CN104079569A - BLP improved model integrated with credibility level and authentication access method - Google Patents
BLP improved model integrated with credibility level and authentication access method Download PDFInfo
- Publication number
- CN104079569A CN104079569A CN201410294654.XA CN201410294654A CN104079569A CN 104079569 A CN104079569 A CN 104079569A CN 201410294654 A CN201410294654 A CN 201410294654A CN 104079569 A CN104079569 A CN 104079569A
- Authority
- CN
- China
- Prior art keywords
- confidence level
- main body
- represent
- rule
- platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to a BLP improved model integrated with a credibility level and an authentication access method. A new method is adopted for evaluating the credibility level of systems of user platforms, the influence of the platforms on the credibility level is considered, an integrality label is added, and the integrality label of a main body can be dynamically adjusted. The BLP improved model integrated with the credibility level and the authentication access method have the advantages that the security model and the trusted computing theory are ingeniously combined, mandatory access control is achieved on the basis of the trusted network connection technology, an innovation is brought to the original method, and system security is improved; due to the situation that platforms of different terminals are different in configuration, the new system credibility level computing method is provided and has higher universality; the BLP model is improved, the influence of the platforms on the credibility level is considered, the integrality label is added, and the integrality label of the main body can be dynamically adjusted, so that the security, integrality and usability of the model are improved, and system efficiency is improved.
Description
Technical field
The invention belongs to computer information safety technique field.Particularly, the present invention relates to a kind of BLP improved model and authentication access method that incorporates confidence level.
Background technology
BLP model is to realize the very classical a kind of model of multilevel security, and it carrys out the confidentiality of guarantee information by " supremely read, without under write " two conditions, thereby is widely used in SOS.BLP model distributes a security attribute to each subject and object, and security attribute two element group representations, are denoted as (intensive, classification set), is intensively used for representing degree of secrecy, and classification set is used for representing organizing or the set of department.During the access of BLP model regulation main object, need to meet following two rules: only, when the sensitivity level of main body is not less than the classification set of the sensitivity level of object and the classification set-inclusion object of main body, just allow main body to read object; Only, when the sensitivity level of main body is not during higher than the classification set of the classification set-inclusion main body of object sensitivity level and object, just allow main body to write object.
But there are a lot of problems in BLP model: very flexible, integrity protection disappearance and poor availability etc.A lot of scholars improve BLP model, and existing BLP improves one's methods, and still there are the following problems:
1, do not consider the impacts of factor on information system such as platform, position;
2, do not provide the appraisal procedure of confidence level, or there is defect in appraisal procedure, amount of calculation is large, affects efficiency;
3, integrality strategy is not strict, can not carry out dynamic adjustments, or does not consider integrality.
Traditional information safety system only authenticates the identity of terminal, the credibility accessing terminal is not judged, can not meet the actual needs of people to information security.In order to address this problem, credible computation organization (TCG) calculates credible calculating with traditional network security technology and combines, the standards and norms of trustable network connection (TNC) have been formulated, its object is incredible network operation behavior to be controlled at terminal, is used for guaranteeing the credibility of network environment.TNC is based upon on reliable computing technology basis, using functions such as the credible tolerance mechanism of TPM and credible report mechanisms as the important component part that builds trustable network linked system, realizes access to netwoks and controls.Before accessing terminal to network, need to carry out successively the residing platform identity authentication of authenticating user identification and user, if the two authentication all passes, then by credible password module, the trusted status of terminal platform is measured, if tolerance result can meet the security strategy of network insertion, allow accessing terminal to network; Otherwise, refuse accessing terminal to network or according to the reparation strategy of system, terminal be connected to appointed area, it is carried out to fail safe repairing and upgrading.
Summary of the invention
The present invention solves the existing technical problem of prior art; Provide a kind of theory security model and credible calculating to combine, on the basis of Trusted network connection, calculate the system confidence level of terminal, and confidence level is incorporated in BLP model, thereby confidentiality, integrality and availability a kind of who has strengthened system incorporates BLP improved model and the authentication access method of confidence level.
Above-mentioned technical problem of the present invention is mainly solved by following technical proposals:
An authentication access method based on incorporating the BLP improved model of confidence level, is characterized in that, comprises the following steps:
Step 1, when user asks to access after Intranet, first to authenticate user identity, authentication by after carry out platform identity authentication, finally carry out Platform integrity authentication, after three authentications are passed through, user can successfully access Intranet; If an authentication can not be passed through, access Intranet failure, access finishes;
Step 2, successfully access after Intranet, carry out the assessment of the system confidence level of user platform: first calculate the system confidence level of user platform, then adopt confidence level valuation functions to be used for the confidence level of the system that realizes to the mapping of confidence level;
Step 3, according to the security strategy that incorporates the BLP improved model of confidence level, judge whether user has authority access Intranet resource; If meet security strategy, allow to conduct interviews, if do not meet strategy, refuse its visiting demand.
In above-mentioned a kind of authentication access method based on incorporating the BLP improved model of confidence level, in described step 2,
Calculate the system confidence level g of user platform, based on following formula:
Wherein
represent the weight of a certain type systematic confidence level factor of influence on the impact of system confidence level, and
, by analytic hierarchy process (AHP), drawn;
represent a certain class confidence level factor of influence of actual disposition platform and the comparison result of standard configuration platform;
Adopt confidence level valuation functions to be used for the confidence level of the system that realizes to the mapping of confidence level, by following formula realization:
;
A BLP improved model that incorporates confidence level, is characterized in that, based on following four definition:
Definition 1,
srepresent main body collection,
orepresent object collection,
represent privileged trusted subjects,
represent insincere main body, and
; Main object access mode set A :=
r,
a,
w,
e, wherein, r represents read-onlyly not write, and a represents only to write and do not read, and w represents read-write, and e represents to carry out;
Definition 2, confidentiality identification sets are share
represent,
, wherein
crepresent privacy levels classification set,
represent the set of confidentiality category; If
,
,
and if only if
;
Definition 3, integrality identification sets are share
represent,
, wherein
irepresent integrity grade classification set,
represent the set of integrality category; If
,
and if only if
;
Definition 4, system mode set are
v, system mode
vrepresent
van element;
The current collection of taking is used
brepresent, for any
be used for representing main body
suse
amode to object
oconduct interviews.
At above-mentioned a kind of BLP improved model that incorporates confidence level, in described definition 4, access control matrix is used
mrepresent,
represent main body
right
the set of access rights;
Confidentiality rank function represents with F, and f is comprised of three parts,
,
the confidential function of maximum that represents main body,
represent that main body maximum is confidential,
the current confidential function that represents main body,
the confidential function of object that represents object;
Integrity levels function represents with I, and I is comprised of three parts,
,
the maximum full stage function that represents main body,
represent the maximum full stage of main body,
the current full stage function that represents main body,
the object full stage function that represents object; The full stage of main body is dynamic, and safety officer can dynamically adjust the full stage of main body;
The system confidence level of platform represents with E,
the system confidence level that represents main platform,
the system confidence level that represents object platform;
The level of confidentiality structure of current object represents with h,
; For any
, h (o) represents to take the set of object in tree that o is root, wherein
and there is not object set
make
And
, r wherein, w is positive integer,
; Namely, in current object structure, any object does not all have a plurality of objects, and it does not exist circulation.
At above-mentioned a kind of BLP improved model that incorporates confidence level, the access in step 3 is carried out based on following rule:
Rule 1: autonomous credible and secure rule:
A system mode
satisfied independently credible and secure, and if only if
This rule is for autonomous access control, and it guarantees to only have when main body place platform is non-insincere platform, just allows principal access object;
Rule 2: simple credible and secure rule:
A system mode
satisfied simply credible and secure, and if only if
a) x=e;
B) x=r or w, and
;
C) x=a, and
;
Rule 3: read credible and secure rule:
For untrusted main body
, and
, a system mode
meet and to read credible and securely, and if only if
Rule 4: add credible and secure rule:
For untrusted main body
, and
, a system mode
, meet and to read credible and securely, and if only if
Rule 5: write credible and secure rule:
For untrusted main body
, and
, a system mode
,
And if only if
Rule 6: dynamic regulation rule:
Trusted subjects
(safety officer) can, periodically to user add information analysis assessment, dynamically adjust user's full stage according to assessment result.
