Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Access control method based on policy review and authorization extension

An access control and policy technology, applied in digital transmission systems, secure communication devices, electrical components, etc., can solve the problems of only permission and rejection, insufficient fine-grainedness, etc., to achieve the effect of increasing flexibility and ensuring privacy

Pending Publication Date: 2022-08-02
NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the problem with the ABAC model is that resources with different protection requirements are not fine-grained enough, and the types of resource authorization are only permission and denial.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method based on policy review and authorization extension
  • Access control method based on policy review and authorization extension

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] It is easy to understand that according to the technical solutions of the present invention, without changing the essential spirit of the present invention, those skilled in the art can imagine various implementations of the access control method based on policy review and authorization extension of the present invention. Therefore, the following specific embodiments and accompanying drawings are only exemplary descriptions of the technical solutions of the present invention, and should not be regarded as the whole of the present invention or as limitations or restrictions on the technical solutions of the present invention.

[0029] The technical solutions of the present invention will be described in detail below with reference to the accompanying drawings.

[0030] The basic idea of ​​the present invention is to expand the service type of resource authorization, in addition to permission and rejection, the concept of partial permission is added. Define a policy revie...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an access control authorization method based on policy review and authorization extension, which comprises the following steps: firstly, expanding the service type of traditional ABAC model resource authorization, and adding the concept of partial permission except permission and rejection; defining a strategy review module, checking whether the attributes of the user meet a review rule set and a privacy rule set in the strategy review module, checking rules in the review rule set firstly, and rejecting the service as long as one rule is not met; and after all the review rule sets are met, checking the privacy rule set, and displaying part of data or all data according to the matching condition of the user attribute and the privacy rule set. After an access control strategy of resources is formulated, all participated attributes in the system are uniformly described by applying an XACML (Extensible Access Control Markup Language). Fine-grained management of resources is realized, and flexibility is increased while privacy is guaranteed.

Description

technical field [0001] The invention belongs to the field of computer software development, and particularly relates to a safe and flexible user authorization method in a distributed computing environment. Background technique [0002] Access control is an indispensable part of the information security system, and it is also an important aspect of ensuring the security of distributed computing (including cloud computing services). Access control restricts access subjects so that protected information resources can only be accessed within the legal scope. With the increase in the number of cloud users and changes in computing and storage methods, resources have become difficult to centrally manage and control. How to innovate and research an access control model suitable for the cloud computing environment will become the key to solving cloud security threats. [0003] With the expansion of the number of roles in the cloud computing environment, the RBAC model has the proble...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40
CPCH04L63/105H04L63/20
Inventor 许峰张烁朱颖董佳辉倪茜
Owner NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com