Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Access control method and system based on atlas

An access control and graph technology, applied in the field of graph-based access control methods and systems, can solve problems such as the incompatibility of the open Internet, and achieve the effect of overcoming inflexibility

Pending Publication Date: 2022-05-27
ZHENGZHOU INST OF TECH
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, although the attribute-based access control method can realize the dynamic management of permissions according to the changes in the attributes of users, resources, and environments, the attribute values ​​are fixed, and its flexibility is still very limited. Users must reach a certain attribute value. Only in order to access resources, this situation has been seriously out of line with the rapid development of the open Internet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method and system based on atlas
  • Access control method and system based on atlas
  • Access control method and system based on atlas

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] like figure 1 As shown, the present invention provides a graph-based access control method, the method includes the following steps:

[0039] S1, set a data source for big data analysis, analyze the structured, semi-structured, and unstructured data in the data source to obtain user attributes, build a user map based on the user attributes, according to the user map and the set Attribute weight value, divide users into communities, and calculate the trustworthiness of the community;

[0040] The users of different systems are different. The users of the enterprise resource system are the employees of the enterprise, and there may also be some sellers and consumers. For the shared resource websites of the open Internet, the users are mainly netizens. Different systems also have different ways of acquiring user attributes. When using the access control method provided by the present invention, it is necessary to set a data source for big data analysis according to the syst...

Embodiment 2

[0067] image 3 The architecture diagram of the present invention is shown. The present invention also provides a graph-based access control system. When a user accesses a resource, first obtains the user's community, and then judges whether to allow access to the resource according to the control rules. The system includes the following modules:

[0068] The user community division module is used to set the data source for big data analysis, analyze the structured, semi-structured, and unstructured data in the data source to obtain user attributes, and build a user map based on the user attributes. User graphs and set attribute weights, divide users into communities, and calculate community trustworthiness;

[0069]The access control module is used to adjust the system risk level according to the environment attribute, the environment attribute includes the resource utilization rate of the host where the resource is located, and the number of attacks per unit time; if the sy...

Embodiment 3

[0079] The present invention also provides a computer-readable storage medium for storing computer program instructions, the computer program instructions implementing the method according to the first embodiment when executed by a processor.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an access control method and system based on a graph, and the method comprises the steps: setting a data source of big data analysis, obtaining user attributes, building a user graph based on the user attributes, carrying out the community division of a user according to the user graph and a set attribute weight value, and calculating the credibility of a community; then, the system risk level is adjusted according to environment attributes, and the environment attributes comprise the resource utilization rate of a host where resources are located and the number of attacks in unit time; and if the system risk level is greater than a first threshold, controlling the user access authority according to a control rule based on the user attribute and the resource attribute, otherwise, adjusting the control rule by using the credibility, and controlling the user access authority according to the user attribute, the resource attribute and the adjusted control rule. According to the method, community division is performed by using the user atlas, and the flexibility of the ABAC access control method is improved in combination with the security of the system.

Description

technical field [0001] The present invention relates to the field of access control, in particular to a graph-based access control method and system. Background technique [0002] The rapid development of the Internet has brought a lot of convenience to people's lives, which is inseparable from information security. Access control is an important part of information security. Access control mainly includes three elements, access subject, access authority, and access resources. Its basic principles It means that the access subject accesses the resource according to the access permission item, preventing the access subject from accessing the non-authorized resources. According to the way of access control implementation, it can be divided into discretionary access control (Discretionary Access Control, DAC), mandatory access control (Mandatory Access Control, MAC), role-based access control (Role-Based Access Control, RBAC) and attribute-based access control (Attribute Based ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40G06F21/57G06F16/901
CPCH04L63/10H04L63/105H04L63/104H04L63/205G06F21/577G06F16/9024G06F2221/2141Y02D10/00
Inventor 曹敏苏玉许绘香
Owner ZHENGZHOU INST OF TECH
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com