Therefore, tool of the present invention has the following advantages: 1. the present invention combines two kinds of methods of the theory of security model and credible calculating dexterously, on the basis of Trusted network connection, realize and force access control, original method is innovated, increased the fail safe of system; 2. the present invention is directed to the different situation of platform configuration of different terminals, propose a kind of computational methods of new system confidence level, there is very strong versatility; 3. the present invention improves BLP model, has considered the impact of platform on confidence level, has increased integrality label, and can dynamically adjust the integrality label of main body, thereby strengthened the confidentiality of model, integrality and availability, improved the efficiency of system.
Accompanying drawing explanation
Accompanying drawing 1 is a kind of method flow schematic diagram of the present invention.
Embodiment
Below by embodiment, and by reference to the accompanying drawings, technical scheme of the present invention is described in further detail.
Embodiment:
Fig. 1 is implementing procedure figure of the present invention, can apply the present invention in the environment of user's request access Intranet resource.
One, concrete workflow is as follows:
1) when user asks to access after Intranet, first to authenticate user identity, authentication by after carry out platform identity authentication, finally carry out Platform integrity authentication, after three authentications are passed through, user can successfully access Intranet.If an authentication can not be passed through, access Intranet failure;
2) the system confidence level of assessment user platform is divided into two steps: first calculate the system confidence level of user platform, then adopt confidence level valuation functions to be used for the confidence level of the system that realizes to the mapping of confidence level;
3) according to the security strategy that incorporates the BLP improved model of confidence level, judge whether user has authority access Intranet resource.If meet security strategy, allow to conduct interviews, if do not meet strategy, refuse its visiting demand.
Two, in the method based on above-mentioned, formalized description of the present invention is comprised of following definition and rule:
Definition 1
srepresent main body collection,
orepresent object collection,
represent privileged trusted subjects,
represent insincere main body, and
.Main object access mode set A :=
r,
a,
w,
e, wherein, r represents read-onlyly not write, and a represents only to write and do not read, and w represents read-write, and e represents to carry out.
Defining 2 confidentiality identification sets share
represent,
, wherein
crepresent privacy levels classification set,
represent the set of confidentiality category.If
,
and if only if
.
Defining 3 integrality identification sets share
represent,
, wherein
irepresent integrity grade classification set,
represent the set of integrality category.If
,
and if only if
.
Defining 4 system mode set is
v, system mode
vrepresent
van element.
The current collection of taking is used
brepresent, for any
be used for representing main body
suse
amode to object
oconduct interviews;
Access control matrix is used
mrepresent,
represent main body
right
the set of access rights;
Confidentiality rank function represents with F, and f is comprised of three parts,
,
the confidential function of maximum that represents main body,
represent that main body maximum is confidential,
the current confidential function that represents main body,
the confidential function of object that represents object;
Integrity levels function represents with I, and I is comprised of three parts,
,
the maximum full stage function that represents main body,
represent the maximum full stage of main body,
the current full stage function that represents main body,
the object full stage function that represents object.The full stage of main body is dynamic, and safety officer can dynamically adjust the full stage of main body;
The system confidence level of platform represents with E,
,
the system confidence level that represents main platform,
the system confidence level that represents object platform;
The level of confidentiality structure of current object represents with h,
.For any
, h (o) represents to take the set of object in tree that o is root, wherein
and there is not object set
make
And
, r wherein, w is positive integer,
.Namely, in current object structure, any object does not all have a plurality of objects, and it does not exist circulation.
In above-mentioned definition 4, the system confidence level of user platform is assessed and can be divided into 2 parts below:
1) calculate the system confidence level g of user platform.
The present invention calculates confidence level by following formula:
Wherein
represent the weight of a certain type systematic confidence level factor of influence on the impact of system confidence level, and
, can be drawn by analytic hierarchy process (AHP).Four class factors of influence are followed successively by platform, operating system, security component and application program.Platform refers to that system power-up is to the factor before kernel loads, operating system comprises the kernel module that kernel loads loads to the factor during the foundation of running environment and run duration etc., security component comprises the program that strengthens system safety, as antivirus software etc., application program refers to the process in user's space operation.
represent a certain class confidence level factor of influence of actual disposition platform and the comparison result of standard configuration platform.For example, if total program quantity that the security component class of actual disposition platform comprises be
a, the program quantity of comparing consistent security component class with standard configuration platform is
b,
.
2) adopt confidence level valuation functions to be used for the confidence level of the system that realizes to the mapping of confidence level.The present invention realizes by following formula:
Specific rules of the present invention is as follows:
Rule 1: autonomous credible and secure rule
A system mode
satisfied independently credible and secure, and if only if
This rule is for autonomous access control, and it guarantees to only have when main body place platform is non-insincere platform, just allows principal access object.
Rule 2: simple credible and secure rule
A system mode
satisfied simply credible and secure, and if only if
d) x=e;
E) x=r or w, and
;
F) x=a, and
;
Rule 3: read credible and secure rule
For untrusted main body
, and
, a system mode
meet and to read credible and securely, and if only if
This rule shows, only has confidential when the safe machine level of confidentiality domination object of main body, and during the system confidence level of the system confidence level of main body domination object, just permission " reading ".
Rule 4: add credible and secure rule
For untrusted main body
, and
, a system mode
, meet and to read credible and securely, and if only if
This rule shows, only has confidential when the safe machine level of confidentiality domination main body of object, the full stage of the full stage domination object of main body, and during the system confidence level of the system confidence level of main body domination object, just allow " writing ", namely interpolation.
Rule 5: write credible and secure rule
For untrusted main body
, and
, a system mode
,
And if only if
This rule shows to only have the safe machine level of confidentiality when main body to equate with the confidential of object, and during the system confidence level of the system confidence level of main body domination object, just allows " writing ", namely interpolation.
Rule 6: dynamic regulation rule
Trusted subjects
(safety officer) can, periodically to user add information analysis assessment, dynamically adjust user's full stage according to assessment result.
Specific embodiment described herein is only to the explanation for example of the present invention's spirit.Those skilled in the art can make various modifications or supplement or adopt similar mode to substitute described specific embodiment, but can't depart from spirit of the present invention or surmount the defined scope of appended claims.
Claims (5)
1. the authentication access method based on incorporating the BLP improved model of confidence level, is characterized in that, comprises the following steps:
Step 1, when user asks to access after Intranet, first to authenticate user identity, authentication by after carry out platform identity authentication, finally carry out Platform integrity authentication, after three authentications are passed through, user can successfully access Intranet; If an authentication can not be passed through, access Intranet failure, access finishes;
Step 2, successfully access after Intranet, carry out the assessment of the system confidence level of user platform: first calculate the system confidence level of user platform, then adopt confidence level valuation functions to be used for the confidence level of the system that realizes to the mapping of confidence level;
Step 3, according to the security strategy that incorporates the BLP improved model of confidence level, judge whether user has authority access Intranet resource; If meet security strategy, allow to conduct interviews, if do not meet strategy, refuse its visiting demand.
2. a kind of authentication access method based on incorporating the BLP improved model of confidence level according to claim 1, is characterized in that, in described step 2,
Calculate the system confidence level g of user platform, based on following formula:
Wherein
represent the weight of a certain type systematic confidence level factor of influence on the impact of system confidence level, and
, by analytic hierarchy process (AHP), drawn;
represent a certain class confidence level factor of influence of actual disposition platform and the comparison result of standard configuration platform;
Adopt confidence level valuation functions to be used for the confidence level of the system that realizes to the mapping of confidence level, by following formula realization:
。
3. a BLP improved model that incorporates confidence level claimed in claim 1, is characterized in that, based on following four definition:
Definition 1,
srepresent main body collection,
orepresent object collection,
represent privileged trusted subjects,
represent insincere main body, and
; Main object access mode set A :=
r,
a,
w,
e, wherein, r represents read-onlyly not write, and a represents only to write and do not read, and w represents read-write, and e represents to carry out;
Definition 2, confidentiality identification sets are share
represent,
, wherein
crepresent privacy levels classification set,
represent the set of confidentiality category; If
,
,
and if only if
;
Definition 3, integrality identification sets are share
represent,
, wherein
irepresent integrity grade classification set,
represent the set of integrality category; If
,
and if only if
;
Definition 4, system mode set are
v, system mode
vrepresent
van element;
The current collection of taking is used
brepresent, for any
be used for representing main body
suse
amode to object
oconduct interviews.
4. a kind of BLP improved model that incorporates confidence level according to claim 3, is characterized in that,
In described definition 4, access control matrix is used
mrepresent,
represent main body
right
the set of access rights;
Confidentiality rank function represents with F, and f is comprised of three parts,
,
the confidential function of maximum that represents main body,
represent that main body maximum is confidential,
the current confidential function that represents main body,
the confidential function of object that represents object;
Integrity levels function represents with I, and I is comprised of three parts,
,
the maximum full stage function that represents main body,
represent the maximum full stage of main body,
the current full stage function that represents main body,
the object full stage function that represents object; The full stage of main body is dynamic, and safety officer can dynamically adjust the full stage of main body;
The system confidence level of platform represents with E,
the system confidence level that represents main platform,
the system confidence level that represents object platform;
The level of confidentiality structure of current object represents with h,
; For any
, h (o) represents to take the set of object in tree that o is root, wherein
and there is not object set
make
and
, r wherein, w is positive integer,
; Namely, in current object structure, any object does not all have a plurality of objects, and it does not exist circulation.
5. a kind of BLP improved model that incorporates confidence level according to claim 3, is characterized in that, the access in step 3 is carried out based on following rule:
Rule 1: autonomous credible and secure rule:
A system mode
satisfied independently credible and secure, and if only if
This rule is for autonomous access control, and it guarantees to only have when main body place platform is non-insincere platform, just allows principal access object;
Rule 2: simple credible and secure rule:
A system mode
satisfied simply credible and secure, and if only if
x=e;
X=r or w, and
;
X=a, and
;
Rule 3: read credible and secure rule:
For untrusted main body
, and
, a system mode
meet and to read credible and securely, and if only if
Rule 4: add credible and secure rule:
For untrusted main body
, and
, a system mode
, meet and to read credible and securely, and if only if
Rule 5: write credible and secure rule:
For untrusted main body
, and
, a system mode
,
And if only if
Rule 6: dynamic regulation rule:
Trusted subjects
can, periodically to user add information analysis assessment, according to assessment result, user's full stage dynamically be adjusted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410294654.XA CN104079569A (en) | 2014-06-27 | 2014-06-27 | BLP improved model integrated with credibility level and authentication access method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410294654.XA CN104079569A (en) | 2014-06-27 | 2014-06-27 | BLP improved model integrated with credibility level and authentication access method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104079569A true CN104079569A (en) | 2014-10-01 |
Family
ID=51600612
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410294654.XA Pending CN104079569A (en) | 2014-06-27 | 2014-06-27 | BLP improved model integrated with credibility level and authentication access method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104079569A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462899A (en) * | 2014-11-29 | 2015-03-25 | 中国航空工业集团公司第六三一研究所 | Trust access control method for comprehensive avionics system |
| CN105678176A (en) * | 2016-01-15 | 2016-06-15 | 瑞达信息安全产业股份有限公司 | Mandatory access control method under virtual environment |
| CN105959322A (en) * | 2016-07-13 | 2016-09-21 | 浪潮(北京)电子信息产业有限公司 | Mandatory access control method and system based on fusion of multiple protection strategies |
| CN106888091A (en) * | 2015-12-23 | 2017-06-23 | 北京奇虎科技有限公司 | Trustable network cut-in method and system based on EAP |
| CN107016289A (en) * | 2017-02-15 | 2017-08-04 | 中国科学院信息工程研究所 | The thin terminal security method for establishing model of movement and device based on Web operating systems |
| CN107273754A (en) * | 2016-04-08 | 2017-10-20 | 中兴通讯股份有限公司 | A kind of data access control method and device |
| CN107403099A (en) * | 2017-08-04 | 2017-11-28 | 郑州云海信息技术有限公司 | A kind of method and system for constructing believable dangerous function database |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102497382A (en) * | 2011-12-26 | 2012-06-13 | 苏州风采信息技术有限公司 | Method of security confidentiality strategy |
-
2014
- 2014-06-27 CN CN201410294654.XA patent/CN104079569A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102497382A (en) * | 2011-12-26 | 2012-06-13 | 苏州风采信息技术有限公司 | Method of security confidentiality strategy |
Non-Patent Citations (4)
| Title |
|---|
| 张焕国等: "可信网络连接研究", 《计算机学报》 * |
| 樊洁: "基于TNC的BLP访问控制模型研究", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
| 池亚平等: "基于可信等级的BLP改进模型", 《计算机工程》 * |
| 黄勇等: "支持动态调节的保密性和完整性统一模型", 《浙江大学学报(工学版)》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462899A (en) * | 2014-11-29 | 2015-03-25 | 中国航空工业集团公司第六三一研究所 | Trust access control method for comprehensive avionics system |
| CN106888091A (en) * | 2015-12-23 | 2017-06-23 | 北京奇虎科技有限公司 | Trustable network cut-in method and system based on EAP |
| CN105678176A (en) * | 2016-01-15 | 2016-06-15 | 瑞达信息安全产业股份有限公司 | Mandatory access control method under virtual environment |
| CN107273754A (en) * | 2016-04-08 | 2017-10-20 | 中兴通讯股份有限公司 | A kind of data access control method and device |
| CN105959322A (en) * | 2016-07-13 | 2016-09-21 | 浪潮(北京)电子信息产业有限公司 | Mandatory access control method and system based on fusion of multiple protection strategies |
| CN107016289A (en) * | 2017-02-15 | 2017-08-04 | 中国科学院信息工程研究所 | The thin terminal security method for establishing model of movement and device based on Web operating systems |
| CN107403099A (en) * | 2017-08-04 | 2017-11-28 | 郑州云海信息技术有限公司 | A kind of method and system for constructing believable dangerous function database |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104079569A (en) | BLP improved model integrated with credibility level and authentication access method | |
| CN107851150A (en) | The technology that secure hardware and software for credible I/O prove | |
| Arbaugh | Improving the TCPA specification | |
| CN103038745A (en) | Extending an integrity measurement | |
| GB2382419A (en) | Creating a trusted environment using integrity metrics | |
| CN101727545A (en) | Method for implementing mandatory access control mechanism of security operating system | |
| CN105046163A (en) | Protecting critical data structures in embedded hypervisor system | |
| CN111159762B (en) | Subject credibility verification method and system under mandatory access control | |
| CN106789059A (en) | A kind of long-range two-way access control system and method based on trust computing | |
| Smith et al. | The craft of system security | |
| CN105306486B (en) | A kind of medicine inspection cloud computing safety state evaluation method based on markoff process | |
| CN106469271A (en) | Method to remove Root authority is combined based on forced symmetric centralization with powers and functions | |
| Jin et al. | Analysis of security models based on multilevel security policy | |
| US20210019440A1 (en) | System, method, and computer-accessible medium for training models on mixed sensitivity datasets | |
| CN105653928B (en) | A kind of refusal service detection method towards big data platform | |
| Fournaris et al. | From hardware security tokens to trusted computing and trusted systems | |
| Ozga et al. | Chors: Hardening high-assurance security systems with trusted computing | |
| CN106682490A (en) | CFL artificial immune computer model construction method | |
| Wu et al. | New approaches to cyber defense | |
| CN107526969A (en) | A kind of method and device for determining IP kernel level of security | |
| Liu et al. | An improved MLS policy model | |
| RU2630163C1 (en) | Method of control of files access | |
| Wang et al. | Security violation detection for rbac based interoperation in distributed environment | |
| Wu et al. | Research on Trust-Role Access Control Model in Cloud Computing | |
| Chen et al. | Intellectual Property Protection of Deep Learning Systems via Hardware/Software Co-design |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141001 |