Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device, computer equipment and storage medium for determining conflicting rights

A technology for determining methods and permissions, applied in computer security devices, calculations, instruments, etc., can solve security threats and security loopholes in confidential content, and achieve the effect of reducing the probability of potential security risks

Active Publication Date: 2022-02-08
BEIJING QIANXIN TECH +1
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The inventor found that when there are many permissions in the permission set, there may be security holes after the combination of behaviors allowed by multiple permissions. For example, the permission set includes the permission to access confidential content and the permission to access the program download center to download applications from outside , the security of confidential content may be compromised when external applications carry file-stealing viruses

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device, computer equipment and storage medium for determining conflicting rights
  • Method, device, computer equipment and storage medium for determining conflicting rights
  • Method, device, computer equipment and storage medium for determining conflicting rights

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0029] The embodiment of the present invention provides a method for determining conflicting permissions, so as to determine the conflicting permissions in the permission set for a certain target subject, so as to process the conflicting permissions and reduce the impact of conflicting permissions on security. Specifically, figure 1 It is a flow chart of the method for determining conflicting permissions provided by Embodiment 1 of the present invention, as shown in figure 1 As shown, the method for determining conflicting rights provided by this embodiment includes the following steps S101 to S105.

[0030] Step S101: Obtain historical access information of the target subject.

[0031] The target subject can be an access subject identified by a user name or identification information of a terminal device, and a permission set is set for the access subject. For example, when a user identified by a user name accesses the target system, he can only access For another example, for...

Embodiment 2

[0047] Embodiment 2 of the present invention provides a preferred method for determining conflicting rights to determine conflicting rights in the rights set for a certain target subject. Some technical features are the same as those in the first embodiment above. The specific description and corresponding technologies The effect can refer to the first embodiment above. Further, the second embodiment judges the abnormal access records through the page dwell time, reduces the impact of the abnormal access records on the session, improves the accuracy of session determination, and further improves the accuracy of determination of conflicting permissions. specifically, figure 2 A flow chart of the method for determining conflicting rights provided by Embodiment 2 of the present invention, as shown in figure 2 As shown, the method for determining conflicting rights provided by the second embodiment includes the following steps S201 to S210.

[0048] Step S201: Obtain historica...

Embodiment 3

[0069] Embodiment 3 of the present invention provides a preferred method for determining conflicting rights, so as to determine conflicting rights in the rights set for a certain target subject. Some technical features are the same as those in the first and second embodiments above. For specific descriptions and corresponding technical effects, reference may be made to the first and second embodiments above. Further, in the third embodiment, the access records are obtained according to the access time and the judgment of each session is cyclically performed, and the judgment logic is simple and the accuracy is high. specifically, image 3 The flow chart of the method for determining conflicting permissions provided by Embodiment 3 of the present invention, as shown in image 3 As shown, the method for determining conflicting rights provided by the third embodiment includes the following steps S301 to S316.

[0070] Step S301: Obtain historical access information of the targe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method, device, computer equipment and storage medium for determining conflicting rights. The method for determining the conflicting authority includes: obtaining historical access information of the target subject; parsing the historical access information to obtain multiple access targets, wherein the access target includes the access address and the page operation performed when accessing the access address; Several access targets are divided into a behavior track; judge whether the behavior track is a dangerous behavior track through the threat model; and when the behavior track is a dangerous behavior track, in the permission set of the target subject, determine that the permission corresponding to the dangerous behavior track is a conflicting permission. Through the present invention, the conflicting authority in the authority set can be determined, and the probability of security risks in the authority set can be reduced.

Description

technical field [0001] The present invention relates to the technical field of authority processing, in particular to a method, device, computer equipment and storage medium for determining conflicting authority. Background technique [0002] In order to reflect differentiated security management, authority management is set up for users accessing the system. Rights management means that according to the security rules set by the system and the user's role definition, the access subject can only access the resources authorized by him or herself when accessing the system. In the prior art, corresponding permission sets are set for different access subjects. When performing access control, the access that belongs to the scope of the authority set is released, and the access that does not belong to the scope of the authority set is intercepted. [0003] The inventor found that when there are many permissions in the permission set, there may be security holes after the combinat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F21/30
CPCG06F21/577G06F21/30G06F2221/2141
Inventor 沈韵魏勇简明张泽洲
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com