CN105871880B - Across tenant access control method based on trust model under a kind of cloud environment - Google Patents

Across tenant access control method based on trust model under a kind of cloud environment Download PDF

Info

Publication number
CN105871880B
CN105871880B CN201610303258.8A CN201610303258A CN105871880B CN 105871880 B CN105871880 B CN 105871880B CN 201610303258 A CN201610303258 A CN 201610303258A CN 105871880 B CN105871880 B CN 105871880B
Authority
CN
China
Prior art keywords
tenant
user
permission
relationship
trustee
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610303258.8A
Other languages
Chinese (zh)
Other versions
CN105871880A (en
Inventor
邹德清
金海�
闵军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huazhong University of Science and Technology
Original Assignee
Huazhong University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huazhong University of Science and Technology filed Critical Huazhong University of Science and Technology
Priority to CN201610303258.8A priority Critical patent/CN105871880B/en
Publication of CN105871880A publication Critical patent/CN105871880A/en
Application granted granted Critical
Publication of CN105871880B publication Critical patent/CN105871880B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses across tenant access control methods based on trust model under a kind of cloud environment, for cloud computing multi-tenant architecture feature, realize that the user of a tenant can access the resource of other tenants by corresponding mandate, cooperate the resource resource security brought and privacy sex chromosome mosaicism between solution tenant.By defining two kinds of tenant's trusting relationship, tenant's trusting relationship concept is introduced into access control model, the access control demand being reflected between two tenants.By the definition of model element and the formalized description of pattern function, tenant's trust model is constructed, the characteristics of to adapt to cloud computing multi-tenant, realizes across tenant access control.

Description

Across tenant access control method based on trust model under a kind of cloud environment
Technical field
The invention belongs to cloud computing information security field, more particularly, under a kind of cloud environment based on trust model Across tenant access control method.
Background technology
Cloud computing is one of the hot issue of current information technical field, is that academia, industrial circle, government etc. extremely close The focus of note, core concept are to link together a large amount of computing resources, storage resource and software resource, form huge size Shared virtual IT resource pools.Multi-tenant technology makes different user share identical resource, is the key that cloud computing uses skill Art and resource being capable of dynamic retractility and the key reasons that make full use of.Multi-tenant technology passes through on-demand customization and shared storage Interactive mode obtain cloud service while be also faced with new challenges:1. unauthorized tenant steals letter to obtain business secret Breath;2. tenant's unauthorized access unauthorized resource with part permission;3. cloud service provider may be to outward leakage tenant's business Information.Therefore the controllability problem of complex interaction between needing exploration to solve each entity, by the access rights for effectively controlling tenant To protect the safety and privacy of its information.
Academia has expanded the research of the access control technology under cloud computing environment, and main research point concentrates on cloud meter Calculate access control model, the access control based on encryption mechanism, virtual machine access control etc. under environment.However in cloud resource Chi Zhong, logical security domain lose physical boundary instead of the physical security boundary under conventional architectures pattern, the cloud resource of tenant The access control model of the security control in domain, former distributed environment is not particularly suited for tenant's collaboration scenario cross-border in cloud.
Invention content
For the disadvantages described above or Improvement requirement of the prior art, the present invention provides trust model is based under a kind of cloud environment Across tenant access control method realize a rent it is intended that by introducing tenant's trusting relationship to access control model The user at family can access the resource of other tenants by corresponding mandate, to solve the resource security brought that cooperates between tenant Property and privacy sex chromosome mosaicism.
To achieve the above object, according to one aspect of the present invention, it provides under a kind of cloud environment based on trust model Across tenant access control method, includes the following steps:
(1) user sends access request, and the tenant for receiving the access request judges whether user belongs to this tenant, if It is then to call authority distribution function in the tenant in tenant's trust model, is then transferred to step (6), otherwise enters step (2);
(2) judge the tenant belonging to user whether with receive the access request tenant establish trusting relationship, if so, (3) are then entered step, else process terminates;
(3) judge the tenant belonging to user and the trusting relationship type between the tenant for receiving the access request, if it is First type is then transferred to step (4), if it is second of type, is then transferred to step (5);
(4) across tenant authority distribution function in tenant's calling tenant's trust model of the access request is received, to sending The user of access request authorizes permission, is then transferred to step (6);
(5) across tenant authority distribution letter in tenant's calling tenant's trust model belonging to the user of access request is sent Number obtains permission from the tenant for receiving access request and is granted to user, is then transferred to step (6);
(6) user executes access operation using rights that have been granted.
Preferably, tenant's trust model has following model element:
Tenant, to use the enterprise, department or tissue of cloud service;
User, to access the main body of tenant's resource in cloud platform, each user there are one unique owner tenant, And tenant has multiple users, user to access tenant's resource according to the permission authorized, and carries out relevant business processing.
Permission is a kind of privilege for the specification being present in tenant, and only there are one owner tenant, tenants for each permission There are multiple permissions.
Preferably, if trusting relationship is the first type, after trusting relationship is established, tenant A can disclose its portion to tenant B Point or whole user information, it is therefore an objective to tenant B can distribute use of the permission to tenant A of tenant B based on the user information of tenant A Across tenant authorized appropriation is completed at family;If trusting relationship is second of type, after trusting relationship is established, tenant A, which can will be authorized, to be divided The control matched entrusts to tenant B, it is therefore an objective to tenant B can the authority distribution of tenant A to the user in tenant B, complete across Tenant's authorized appropriation.
Preferably, tenant's trust model has such as minor function, to indicate the relationship between model element:
(1) trusting relationship is established:Tenant collects a binary crelation between Tenants and tenant's collection Tenants,
(2) tenant user creates:Tenant collects a binary crelation between Tenants and user's collection Users,It is many-one relationship between tenant and user, a tenant can have multiple users, a user that can only belong to Some tenant;
(3) tenant's permission creates:Tenant collects a binary crelation between Tenants and authority set Permissions,It is many-one relationship between tenant and permission, tenant can be there are many permission, and a kind of permission can only belong to In some tenant;
(4) authority distribution in tenant:Authority set Permissions in tenant and user collect one two between Users First relationship,It is many-to-many relationship between user and permission, one user can there are many permission, Yi Zhongquan Limit can distribute to multiple users.User-authority distribution is specified by tenant administrator.
(5) across tenant authority distribution:Binary crelation between the user's collection and the authority set of another tenant of one tenant,It is many-to-many relationship between user and permission, user can be there are many permission, and a kind of permission can be with Distribute to multiple users.
Preferably, tenant's trusting relationship is divided into two classes:
(1) trustee discloses its user information to trustee, and trustee distributes its permission to trustee based on user information User.
(2) trustee will entrust to trustee, trustee to obtain visit from trustee across the control of tenant's authorized appropriation Ask permission.
Preferably, tenant's trusting relationship has the following properties that:
(1) tenant's trusting relationship is binary crelation between tenant from trustee to trustee;
(2) tenant always trusts itself, and not trusted relationship affect is accessed in tenant domain;
(3) in order to control propagation and the enabling of trusting relationship, trusting relationship can only be initiated and by being commissioned via trustee People establishes after agreeing to, cannot indirectly infer from the combination of other trusting relationships;
(4) trusting relationship is unidirectional and each directionally independent.Individually tenant can be in a trusting relationship Trustee, the other is trustee.
In general, through the invention it is contemplated above technical scheme is compared with the prior art, can obtain down and show Beneficial effect:
(1) scene that the present invention is suitable for cooperating between cloud platform tenant:User's identification division, as a result of step (1) With step (2), tenant is allow to select corresponding access control scheme according to the case where user, realizes fine granularity with tenant for list The access control of position, and meet the diversified demand under cloud environment.
(2) present invention solves across tenant access safety and privacy concern:As a result of step (3), step (4) and step Suddenly (5), only establish trusting relationship between tenant, the resource access rights of other tenants can be awarded in user, realize across Tenant's access control provides personalized demand for services for tenant.
(3) present invention has the characteristics that reasonable design, simple in structure, configuration is flexible, can further be expanded based on the method Showing has access control model, has good value for applications.
Description of the drawings
Fig. 1 is the flow chart across tenant's access control method based on trust model under cloud environment of the present invention;
Fig. 2 is the schematic diagram of tenant's trust model of the present invention.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.As long as in addition, technical characteristic involved in the various embodiments of the present invention described below It does not constitute a conflict with each other and can be combined with each other.
As shown in Figure 1, across tenant access control method based on trust model includes the following steps under cloud environment of the present invention:
(1) tenant receives the access request that user sends, and judges whether user belongs to this tenant, if it is, calling Then authority distribution function in tenant in tenant's trust model is transferred to step (6), otherwise enters step (2);
(2) judge the tenant belonging to user whether with receive the access request tenant establish trusting relationship, if so, (3) are then entered step, else process terminates;
(3) judge the tenant belonging to user and the trusting relationship type between the tenant for receiving the access request, if it is First type is then transferred to step (4), if it is second of type, is then transferred to step (5);
(4) across tenant authority distribution function in tenant's calling tenant's trust model of the access request is received, to sending The user of access request authorizes permission, is then transferred to step (6);
(5) across tenant authority distribution letter in tenant's calling tenant's trust model belonging to the user of access request is sent Number obtains permission from the tenant for receiving access request and is granted to user, is then transferred to step (6);
(6) user executes access operation using rights that have been granted.
As shown in Fig. 2, in the present invention, tenant's trust model has following model element:
(1) tenant:Using the enterprise, department or tissue of cloud service, it is denoted as Tenants={ t1, t2..., tn, indicate institute Have the set of tenant, in practice usually by tenant be mapped to its lease cloud service particular virtual domain, cloud user activity and Resource access is defined in a tenant domain.
(2) user:The main body for accessing tenant's resource in cloud platform, is denoted as Users={ u1, u2..., un, indicate that institute is useful The set at family.There are one unique owner tenants by each user, and tenant has multiple users.User is according to the permission authorized Tenant's resource is accessed, relevant business processing is carried out.
(3) permission:Permission is a kind of privilege for the specification being present in tenant, is denoted as Permissions={ p1, p2..., pn, indicate the set of all permissions.For each permission only there are one owner tenant, tenant has multiple permissions.
Tenant's trust model has such as minor function, to indicate the relationship between model element:
(1) trusting relationship is established:Tenant collects a binary crelation between Tenants and tenant's collection Tenants,
Tenant's trusting relationship is divided into two classes:
1-1) trustee discloses its user information to trustee, and trustee distributes its permission to trustee based on user information User.
1-2) trustee will entrust to trustee, trustee to obtain visit from trustee across the control of tenant's authorized appropriation Ask permission.
(2) tenant user creates:Tenant collects a binary crelation between Tenants and user's collection Users,It is many-one relationship between tenant and user, a tenant can have multiple users, a user that can only belong to Some tenant.Correspondingly, function userOwner (u) maps a user to its owner tenant, as satisfaction (u, t) ∈ UserOwner (u)=t when TU;
(3) tenant's permission creates:Tenant collects a binary crelation between Tenants and authority set Permissions,It is many-one relationship between tenant and permission, tenant can be there are many permission, and a kind of permission can only belong to In some tenant.Correspondingly, function permOwner (p) maps a permission to its owner tenant, as satisfaction (p, t) PermOwner (p)=t when ∈ TP;
(4) authority distribution in tenant:Authority set Permissions in tenant and user collect one two between Users First relationship,It is many-to-many relationship between user and permission, one user can there are many permission, Yi Zhongquan Limit can distribute to multiple users.User-authority distribution is specified by tenant administrator.
(5) across tenant authority distribution:Binary crelation between the user's collection and the authority set of another tenant of one tenant,It is many-to-many relationship between user and permission, user can be there are many permission, and a kind of permission can be with Distribute to multiple users.The premise that permission is distributed to user across tenant is that there are following trusting relationships (to use symbolTable Show) one of which:
Embodiment
(1) tenant registers
Tenant's trusting relationship management service that enterprise tenant plan is provided using cloud service provider.Enterprise tenant first It by register flow path, files an application to cloud service provider, the letters such as registration tenant's information, including enterprise name, address, phone Breath;Tenant's administrator information (using this administrator to create tenant's internal user and authority distribution later), selection letter are then provided Appoint the specific functional modules of relationship management service, such as application, permission, revocation.
(2) inter access control model
It is (self contained navigation, strong that three kinds of access control types that cloud service provider provided may be selected in tenant administrator Access control processed and role-base access control) one of which, complete tenant's inter access control model.
(3) across tenant access control modeling
When tenant A needs to cooperate with tenant B, after tenant A sends out trust application via tenant's B permissions, the two passes through Tenant's trusting relationship management service establishes trusting relationship.Tenant A is trustee, tenant B trustee.
If trusting relationship is the first type, after trusting relationship is established, tenant A can disclose its part or complete to tenant B Portion's user information, it is therefore an objective to which tenant B can distribute user of the permission to tenant A of tenant B based on the user information of tenant A, complete Across tenant authorized appropriation.
If trusting relationship is second of type, after trusting relationship is established, tenant A can entrust the control of authorized appropriation Give tenant B, it is therefore an objective to which tenant B can complete across tenant authorized appropriation the authority distribution of tenant A to the user in tenant B.
As it will be easily appreciated by one skilled in the art that the foregoing is merely illustrative of the preferred embodiments of the present invention, not to The limitation present invention, all within the spirits and principles of the present invention made by all any modification, equivalent and improvement etc., should all include Within protection scope of the present invention.

