Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Multidimension object access control method based on roles

A technology of object access and control methods, applied in the field of computer database security solutions, can solve the problems of undefined organic connections, expansion of the number of connections, failure to reflect the software system structure, etc., and achieve the effect of reducing authorization workload and facilitating security management

Inactive Publication Date: 2007-05-09
ASIAINFO TECH NANJING
View PDF2 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0020] In the Core RBAC model, if the system implements fine-grained permission control, as the size of the object of access control—the managed object grows, the number of PA (allowing to specify Permission Assignment) associations will expand rapidly, which will bring complexity to the authorization work sex
In addition, the organic connection between the managed objects is not defined in the model, which cannot reflect the macroscopic structure of the software system, and is not conducive to the introduction of management strategies at different levels

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multidimension object access control method based on roles
  • Multidimension object access control method based on roles
  • Multidimension object access control method based on roles

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] 1 Implementation background: Assume that there is an existing switch monitoring system to manage each program-controlled switch (SWITCH) in the telecommunication network. System maintenance personnel can complete the following operations:

[0038] 1. Switch status query (SWITCH.READ)

[0039] 2. Switch start and stop (SWITCH.OPER)

[0040] It is stipulated that only the administrator (ADMIN) can perform query and start-stop operations, while ordinary maintenance personnel (ATTENDANT) can only query the status of the switch. During the construction of the project, a total of 4 switches need to be monitored and managed: SWITCH1, SWITCH2, SWITCH3, SWITCH4. According to the division of regions, the system will be maintained by Jiangsu Branch (JIANGSU), Nanjing Branch (NANJING) and Suzhou Branch (SUZHOU) at the same time. Among them, SWITCH1 and SWITCH2 are maintained by Nanjing Branch, SWITCH3 and SWITCH4 are maintained by Suzhou Branch, and the provincial company can ma...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A conception of object dimension is introduced into the area, where the administrated objects (AO) are rather concentrative. The definition of AO is finely compartmentalized. The AO are compartmentalized into manifold groups under different dimensions. Nesting between groups is allowed. A multi-layer tree is formed. The different dimension represents different sorting modes of AO. The system supports several sorting modes co-existed. The system authorities are split into data authority and operate authority. For the data authority, all data entity in this system controlled by the data authority must possess corresponding safety administration objects (SAO). Associating these SAO with different Role, the invention can complete the data authorities splitting. All SAO in this model are grouped. Multi-grouping all SAO in the system in the same running are supported. Each grouping model is named a 'dimension'. Each value on the dimension is corresponding to a certain group.

Description

technical field [0001] The invention relates to a security solution for a computer database, in particular to an access control method for the database. Background technique [0002] Access Control: or Authorization. Access control is one of many computer security solutions, and it is the most intuitive and natural one. The risk of information security can be broadly attributed to CIA: information confidentiality (Confidentiality), information integrity (Integrity) and information availability (Availability). Access control mainly provides protection for information confidentiality and information integrity. Specifically, the software system provides the following controls: allowing authorized subjects to access certain objects; refusing to provide services to unauthorized subjects. [0003] RBAC (Role Based Access Control): Role-based access control model. There are many mainstream implementation models for access control, including discretio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L29/06
Inventor 吴旻哲黄小新宋海华
Owner ASIAINFO TECH NANJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com