Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Domain-based access control method and system

A technology of access control and access control strategy, which is applied in the field of operating systems, can solve problems such as poor security, and achieve the effect of strong applicability and ease of use

Inactive Publication Date: 2012-06-13
BEIJING NASE HENGXIN TECH
View PDF5 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In the face of current application security issues, the above access control model cannot effectively solve application security, such as: role-based access control (Role-Based Access Control), which mainly focuses on the rights and responsibilities of different roles in the system Separation; the Discretionary Access Control (Discretionary Access Control) subject has full control over its objects and running programs. The current mainstream operating system provides this access control model by default, which has poor security.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Domain-based access control method and system
  • Domain-based access control method and system
  • Domain-based access control method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] Preferred embodiments of the present invention will be described below in conjunction with the accompanying drawings. It should be understood that the embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention.

[0033] figure 1 It is a flow chart of the domain-based access control method according to the present invention, and the following will refer to figure 1 , the domain-based access control method of the present invention is described in detail:

[0034] First, in step 101, according to the user's requirements for system protection, a DBAC policy library is established. The security administrator defines a series of domains for different applications, sets the access rights list, and then on the subject and object of each application in the system, Set the domain label of each application and establish a domain-based access control policy library; when setting the domain label for...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a domain-based access control method and system. The domain-based access control method comprises the following steps of: setting a domain label of each application and establishing a domain-based access control policy library on subject and object of each application in a system through aiming at different application domains according to requirements of a user on protection of the system; capturing an access request of the subject on the object in the system; submitting the access request to the domain-based access control policy library to perform domain label detection; and judging whether a current operation is allowed or not, accepting the current access request if the current operation is allowed, and refusing the current access request if the current operation is not allowed. The domain-based access control system comprises a capturing filtering module, an access control judging module, a domain database module, a domain information managing module and a safety journal querying module, wherein the capturing filtering module is used for capturing and filtering data access requests of application programs in the system, the access control judging module is used for judging whether a subject domain label and an object domain label are same or not and determining whether an access action is allowed or not, the domain database module is used for saving information of the access control policy library, the domain information managing module is used for modifying the information of the access control policy library and querying safety journals, and the safety journal querying module is used for storing dangerous operation information disobeying an access control policy. According to the domain-based access control method and system, disclosed by the invention, the application program can be effectively protected, and the safety of the application program and an operating system can be improved.

Description

technical field [0001] The invention relates to an operating system, in particular to an access control method and system for the operating system. Background technique [0002] Access control of existing operating systems generally includes Discretionary Access Control, Mandatory Access Control, Role-Based Access Control (Role-Based Access Control) Bell-Lapadula model, and Biba model ,in, [0003] Discretionary Access Control Model (Discretionary Access Control), the subject can independently grant the access control authority of the object it owns to other subjects or withdraw the granted authority from other subjects, leaving part of the right to grant or cancel the access authority to the individual user. It is difficult for administrators to determine which users have access rights to which resources, which is not conducive to the realization of unified global access control. In many organizations, users do not have ownership of the resources they can access, and the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F21/50
Inventor 艾奇伟
Owner BEIJING NASE HENGXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com