CN116738495A - Access control processing method based on purpose self-adaption - Google Patents
Access control processing method based on purpose self-adaption Download PDFInfo
- Publication number
- CN116738495A CN116738495A CN202311028338.3A CN202311028338A CN116738495A CN 116738495 A CN116738495 A CN 116738495A CN 202311028338 A CN202311028338 A CN 202311028338A CN 116738495 A CN116738495 A CN 116738495A
- Authority
- CN
- China
- Prior art keywords
- query
- access control
- signature
- attribute
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 18
- 230000009471 action Effects 0.000 claims abstract description 76
- 238000011217 control strategy Methods 0.000 claims abstract description 36
- 238000000034 method Methods 0.000 claims abstract description 34
- 230000014509 gene expression Effects 0.000 claims abstract description 32
- 230000006978 adaptation Effects 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 13
- 238000012545 processing Methods 0.000 claims description 11
- 238000003860 storage Methods 0.000 claims description 11
- 230000002776 aggregation Effects 0.000 claims description 8
- 238000004220 aggregation Methods 0.000 claims description 8
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 abstract description 12
- 238000007726 management method Methods 0.000 description 28
- 230000006870 function Effects 0.000 description 12
- 230000006399 behavior Effects 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 239000004973 liquid crystal related substance Substances 0.000 description 4
- 238000013475 authorization Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 230000007547 defect Effects 0.000 description 3
- 239000000203 mixture Substances 0.000 description 3
- 230000003044 adaptive effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 238000013523 data management Methods 0.000 description 2
- 238000009795 derivation Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000005304 joining Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an access control processing method based on purpose self-adaption, which comprises the following steps: when a query to a database management system is received, converting the query into an information tuple according to the attribute of the expression, wherein the information tuple comprises a multidimensional parameter indicating the query; extracting information from the information tuple by using a preset encoding rule to generate a query signature, wherein the query signature comprises an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute; comparing the query signature with a preset access control strategy, wherein the access control strategy is the same as the encoding mode of the query signature; in the event that the query signature hits the access control policy, the query is rewritten with the query signature and the rewritten query is output to the database management system. The invention solves the technical problem that the database management system cannot protect the security of private data in the query process.
Description
Technical Field
The invention relates to the technical field of database access control, in particular to an access control processing method based on purpose self-adaption.
Background
With the advent of the big data age, massive data is under test of the load capacity of the data management system and the protection capacity of the data management system on the private data. The current access control implementation of the database management system is mainly based on an access control model of capacity, the model establishment is carried out around an access subject and a resource object, and the access control authority of the access subject is judged by relying on an access control table.
Even though the prior art proposes discretionary, forced role-based models that operate in a granularity range from the table level to the unit level, the distance between security and privacy-oriented data protection is not yet made up, because from a privacy-oriented perspective, the purpose represents the essence of the privacy policy, whereas from a security perspective, the purpose represents a new dimension of access control:
1, restricting the authority by accessing the relation between a host and a resource object, defining the mode that a database management system cannot pattern access control contents in the execution process, and determining access strategies of the host and the resource object only by polling or searching a cache index when the resource object is accessed, so that the data security and the execution security are greatly separated;
When the database management system accesses the relational database, the authority policy is often limited only when the authority policy is used as a result set, and the query engine does not avoid sensitive data, so that specific data types are accessed by the system in the query process, and potential safety hazards still exist in the process.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The embodiment of the invention provides an access control processing method based on purpose self-adaption, which at least solves the technical problem that a database management system cannot protect the security of private data in the query process.
According to an aspect of the embodiment of the present invention, there is provided an access control processing method based on purpose adaptation, including: when a query to a database management system is received, converting the query into an information tuple according to the attribute of the expression, wherein the information tuple comprises a multidimensional parameter indicating the query; extracting information from the information tuple by using a preset coding rule to generate a query signature, wherein the query signature comprises an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute; comparing the query signature with a preset access control strategy, wherein the access control strategy is the same as the encoding mode of the query signature; when the query signature hits the access control policy, the query is rewritten by using the query signature, and the rewritten query is output to the database management system.
Preferably, the converting the query into the information tuple according to the attribute of the expression includes: acquiring the attribute of the expression of the clause of the query; and converting the query into an information tuple corresponding to the attribute.
Preferably, the information extraction is performed on the information tuple by using a preset encoding rule, and the generating of the query signature includes: acquiring a data table corresponding to the query; determining the action signature of each data table according to the respective attribute of each data table and the action type executed by the attribute; and summarizing the action signature sets of the data tables to obtain the query signature of the query.
Preferably, before receiving the query to the database management system, the method further comprises: and inputting the original data of the access control strategy into a query model, and encoding the access control strategy.
Preferably, encoding the access control policy includes: determining a destination mask, an attribute mask and an action type mask of the access control policy; connecting the destination mask, the attribute mask and the action type mask to obtain a rule mask; and determining a policy mask of the access control policy by using the rule mask corresponding to each rule.
Preferably, comparing the query signature with a preset access control policy includes: comparing whether the access authority, the data property and the aggregation property of the query signature are consistent with the access control strategy or not; determining whether a joint access rule of the query signature is contained in the access control policy; checking whether a destination set and an attribute set of the query signature are included in the access control policy.
Preferably, after comparing the query signature with the preset access control policy, the method further includes: determining that the query signature hits the access control policy when the access right, the data property, and the aggregate property of the query signature are consistent with the access control policy, the joint access rule of the query signature is included in the access control policy, and the destination set and the attribute set of the query signature are included in the access control policy.
According to another aspect of the embodiment of the present invention, there is also provided an access control processing apparatus based on purpose adaptation, including: a conversion unit, configured to, when a query to a database management system is received, convert the query into an information tuple according to an attribute of an expression, where the information tuple includes a multidimensional parameter indicating the query; a query signature generation unit, configured to extract information from the information tuple by using a preset encoding rule, and generate a query signature, where the query signature includes an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute; the comparison unit is used for comparing the query signature with a preset access control strategy, wherein the access control strategy is the same as the encoding mode of the query signature; and a query rewrite unit configured to rewrite the query using the query signature and output the rewritten query to the database management system when the query signature hits the access control policy.
According to a further aspect of embodiments of the present invention, there is also provided a computer-readable storage medium having a computer program stored therein, wherein the computer program is configured to perform the above-described purpose-adaptive access control processing method at run-time.
According to yet another aspect of the embodiments of the present invention, there is also provided an electronic device including a memory, in which a computer program is stored, and a processor configured to execute the above-described purpose-adaptive access control processing method by the computer program.
In the embodiment of the invention, when the query of the database management system is received, the query is converted into the information tuple according to the attribute of the expression, the information is extracted from the information tuple by utilizing the preset coding rule, the query signature is generated, the query signature is compared with the preset access control strategy, and under the condition that the query signature hits the access control strategy, the query is rewritten by utilizing the query signature and is output to the database management system, and the access control analysis is carried out by combining the purposes, so that the aim of effectively compensating the security defect of the private data in the database system is achieved, the technical effect of improving the data security of the database system in the query process is realized, and the technical problem that the database management system cannot protect the security of the private data in the query process is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
FIG. 1 is a flow diagram of an alternative destination-based adaptive access control processing method in accordance with an embodiment of the present application;
FIG. 2 is a schematic diagram of an alternative data classification in accordance with an embodiment of the application;
FIG. 3 is a schematic diagram of an alternative destination-based adaptive access control processing method in accordance with an embodiment of the present application;
FIG. 4 is a schematic structural diagram of an alternative monitoring device for a smart device according to an embodiment of the present application;
fig. 5 is a schematic structural view of an alternative electronic device according to an embodiment of the present application.
Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
According to an aspect of the embodiment of the invention, an access control processing method based on purpose adaptation is provided, and the access control processing method based on purpose adaptation is widely applied to application scenes of access control of a database management system.
As an alternative embodiment, as shown in fig. 1, the above-mentioned access control processing method based on purpose adaptation includes:
S102, when a query of a database management system is received, converting the query into an information tuple according to the attribute of the expression, wherein the information tuple comprises a multidimensional parameter indicating the query;
s104, extracting information from the information tuple by using a preset encoding rule to generate a query signature, wherein the query signature comprises an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute;
s106, comparing the query signature with a preset access control strategy, wherein the access control strategy is the same as the encoding mode of the query signature;
s108, when the query signature hits the access control strategy, the query is rewritten by the query signature, and the rewritten query is output to the database management system.
Alternatively, the attributes of the expression are not limited to being dimensions of the access control policy, and in particular are not limited to including the substantivity or indirection of the access, the multiplicity or singleness of the access to the data source result set, the aggregative or non-aggregative nature of the access, and the federated access rules.
1) The substantivity and indirection of the access.
When the query enforces indirect access rights, the query behavior can access the data specified by the policy, filter the data, and group and sort the data of the targets to form a result set. When the query carries out direct access, the query action can read the data specified by the strategy and form a result set. For example, in a joint query and nested sub-query, some intermediate data is granted indirect access as foreign keys, the query behavior accesses the data contents of one table from another through the foreign key data, but the foreign key intermediate data does not constitute a result set.
2) Multiple and single access to the data source result set.
The dimension refinement grants direct access and the multiplicity indicates whether the query action reveals the contents of the field, which is singleness, and the multiplicity must be combined with the values of the data stored in the other table columns. The multiplicity is set to single because the corresponding value of the query has been extracted from a single data field. The singleness is set to multiple because the corresponding value of the query has been defined to combine data belonging to multiple data fields.
3) Aggregation of accesses.
In the case of direct access to a single or multiple sources, this dimension further refines the policy, indicating whether the query can display the contents of the constraint data field. When set to aggregate, access to the reference field F of tuple tp is allowed only if the access query aggregates the value of F with the values of the F fields of other tuples. If set to not aggregate, the access query may display the value of the corresponding field.
4) And (5) joint access rules.
Which data category in the query database can be accessed is specified by the federated access rules. It is assumed that the data classification is as shown in fig. 2, and is divided into four categories of identifier data, quasi-identifier data, sensitive data, and general data. The identifier data is personal data that allows direct identification of the data body; quasi-identifier data is a group of data capable of contacting data to which an individual belongs and external data, and is often used as an external key; sensitive data is not limited to private data that is personal; the general data is public data which does not belong to other three categories.
The data classification that allows the creator to type in each column in the database is not limited to when creating the database, but rather is not limited to defaulting non-typed data to generic data. In different fields, the respective data classifications are not limited to self-determination.
As an alternative embodiment, converting the query into an information tuple according to the attribute of the expression includes: acquiring the attribute of the expression of the clause of the query; and converting the query into an information tuple corresponding to the attribute.
Not limited to parsing query behavior into. Wherein (1)>Indicating whether access rights are indirect or direct, the expression indicates that for/>Can take the value +.>And->,/>Representing direct access rights,/->Representing indirect access rights;indicating whether the accessed data is multiplexed, +.>Indicating singleness (I)>Representing multiple; />Indicating whether or not to have polymeric nature->Indicating that it is polymeric->Indicating no polymerizability; />Representing the rule of the joint access,indicating the determined joint access constraint.
Defining policy rules asWherein->Object table for application operation +.>Specifying that the present rule acts on +.>A set of fields of a table; />Is a set->,/>For the type of operation +.>For the purpose of being authorized, +. >The indication acts at +.>Is defined in the specification.
As an optional implementation manner, the information extraction is performed on the information tuple by using a preset encoding rule, and the generating of the query signature includes: acquiring a data table corresponding to query; determining the action signature of each data table according to the respective attribute of each data table and the action type executed by the attribute; and summarizing the action signature sets of the data tables to obtain the query signature of the query.
The query signature is not limited to the type of operation used to verify the query is performed on the access data, and is specifically not limited to including action signatures and table signatures. Assume thatFor a query->Is->One of the tables accessed. />Action signature of->Is a tuple->Wherein->Is->(T table) subset of attributes, +.>Is assigned->For->The type of action performed by the attribute in (a). For a table, one or more attributes are included, each attribute having a respective type of action to be performed.
Is provided withIs->The set of accessed tables, then->Watch signature of->,Expressed as tuple->Wherein->Is->Action signature set of (1), action signature relates to +.>For->Access control rights for all columns.
As an alternative embodiment, before receiving the query to the database management system, the method further comprises: the original data of the access control strategy is input into a query model, and the access control strategy is encoded.
As an alternative embodiment, encoding the access control policy includes: determining a destination mask, an attribute mask, and an action type mask of the access control policy; connecting the destination mask, the attribute mask and the action type mask to obtain a rule mask; a policy mask for the access control policy is determined using the rule mask for each rule.
As an alternative embodiment, comparing the query signature with a preset access control policy includes: comparing whether the access authority, the data property, the aggregation property and the access control strategy of the query signature are consistent; determining whether the joint access rule of the query signature is contained in the access control policy; it is checked whether the set of objects and the set of attributes of the query signature are contained in the access control policy.
As an alternative embodiment, after comparing the query signature with the preset access control policy, the method further includes: in the case where the access rights, data properties, aggregate properties of the query signature are consistent with the access control policy, the federated access rules of the query signature are contained in the access control policy, and the destination set and attribute set of the query signature are contained in the access control policy, a query signature hit access control policy is determined.
The comparison of the query signature with the access control policy is not limited to verifying compliance of the query behavior by the query signature. Compliance analysis entails comparing components specified in the action signature with components specified in the access control policy. Comparing the policy component with the query signature component is not limited to checking the policy rules and the type of action specified by the query signature. Verifying compliance is not limited to verifying: 1) The characteristics of action type composition applied to the data are consistent; 2) The constraint tuples of the joint access are set to be consistent, e.g. the constraint tuple of the joint access specified for the action signature is set to a, and the corresponding constraint tuple of the joint access in the policy should also be a.
When checking the action type, it is setFor policy->Specified action type,/->The action type specified for the action signature. Then consider the checked policy +>And check policy->The following reasoning is satisfied:
(1)
wherein, the liquid crystal display device comprises a liquid crystal display device,representing a logical AND operator, it is expressed that both conditions are established simultaneously.
As can be seen from the above formula (1),and->The indirection, multiplicity and aggregation dimensions of (a) all have the same value. Furthermore, the->Allowing joint access to category identifier, quasi identifier and sensitive data, whereas +. >Allowing joint access to category identifiers and quasi identifiers. Thus (S)>Is in accordance with->. In the event that these four dimensions are all met, the joint access rule determination indicated by the action signature is contained in the policy.
In verifying compliance, it is also necessary to check the composition of the destination set and the attribute set, not limited to the destination set attribute set in the component specified by the action signature, but also included in the component specified for the policy.
Assume thatFor a query->Is the corresponding query signature. If policy is present in the system->The strategy is defined as: 1)/>Access->Column set is +.>Sub-sets of the referenced column setA collection; 2)/>For->Each action type of the actions performed corresponds to action type +.>;3)/>The access purpose of (1) is included in->In the access destination list.
And (5) performing policy compliance checking. Is provided withIs an access table->Inquiry of data in (1)/(1)>Is->Inquiry signature of->Is directed at->Is>The specified policies in (a) are satisfied->Or it applies to the whole table +.>。
Is provided withIs->Is directed to +.>。/>Is considered to be in line with->The conditions of (2) are:
(2)
equation (2) above represents the case of policy verificationAnd a review of the set of objects and attributes of the set.
The application framework of the above-described access control processing method based on the purpose adaptation is not limited to that shown in fig. 3.
First, the original data of the policy is input.
A database administrator defines a set of destination sets for policy specifications by grouping tablesIntroducing a target database, wherein +.>Representing the destination identifier->Representing a description of the object. And +.>The attributes of each table in (a) are classified. The classification is operated at a mode level,so that all data items in the same column of the table belong to the same category that the column characterizes. By adding up the table->Introducing object->To achieve classification, goal->The data class of each column in each table is tracked.
The administrator defines the destination authorization for the registered user. By putting a watchIntroducing object->Implemented by (a) wherein->Designating user to whom authorization is granted +.>Identifier of->Is->An identifier of the purpose of the authorization.
Finally, the administrator changes the targetsPatterns of tables to track enforced data policies by targetingIs implemented by introducing a column policy into each table of (1), which is defined as a binary attribute of variable length.
And secondly, establishing a query model.
SQL query QThe query model Qm is a four-dimensional tuple Wherein:
s models the choices of Q. S models items in the Q' S select statement, which are specified as a set of column expressions, where the attributes referencing the data sources specified in component F can also be used as input parameters for scalar functions or aggregate functions.
F models the data source accessed by Q. F is an expression of a set of tables specifying the data source accessed by Q. The data sources may be the result of a table or sub-query, and the expression of a table may specify the connection of multiple data sources.
W models the where clause. W is an expression specifying the where condition of q. W may contain sub-queries in which the attributes of the data sources specified in F are referenced.
G represents the packet basis. G designates the groupby clause of q. G consists of a set of attributes of the data source specified in F.
H is a clause of Q. H is an expression specifying a phrase for q. H specifies an aggregation function that operates on the attributes of the data sources referenced in F.
Third, define information tuple and query signature.
Let Q be the query and V be the attribute referenced in the expression specified by the clause of Q. A query behavior is interpreted as a V-specified information tuple, in the format:
wherein, the liquid crystal display device comprises a liquid crystal display device,is the name of attribute V, " >Is the data source to which V belongs,>referenced by a specified attributeAn identifier of the (sub) query. The four parameters are then four dimensions of the access control policy: />Indirection of specified access V, +.>Specify whether V depends on a single or multiple data sources, and (2)>Specify whether V is referenced as an input parameter to the aggregation function, and (2)>Data category specifying V,>other data categories that are accessed in conjunction with V are specified. />The access purpose of Q is specified.
For a given SQL query Q, the derivation of the query signature is a stepwise process consisting of three phases 1) the derivation of the query model Qm for Q and the generation of an initial information tuple for each attribute referenced in each clause expression of Qm; 2) Completion of initializing information tuples of data category component Ct and joint access component Ja: 3) The information specified in the information tuple is analyzed for composition of action signatures, table signatures, and query signatures.
Fourth, the access control strategy is encoded.
To improve efficiency, unified coding is used for policies and queries in this embodiment.
A policy mask is a set of rule masks, each mask encoding a policy rule. Each rule mask consists of a sub-mask that models the purpose, attribute, and action type.
The target component Pu of rule R is first encoded. Each destination element is specified in the destination set table Pr of the target DB in the first step. Let Oc be the row of elements in PrOrder criterion, use ofThe i-th destination element representing Pr is ordered according to Oc.
A destination mask is determined. Let PP be a policy, R be the rule contained in PP, pu be the set of destinations specified by R. The destination mask Pm encoding Pu is a binary string defined asWherein v=1 if pi is one of the authorized uses in Pu, otherwise v=0.
A column mask is determined. Still set PP as policy, R as rule contained in PP, T as table storing data tuples specified by PP. Is provided withFor>I-th attribute of T of (c). The column mask Cm generated by encoding Cl in R is a binary string +.>If->Is the attribute applied by R, then v=1, otherwise v=0.
An action type mask, i.e. the encoding of the action type At specified by the policy rule R, is determined. Still set PP as policy, R as rule of PP, T as table storing tuples specified by PP. The action type mask Am, which encodes the action type At of R, is a format ofThe character string of (a) i.e. the description tuple of the above-mentioned action +. >In which each element has only two cases, so that it is set to 1 and 0, representing both cases.
A rule mask is determined. Let PP be the policy, R be the rule of PP, T be the table storing tuples specified by PP. The rule mask Rm for R is defined by an attribute mask, a destination mask, and an action type mask derived from Cl, pu, and At components connected to R, respectively. That is to say,here "+.>"means a string connection operator.
A policy mask is determined. Let PP be the policy, rs be the rule set that makes up PP, and T be the table that stores tuples specifying the policy PP. The policy mask PPm of PP is defined by a series of rulesDefined as follows. I.e. < ->Wherein->A rule mask R representing the rule Rm.
And fifthly, performing compliance check on the action signature and the access control strategy, and performing query rewrite.
In a particular embodiment, let the tuple tp of table T be accessible only to query Q, provided that all action signatures of the query signature of Q and the query signature of the column of Q sub-query pair T conform to the policy specified for tp. I.e., the expressions specified in the sphere clauses of the Q and Q sub-queries, are extended from Q by join expressions, thus ensuring that access control can be securely passed in the destination set and data set.
Action signature As complies with policy PP, given 1) Asm, action signature mask of As; 2) Policy masks of Pm, PP; 3) Rml intersection of action signature mask and policy mask (i.e.) Is included in the rule mask length.
Query optimization implements access control between the destination set and the data source in the joint query through policy compliance verification.
In the policy function, qm and qs are set as a query model and a query signature of query Q, respectively. The query rewrite function rewrites the Q's where clause based on the information specified in the query model qm and the query signature qs. The original where clause is concatenated with an expression in which CompliesCheck is invoked to check whether all operation signatures in q conform to the policies specified for the tuples accessed in the respective column policies. Since some clauses of Q may contain an expression specifying a sub-query, rewrites are propagated to the sub-query by invoking the auxiliary sub-query function subsumes. Component for assisting sub-query function in analyzing qmEach component may contain a sub-query. Thus, the auxiliary sub-query function extracts the source code of each sub-query, and recursively invokes the query rewrite function on these elements after generating the query model sqm and selecting the corresponding query signature sqs. Finally, the rewrite code obtained by executing the query rewrite function replaces the source code of each sub-query analyzed.
In the embodiment of the application, a set of access control method is established by combining the target description and the access control analysis strategy performed by combining the targets, so that the safety defect of private data in a database system is effectively overcome; meanwhile, a set of mask strategies with high contrast is used, so that the subsequent data processing is facilitated, the inspection consumption is as low as possible, the mask strategies are compatible with all the coded contents established by the model, the mask strategies have high reusability in specific engineering implementation, and the resource consumption in a database management system for access control is further reduced; a strategy for describing the actions is also provided, the data and query actions in the database management system are covered, the relation between the data and the query actions is described, and the relation is derived into sub-queries, so that the overall coverage perception of the actions is formed. Providing a basis for a solution for an objective-based access control model.
It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present application is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required for the present application.
According to another aspect of the embodiment of the present invention, there is also provided an access control processing apparatus based on purpose adaptation for implementing the access control processing method based on purpose adaptation described above. As shown in fig. 4, the apparatus includes:
a conversion unit 402, configured to, when receiving a query to the database management system, convert the query into an information tuple according to an attribute of the expression, where the information tuple includes a multidimensional parameter indicating the query;
a query signature generating unit 404, configured to extract information from the information tuple by using a preset encoding rule, and generate a query signature, where the query signature includes an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute;
a comparison unit 406, configured to compare the query signature with a preset access control policy, where the access control policy is the same as the encoding mode of the query signature;
and a query rewrite unit 408 for rewriting the query with the query signature and outputting the rewritten query to the database management system in the case that the query signature hits the access control policy.
As an alternative embodiment, converting the query into an information tuple according to the attribute of the expression includes: acquiring the attribute of the expression of the clause of the query; and converting the query into an information tuple corresponding to the attribute.
Optionally, the query signature generating unit 404 includes: acquiring a data table corresponding to query; determining the action signature of each data table according to the respective attribute of each data table and the action type executed by the attribute; and summarizing the action signature sets of the data tables to obtain the query signature of the query.
Optionally, the access control processing device based on purpose adaptation further comprises an encoding unit, configured to input the original data of the access control policy into the query model and encode the access control policy before receiving the query to the database management system.
Optionally, the encoding unit encodes an access control policy, including: determining a destination mask, an attribute mask, and an action type mask of the access control policy; connecting the destination mask, the attribute mask and the action type mask to obtain a rule mask; a policy mask for the access control policy is determined using the rule mask for each rule.
Optionally, the comparing unit 406 compares the query signature with a preset access control policy, including: comparing whether the access authority, the data property, the aggregation property and the access control strategy of the query signature are consistent; determining whether the joint access rule of the query signature is contained in the access control policy; it is checked whether the set of objects and the set of attributes of the query signature are contained in the access control policy.
Optionally, the access control processing device based on purpose adaptation further comprises a hit unit, configured to determine that the query signature hits the access control policy when the access right, the data property, the aggregate property of the query signature are consistent with the access control policy, the joint access rule of the query signature is included in the access control policy, and the purpose set and the attribute set of the query signature are included in the access control policy after comparing the query signature with the preset access control policy.
In the embodiment of the application, when the query of the database management system is received, the query is converted into the information tuple according to the attribute of the expression, the information is extracted from the information tuple by utilizing the preset coding rule, the query signature is generated, the query signature is compared with the preset access control strategy, and under the condition that the query signature hits the access control strategy, the query is rewritten by utilizing the query signature and is output to the database management system, and the access control analysis is carried out by combining the purposes, so that the aim of effectively compensating the security defect of the private data in the database system is achieved, the technical effect of improving the data security of the database system in the query process is realized, and the technical problem that the database management system cannot protect the security of the private data in the query process is solved.
According to still another aspect of the embodiment of the present invention, there is also provided an electronic device for implementing the above-described access control processing method based on purpose adaptation, where the electronic device may be a terminal device or a server as shown in fig. 1. The present embodiment is described taking the electronic device as a terminal device as an example. As shown in fig. 5, the electronic device comprises a memory 502 and a processor 504, the memory 502 having stored therein a computer program, the processor 504 being arranged to perform the steps of any of the method embodiments described above by means of the computer program.
Alternatively, in this embodiment, the electronic device may be located in at least one network device of a plurality of network devices of the computer network.
Alternatively, in the present embodiment, the above-described processor may be configured to execute the following steps by a computer program:
s1, when a query of a database management system is received, converting the query into an information tuple according to the attribute of an expression, wherein the information tuple comprises a multidimensional parameter indicating the query;
s2, extracting information from the information tuple by using a preset encoding rule to generate a query signature, wherein the query signature comprises an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute;
S3, comparing the query signature with a preset access control strategy, wherein the access control strategy is the same as the encoding mode of the query signature;
s4, under the condition that the query signature hits the access control strategy, the query signature is utilized to rewrite the query, and the rewritten query is output to the database management system.
Alternatively, it will be appreciated by those skilled in the art that the structure shown in fig. 5 is merely illustrative, and the electronic device may be any terminal device. Fig. 5 is not limited to the structure of the electronic device described above. For example, the electronic device may also include more or fewer components (e.g., network interfaces, etc.) than shown in FIG. 5, or have a different configuration than shown in FIG. 5.
The memory 502 may be used to store software programs and modules, such as program instructions/modules corresponding to the monitoring method and apparatus of the smart device in the embodiment of the present invention, and the processor 504 executes the software programs and modules stored in the memory 502 to perform various functional applications and data processing, that is, implement the above-mentioned access control processing method based on purpose adaptation. Memory 502 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, memory 502 may further include memory located remotely from processor 504, which may be connected to the terminal via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof. The memory 502 may be used to store information such as, but not limited to, queries, access control policies, and the like. As an example, as shown in fig. 5, the memory 502 may include, but is not limited to, the query signature generation unit 404, the comparison unit 406, and the query rewrite unit 408 in the access control processing apparatus based on the purpose adaptation. In addition, other module units in the above-mentioned access control processing device based on purpose adaptation may be included, but are not limited to, and are not described in detail in this example.
Optionally, the transmission device 506 is configured to receive or transmit data via a network. Specific examples of the network described above may include wired networks and wireless networks. In one example, the transmission device 506 includes a network adapter (Network Interface Controller, NIC) that may be connected to other network devices and routers via a network cable to communicate with the internet or a local area network. In one example, the transmission device 506 is a Radio Frequency (RF) module, which is used to communicate with the internet wirelessly.
In addition, the electronic device further includes: a display 508 for displaying the query; and a connection bus 510 for connecting the respective module parts in the above-described electronic device.
In other embodiments, the terminal device or the server may be a node in a distributed system, where the distributed system may be a blockchain system, and the blockchain system may be a distributed system formed by connecting the plurality of nodes through a network communication. Among them, the nodes may form a Peer-To-Peer (P2P) network, and any type of computing device, such as a server, a terminal, etc., may become a node in the blockchain system by joining the Peer-To-Peer network.
According to one aspect of the present application, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The computer instructions are read from a computer-readable storage medium by a processor of a computer device, which executes the computer instructions, causing the computer device to perform the methods provided in various alternative implementations of the purpose-adaptive-based access control processing aspect described above. Wherein the computer program is arranged to perform the steps of any of the method embodiments described above when run.
Alternatively, in the present embodiment, the above-described computer-readable storage medium may be configured to store a computer program for executing the steps of:
s1, when a query of a database management system is received, converting the query into an information tuple according to the attribute of an expression, wherein the information tuple comprises a multidimensional parameter indicating the query;
s2, extracting information from the information tuple by using a preset encoding rule to generate a query signature, wherein the query signature comprises an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute;
S3, comparing the query signature with a preset access control strategy, wherein the access control strategy is the same as the encoding mode of the query signature;
s4, under the condition that the query signature hits the access control strategy, the query signature is utilized to rewrite the query, and the rewritten query is output to the database management system.
Alternatively, in this embodiment, it will be understood by those skilled in the art that all or part of the steps in the methods of the above embodiments may be performed by a program for instructing a terminal device to execute the steps, where the program may be stored in a computer readable storage medium, and the storage medium may include: flash disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), magnetic or optical disk, and the like.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
The integrated units in the above embodiments may be stored in the above-described computer-readable storage medium if implemented in the form of software functional units and sold or used as separate products. Based on such understanding, the technical solution of the present invention may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing one or more computer devices (which may be personal computers, servers or network devices, etc.) to perform all or part of the steps of the method described in the embodiments of the present invention.
In the foregoing embodiments of the present application, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In several embodiments provided by the present application, it should be understood that the disclosed client may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of the units, such as the division of the units, is merely a logical function division, and may be implemented in another manner, for example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The foregoing is merely a preferred embodiment of the present invention and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present invention, which are intended to be comprehended within the scope of the present invention.
Claims (10)
1. An access control processing method based on purpose self-adaption is characterized by comprising the following steps:
converting a query to an information tuple according to attributes of an expression when the query to a database management system is received, wherein the information tuple comprises a multidimensional parameter indicating the query;
extracting information from the information tuple by using a preset encoding rule to generate a query signature, wherein the query signature comprises an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute;
Comparing the query signature with a preset access control strategy, wherein the access control strategy is the same as the encoding mode of the query signature;
and if the query signature hits the access control policy, rewriting the query by using the query signature, and outputting the rewritten query to the database management system.
2. The method of claim 1, wherein the converting the query into information tuples according to attributes of an expression comprises:
acquiring the attribute of the expression of the clause of the query;
and converting the query into an information tuple corresponding to the attribute.
3. The method of claim 1, wherein the information extraction of the information tuple using a preset encoding rule, generating a query signature, comprises:
acquiring a data table corresponding to the query;
determining the action signature of each data table according to the respective attribute of each data table and the action type executed by the attribute;
and summarizing the action signature sets of the data tables to obtain the query signature of the query.
4. The method of claim 1, further comprising, prior to receiving the query to the database management system:
And inputting the original data of the access control strategy into a query model, and encoding the access control strategy.
5. The method of claim 4, wherein encoding the access control policy comprises:
determining a destination mask, an attribute mask, and an action type mask of the access control policy;
connecting the destination mask, the attribute mask and the action type mask to obtain a rule mask;
and determining a policy mask of the access control policy by using the rule mask corresponding to each rule.
6. The method of claim 5, wherein comparing the query signature to a preset access control policy comprises:
comparing whether the access authority, the data property and the aggregation property of the query signature are consistent with the access control strategy or not;
determining whether a joint access rule of the query signature is contained in the access control policy;
checking whether a set of objects and a set of attributes of the query signature are included in the access control policy.
7. The method of claim 6, further comprising, after comparing the query signature to a preset access control policy:
Determining that the query signature hits the access control policy in the case where the access rights, data properties, aggregate properties of the query signature are consistent with the access control policy, the joint access rules of the query signature are contained in the access control policy, and the destination set and the attribute set of the query signature are contained in the access control policy.
8. An access control processing apparatus based on purpose adaptation, comprising:
a conversion unit, configured to, when a query to a database management system is received, convert the query into an information tuple according to an attribute of an expression, where the information tuple includes a multidimensional parameter indicating the query;
a query signature generation unit, configured to extract information from the information tuple by using a preset encoding rule, and generate a query signature, where the query signature includes an attribute of a data table indicating a query purpose and an action signature of an execution action corresponding to the attribute;
the comparison unit is used for comparing the query signature with a preset access control strategy, wherein the access control strategy is the same as the encoding mode of the query signature;
And the query rewriting unit is used for rewriting the query by using the query signature and outputting the rewritten query to the database management system when the query signature hits the access control strategy.
9. A computer-readable storage medium, characterized in that the computer-readable storage medium comprises a stored program, wherein the program, when run, performs the method of any one of claims 1 to 7.
10. An electronic device comprising a memory and a processor, characterized in that the memory has stored therein a computer program, the processor being arranged to execute the method according to any of the claims 1 to 7 by means of the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311028338.3A CN116738495B (en) | 2023-08-16 | 2023-08-16 | Access control processing method based on purpose self-adaption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311028338.3A CN116738495B (en) | 2023-08-16 | 2023-08-16 | Access control processing method based on purpose self-adaption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116738495A true CN116738495A (en) | 2023-09-12 |
| CN116738495B CN116738495B (en) | 2024-01-02 |
Family
ID=87906509
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311028338.3A Active CN116738495B (en) | 2023-08-16 | 2023-08-16 | Access control processing method based on purpose self-adaption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116738495B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040230572A1 (en) * | 2001-06-22 | 2004-11-18 | Nosa Omoigui | System and method for semantic knowledge retrieval, management, capture, sharing, discovery, delivery and presentation |
| US20050108211A1 (en) * | 2003-11-18 | 2005-05-19 | Oracle International Corporation, A California Corporation | Method of and system for creating queries that operate on unstructured data stored in a database |
| US20050108212A1 (en) * | 2003-11-18 | 2005-05-19 | Oracle International Corporation | Method of and system for searching unstructured data stored in a database |
| CN103309922A (en) * | 2012-03-11 | 2013-09-18 | 国际商业机器公司 | Method, system, and computer program product for access control for entity search |
| CN106445993A (en) * | 2016-07-11 | 2017-02-22 | 天津米游科技有限公司 | Data fingerprint query method and device based on block chain |
| CN107251024A (en) * | 2015-02-26 | 2017-10-13 | 国际商业机器公司 | Tracking and data generation are performed for diagnosing the data base querying of executive problem |
| US20220245150A1 (en) * | 2019-07-31 | 2022-08-04 | Sindice Limited T/A Siren | Semantic caching of semi-join operators in shared-nothing and log-structured databases |
| CN115329395A (en) * | 2022-08-09 | 2022-11-11 | 数字广东网络建设有限公司 | Database data processing method, device, system, equipment and storage medium |
-
2023
- 2023-08-16 CN CN202311028338.3A patent/CN116738495B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040230572A1 (en) * | 2001-06-22 | 2004-11-18 | Nosa Omoigui | System and method for semantic knowledge retrieval, management, capture, sharing, discovery, delivery and presentation |
| US20050108211A1 (en) * | 2003-11-18 | 2005-05-19 | Oracle International Corporation, A California Corporation | Method of and system for creating queries that operate on unstructured data stored in a database |
| US20050108212A1 (en) * | 2003-11-18 | 2005-05-19 | Oracle International Corporation | Method of and system for searching unstructured data stored in a database |
| CN103309922A (en) * | 2012-03-11 | 2013-09-18 | 国际商业机器公司 | Method, system, and computer program product for access control for entity search |
| CN107251024A (en) * | 2015-02-26 | 2017-10-13 | 国际商业机器公司 | Tracking and data generation are performed for diagnosing the data base querying of executive problem |
| CN106445993A (en) * | 2016-07-11 | 2017-02-22 | 天津米游科技有限公司 | Data fingerprint query method and device based on block chain |
| US20220245150A1 (en) * | 2019-07-31 | 2022-08-04 | Sindice Limited T/A Siren | Semantic caching of semi-join operators in shared-nothing and log-structured databases |
| CN115329395A (en) * | 2022-08-09 | 2022-11-11 | 数字广东网络建设有限公司 | Database data processing method, device, system, equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 陈勇;: "安全电子邮件系统的设计与分析", 舰船电子工程, no. 04 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116738495B (en) | 2024-01-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhang et al. | Gem^ 2-tree: A gas-efficient structure for authenticated range queries in blockchain | |
| US11373094B2 (en) | Platform management of integrated access of public and privately-accessible datasets utilizing federated query generation and query schema rewriting optimization | |
| Fuller et al. | Sok: Cryptographically protected database search | |
| US10706144B1 (en) | Cyber defense with graph theoretical approach | |
| Zhang et al. | IntegriDB: Verifiable SQL for outsourced databases | |
| Alkhalil et al. | IoT data provenance implementation challenges | |
| EP3586247A1 (en) | Platform management of integrated access datasets utilizing federated query generation and schema rewriting optimization | |
| Zheng et al. | Achieving efficient and privacy-preserving k-NN query for outsourced ehealthcare data | |
| Papamanthou et al. | Time and space efficient algorithms for two-party authenticated data structures | |
| US20140324915A1 (en) | Guaranteeing anonymity of linked data graphs | |
| Xu et al. | Authenticating aggregate queries over set-valued data with confidentiality | |
| CN103136372B (en) | URL quick position, classification and filter method in network trusted sexual behaviour management | |
| Pang et al. | Verifying completeness of relational query answers from online servers | |
| Goodrich et al. | Efficient verification of web-content searching through authenticated web crawlers | |
| Dai et al. | A privacy-preserving multi-keyword ranked search over encrypted data in hybrid clouds | |
| Xiangyang et al. | MUSE: an efficient and accurate verifiable privacy-preserving multikeyword text search over encrypted cloud data | |
| CA3177369A1 (en) | Method and system for a data custodian implemented as an entity-centric, resource-oriented database within a shared cloud platform | |
| Kamel et al. | Dynamic spatial index for efficient query processing on the cloud | |
| CN116738495B (en) | Access control processing method based on purpose self-adaption | |
| Wei et al. | Integrity assurance for outsourced databases without DBMS modification | |
| Zhou et al. | Evss: An efficient verifiable search scheme over encrypted cloud data | |
| Nagesh et al. | Modeling an efficient authentic provable data possession model using legacy filter model for IOT and cloud environment | |
| He et al. | FMSM: A fuzzy multi-keyword search scheme for encrypted cloud data based on multi-chain network | |
| Zhao et al. | Research on symmetric fuzzy search of medical data outsourcing system under intelligent network | |
| Bkakria et al. | Preserving Multi-relational Outsourced Databases Confidentiality using Fragmentation and Encryption. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |