are frequently added or deleted in a serial IAM technology is solved, unauthorized users are prevented from accessing, and the loss efficiency and the user experience are reduced while digital assets of enterprises are more intelligently and safely protected.

Description

technical field [0001] The invention relates to the field of authority access control, in particular to a method and system for authority access control based on policy management. Background technique [0002] With the business development of the enterprise, a large number of application systems have been derived within the enterprise, including self-developed, outsourced, private cloud deployment, and public cloud deployment application systems. The user identity authentication and authority access control brought by these application systems have caused obstacles to the intercommunication of user accounts and authority control within the enterprise. Application authorization is at the heart of an organization's security, which also means it is at the heart of productivity. Authorization determines what a digital identity can do within each application. Securing data and avoiding breaches is what authorization is all about, making sure the right people get the right acces...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/40G06F21/60G06F21/62
CPCH04L63/10G06F21/604G06F21/6218H04L63/20H04L63/08G06F2221/2141
Inventor 龚满城
Owner 百安居信息技术(上海)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products