CN105871880B - Across tenant access control method based on trust model under a kind of cloud environment - Google Patents
Across tenant access control method based on trust model under a kind of cloud environment Download PDFInfo
- Publication number
- CN105871880B CN105871880B CN201610303258.8A CN201610303258A CN105871880B CN 105871880 B CN105871880 B CN 105871880B CN 201610303258 A CN201610303258 A CN 201610303258A CN 105871880 B CN105871880 B CN 105871880B
- Authority
- CN
- China
- Prior art keywords
- tenant
- user
- permission
- relationship
- trustee
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses across tenant access control methods based on trust model under a kind of cloud environment, for cloud computing multi-tenant architecture feature, realize that the user of a tenant can access the resource of other tenants by corresponding mandate, cooperate the resource resource security brought and privacy sex chromosome mosaicism between solution tenant.By defining two kinds of tenant's trusting relationship, tenant's trusting relationship concept is introduced into access control model, the access control demand being reflected between two tenants.By the definition of model element and the formalized description of pattern function, tenant's trust model is constructed, the characteristics of to adapt to cloud computing multi-tenant, realizes across tenant access control.
Description
Technical field
The invention belongs to cloud computing information security field, more particularly, under a kind of cloud environment based on trust model
Across tenant access control method.
Background technology
Cloud computing is one of the hot issue of current information technical field, is that academia, industrial circle, government etc. extremely close
The focus of note, core concept are to link together a large amount of computing resources, storage resource and software resource, form huge size
Shared virtual IT resource pools.Multi-tenant technology makes different user share identical resource, is the key that cloud computing uses skill
Art and resource being capable of dynamic retractility and the key reasons that make full use of.Multi-tenant technology passes through on-demand customization and shared storage
Interactive mode obtain cloud service while be also faced with new challenges:1. unauthorized tenant steals letter to obtain business secret
Breath;2. tenant's unauthorized access unauthorized resource with part permission;3. cloud service provider may be to outward leakage tenant's business
Information.Therefore the controllability problem of complex interaction between needing exploration to solve each entity, by the access rights for effectively controlling tenant
To protect the safety and privacy of its information.
Academia has expanded the research of the access control technology under cloud computing environment, and main research point concentrates on cloud meter
Calculate access control model, the access control based on encryption mechanism, virtual machine access control etc. under environment.However in cloud resource
Chi Zhong, logical security domain lose physical boundary instead of the physical security boundary under conventional architectures pattern, the cloud resource of tenant
The access control model of the security control in domain, former distributed environment is not particularly suited for tenant's collaboration scenario cross-border in cloud.
Invention content
For the disadvantages described above or Improvement requirement of the prior art, the present invention provides trust model is based under a kind of cloud environment
Across tenant access control method realize a rent it is intended that by introducing tenant's trusting relationship to access control model
The user at family can access the resource of other tenants by corresponding mandate, to solve the resource security brought that cooperates between tenant
Property and privacy sex chromosome mosaicism.
To achieve the above object, according to one aspect of the present invention, it provides under a kind of cloud environment based on trust model
Across tenant access control method, includes the following steps:
(1) user sends access request, and the tenant for receiving the access request judges whether user belongs to this tenant, if
It is then to call authority distribution function in the tenant in tenant's trust model, is then transferred to step (6), otherwise enters step (2);
(2) judge the tenant belonging to user whether with receive the access request tenant establish trusting relationship, if so,
(3) are then entered step, else process terminates;
(3) judge the tenant belonging to user and the trusting relationship type between the tenant for receiving the access request, if it is
First type is then transferred to step (4), if it is second of type, is then transferred to step (5);
(4) across tenant authority distribution function in tenant's calling tenant's trust model of the access request is received, to sending
The user of access request authorizes permission, is then transferred to step (6);
(5) across tenant authority distribution letter in tenant's calling tenant's trust model belonging to the user of access request is sent
Number obtains permission from the tenant for receiving access request and is granted to user, is then transferred to step (6);
(6) user executes access operation using rights that have been granted.