Claims (3)

1. across tenant access control method based on trust model under a kind of cloud environment, which is characterized in that include the following steps:
(1) user sends access request, and the tenant for receiving the access request judges whether user belongs to this tenant, if it is, Authority distribution function in the tenant in tenant's trust model is called, step (6) is then transferred to, otherwise enters step (2);
Wherein, tenant's trust model has following model element:
Tenant, to use the enterprise, department or tissue of cloud service;
User, to access the main body of tenant's resource in cloud platform, there are one unique owner tenants by each user, and rent Family has multiple users, user to access tenant's resource according to the permission authorized, carry out relevant business processing;
Permission is a kind of privilege for the specification being present in tenant, and only there are one owner tenants for each permission, and tenant has more A permission;
Tenant's trust model has such as minor function, to indicate the relationship between model element:
Establish trusting relationship:Tenant collects a binary crelation between Tenants and tenant's collection Tenants,T tables Show that tenant collects, TT indicates that two tenants collect the multiplied subset to set of T-phase;
Tenant user creates:Tenant collects a binary crelation between Tenants and user's collection Users,Tenant It is many-one relationship between user, a tenant can have multiple users, a user that can only belong to some tenant, U tables Show that user collects, TU indicates that tenant collects T and user collection U and is multiplied the subset gathered;
Tenant's permission creates:Tenant collects a binary crelation between Tenants and authority set Permissions,It is many-one relationship between tenant and permission, tenant can be there are many permission, and a kind of permission can only belong to In some tenant, P indicates authority set, and TP indicates that tenant collects T and is multiplied with authority set P the subset gathered;
Authority distribution in tenant:Authority set Permissions in tenant and user collect a binary crelation between Users,It is many-to-many relationship between user and permission, user can be there are many permission, and a kind of permission can divide The multiple users of dispensing, user-authority distribution are specified by tenant administrator, and PU indicates that authority set P and user's collection U phases are multiplied in tenant To the subset of set;
Across tenant authority distribution:Binary crelation between the user's collection and the authority set of another tenant of one tenant,It is many-to-many relationship between user and permission, user can be there are many permission, and a kind of permission can divide The multiple users of dispensing, AA indicate that the user of a tenant collects U and the authority set P of another tenant and the subset gathered that is multiplied;
(2) judge the tenant belonging to user whether with receive the access request tenant establish trusting relationship, if it is, into Enter step (3), else process terminates;
(3) tenant belonging to user and the trusting relationship type between the tenant for receiving the access request are judged, if it is first Type is then transferred to step (4), if it is second of type, is then transferred to step (5), wherein tenant's trusting relationship is divided into two Class:First type is that trustee discloses its user information to trustee, and trustee distributes its permission to committee based on user information The user to ask someone;Second type, which is trustee, to entrust to trustee across the control of tenant's authorized appropriation, and trustee is from committee Ask someone place obtain access rights;
(4) across tenant authority distribution function in tenant's calling tenant's trust model of the access request is received, is accessed sending The user of request authorizes permission, is then transferred to step (6);
(5) across tenant authority distribution function in tenant's calling tenant's trust model belonging to the user of access request is sent, from It receives and obtains permission at the tenant of access request and be granted to user, be then transferred to step (6);
(6) user executes access operation using rights that have been granted.
2. across tenant access control method according to claim 1, which is characterized in that if trusting relationship is the first type Type, after trusting relationship is established, tenant A can disclose its part or all of user information to tenant B, it is therefore an objective to which tenant B can be based on The permission of the user information distribution tenant B of tenant A completes across tenant authorized appropriation to the user of tenant A;If trusting relationship is the Two types, after trusting relationship is established, the control of authorized appropriation can be entrusted to tenant B by tenant A, it is therefore an objective to which tenant B can The authority distribution of tenant A to the user in tenant B, is completed across tenant authorized appropriation.
3. across tenant access control method according to claim 2, which is characterized in that tenant's trusting relationship has following property Matter:
(1) tenant's trusting relationship is binary crelation between tenant from trustee to trustee;
(2) tenant always trusts itself, and not trusted relationship affect is accessed in tenant domain;
(3) in order to control propagation and the enabling of trusting relationship, trusting relationship can only be via trustee's initiation and same by trustee It establishes, cannot indirectly infer from the combination of other trusting relationships after meaning;
(4) trusting relationship is unidirectional and each directionally independent, and single tenant can be commission in a trusting relationship People, the other is trustee.
CN201610303258.8A 2016-05-10 2016-05-10 Across tenant access control method based on trust model under a kind of cloud environment Active CN105871880B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610303258.8A CN105871880B (en) 2016-05-10 2016-05-10 Across tenant access control method based on trust model under a kind of cloud environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610303258.8A CN105871880B (en) 2016-05-10 2016-05-10 Across tenant access control method based on trust model under a kind of cloud environment

