Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Role access control method based on dynamic description logic

A role access control, dynamic description logic technology, applied in the direction of instruments, digital data authentication, electronic digital data processing, etc., can solve the problem that it is difficult to determine the corresponding relationship between roles and permissions, and it is difficult to meet the requirements without good inheritance of RBAC static authorization. Information security needs and other issues

Active Publication Date: 2012-06-13
GUILIN UNIV OF ELECTRONIC TECH
View PDF6 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] First, it simply introduces roles into the task flow, and does not have the advantages of inheriting RBAC's static authorization;
[0014] Second, because in the above model, permissions are granted to roles only when task instances are executed, and roles activated by users when they are not executing task instances do not have corresponding permissions, which makes the correspondence between roles and permissions very difficult. Difficult to determine;
[0015] Third, it does not deal with the problem of how to deal with the role constraints brought about by adding roles to the task flow. As a complete security system model, the constraint mechanism is very important, and how to deal with this mechanism is also particularly important
Various current methods have their limitations in specific application fields, and it is difficult to meet the needs of today's enterprises and networks for information security.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Role access control method based on dynamic description logic
  • Role access control method based on dynamic description logic
  • Role access control method based on dynamic description logic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0071] Attached below figure 2 The models and methods provided by the present invention are described in detail.

[0072] figure 2 Based on the role-based access control model, tasks, role libraries, and session lists are added, and roles are divided into static roles and dynamic roles. First, we first use dynamic description logic SHOIQ -DL formally describes the entire model, establishing SHOIQ -DL ERBAC The purpose of the knowledge base is to automatically handle the role constraint mechanism in access control. Secondly, based on this model, the system administrator statically assigns permissions to roles to form various forms of the above-mentioned roles, and saves these roles in the role library. In order to make the assignment of roles and permissions within a reasonable range of granularity, this requires the system administrator to have certain experience.

[0073] The administrator also needs to statically add some basic roles, such as the roles correspondin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a role access control method based on dynamic description logic. The method is characterized in that: on the original basis of role-based access, a concept of a role library is introduced, roles are formally divided into static roles and dynamic roles, an expanded role-based access control (ERBAC) model is adopted for access control, an access control method of the ERBAC model is described by using dynamic description logic SHOIQ-DL, an SHOIQ-DL ERBAC knowledge base is established, a constraint mechanism of the roles is processed by using a method for determining the consistency of the dynamic description logic, and the constraint mechanism can be automatically processed in the access process. By adoption of the model and the method provided by the invention, data can be protected during static access control or dynamic access control of an enterprise and a network, so that the data are safer. Moreover, the method takes the dynamic description logic as the logic base, may strictly depict and reason relative knowledge in a role access control system, further realize auto treatment to the role constraint on this basis.

Description

technical field [0001] The invention relates to the field of enterprise and network data information security, in particular to a method for controlling user access to resource rights, more specifically, a dynamic description logic-based role access control method. Background technique [0002] Access control (Access Control) is based on identity authentication, according to authorization to control the proposed resource access request. Access control is the main strategy for enterprise and network security prevention and protection. It can limit access to key resources and prevent damage caused by intrusion of illegal users or inadvertent operation of legitimate users. [0003] With the accelerated pace of enterprise informatization and the development of computer technology, Web-based information management systems have become the mainstream of information management system development, security issues have also become the focus of attention, and the management of user rig...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F21/44
Inventor 常亮章启城
Owner GUILIN UNIV OF ELECTRONIC TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products