Preferably, tenant's trust model has following model element:
Tenant, to use the enterprise, department or tissue of cloud service;
User, to access the main body of tenant's resource in cloud platform, each user there are one unique owner tenant,
And tenant has multiple users, user to access tenant's resource according to the permission authorized, and carries out relevant business processing.
Permission is a kind of privilege for the specification being present in tenant, and only there are one owner tenant, tenants for each permission
There are multiple permissions.
Preferably, if trusting relationship is the first type, after trusting relationship is established, tenant A can disclose its portion to tenant B
Point or whole user information, it is therefore an objective to tenant B can distribute use of the permission to tenant A of tenant B based on the user information of tenant A
Across tenant authorized appropriation is completed at family;If trusting relationship is second of type, after trusting relationship is established, tenant A, which can will be authorized, to be divided
The control matched entrusts to tenant B, it is therefore an objective to tenant B can the authority distribution of tenant A to the user in tenant B, complete across
Tenant's authorized appropriation.
Preferably, tenant's trust model has such as minor function, to indicate the relationship between model element:
(1) trusting relationship is established:Tenant collects a binary crelation between Tenants and tenant's collection Tenants,
(2) tenant user creates:Tenant collects a binary crelation between Tenants and user's collection Users,It is many-one relationship between tenant and user, a tenant can have multiple users, a user that can only belong to
Some tenant;
(3) tenant's permission creates:Tenant collects a binary crelation between Tenants and authority set Permissions,It is many-one relationship between tenant and permission, tenant can be there are many permission, and a kind of permission can only belong to
In some tenant;
(4) authority distribution in tenant:Authority set Permissions in tenant and user collect one two between Users
First relationship,It is many-to-many relationship between user and permission, one user can there are many permission, Yi Zhongquan
Limit can distribute to multiple users.User-authority distribution is specified by tenant administrator.
(5) across tenant authority distribution:Binary crelation between the user's collection and the authority set of another tenant of one tenant,It is many-to-many relationship between user and permission, user can be there are many permission, and a kind of permission can be with
Distribute to multiple users.
Preferably, tenant's trusting relationship is divided into two classes:
(1) trustee discloses its user information to trustee, and trustee distributes its permission to trustee based on user information
User.
(2) trustee will entrust to trustee, trustee to obtain visit from trustee across the control of tenant's authorized appropriation
Ask permission.
Preferably, tenant's trusting relationship has the following properties that:
(1) tenant's trusting relationship is binary crelation between tenant from trustee to trustee;
(2) tenant always trusts itself, and not trusted relationship affect is accessed in tenant domain;
(3) in order to control propagation and the enabling of trusting relationship, trusting relationship can only be initiated and by being commissioned via trustee
People establishes after agreeing to, cannot indirectly infer from the combination of other trusting relationships;
(4) trusting relationship is unidirectional and each directionally independent.Individually tenant can be in a trusting relationship
Trustee, the other is trustee.
In general, through the invention it is contemplated above technical scheme is compared with the prior art, can obtain down and show
Beneficial effect:
(1) scene that the present invention is suitable for cooperating between cloud platform tenant:User's identification division, as a result of step (1)
With step (2), tenant is allow to select corresponding access control scheme according to the case where user, realizes fine granularity with tenant for list
The access control of position, and meet the diversified demand under cloud environment.
(2) present invention solves across tenant access safety and privacy concern:As a result of step (3), step (4) and step
Suddenly (5), only establish trusting relationship between tenant, the resource access rights of other tenants can be awarded in user, realize across
Tenant's access control provides personalized demand for services for tenant.
(3) present invention has the characteristics that reasonable design, simple in structure, configuration is flexible, can further be expanded based on the method
Showing has access control model, has good value for applications.
Description of the drawings
Fig. 1 is the flow chart across tenant's access control method based on trust model under cloud environment of the present invention;
Fig. 2 is the schematic diagram of tenant's trust model of the present invention.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.As long as in addition, technical characteristic involved in the various embodiments of the present invention described below
It does not constitute a conflict with each other and can be combined with each other.
As shown in Figure 1, across tenant access control method based on trust model includes the following steps under cloud environment of the present invention:
(1) tenant receives the access request that user sends, and judges whether user belongs to this tenant, if it is, calling
Then authority distribution function in tenant in tenant's trust model is transferred to step (6), otherwise enters step (2);
(2) judge the tenant belonging to user whether with receive the access request tenant establish trusting relationship, if so,
(3) are then entered step, else process terminates;
(3) judge the tenant belonging to user and the trusting relationship type between the tenant for receiving the access request, if it is
First type is then transferred to step (4), if it is second of type, is then transferred to step (5);
(4) across tenant authority distribution function in tenant's calling tenant's trust model of the access request is received, to sending
The user of access request authorizes permission, is then transferred to step (6);
(5) across tenant authority distribution letter in tenant's calling tenant's trust model belonging to the user of access request is sent
Number obtains permission from the tenant for receiving access request and is granted to user, is then transferred to step (6);
(6) user executes access operation using rights that have been granted.
As shown in Fig. 2, in the present invention, tenant's trust model has following model element:
(1) tenant:Using the enterprise, department or tissue of cloud service, it is denoted as Tenants={ t1, t2..., tn, indicate institute
Have the set of tenant, in practice usually by tenant be mapped to its lease cloud service particular virtual domain, cloud user activity and
Resource access is defined in a tenant domain.
(2) user:The main body for accessing tenant's resource in cloud platform, is denoted as Users={ u1, u2..., un, indicate that institute is useful
The set at family.There are one unique owner tenants by each user, and tenant has multiple users.User is according to the permission authorized
Tenant's resource is accessed, relevant business processing is carried out.
(3) permission:Permission is a kind of privilege for the specification being present in tenant, is denoted as Permissions={ p1, p2...,
pn, indicate the set of all permissions.For each permission only there are one owner tenant, tenant has multiple permissions.
Tenant's trust model has such as minor function, to indicate the relationship between model element:
(1) trusting relationship is established:Tenant collects a binary crelation between Tenants and tenant's collection Tenants,
Tenant's trusting relationship is divided into two classes:
1-1) trustee discloses its user information to trustee, and trustee distributes its permission to trustee based on user information
User.
1-2) trustee will entrust to trustee, trustee to obtain visit from trustee across the control of tenant's authorized appropriation
Ask permission.
(2) tenant user creates:Tenant collects a binary crelation between Tenants and user's collection Users,It is many-one relationship between tenant and user, a tenant can have multiple users, a user that can only belong to
Some tenant.Correspondingly, function userOwner (u) maps a user to its owner tenant, as satisfaction (u, t) ∈
UserOwner (u)=t when TU;
(3) tenant's permission creates:Tenant collects a binary crelation between Tenants and authority set Permissions,It is many-one relationship between tenant and permission, tenant can be there are many permission, and a kind of permission can only belong to
In some tenant.Correspondingly, function permOwner (p) maps a permission to its owner tenant, as satisfaction (p, t)
PermOwner (p)=t when ∈ TP;
(4) authority distribution in tenant:Authority set Permissions in tenant and user collect one two between Users
First relationship,It is many-to-many relationship between user and permission, one user can there are many permission, Yi Zhongquan
Limit can distribute to multiple users.User-authority distribution is specified by tenant administrator.
(5) across tenant authority distribution:Binary crelation between the user's collection and the authority set of another tenant of one tenant,It is many-to-many relationship between user and permission, user can be there are many permission, and a kind of permission can be with
Distribute to multiple users.The premise that permission is distributed to user across tenant is that there are following trusting relationships (to use symbolTable
Show) one of which:
Embodiment
(1) tenant registers
Tenant's trusting relationship management service that enterprise tenant plan is provided using cloud service provider.Enterprise tenant first
It by register flow path, files an application to cloud service provider, the letters such as registration tenant's information, including enterprise name, address, phone
Breath;Tenant's administrator information (using this administrator to create tenant's internal user and authority distribution later), selection letter are then provided
Appoint the specific functional modules of relationship management service, such as application, permission, revocation.
(2) inter access control model
It is (self contained navigation, strong that three kinds of access control types that cloud service provider provided may be selected in tenant administrator
Access control processed and role-base access control) one of which, complete tenant's inter access control model.
(3) across tenant access control modeling
When tenant A needs to cooperate with tenant B, after tenant A sends out trust application via tenant's B permissions, the two passes through
Tenant's trusting relationship management service establishes trusting relationship.Tenant A is trustee, tenant B trustee.
If trusting relationship is the first type, after trusting relationship is established, tenant A can disclose its part or complete to tenant B
Portion's user information, it is therefore an objective to which tenant B can distribute user of the permission to tenant A of tenant B based on the user information of tenant A, complete
Across tenant authorized appropriation.
If trusting relationship is second of type, after trusting relationship is established, tenant A can entrust the control of authorized appropriation
Give tenant B, it is therefore an objective to which tenant B can complete across tenant authorized appropriation the authority distribution of tenant A to the user in tenant B.
As it will be easily appreciated by one skilled in the art that the foregoing is merely illustrative of the preferred embodiments of the present invention, not to
The limitation present invention, all within the spirits and principles of the present invention made by all any modification, equivalent and improvement etc., should all include
Within protection scope of the present invention.
Claims (3)
1. across tenant access control method based on trust model under a kind of cloud environment, which is characterized in that include the following steps:
(1) user sends access request, and the tenant for receiving the access request judges whether user belongs to this tenant, if it is,
Authority distribution function in the tenant in tenant's trust model is called, step (6) is then transferred to, otherwise enters step (2);
Wherein, tenant's trust model has following model element:
Tenant, to use the enterprise, department or tissue of cloud service;
User, to access the main body of tenant's resource in cloud platform, there are one unique owner tenants by each user, and rent
Family has multiple users, user to access tenant's resource according to the permission authorized, carry out relevant business processing;
Permission is a kind of privilege for the specification being present in tenant, and only there are one owner tenants for each permission, and tenant has more
A permission;
Tenant's trust model has such as minor function, to indicate the relationship between model element:
Establish trusting relationship:Tenant collects a binary crelation between Tenants and tenant's collection Tenants,T tables
Show that tenant collects, TT indicates that two tenants collect the multiplied subset to set of T-phase;
Tenant user creates:Tenant collects a binary crelation between Tenants and user's collection Users,Tenant
It is many-one relationship between user, a tenant can have multiple users, a user that can only belong to some tenant, U tables
Show that user collects, TU indicates that tenant collects T and user collection U and is multiplied the subset gathered;
Tenant's permission creates:Tenant collects a binary crelation between Tenants and authority set Permissions,It is many-one relationship between tenant and permission, tenant can be there are many permission, and a kind of permission can only belong to
In some tenant, P indicates authority set, and TP indicates that tenant collects T and is multiplied with authority set P the subset gathered;
Authority distribution in tenant:Authority set Permissions in tenant and user collect a binary crelation between Users,It is many-to-many relationship between user and permission, user can be there are many permission, and a kind of permission can divide
The multiple users of dispensing, user-authority distribution are specified by tenant administrator, and PU indicates that authority set P and user's collection U phases are multiplied in tenant
To the subset of set;
Across tenant authority distribution:Binary crelation between the user's collection and the authority set of another tenant of one tenant,It is many-to-many relationship between user and permission, user can be there are many permission, and a kind of permission can divide
The multiple users of dispensing, AA indicate that the user of a tenant collects U and the authority set P of another tenant and the subset gathered that is multiplied;
(2) judge the tenant belonging to user whether with receive the access request tenant establish trusting relationship, if it is, into
Enter step (3), else process terminates;
(3) tenant belonging to user and the trusting relationship type between the tenant for receiving the access request are judged, if it is first
Type is then transferred to step (4), if it is second of type, is then transferred to step (5), wherein tenant's trusting relationship is divided into two
Class:First type is that trustee discloses its user information to trustee, and trustee distributes its permission to committee based on user information
The user to ask someone;Second type, which is trustee, to entrust to trustee across the control of tenant's authorized appropriation, and trustee is from committee
Ask someone place obtain access rights;
(4) across tenant authority distribution function in tenant's calling tenant's trust model of the access request is received, is accessed sending
The user of request authorizes permission, is then transferred to step (6);
(5) across tenant authority distribution function in tenant's calling tenant's trust model belonging to the user of access request is sent, from
It receives and obtains permission at the tenant of access request and be granted to user, be then transferred to step (6);
(6) user executes access operation using rights that have been granted.
2. across tenant access control method according to claim 1, which is characterized in that if trusting relationship is the first type
Type, after trusting relationship is established, tenant A can disclose its part or all of user information to tenant B, it is therefore an objective to which tenant B can be based on
The permission of the user information distribution tenant B of tenant A completes across tenant authorized appropriation to the user of tenant A;If trusting relationship is the
Two types, after trusting relationship is established, the control of authorized appropriation can be entrusted to tenant B by tenant A, it is therefore an objective to which tenant B can
The authority distribution of tenant A to the user in tenant B, is completed across tenant authorized appropriation.
3. across tenant access control method according to claim 2, which is characterized in that tenant's trusting relationship has following property
Matter:
(1) tenant's trusting relationship is binary crelation between tenant from trustee to trustee;
(2) tenant always trusts itself, and not trusted relationship affect is accessed in tenant domain;
(3) in order to control propagation and the enabling of trusting relationship, trusting relationship can only be via trustee's initiation and same by trustee
It establishes, cannot indirectly infer from the combination of other trusting relationships after meaning;
(4) trusting relationship is unidirectional and each directionally independent, and single tenant can be commission in a trusting relationship
People, the other is trustee.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610303258.8A CN105871880B (en) | 2016-05-10 | 2016-05-10 | Across tenant access control method based on trust model under a kind of cloud environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610303258.8A CN105871880B (en) | 2016-05-10 | 2016-05-10 | Across tenant access control method based on trust model under a kind of cloud environment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105871880A CN105871880A (en) | 2016-08-17 |
CN105871880B true CN105871880B (en) | 2018-11-06 |
Family
ID=56631592
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610303258.8A Active CN105871880B (en) | 2016-05-10 | 2016-05-10 | Across tenant access control method based on trust model under a kind of cloud environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105871880B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109756527B (en) * | 2017-11-01 | 2022-01-21 | 阿里巴巴集团控股有限公司 | Data sharing method, device and system |
CN110968858B (en) * | 2018-09-30 | 2022-04-01 | 北京国双科技有限公司 | User authority control method and system |
CN112579999B (en) * | 2019-09-30 | 2024-08-23 | 北京国双科技有限公司 | Data processing method and device |
CN111182058B (en) * | 2019-12-30 | 2022-07-26 | 福建天泉教育科技有限公司 | Method and storage medium for realizing cross-tenant access at Android terminal |
CN111988173B (en) * | 2020-08-19 | 2023-09-12 | 北京安瑞志远科技有限公司 | Tenant management platform and tenant management method based on multi-layer father-son structure tenant |
CN114070600B (en) * | 2021-11-11 | 2023-09-29 | 上海电气集团数字科技有限公司 | Industrial Internet domain identity access control method based on zero trust model |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101242277A (en) * | 2008-03-11 | 2008-08-13 | 南京邮电大学 | Authorization trust method based on trust under grid environment |
CN101453476A (en) * | 2009-01-06 | 2009-06-10 | 中国人民解放军信息工程大学 | Cross domain authentication method and system |
CN101729321A (en) * | 2009-12-22 | 2010-06-09 | 北京理工大学 | Dynamic cross-domain access control method based on trust valuation mechanism |
CN101888341A (en) * | 2010-07-20 | 2010-11-17 | 上海交通大学 | Calculable creditworthiness-based access control method under distributed environment of multiple trusting domains |
WO2012004185A1 (en) * | 2010-07-08 | 2012-01-12 | International Business Machines Corporation | Resource access management |
CN102571821A (en) * | 2012-02-22 | 2012-07-11 | 浪潮电子信息产业股份有限公司 | Cloud security access control model |
CN105074685A (en) * | 2013-03-15 | 2015-11-18 | 国际商业机器公司 | Multi-tenancy support for enterprise social business computing |
-
2016
- 2016-05-10 CN CN201610303258.8A patent/CN105871880B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101242277A (en) * | 2008-03-11 | 2008-08-13 | 南京邮电大学 | Authorization trust method based on trust under grid environment |
CN101453476A (en) * | 2009-01-06 | 2009-06-10 | 中国人民解放军信息工程大学 | Cross domain authentication method and system |
CN101729321A (en) * | 2009-12-22 | 2010-06-09 | 北京理工大学 | Dynamic cross-domain access control method based on trust valuation mechanism |
WO2012004185A1 (en) * | 2010-07-08 | 2012-01-12 | International Business Machines Corporation | Resource access management |
CN101888341A (en) * | 2010-07-20 | 2010-11-17 | 上海交通大学 | Calculable creditworthiness-based access control method under distributed environment of multiple trusting domains |
CN102571821A (en) * | 2012-02-22 | 2012-07-11 | 浪潮电子信息产业股份有限公司 | Cloud security access control model |
CN105074685A (en) * | 2013-03-15 | 2015-11-18 | 国际商业机器公司 | Multi-tenancy support for enterprise social business computing |
Non-Patent Citations (1)
Title |
---|
基于分布式信任管理机制的网络授权研究;羌卫中,金海,石宣化,邹德清;《华中科技大学学报》;20051231;第33卷(第12期);第115-117页 * |
Also Published As
Publication number | Publication date |
---|---|
CN105871880A (en) | 2016-08-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105871880B (en) | Across tenant access control method based on trust model under a kind of cloud environment | |
US9047462B2 (en) | Computer account management system and realizing method thereof | |
CN108122109B (en) | Electronic credential identity management method and device | |
CN106411857B (en) | A kind of private clound GIS service access control method based on virtual isolation mech isolation test | |
US9098675B1 (en) | Authorized delegation of permissions | |
US20080005115A1 (en) | Methods and apparatus for scoped role-based access control | |
CN106792692B (en) | A kind of physics dicing method based on SDN technology | |
KR20170024014A (en) | System and method for supporting security in a multitenant application server environment | |
CN108092945B (en) | Method and device for determining access authority and terminal | |
US8578452B2 (en) | Method for securely creating a new user identity within an existing cloud account in a cloud computing system | |
US11089028B1 (en) | Tokenization federation service | |
CN102932340A (en) | System and method for role-based access control | |
US10432642B2 (en) | Secure data corridors for data feeds | |
CN112187800B (en) | Attribute-based access control method with anonymous access capability | |
WO2010028583A1 (en) | Method and apparatus for managing the authority in workflow component based on authority component | |
CN109413080A (en) | A kind of cross-domain dynamic mandatory control method and system | |
CN113765925B (en) | Improved method based on OSAC and PERM access control model | |
TW201710944A (en) | System and method for authentication | |
JP2005310161A (en) | System, method and computer program for managing exchange among a plurality of business units | |
Zheng et al. | Dynamic Role-Based Access Control Model. | |
US20230179402A1 (en) | Device asserted verifiable credential | |
US10432641B2 (en) | Secure data corridors | |
CN106295267B (en) | It is a kind of access electronic equipment physical memory in private data method and apparatus | |
CN110662210A (en) | Block chain-based secondary or repeated mobile phone number identification method, system and equipment | |
Wang et al. | Decentralized identity authentication with trust distributed in blockchain backbone |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |