WO2008081648A1 - アクセス権管理方法、アクセス権管理システムおよびアクセス権管理用プログラム - Google Patents
アクセス権管理方法、アクセス権管理システムおよびアクセス権管理用プログラム Download PDFInfo
- Publication number
- WO2008081648A1 WO2008081648A1 PCT/JP2007/071195 JP2007071195W WO2008081648A1 WO 2008081648 A1 WO2008081648 A1 WO 2008081648A1 JP 2007071195 W JP2007071195 W JP 2007071195W WO 2008081648 A1 WO2008081648 A1 WO 2008081648A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- access right
- right management
- rule
- restricted
- restriction
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
ルール比較手段101は、ポリシーから導出されるルールを、そのルールが有しているアクセス権(サブジェクト、オブジェクト、アクションの組)を多次元座標空間上の点として扱う。ルール比較手段101は、制約の影響下にある点には制約を示す属性(制約ID)を付与して制約付ルールを生成し、ルール格納手段102に記憶する。ルール比較手段101は、矛盾検証の基準となる制約やアクセス権同士の関係を座標空間上の位置関係として比較してアクセス権が矛盾しているかどうかを判定する。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2008552060A JP5029619B2 (ja) | 2007-01-05 | 2007-10-31 | アクセス権管理方法、アクセス権管理システムおよびアクセス権管理用プログラム |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2007-000415 | 2007-01-05 | ||
JP2007000415 | 2007-01-05 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2008081648A1 true WO2008081648A1 (ja) | 2008-07-10 |
Family
ID=39588333
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2007/071195 WO2008081648A1 (ja) | 2007-01-05 | 2007-10-31 | アクセス権管理方法、アクセス権管理システムおよびアクセス権管理用プログラム |
Country Status (2)
Country | Link |
---|---|
JP (1) | JP5029619B2 (ja) |
WO (1) | WO2008081648A1 (ja) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005182478A (ja) * | 2003-12-19 | 2005-07-07 | Ntt Data Corp | アクセス権の矛盾・冗長ルール検出を行うアクセス制御システム及びそのコンピュータプログラム |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4251633B2 (ja) * | 2004-03-30 | 2009-04-08 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 判定装置、プログラム、記録媒体、及び判定方法 |
-
2007
- 2007-10-31 WO PCT/JP2007/071195 patent/WO2008081648A1/ja active Application Filing
- 2007-10-31 JP JP2008552060A patent/JP5029619B2/ja not_active Expired - Fee Related
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005182478A (ja) * | 2003-12-19 | 2005-07-07 | Ntt Data Corp | アクセス権の矛盾・冗長ルール検出を行うアクセス制御システム及びそのコンピュータプログラム |
Non-Patent Citations (2)
Title |
---|
MORITA Y., NAKAE M., OGAWA R.: "IT Zenpan Tosei no Tame no Shokumu Bunsho Kensho Hoshiki", FORUM ON INFORMATION TECHNOLOGY FIT2007 IPPAN KOEN RONBUNSHU SEPARATE, vol. 4, 22 August 2007 (2007-08-22), pages 57 - 58 * |
STREMBECK M.: "Conflict Checking of Separation of Duty Constraints in RBAC Implementation Experiences", 2004, Retrieved from the Internet <URL:http://www.wi.wu-wien.ac.at/home/mark/publications/se2004.pdf> * |
Also Published As
Publication number | Publication date |
---|---|
JP5029619B2 (ja) | 2012-09-19 |
JPWO2008081648A1 (ja) | 2010-04-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2009155473A3 (en) | Information rights management | |
CN103368765B (zh) | 一种管理系统权限添加方法和装置 | |
WO2014151157A3 (en) | Secure query processing over encrypted data | |
MXPA05007150A (es) | Procesador de politicas y metodos y sistemas para la proteccion de los datos. | |
AU2015200905B9 (en) | Method and system for providing an efficient vulnerability management and verification service | |
MY175911A (en) | Method and system protecting against identity theft or replication abuse | |
WO2008008765A3 (en) | Role-based access in a multi-customer computing environment | |
WO2014207554A3 (en) | Method and apparatus for providing database access authorization | |
WO2008042938A3 (en) | Methods and systems for controlling access to custom objects in a database | |
WO2010123586A3 (en) | Enterprise information security management software for prediction modeling with interactive graphs | |
WO2011037741A3 (en) | System and methods to store, retrieve, manage, augment and monitor applications on appliances | |
WO2007130512A3 (en) | Methods and systems for specifying and enforcing access control in a distributed system | |
MY197976A (en) | System and method for encryption key management, federation and distribution | |
GB2477681A (en) | Secure document managment | |
WO2009129535A3 (en) | Systems, methods, and computer program products for supporting multiple contactless applications using different security keys | |
WO2012086920A3 (ko) | 내용 기반 중복 방지 기능을 가지는 분산 저장 시스템 및 그 오브젝트 저장 방법 및 컴퓨터에 의하여 독출가능한 저장 매체 | |
WO2012006242A3 (en) | Systems and methods for establishing trust between entities in support of transactions | |
WO2013074631A3 (en) | A smart card reader with a secure logging feature | |
WO2007117818A3 (en) | Managing objects in a role based access control system | |
WO2007120754A3 (en) | Relationship-based authorization | |
WO2010138508A3 (en) | Automated publishing systems and methods | |
WO2018075388A3 (en) | ENHANCED LOGISTIC MANAGEMENT SYSTEM | |
WO2016026407A3 (en) | System and method for metadata enhanced inventory management of a communications system | |
WO2014018254A3 (en) | Improving hardware utilization for a bidirectional access control list in a low latency high-throughput network | |
WO2009035618A3 (en) | System and method of a knowledge management and networking environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07830929 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2008552060 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07830929 Country of ref document: EP Kind code of ref document: A1 |