Publications (2)

Publication Number Publication Date
CN105871880A CN105871880A (en) 2016-08-17
CN105871880B true CN105871880B (en) 2018-11-06

Family

ID=56631592

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610303258.8A Active CN105871880B (en) 2016-05-10 2016-05-10 Across tenant access control method based on trust model under a kind of cloud environment

Country Status (1)

Country Link
CN (1) CN105871880B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756527B (en) * 2017-11-01 2022-01-21 阿里巴巴集团控股有限公司 Data sharing method, device and system
CN110968858B (en) * 2018-09-30 2022-04-01 北京国双科技有限公司 User authority control method and system
CN112579999B (en) * 2019-09-30 2024-08-23 北京国双科技有限公司 Data processing method and device
CN111182058B (en) * 2019-12-30 2022-07-26 福建天泉教育科技有限公司 Method and storage medium for realizing cross-tenant access at Android terminal
CN111988173B (en) * 2020-08-19 2023-09-12 北京安瑞志远科技有限公司 Tenant management platform and tenant management method based on multi-layer father-son structure tenant
CN114070600B (en) * 2021-11-11 2023-09-29 上海电气集团数字科技有限公司 Industrial Internet domain identity access control method based on zero trust model

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242277A (en) * 2008-03-11 2008-08-13 南京邮电大学 Authorization trust method based on trust under grid environment
CN101453476A (en) * 2009-01-06 2009-06-10 中国人民解放军信息工程大学 Cross domain authentication method and system
CN101729321A (en) * 2009-12-22 2010-06-09 北京理工大学 Dynamic cross-domain access control method based on trust valuation mechanism
CN101888341A (en) * 2010-07-20 2010-11-17 上海交通大学 Calculable creditworthiness-based access control method under distributed environment of multiple trusting domains
WO2012004185A1 (en) * 2010-07-08 2012-01-12 International Business Machines Corporation Resource access management
CN102571821A (en) * 2012-02-22 2012-07-11 浪潮电子信息产业股份有限公司 Cloud security access control model
CN105074685A (en) * 2013-03-15 2015-11-18 国际商业机器公司 Multi-tenancy support for enterprise social business computing

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242277A (en) * 2008-03-11 2008-08-13 南京邮电大学 Authorization trust method based on trust under grid environment
CN101453476A (en) * 2009-01-06 2009-06-10 中国人民解放军信息工程大学 Cross domain authentication method and system
CN101729321A (en) * 2009-12-22 2010-06-09 北京理工大学 Dynamic cross-domain access control method based on trust valuation mechanism
WO2012004185A1 (en) * 2010-07-08 2012-01-12 International Business Machines Corporation Resource access management
CN101888341A (en) * 2010-07-20 2010-11-17 上海交通大学 Calculable creditworthiness-based access control method under distributed environment of multiple trusting domains
CN102571821A (en) * 2012-02-22 2012-07-11 浪潮电子信息产业股份有限公司 Cloud security access control model
CN105074685A (en) * 2013-03-15 2015-11-18 国际商业机器公司 Multi-tenancy support for enterprise social business computing

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于分布式信任管理机制的网络授权研究;羌卫中,金海,石宣化,邹德清;《华中科技大学学报》;20051231;第33卷(第12期);第115-117页 *

Also Published As

Publication number Publication date
CN105871880A (en) 2016-08-17

Similar Documents

Publication Publication Date Title
CN105871880B (en) Across tenant access control method based on trust model under a kind of cloud environment
US9047462B2 (en) Computer account management system and realizing method thereof
CN108122109B (en) Electronic credential identity management method and device
CN106411857B (en) A kind of private clound GIS service access control method based on virtual isolation mech isolation test
US9098675B1 (en) Authorized delegation of permissions
US20080005115A1 (en) Methods and apparatus for scoped role-based access control
CN106792692B (en) A kind of physics dicing method based on SDN technology
KR20170024014A (en) System and method for supporting security in a multitenant application server environment
CN108092945B (en) Method and device for determining access authority and terminal
US8578452B2 (en) Method for securely creating a new user identity within an existing cloud account in a cloud computing system
US11089028B1 (en) Tokenization federation service
CN102932340A (en) System and method for role-based access control
US10432642B2 (en) Secure data corridors for data feeds
CN112187800B (en) Attribute-based access control method with anonymous access capability
WO2010028583A1 (en) Method and apparatus for managing the authority in workflow component based on authority component
CN109413080A (en) A kind of cross-domain dynamic mandatory control method and system
CN113765925B (en) Improved method based on OSAC and PERM access control model
TW201710944A (en) System and method for authentication
JP2005310161A (en) System, method and computer program for managing exchange among a plurality of business units
Zheng et al. Dynamic Role-Based Access Control Model.
US20230179402A1 (en) Device asserted verifiable credential
US10432641B2 (en) Secure data corridors
CN106295267B (en) It is a kind of access electronic equipment physical memory in private data method and apparatus
CN110662210A (en) Block chain-based secondary or repeated mobile phone number identification method, system and equipment
Wang et al. Decentralized identity authentication with trust distributed in blockchain backbone

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant