Unlock instant, AI-driven research and patent intelligence for your innovation.

Technological method for realizing multiple grade safety access control in network environment

A security access control and network environment technology, applied in the field of multi-level security access control, can solve problems such as legal users rarely care, information illegal eavesdropping, uneconomical, etc., to enhance access control capabilities, improve security, and improve efficiency. Effect

Inactive Publication Date: 2007-07-11
成都三零盛安信息系统有限公司
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The security of computer networks has always been a research hotspot. In the past, the research on information security in the network environment mainly considered the security issues of information itself when it was transmitted on the network, such as confidentiality and validity issues, mainly for illegal wiretapping of information. These problems can be solved by encryption technology, and the problem of information disclosure of legitimate users is rarely concerned
Its disadvantages are: ①It needs to be implemented by hardware, which is not economical; ②It needs to modify the link layer protocol, which brings about incompatibility; ③Controlled by a logical gateway, the granularity is relatively coarse

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Technological method for realizing multiple grade safety access control in network environment
  • Technological method for realizing multiple grade safety access control in network environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0012] According to the above technical solution, an implementation example based on the Linux operating system is given below.

[0013] 1. Software design

[0014] To implement the mandatory access control mechanism in the network environment, the following problems need to be solved:

[0015] 1) The transmission of MAC labels between host nodes;

[0016] 2) Mutual recognition of MAC labels between host nodes;

[0017] 3) Modification processing of TCP / UDP protocol packets;

[0018] 4) Compatibility with existing applications should also be considered;

[0019] Another point to consider is whether you need to set network privileged hosts; if so, the host can communicate with any other host, regardless of its MAC label. On the one hand, it can bring convenience; on the other hand, it will also bring security risks, just like the ROOT user in the OS.

[0020] The current design supports 16 sensitivity levels, 28 category sets. The reason is the inherent limitation of the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This invention discloses a technological method for realizing multistage safety access control characterizing in modifying TCP / IP protocol stack of the operation system kernel including modifying UDP message and TCP handshaking process, applying network forced access control measures on TCP / UDP layer with the advantage of realizing it in an operation system core, having high efficiency and safety, preventing internal users form revealing information, supporting complicated trust relations.

Description

technical field [0001] The present invention relates to an information security technology in a network environment, specifically to a multi-level security access control method that can effectively prevent internal users from leaking information casually in the network. Background technique [0002] Due to the widespread use of computers and networks, information sharing between computers has grown rapidly. However, the current security mechanism of the operating system mainly considers the information security of the stand-alone system, and ignores the information security in the network environment. The security of computer networks has always been a research hotspot. In the past, the research on information security in the network environment mainly considered the security issues of information itself when it was transmitted on the network, such as confidentiality and validity issues, mainly for illegal wiretapping of information. These problems can be solved by encrypti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/00H04L29/06H04L12/24H04Q3/545
Inventor 张志文
Owner 成都三零盛安信息系统有限公司