Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A multi-mode access control policy formulation and execution method in cloud environment

An access control strategy and multi-mode technology, which is applied in the directions of instruments, computing, and electrical digital data processing, etc., can solve the problems of frequent changes of user permissions and attribute value changes that cannot be applied, and achieve fast and convenient attribute access control, easy analysis, and enhanced The effect of adaptability and scalability

Active Publication Date: 2018-01-09
HUAZHONG UNIV OF SCI & TECH
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Aiming at the above defects or improvement needs of the prior art, the present invention provides a method for formulating and executing multi-mode access control policies in a cloud environment, the purpose of which is to realize Data security access control mechanism, so as to solve the technical problems existing in existing methods that cannot be applied to frequent changes in user permissions or frequent changes in attribute values

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A multi-mode access control policy formulation and execution method in cloud environment
  • A multi-mode access control policy formulation and execution method in cloud environment
  • A multi-mode access control policy formulation and execution method in cloud environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0043] Below at first relevant technical term of the present invention is explained and illustrated:

[0044] Domain (Area): also known as space. A domain is a logical division of data storage areas in the system. Domains can be divided into personal domains (Secret Area, SA for short), group domains (Group Area, GA for short), and public domains (Public Area, PA for short).

[0045]Personal ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a multi-mode access control strategy making and executing method under a cloud environment. According to the data access characteristics in different areas under the cloud environment, and the optimal access control method is selected. By defining an access strategy description language, the making and using rule of access strategies is restrained in a unified mode, and therefore an IBAC, an ABAC and a DABAC work cooperatively, and a data safety guarantee under the cloud environment is achieved. The IBAC is used in a secret area to achieve access control of fine grit, the ABAC is used in a group area so that efficient and expansible access control, a dynamic attribute concept is led in on the basis of existing attribute access control, the access strategies are expressed through a multi-branch-tree structure, a dynamic attribute access control strategy capable of supporting dynamic authorization is designed, and therefore the self-adaption requirement of public area access control can be met.

Description

technical field [0001] The invention belongs to the technical field of computer storage, and mainly relates to a multi-mode access control policy formulation and execution method in a cloud environment. Background technique [0002] Compared with the traditional storage environment, the cloud storage environment has the characteristics of polymorphism, complexity and dynamics. Polymorphism is mainly manifested in the wide dispersion of user groups, large differences in background levels, low mutual viscosity and diversification and diversity of needs; complexity is mainly manifested in the fact that users have different characteristic information in different scenarios, and The user's feature information is often unpredictable, so the user's permissions should be different in different scenarios; the dynamics is mainly manifested in the fact that the user's feature information is usually time-sensitive, and may be changed in different time periods. Completely different feat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/60
CPCG06F21/604
Inventor 李春花周可吴泽邦魏荣磊雷成
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products