WO2017020716A1 - Method and device for data access control - Google Patents

Method and device for data access control Download PDF

Info

Publication number
WO2017020716A1
WO2017020716A1 PCT/CN2016/090817 CN2016090817W WO2017020716A1 WO 2017020716 A1 WO2017020716 A1 WO 2017020716A1 CN 2016090817 W CN2016090817 W CN 2016090817W WO 2017020716 A1 WO2017020716 A1 WO 2017020716A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
access control
control policy
input data
output data
Prior art date
Application number
PCT/CN2016/090817
Other languages
French (fr)
Chinese (zh)
Inventor
原攀峰
张维
陈廷梁
何召卫
Original Assignee
阿里巴巴集团控股有限公司
原攀峰
张维
陈廷梁
何召卫
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司, 原攀峰, 张维, 陈廷梁, 何召卫 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2017020716A1 publication Critical patent/WO2017020716A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy

Definitions

  • the present application relates to the field of communications and computers, and more particularly to a technique for data access control.
  • the exchange of data has become an inevitable trend. Due to the data security requirements of the data provider and the characteristics of the specific data, in some scenarios, the data provider wants to be able to perform secure access control on the data exchanged, such as whether the data is allowed to be exported. In addition, the exchange of data is different from the general commodity exchange, with some obvious characteristics, such as the spread of data, which also brings new challenges to the security control of data.
  • the method for performing security access control in the prior art is generally based on a scenario in which a closed environment (such as an internal private cloud of an enterprise) does not involve data exchange, and does not support data access control in a data exchange scenario, and
  • the access control method adopted by the user generally uses some specific encryption algorithms to encrypt the data itself, and has little consideration for the widespread communication problems in the big data scenario.
  • An object of the present application is to provide a method and device for data access control to solve the problem that the data access control method in the prior art is not applicable to a data exchange scenario.
  • the present application provides a method for data access control, the method comprising:
  • obtaining input data includes:
  • the access control policy for obtaining the input data includes:
  • the access control policy for generating the output data according to the access control policy of the input data includes:
  • the preset rule includes any one of the following:
  • the access rights in the access control policy of the input data are summed as an access control policy of the output data.
  • the access control policy of the input data includes a plurality of access rights for controlling the device to the input data
  • the access control policy of the output data includes multiple access rights for controlling the device to the output data.
  • the preset rule includes any one of the following:
  • the method further includes:
  • the output data and its corresponding access control policy are sent to the storage device.
  • the method further includes:
  • Receiving an authorization request for the input data from a data consumer device generating authorization information for the input data according to the authorization request, and transmitting the authorization information to the data consumer device to make the data
  • the consumer device acquires the output data by the storage device according to the authorization information.
  • an apparatus for data access control comprising:
  • a data generating device configured to acquire input data, and generate output data according to the input data
  • a policy obtaining device configured to acquire an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data;
  • a policy generating device configured to generate, according to the access control policy of the input data, an access control policy of the output data, where the access control policy of the output data is used to control access authority of the device to the output data.
  • the data generating apparatus is configured to send an authorization request for the input data to a data provider device, and receive an authorization for the input data generated by the data provider device according to the authorization request. After the information, the input data is acquired by the storage device according to the authorization information, and the output data is generated according to the input data.
  • the policy obtaining means is configured to send a query request to the storage device, and receive an access control policy of the input data sent by the storage device according to the query request.
  • the policy generating means is configured to generate, according to the mapping relationship between the input data and the output data, an access control policy of the output data by the access control policy of the input data according to a preset rule.
  • the preset rule of the access control policy for generating the output data in the policy generating apparatus includes any one of the following:
  • the access rights in the access control policy of the input data are summed as an access control policy of the output data.
  • the access control policy of the input data includes a plurality of access rights for controlling the device to the input data
  • the access control policy of the output data includes multiple access rights for controlling the device to the output data.
  • the preset rule of the access control policy for generating the output data in the policy generating apparatus includes any one of the following:
  • the device further includes:
  • a sending device configured to send the output data and its corresponding access control policy to the storage device after the access control policy of the output data is generated according to the access control policy of the input data.
  • the device further includes:
  • an authorization processing device configured to: after transmitting the output data and its corresponding access control policy to the storage device, receive an authorization request for the output data from the data consumer device, and generate, according to the authorization request, the And outputting the authorization information of the data, and sending the authorization information to the data consumer device, so that the data consumer device acquires the output data by the storage device according to the authorization information.
  • the technical solution provided by the present application generates output data according to the input data after acquiring input data, and then acquires an access control strategy of the input data, since the output data is generated according to the output data, thereby according to the input.
  • the input and output relationship between data and output data, the access control strategy of the input data to generate an access control strategy for the output data, and when the output data is used for exchange, the output data can be automatically output according to the input data upstream thereof.
  • the access control strategy of the data itself makes the input data and the output data of the input and output relationship have certain consistency in the propagation, and improves the security of the data access control in the data exchange scenario, and is applicable to the data exchange scenario.
  • FIG. 1 is a schematic structural diagram of an apparatus for data access control according to an embodiment of the present application
  • FIG. 2 is a schematic structural diagram of a device for data access control according to an embodiment of the present application.
  • FIG. 3 is a schematic structural diagram of a device for data access control according to a preferred embodiment of the present disclosure
  • FIG. 4 is a flowchart of a method for data access control according to an embodiment of the present application.
  • FIG. 5 is a flowchart of a preferred method for data access control according to an embodiment of the present application.
  • FIG. 6 is a flowchart of a more preferred method for data access control according to an embodiment of the present application.
  • FIG. 7 is a schematic structural diagram of a data transaction platform using a data access control method in an embodiment of the present application.
  • Figure 8 is a flow diagram of the interaction between a data provider and a data consumer in a data transaction platform.
  • the terminal, the device of the service network, and the trusted party each include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
  • processors CPUs
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • the memory may include non-persistent memory, random access memory (RAM), and/or non-volatile memory in a computer readable medium, such as read only memory (ROM) or flash memory.
  • RAM random access memory
  • ROM read only memory
  • Memory is an example of a computer readable medium.
  • Computer readable media includes both permanent and non-persistent, removable and non-removable media.
  • Information storage can be implemented by any method or technology.
  • the information can be computer readable instructions, data structures, modules of programs, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory. (ROM), electricity Erasable programmable read-only memory (EEPROM), flash memory or other memory technology, compact disk read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, magnetic cassette, A tape storage or other magnetic storage device or any other non-transportable medium that can be used to store information that can be accessed by a computing device.
  • computer readable media does not include non-transitory computer readable media, such as modulated data signals and carrier waves.
  • FIG. 1 shows an apparatus for data access control provided by an embodiment of the present application, where the apparatus 1 includes a data generating apparatus 110, a policy obtaining apparatus 120, and a policy generating apparatus 130.
  • the data generating apparatus 110 is configured to acquire input data, and generate output data according to the input data
  • the policy obtaining apparatus 120 is configured to acquire an access control policy of the input data, where the access control policy of the input data is used by Controlling the access authority of the device to the input data
  • the policy generating means 130 is configured to generate an access control policy of the output data according to the access control policy of the input data, wherein the access control policy of the output data is used for controlling The device's access to the output data.
  • the input data and the output data have a mapping relationship between input and output.
  • the output data can automatically obtain an access control strategy of the output data according to the input data upstream thereof, so that there is an input-output relationship.
  • the input data and the output data have a certain consistency in the propagation, and the security of the data access control in the data exchange scenario is improved, and is applicable to the data exchange scenario.
  • the device 1 includes, but is not limited to, a network device, a user device, or a device in which a network device is integrated with a user device through a network.
  • the network device includes, but is not limited to, an implementation such as a network host, a single network server, a plurality of network server sets, or a cloud computing-based computer set; the user equipment may be a local user equipment running locally.
  • the cloud is composed of a large number of host or network servers based on Cloud Computing, which is a kind of distributed computing, a virtual computer composed of a group of loosely coupled computers.
  • the user includes the data provider and the data consumer.
  • the data provider and the data consumer can be used.
  • the data providing direction provides data to the user, and the data user can generate new data according to the obtained data, and obtain access control of the new data according to the input and output relationship between the data.
  • System strategy At this time, the device 1 is used as a data consumer device. If the data exchange between the data provider and the data consumer is implemented by the cloud computing platform, the device 1 may be a function for implementing data acquisition and processing functions in the cloud computing platform. A collection of servers or multiple servers.
  • the input data refers to source data provided by a data provider
  • the output data refers to data generated according to input data.
  • Input data and output data include, but are not limited to, data tables, user-defined functions, data services, and reports, etc., through the set access control policies, to control device access to these data.
  • the access rights may be set according to specific application scenarios, such as whether they can be exported or the like.
  • the input data may be a plurality of different data acquired by a plurality of data providers, or may be data generated by the data consumer device itself, such as a data table purchased by the data provider, by the data provider.
  • the data generating device 110 is configured to send an authorization request for the input data to a data provider device, and receive the data provider device according to the authorization request. After the generated authorization information for the input data, the input data is acquired by the storage device according to the authorization information, and the output data is generated according to the input data.
  • the authorization request for the input data indicates that the device 1 as the data consumer desires to obtain the input data usage right request, and the corresponding authorization information indicates that the data provider device agrees that the data consumer uses the data.
  • the data provider puts the data to be sold on the data market provided by the cloud computing platform, so that the data user can know which data is currently available for purchase.
  • the storage device may be a server or a collection of multiple servers in the cloud computing platform for implementing data storage processing functions, and data that is uploaded by the data provider in the data market is stored in the storage device. In the data exchange, the data consumer and the data provider do not directly exchange data.
  • the data provider sends a purchase request to purchase the data (ie, For the authorization request), after receiving the purchase request, the data provider, if it agrees to the purchase, sends an approval message (that is, authorization information) to the data user to agree to the purchase, and the data user can agree according to the consent.
  • the purchased approval information area requests the storage device for storing data in the cloud computing platform to obtain corresponding data, thereby completing Acquisition of data. Since the data provider and the data user exchange data by means of application and authorization, it is applicable to the application scenario of big data processing under the cloud computing platform, and the security of data transmission can be effectively controlled even if the data itself is not encrypted.
  • the output data is generated according to the input data
  • different generation manners may be adopted according to the actual processing purpose of the data, including but not limited to: statistical analysis of the data (eg, ETL, Extract Transform Load, data extraction, conversion, loading), Or data mining, etc.
  • the input data is a data table purchased by the data provider A, statistically analyzing the data table, extracting some data in the data table, and then converting the data (for example, converting the data format). Then, the converted data is loaded into a new data table to generate a new data table (that is, output data).
  • the input data includes a data table A, a data table B, and a data service C respectively purchased by the data providers A, B, and C, wherein the data table A is temperature data of a plurality of cities in the next few days, and data.
  • Table B shows the rainfall probability data for the cities in the next few days.
  • the data service C is a trend forecast for the sales of umbrellas based on the temperature and the probability of rain.
  • the data table D can be generated.
  • the data contained in the data table D is Forecast data on sales of umbrellas in several cities in the next few days.
  • the access control policy of the input data may be stored independently of the input data.
  • the policy obtaining device 120 sends a query request to the storage device, and receives the request.
  • the access control policy of the input data sent by the storage device according to the query request.
  • the data table A, the data table B, and the data service C to generate the data table D as an example, when the data table A, the data table B, and the data service C are racked, the data provider has submitted the access control policy of the data.
  • the server ie, the storage device
  • the policy obtaining device of the device 1 queries the storage device to obtain an access control policy of the input data.
  • the policy generating apparatus 130 generates the output data according to the mapping relationship between the input data and the output data, and according to the preset rule by the access control policy of the input data.
  • Access control strategy Since the access control strategy of the output data is generated based on the mapping relationship between the input data and the output data, there is a certain continuity of access rights for the input data and the output data.
  • the input data corresponding to the data table D is the data table A, the data table B, and the data service C.
  • the preset rules can be set according to the characteristics of the data and the business requirements. For example, the data table A contains more sensitive data. It is not suitable for the user to export and use. The access control policy is not allowed to be exported.
  • the strict control rule can be adopted: the access permission in the access control policy of the input data is intersected as the output data access. Control Strategy. At this time, even if the access control policy of the data table B and the data service C is allowed to be exported, the data table D is still not exportable.
  • a preset rule of loose control that is, a union of access rights in an access control policy of input data as an access control strategy for output data. At this time, as long as one of the data table A, the data table B, and the data service C adopts the allowable export, the generated data table D is also allowed to be exported.
  • the access control policy of the input data includes a plurality of access rights for controlling the device to the input data
  • the access control policy of the output data includes a plurality of control data for controlling the device.
  • the access rights included in the access control policy may include, but are not limited to, whether to allow the shelf, whether to allow the export, whether to allow access in the development environment, and the like.
  • allowing the shelf is means that the data provider can put the data in the data market, that is, the data and the data generated thereby can be authorized to the data consumer.
  • the development environment refers to a private environment in which data is developed or analyzed internally by the data provider.
  • sample data may be extracted from data purchased by other data providers for related data development or analysis to generate output data. Allowing access in the development environment means that there is no restriction on the development or analysis of the data. The entire content of the data can be extracted as sample data. If access is not allowed in the development environment, the data cannot be directly obtained during development or analysis. Content can only be obtained in advance Development or analysis is performed based on the sample data extracted from the content of the data.
  • the access control policy of the input data includes multiple access rights
  • the corresponding strict control preset rule and the loose control preset rule are separately classified: respectively, multiple access rights in the access control policy of the input data are respectively sought An intersection, as an access control policy of the output data; and a plurality of access rights in the access control policy of the input data, respectively, as an access control policy of the output data.
  • the mapping relationship between input and output is: (E, F, G) ⁇ (H, I), that is, by data table E ⁇ G, generated two new data tables H, I.
  • its access control policy is defined as follows: AP1, whether it is allowed to be on the shelf; AP2, whether to allow export; AP3, whether to allow access in the development environment, then
  • the embodiment of the present application further provides a preferred device 1 for data access control. Since the device 1 can also generate the output data and the access control policy of the output data, the device 1 can also be used as a data provider. The output data is put on the shelf and authorized for use by other data users, so that the technical solution is more suitable for the application scenario of data exchange of the cloud computing platform.
  • the structure of the device 1 is as shown in FIG. 2, and includes a transmitting device 140 in addition to the data generating device 110, the policy obtaining device 120, and the policy generating device 130 shown in FIG. Specifically, the sending device 140 sends the output data and its corresponding access control policy to the storage device after generating an access control policy of the output data according to the access control policy of the input data. Ready.
  • the content of the data generating device 110, the policy obtaining device 120, and the policy generating device 130 are the same as or substantially the same as those of the corresponding device in the embodiment of FIG. 1 for the sake of brevity, and therefore will not be described herein. And is included here by reference.
  • the device 1 may send the data table H, the data table I and its corresponding access control policy to the storage device, so that the other The data consumer proposes to use the purchase request of data table H and data table I to complete the transaction of the data.
  • the embodiment of the present application further provides a more preferred device 1 for data access control.
  • the structure of the device 1 is as shown in FIG. 3, except for the data generating device 110 and the policy obtaining device 120 shown in FIG.
  • the authorization processing device 150 is further included to complete the approval of the authorization request made by other data consumers. Specifically, after the output processing data and the corresponding access control policy are sent to the storage device, the authorization processing device 150 receives an authorization request for the output data from the data consumer device, and generates a target for the authorization request according to the authorization request. Declaring authorization information of the output data, and transmitting the authorization information to the data consumer device, so that the data consumer device acquires the output data by the storage device according to the authorization information.
  • the data generating device 110, the policy obtaining device 120, the policy generating device 130, and the transmitting device 140 are respectively the same or substantially the same as the corresponding devices in the embodiment of FIG. 2, and for the sake of brevity, This is not repeated here and is hereby incorporated by reference.
  • the content of the authorization request and the authorization information for the output data is substantially the same as the foregoing description of the authorization request for the input data and the authorization information, and the difference is only that the device 1 represents the data provider device at this time.
  • the input data for data generation by other data consumers is used.
  • the data provider receives the purchase request from the data table H, and if the purchase is agreed, the data user is sent a consent purchase. Approval information.
  • the data provider and the data user exchange data by means of application and authorization. It is applicable to the application scenario of big data processing under the cloud computing platform. Even if the data itself is not encrypted, the security of data transmission can be effectively controlled.
  • any user's The data processing operations can all be performed by a computer cluster within the cloud computing platform.
  • data processing operations performed by the data provider device and the data consumer device can be performed by a set of physical devices in the computer cluster that implement similar functions. Completion (eg, a server with data processing and transceiving functions), and the user's local device may only implement the functionality of accessing the application interface of the cloud computing platform.
  • FIG. 4 shows a method for data access control provided by an embodiment of the present application, the method comprising the following steps:
  • Step S401 acquiring input data, and generating output data according to the input data
  • Step S402 acquiring an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data;
  • Step S403 Generate an access control policy of the output data according to the access control policy of the input data, where the access control policy of the output data is used to control access authority of the device to the output data.
  • the output data can automatically obtain an access control strategy of the output data according to the input data upstream thereof, so that there is an input-output relationship.
  • the input data and the output data have a certain consistency in the propagation, and the security of the data access control in the data exchange scenario is improved.
  • the user includes the data provider and the data consumer.
  • the data provider and the data consumer can be used.
  • the data providing direction data user provides data
  • the data user can generate new data according to the obtained data, and obtain an access control strategy of the new data according to the input and output relationship between the data.
  • the foregoing execution body of the method for data access control is a data consumer device. If the data exchange between the data provider and the data consumer is implemented by the cloud computing platform, the data consumer device performing the above method may It is a collection of servers or servers used in the cloud computing platform to implement data acquisition and processing functions.
  • the input data refers to source data provided by a data provider
  • the output data refers to data generated according to input data.
  • Input data and output data include but are not limited to: data tables, user-defined functions, data services, and reports, etc.
  • the access rights may be set according to specific application scenarios, such as whether they can be exported or the like.
  • the input data may be a plurality of different data acquired by a plurality of data providers, or may be data generated by the data consumer device itself, such as a data table purchased by the data provider, by the data provider.
  • the input data is acquired in step S101, specifically, including: sending an authorization request for the input data to the data provider device, and receiving, according to the authorization request, the generated data provider device After the authorization information of the input data is received, the input data is acquired by the storage device according to the authorization information.
  • the authorization request for the input data indicates that the data consumer wishes to obtain the input data usage right
  • the corresponding authorization information indicates that the data provider agrees that the data consumer uses the data.
  • the data provider puts the data to be sold on the data market provided by the cloud computing platform, so that the data user can know which data is currently available for purchase.
  • the storage device may be a server or a collection of multiple servers in the cloud computing platform for implementing data storage processing functions, and data that is uploaded by the data provider in the data market is stored in the storage device. In the data exchange, the data consumer and the data provider do not directly exchange data.
  • the data provider sends a purchase request to purchase the data (ie, For the authorization request), after receiving the purchase request, the data provider, if it agrees to the purchase, sends an approval message (that is, authorization information) to the data user to agree to the purchase, and the data user can agree according to the consent.
  • the purchased approval information area requests the storage device for storing data in the cloud computing platform to acquire corresponding data, thereby completing the acquisition of the data. Since the data provider and the data user exchange data by means of application and authorization, it is applicable to the application scenario of big data processing under the cloud computing platform, and the security of data transmission can be effectively controlled even if the data itself is not encrypted.
  • the output data is generated according to the input data
  • different generation manners may be adopted according to the actual processing purpose of the data, including but not limited to: statistical analysis of the data (eg, ETL, Extract Transform Load, data extraction, conversion, loading), Or data mining, etc.
  • the input data is a data table purchased by the data provider A, the data The table performs statistical analysis, extracts some data in the data table, and then converts the data (for example, converts the data format), and then loads the converted data into a new data table to generate a new data.
  • Table that is, output data).
  • the input data includes a data table A, a data table B, and a data service C respectively purchased by the data providers A, B, and C, wherein the data table A is temperature data of a plurality of cities in the next few days, and data.
  • Table B shows the rainfall probability data for the cities in the next few days.
  • the data service C is a trend forecast for the sales of umbrellas based on the temperature and the probability of rain.
  • the data table D can be generated.
  • the data contained in the data table D is Forecast data on sales of umbrellas in several cities in the next few days.
  • the access control policy of the input data may be stored independently of the input data.
  • the step S102 obtains the access control policy of the input data, which includes: to the storage device. Sending a query request, and receiving an access control policy of the input data sent by the storage device according to the query request.
  • the data table A, the data table B, and the data service C to generate the data table D as an example, when the data table A, the data table B, and the data service C are racked, the data provider has submitted the access control policy of the data.
  • the server ie, the storage device
  • the storage device is queried to obtain an access control policy for the input data.
  • the step S103 is configured to generate an access control policy of the output data according to the access control policy of the input data, including: according to a mapping relationship between the input data and the output data, and inputting the data according to a preset rule.
  • the access control policy generates an access control policy for the output data. Since the access control strategy of the output data is generated based on the mapping relationship between the input data and the output data, there is a certain continuity of access rights for the input data and the output data.
  • the input data corresponding to the data table D is the data table A, the data table B, and the data service C.
  • the preset rules can be set according to the characteristics of the data and the business requirements. For example, the data table A contains more sensitive data.
  • the access control policy is not allowed to export. Then you can use the strict control preset rule: The intersection of access rights in the data access control policy is used as an access control policy for output data. At this time, even if the access control policy of the data table B and the data service C is allowed to be exported, the data table D is still not exportable.
  • a preset rule of loose control that is, a union of access rights in an access control policy of input data as an access control strategy for output data. At this time, as long as one of the data table A, the data table B, and the data service C adopts the allowable export, the generated data table D is also allowed to be exported.
  • the access control policy of the input data includes a plurality of access rights for controlling the device to the input data
  • the access control policy of the output data includes a plurality of control data for controlling the device.
  • the access rights included in the access control policy may include, but are not limited to, whether to allow the shelf, whether to allow the export, whether to allow access in the development environment, and the like.
  • allowing the shelf is means that the data provider can put the data in the data market, that is, the data and the data generated thereby can be authorized to the data consumer.
  • the development environment refers to a private environment in which data is developed or analyzed internally by the data provider.
  • sample data may be extracted from data purchased by other data providers for related data development or analysis to generate output data. Allowing access in the development environment means that there is no restriction on the development or analysis of the data. The entire content of the data can be extracted as sample data. If access is not allowed in the development environment, the data cannot be directly obtained during development or analysis. The content can only be obtained by sampling data extracted in advance based on the content of the data for development or analysis.
  • the corresponding strict control preset rule and the loose control preset rule are separately classified: respectively, multiple access rights in the access control policy of the input data are respectively sought An intersection, as an access control policy of the output data; and a plurality of access rights in the access control policy of the input data, respectively, as an access control policy of the output data.
  • Data table E, data table F, data table G, data table H, The data table I is an example, and the mapping relationship between the input and output is: (E, F, G) ⁇ (H, I), that is, two new data tables H and I are generated from the data tables E to G.
  • its access control policy is defined as follows: AP1, whether it is allowed to be on the shelf; AP2, whether to allow export; AP3, whether to allow access in the development environment, then
  • the embodiment of the present application further provides a preferred method for data access control. If a user uses the method to generate output data and an access control policy for outputting data, the method may also serve as a data provider. The output data of the production is put on the shelf and authorized for use by other data users, so that the technical solution is more suitable for the application scenario of data exchange of the cloud computing platform.
  • the processing flow of the method is as shown in FIG. 5, and includes the following steps:
  • Step S501 acquiring input data, and generating output data according to the input data
  • Step S502 Acquire an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data.
  • Step S503 generating an access control policy of the output data according to the access control policy of the input data, where the access control policy of the output data is used to control access authority of the device to the output data;
  • Step S504 the output data and its corresponding access control policy are sent to the storage device.
  • the embodiment of the present application further provides a more preferred method for data access control.
  • the processing flow of the method is as shown in FIG. 6, and includes the following steps:
  • Step S601 acquiring input data, and generating output data according to the input data
  • Step S602 Acquire an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data.
  • Step S603 generating an access control policy of the output data according to the access control policy of the input data, where the access control policy of the output data is used to control access authority of the device to the output data;
  • Step S604 the output data and its corresponding access control policy are sent to the storage device
  • Step S605 receiving an authorization request for the output data from the data consumer device, generating authorization information for the output data according to the authorization request, and transmitting the authorization information to the data consumer device, so that The data consumer device acquires the output data by the storage device according to the authorization information.
  • the authorization request and authorization information for the output data are substantially the same as the foregoing content of the authorization request for the input data and the authorization information, except that the execution body of the method is provided as data when performing step S605.
  • the square device after the output data is acquired by other data consumers, is used as input data for data generation by other data consumers.
  • the data provider receives the purchase request from the data table H, and if the purchase is agreed, the data user is sent a consent purchase. Approval information.
  • the data provider and the data user exchange data by means of application and authorization. It is applicable to the application scenario of big data processing under the cloud computing platform. Even if the data itself is not encrypted, the security of data transmission can be effectively controlled.
  • any user's data processing operations can be completed by a computer cluster within the cloud computing platform, such as using virtual machine technology, data provider devices, and data consumer devices.
  • the data processing operations performed can be performed by The collection of physical devices implementing similar functions within the computer cluster is completed (for example, a server having data processing and transceiving functions), and the local device of the user may only implement the function of accessing the application interface of the cloud computing platform.
  • FIG. 7 shows a data transaction platform in a cloud computing environment using the above data access control method.
  • the functional framework of the platform is as shown in FIG. 7 and includes the following functional modules: a database module 710, a data exchange publishing module 720, The data processing task module 730, the real-time blood edge collection module 740, the security access control module 750, the access control policy query module 760, the database module 710, the data exchange publishing module 720, the data processing task module 730, the real-time blood edge collection module 740, and the security access control Module 750 and access control policy query module 760.
  • the database module 710 is used to implement the related functions of the foregoing storage device, and the remaining functional modules are used to implement the corresponding functions of the device 1 when it is used as a data consumer device or a data provider device, and the specific implementation may be A computer or cluster of computers that implement specific functions in a cloud computing platform.
  • the application interface provided by the user local device for example, a local computer, a mobile terminal, etc.
  • a computer or computer cluster that implements a specific function in the computing platform to implement the related functions of the above functional modules.
  • the database module 710 is configured to save the transaction data, the access control policy corresponding to the transaction data, and the running data generated by other functional modules during the running process.
  • the database module may adopt a distributed database.
  • the transaction data is data exchanged between the data provider and the data consumer, and the transaction data purchased by the user is the aforementioned input data, and the transaction data generated by the user and exchanged on the shelf is For the aforementioned output data.
  • the data exchange issuing module 720 is configured to issue data for data exchange, set an access control policy of the transaction data, so that the transaction data is put on the shelf, can be purchased by other users, and issue transaction data to the data user according to the authorization information.
  • the data processing task module 730 is configured to process the data obtained by the exchange, that is, the output data is generated according to the input data in the foregoing method. Since the manner of generating in general can be preset by the program, the data processing processing task can be performed by the workflow. Schedule periodic execution.
  • the real-time blood collection module 740 is configured to collect the blood relationship after the data processing is completed.
  • the blood relationship indicates the mapping relationship between the input data and the output data, that is, which data is generated by which data.
  • the security access control module 750 is configured to obtain a mapping relationship between the input data and the output data by parsing the blood relationship, and then query the access control policy of the input data, and according to the mapping relationship between the input data and the output data and the access of the input data.
  • Control strategy an access control policy that calculates output data.
  • the rules for calculating the access control policy of the output data have been mentioned in the foregoing section, and are not described herein again.
  • the access control policy query module 760 provides an external application program interface, so that when using the transaction data, the user can query the access control policy of the data through the application program interface, and perform security access control of the data according to the access control policy to ensure that the data is transmitted. Security in the process.
  • FIG. 8 shows an interaction flowchart of a data transaction platform in which the user uses the aforementioned cloud computing environment, and two users interacting as a data provider and a data consumer respectively.
  • the processing flow includes:
  • Step S801 selecting data to be put on the shelf, for example, selecting a data table to be published to the data market.
  • Step S802 determining an access control policy of the data, and then submitting and storing the data to the database module 710 of the cloud computing platform through the data exchange publishing module 720.
  • step S803 data exchange is performed.
  • the data exchange step is specifically: waiting for the data user's purchase application, and after receiving the purchase application, the approval may be performed to agree to the data user to obtain the data.
  • the processing flow includes:
  • step S803 data exchange is performed.
  • the data exchange step is specifically: after the data in the data market is found to be purchased, the purchase request is sent to the data provider, and after receiving the approval of the data provider to agree to the purchase, the cloud computing
  • the database module 710 of the platform acquires the data.
  • step S804 data is obtained by using the exchange as input data, and data processing processing is performed by the data processing task module 730 to generate new output data.
  • step S805 the blood relationship of the data is collected by the blood collection module 740.
  • Step S806 the blood relationship is analyzed by the security access control module 750, and a mapping relationship between the input data and the output data is obtained.
  • Step S807 the access control policy query module 760 queries the access control policy of the input data from the cloud computing platform.
  • Step S808 the access control policy for output data is calculated according to the preset rule by the security access control module 750, for example, according to the strict control preset rule, the access authority in the access control policy of the input data is collected and combined as The access control policy of the output data.
  • Step S809 the access control policy of the output data is stored in the database module 710 of the cloud computing platform, and is used by the user who needs to use the data through the application program interface.
  • the technical solution provided by the present application generates output data according to the input data after acquiring input data, and then acquires an access control policy of the input data, since the output data is generated according to the output data, thereby according to the input data and
  • the access control strategy makes the input data and the output data of the input-output relationship have certain consistency in the propagation, and improves the security of the data access control in the data exchange scenario.
  • the granularity of data access control is finer, thus meeting the flexible and diverse access control requirements of the big data cloud computing platform.
  • the present application can be implemented in software and/or a combination of software and hardware, for example, using an application specific integrated circuit (ASIC), a general purpose computer, or any other similar hardware device.
  • the software program of the present application can be executed by a processor to implement the steps or functions described above.
  • the software programs (including related data structures) of the present application can be stored in a computer readable recording medium such as a RAM memory, a magnetic or optical drive or a floppy disk and the like.
  • some of the steps or functions of the present application may be implemented in hardware, for example, as a circuit that cooperates with a processor to perform various steps or functions.
  • a portion of the application can be applied as a computer program product, such as computer program instructions, which, when executed by a computer, can be invoked or provided by the operation of the computer The method and/or technical solution of the present application.
  • the program instructions for invoking the method of the present application may be stored in a fixed or removable recording medium, and/or transmitted by a data stream in a broadcast or other signal bearing medium, and/or stored in a The working memory of the computer device in which the program instructions are run.
  • an embodiment in accordance with the present application includes a device including a memory for storing computer program instructions and a processor for executing program instructions, wherein when the computer program instructions are executed by the processor, triggering
  • the apparatus operates based on the aforementioned methods and/or technical solutions in accordance with various embodiments of the present application.

Abstract

The aim of the present application is to provide a method and device for data access control. Specifically, the method comprises: acquiring input data, and generating output data according to the input data; acquiring an access control policy of the input data, wherein the access control policy of the input data is used for controlling an access permission of a device to the input data; and generating an access control policy of the output data according to the access control policy of the input data, wherein the access control policy of the output data is used for controlling an access permission of the device to the output data. Compared with the prior art, when output data is used for exchange, the output data is enabled to automatically obtain an access control policy of the output data itself according to upstream input data thereof, and the input data and the output data, between which an input-output relationship exists, are enabled to have certain consistency in transmissibility, thereby improving the security of data access control in a data exchange scenario.

Description

一种用于数据访问控制的方法及设备Method and device for data access control 技术领域Technical field
本申请涉及通信及计算机领域,尤其涉及一种用于数据访问控制的技术。The present application relates to the field of communications and computers, and more particularly to a technique for data access control.
背景技术Background technique
大数据时代背景下,数据的交换已成为必然的趋势。由于数据提供方对数据安全的需求以及特定数据的自身特点,在某些场景下,数据提供方希望能够对交换出去的数据进行安全的访问控制,如:数据是否允许被导出。另外,数据的交换与一般的商品交换不同,具有一些明显的特质,如数据的传播性等,这也对数据的安全控制带来了新的挑战。现有技术中进行安全访问控制的方式一般都是基于一个封闭环境(如企业的内部私有云)下,不涉及数据交换的场景,对于数据交换场景下的数据访问控制不能很好的支持,并且其采用的访问控制方式一般为使用一些特定的加密算法,对数据本身进行加密处理,对于大数据场景下数据普遍存在的传播性问题几乎没有考虑。In the context of the era of big data, the exchange of data has become an inevitable trend. Due to the data security requirements of the data provider and the characteristics of the specific data, in some scenarios, the data provider wants to be able to perform secure access control on the data exchanged, such as whether the data is allowed to be exported. In addition, the exchange of data is different from the general commodity exchange, with some obvious characteristics, such as the spread of data, which also brings new challenges to the security control of data. The method for performing security access control in the prior art is generally based on a scenario in which a closed environment (such as an internal private cloud of an enterprise) does not involve data exchange, and does not support data access control in a data exchange scenario, and The access control method adopted by the user generally uses some specific encryption algorithms to encrypt the data itself, and has little consideration for the widespread communication problems in the big data scenario.
发明内容Summary of the invention
本申请的一个目的是提供一种用于数据访问控制的方法及设备,以解决现有技术中的数据访问控制方式不适用于数据交换场景的问题。An object of the present application is to provide a method and device for data access control to solve the problem that the data access control method in the prior art is not applicable to a data exchange scenario.
为实现上述目的,本申请提供了一种用于数据访问控制的方法,该方法包括:To achieve the above object, the present application provides a method for data access control, the method comprising:
获取输入数据,并根据所述输入数据生成输出数据;Obtaining input data and generating output data according to the input data;
获取所述输入数据的访问控制策略,其中,所述输入数据的访问控制策略用于控制设备对所述输入数据的访问权限;Acquiring an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data;
根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,其中,所述输出数据的访问控制策略用于控制设备对所述输出数据的访问权限。 And generating, according to the access control policy of the input data, an access control policy of the output data, where the access control policy of the output data is used to control access authority of the device to the output data.
进一步地,获取输入数据,包括:Further, obtaining input data includes:
向数据提供方设备发送针对所述输入数据的授权请求,并在接收到所述数据提供方设备根据所述授权请求生成的针对所述输入数据的授权信息后,根据所述授权信息由存储设备获取所述输入数据。Sending an authorization request for the input data to the data provider device, and after receiving the authorization information for the input data generated by the data provider device according to the authorization request, according to the authorization information, by the storage device Get the input data.
进一步地,获取所述输入数据的访问控制策略,包括:Further, the access control policy for obtaining the input data includes:
向所述存储设备发送查询请求,并接收所述存储设备根据所述查询请求发送的所述输入数据的访问控制策略。Sending a query request to the storage device, and receiving an access control policy of the input data sent by the storage device according to the query request.
进一步地,根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,包括:Further, the access control policy for generating the output data according to the access control policy of the input data includes:
根据所述输入数据与输出数据之间的映射关系,并根据预设规则由所述输入数据的访问控制策略生成所述输出数据的访问控制策略。And generating, according to a mapping relationship between the input data and the output data, an access control policy of the output data by an access control policy of the input data according to a preset rule.
进一步地,所述预设规则包括以下任意一项:Further, the preset rule includes any one of the following:
对所述输入数据的访问控制策略中的访问权限求交集,作为所述输出数据的访问控制策略;或者Intersecting access rights in the access control policy of the input data as an access control policy of the output data; or
对所述输入数据的访问控制策略中的访问权限求并集,作为所述输出数据的访问控制策略。The access rights in the access control policy of the input data are summed as an access control policy of the output data.
进一步地,所述输入数据的访问控制策略包括用于控制设备对所述输入数据的多项访问权限,所述输出数据的访问控制策略包括用于控制设备对所述输出数据的多项访问权限;Further, the access control policy of the input data includes a plurality of access rights for controlling the device to the input data, and the access control policy of the output data includes multiple access rights for controlling the device to the output data. ;
所述预设规则包括以下任意一项:The preset rule includes any one of the following:
分别对所述输入数据的访问控制策略中的多项访问权限求交集,作为所述输出数据的访问控制策略;或者Intersecting multiple access rights in the access control policy of the input data as an access control policy of the output data; or
分别对所述输入数据的访问控制策略中的多项访问权限求并集,作为所述输出数据的访问控制策略。And collecting, by the plurality of access rights in the access control policy of the input data, as an access control policy of the output data.
进一步地,根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略之后,还包括:Further, after the access control policy of the output data is generated according to the access control policy of the input data, the method further includes:
将所述输出数据及其对应的访问控制策略发送至存储设备。The output data and its corresponding access control policy are sent to the storage device.
进一步地,将所述输出数据及其对应的访问控制策略发送至存储设备之后,还包括: Further, after the output data and the corresponding access control policy are sent to the storage device, the method further includes:
接收来自数据使用方设备的针对所述输入数据的授权请求,根据所述授权请求生成针对所述输入数据的授权信息,并向所述数据使用方设备发送所述授权信息,以使所述数据使用方设备根据所述授权信息由所述存储设备获取所述输出数据。Receiving an authorization request for the input data from a data consumer device, generating authorization information for the input data according to the authorization request, and transmitting the authorization information to the data consumer device to make the data The consumer device acquires the output data by the storage device according to the authorization information.
根据本申请的另一方面,还提供了一种用于数据访问控制的设备,该设备包括:According to another aspect of the present application, there is also provided an apparatus for data access control, the apparatus comprising:
数据生成装置,用于获取输入数据,并根据所述输入数据生成输出数据;a data generating device, configured to acquire input data, and generate output data according to the input data;
策略获取装置,用于获取所述输入数据的访问控制策略,其中,所述输入数据的访问控制策略用于控制设备对所述输入数据的访问权限;a policy obtaining device, configured to acquire an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data;
策略生成装置,用于根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,其中,所述输出数据的访问控制策略用于控制设备对所述输出数据的访问权限。And a policy generating device, configured to generate, according to the access control policy of the input data, an access control policy of the output data, where the access control policy of the output data is used to control access authority of the device to the output data.
进一步地,所述数据生成装置,用于向数据提供方设备发送针对所述输入数据的授权请求,并在接收到所述数据提供方设备根据所述授权请求生成的针对所述输入数据的授权信息后,根据所述授权信息由存储设备获取输入数据,根据所述输入数据生成输出数据。Further, the data generating apparatus is configured to send an authorization request for the input data to a data provider device, and receive an authorization for the input data generated by the data provider device according to the authorization request. After the information, the input data is acquired by the storage device according to the authorization information, and the output data is generated according to the input data.
进一步地,所述策略获取装置,用于向所述存储设备发送查询请求,并接收所述存储设备根据所述查询请求发送的所述输入数据的访问控制策略。Further, the policy obtaining means is configured to send a query request to the storage device, and receive an access control policy of the input data sent by the storage device according to the query request.
进一步地,策略生成装置,用于根据所述输入数据与输出数据之间的映射关系,并根据预设规则由所述输入数据的访问控制策略生成所述输出数据的访问控制策略。Further, the policy generating means is configured to generate, according to the mapping relationship between the input data and the output data, an access control policy of the output data by the access control policy of the input data according to a preset rule.
进一步地,所述策略生成装置中生成所述输出数据的访问控制策略的预设规则包括以下任意一项:Further, the preset rule of the access control policy for generating the output data in the policy generating apparatus includes any one of the following:
对所述输入数据的访问控制策略中的访问权限求交集,作为所述输出数据的访问控制策略;或者Intersecting access rights in the access control policy of the input data as an access control policy of the output data; or
对所述输入数据的访问控制策略中的访问权限求并集,作为所述输出数据的访问控制策略。 The access rights in the access control policy of the input data are summed as an access control policy of the output data.
进一步地,所述输入数据的访问控制策略包括用于控制设备对所述输入数据的多项访问权限,所述输出数据的访问控制策略包括用于控制设备对所述输出数据的多项访问权限;Further, the access control policy of the input data includes a plurality of access rights for controlling the device to the input data, and the access control policy of the output data includes multiple access rights for controlling the device to the output data. ;
所述策略生成装置中生成所述输出数据的访问控制策略的预设规则包括以下任意一项:The preset rule of the access control policy for generating the output data in the policy generating apparatus includes any one of the following:
分别对所述输入数据的访问控制策略中的多项访问权限求交集,作为所述输出数据的访问控制策略;或者Intersecting multiple access rights in the access control policy of the input data as an access control policy of the output data; or
分别对所述输入数据的访问控制策略中的多项访问权限求并集,作为所述输出数据的访问控制策略。And collecting, by the plurality of access rights in the access control policy of the input data, as an access control policy of the output data.
进一步地,该设备还包括:Further, the device further includes:
发送装置,用于在根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略之后,将所述输出数据及其对应的访问控制策略发送至存储设备。And a sending device, configured to send the output data and its corresponding access control policy to the storage device after the access control policy of the output data is generated according to the access control policy of the input data.
进一步地,该设备还包括:Further, the device further includes:
授权处理装置,用于在将所述输出数据及其对应的访问控制策略发送至存储设备之后,接收来自数据使用方设备的针对所述输出数据的授权请求,根据所述授权请求生成针对所述输出数据的授权信息,并向所述数据使用方设备发送所述授权信息,以使所述数据使用方设备根据所述授权信息由所述存储设备获取所述输出数据。And an authorization processing device, configured to: after transmitting the output data and its corresponding access control policy to the storage device, receive an authorization request for the output data from the data consumer device, and generate, according to the authorization request, the And outputting the authorization information of the data, and sending the authorization information to the data consumer device, so that the data consumer device acquires the output data by the storage device according to the authorization information.
与现有技术相比,本申请提供的技术方案在获取输入数据后,根据所述输入数据生成输出数据,然后获取输入数据的访问控制策略,由于输出数据是根据输出数据生成,由此根据输入数据和输出数据之间的输入和输出关系,由输入数据的访问控制策略去生成输出数据的访问控制策略,在将输出数据用于交换时,使得输出数据能够根据其上游的输入数据自动获得输出数据自身的访问控制策略,使得存在输入输出关系的输入数据和输出数据在传播性上具有一定的一致性,提高数据交换场景下数据访问控制的安全性,适用于数据交换场景。Compared with the prior art, the technical solution provided by the present application generates output data according to the input data after acquiring input data, and then acquires an access control strategy of the input data, since the output data is generated according to the output data, thereby according to the input. The input and output relationship between data and output data, the access control strategy of the input data to generate an access control strategy for the output data, and when the output data is used for exchange, the output data can be automatically output according to the input data upstream thereof. The access control strategy of the data itself makes the input data and the output data of the input and output relationship have certain consistency in the propagation, and improves the security of the data access control in the data exchange scenario, and is applicable to the data exchange scenario.
附图说明 DRAWINGS
通过阅读参照以下附图所作的对非限制性实施例所作的详细描述,本申请的其它特征、目的和优点将会变得更明显:Other features, objects, and advantages of the present application will become more apparent from the detailed description of the accompanying drawings.
图1为本申请实施例提供的用于数据访问控制的设备的结构示意图;FIG. 1 is a schematic structural diagram of an apparatus for data access control according to an embodiment of the present application;
图2为本申请实施例提供的一种优选的用于数据访问控制的设备的结构示意图;2 is a schematic structural diagram of a device for data access control according to an embodiment of the present application;
图3为本申请实施例提供的一种更优选的用于数据访问控制的设备的结构示意图;FIG. 3 is a schematic structural diagram of a device for data access control according to a preferred embodiment of the present disclosure;
图4为本申请实施例提供的用于数据访问控制的方法的流程图;4 is a flowchart of a method for data access control according to an embodiment of the present application;
图5为本申请实施例提供的一种优选的用于数据访问控制的方法的流程图;FIG. 5 is a flowchart of a preferred method for data access control according to an embodiment of the present application;
图6为本申请实施例提供的一种更优选的用于数据访问控制的方法的流程;FIG. 6 is a flowchart of a more preferred method for data access control according to an embodiment of the present application;
图7为采用本申请实施例中数据访问控制方法的数据交易平台的结构示意图;7 is a schematic structural diagram of a data transaction platform using a data access control method in an embodiment of the present application;
图8为数据交易平台中数据提供方和数据使用方之间的交互流程图。Figure 8 is a flow diagram of the interaction between a data provider and a data consumer in a data transaction platform.
附图中相同或相似的附图标记代表相同或相似的部件。The same or similar reference numerals in the drawings denote the same or similar components.
具体实施方式detailed description
下面结合附图对本申请作进一步详细描述。The present application is further described in detail below with reference to the accompanying drawings.
在本申请一个典型的配置中,终端、服务网络的设备和可信方均包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration of the present application, the terminal, the device of the service network, and the trusted party each include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。The memory may include non-persistent memory, random access memory (RAM), and/or non-volatile memory in a computer readable medium, such as read only memory (ROM) or flash memory. Memory is an example of a computer readable medium.
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电 可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括非暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer readable media includes both permanent and non-persistent, removable and non-removable media. Information storage can be implemented by any method or technology. The information can be computer readable instructions, data structures, modules of programs, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory. (ROM), electricity Erasable programmable read-only memory (EEPROM), flash memory or other memory technology, compact disk read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, magnetic cassette, A tape storage or other magnetic storage device or any other non-transportable medium that can be used to store information that can be accessed by a computing device. As defined herein, computer readable media does not include non-transitory computer readable media, such as modulated data signals and carrier waves.
图1示出了本申请实施例提供的一种用于数据访问控制的设备,其中,该设备1包括数据生成装置110、策略获取装置120以及策略生成装置130。具体地,数据生成装置110用于获取输入数据,并根据所述输入数据生成输出数据;策略获取装置120用于获取所述输入数据的访问控制策略,其中,所述输入数据的访问控制策略用于控制设备对所述输入数据的访问权限;策略生成装置130用于根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,其中,所述输出数据的访问控制策略用于控制设备对所述输出数据的访问权限。输入数据和输出数据之间具有输入和输出的映射关系,在将输出数据用于交换时,使得输出数据能够根据其上游的输入数据自动获得输出数据自身的访问控制策略,使得存在输入输出关系的输入数据和输出数据在传播性上具有一定的一致性,提高数据交换场景下数据访问控制的安全性,适用于数据交换场景。FIG. 1 shows an apparatus for data access control provided by an embodiment of the present application, where the apparatus 1 includes a data generating apparatus 110, a policy obtaining apparatus 120, and a policy generating apparatus 130. Specifically, the data generating apparatus 110 is configured to acquire input data, and generate output data according to the input data; the policy obtaining apparatus 120 is configured to acquire an access control policy of the input data, where the access control policy of the input data is used by Controlling the access authority of the device to the input data; the policy generating means 130 is configured to generate an access control policy of the output data according to the access control policy of the input data, wherein the access control policy of the output data is used for controlling The device's access to the output data. The input data and the output data have a mapping relationship between input and output. When the output data is used for exchange, the output data can automatically obtain an access control strategy of the output data according to the input data upstream thereof, so that there is an input-output relationship. The input data and the output data have a certain consistency in the propagation, and the security of the data access control in the data exchange scenario is improved, and is applicable to the data exchange scenario.
在此,设备1包括但不限于网络设备、用户设备或网络设备与用户设备通过网络相集成所构成的设备。在此,所述网络设备包括但不限于如网络主机、单个网络服务器、多个网络服务器集或基于云计算的计算机集合等实现;所述用户设备可以是运行于本地的用户端设备。在此,云由基于云计算(Cloud Computing)的大量主机或网络服务器构成,其中,云计算是分布式计算的一种,由一群松散耦合的计算机集组成的一个虚拟计算机。Here, the device 1 includes, but is not limited to, a network device, a user device, or a device in which a network device is integrated with a user device through a network. Here, the network device includes, but is not limited to, an implementation such as a network host, a single network server, a plurality of network server sets, or a cloud computing-based computer set; the user equipment may be a local user equipment running locally. Here, the cloud is composed of a large number of host or network servers based on Cloud Computing, which is a kind of distributed computing, a virtual computer composed of a group of loosely coupled computers.
在某一数据交换的应用场景下,用户包括数据提供方以及数据使用方,对于某一用户,既可以数据提供方,同时也可以是数据使用方。其中,数据提供方向数据使用方提供数据,而数据使用方能够根据得到的数据生成新的数据,并且根据数据之间的输入和输出关系获得新的数据的访问控 制策略。此时所述设备1作为数据使用方设备,若数据提供方和数据使用方之间的数据交换通过云计算平台实现,则设备1可以是云计算平台中用于实现数据获取以及处理功能的一个服务器或者多个服务器的集合。在此,本领域技术人员应当能够理解,所述输入数据是指数据提供方提供的源数据,所述输出数据是指根据输入数据生成的数据。输入数据和输出数据包括但不限于:数据表、用户自定义函数、数据服务以及报表等,通过设定的访问控制策略,来控制设备对这些数据的访问权限。其中,访问权限可以根据具体的应用场景来设置,例如是否可以导出等。在此,所述输入数据可以是由多个数据提供方获取的多项不同的数据,也可以是数据使用方设备自身产生的数据,例如由数据提供方处购买的数据表,由数据提供方处购买的数据服务,或者数据使用方设备生成的用户自定义函数。In a certain data exchange application scenario, the user includes the data provider and the data consumer. For a certain user, the data provider and the data consumer can be used. Wherein, the data providing direction provides data to the user, and the data user can generate new data according to the obtained data, and obtain access control of the new data according to the input and output relationship between the data. System strategy. At this time, the device 1 is used as a data consumer device. If the data exchange between the data provider and the data consumer is implemented by the cloud computing platform, the device 1 may be a function for implementing data acquisition and processing functions in the cloud computing platform. A collection of servers or multiple servers. Here, those skilled in the art should be able to understand that the input data refers to source data provided by a data provider, and the output data refers to data generated according to input data. Input data and output data include, but are not limited to, data tables, user-defined functions, data services, and reports, etc., through the set access control policies, to control device access to these data. The access rights may be set according to specific application scenarios, such as whether they can be exported or the like. Here, the input data may be a plurality of different data acquired by a plurality of data providers, or may be data generated by the data consumer device itself, such as a data table purchased by the data provider, by the data provider. The data service purchased at, or the user-defined function generated by the data consumer device.
当所述设备1作为数据使用方设备时,所述数据生成装置110用于向数据提供方设备发送针对所述输入数据的授权请求,并在接收到所述数据提供方设备根据所述授权请求生成的针对所述输入数据的授权信息后,根据所述授权信息由存储设备获取输入数据,根据所述输入数据生成输出数据。When the device 1 is a data consumer device, the data generating device 110 is configured to send an authorization request for the input data to a data provider device, and receive the data provider device according to the authorization request. After the generated authorization information for the input data, the input data is acquired by the storage device according to the authorization information, and the output data is generated according to the input data.
在此,针对输入数据的授权请求表示作为数据使用方的设备1希望获得输入数据使用权的请求,而对应的授权信息表示数据提供方设备同意数据使用方使用该数据的信息。若在实际应用场景中数据的交换采用交易的方式,则数据提供方将待出售的数据在云计算平台提供的数据市场中上架,使得数据使用方能够获知当前有哪些数据当前可以购买。所述存储设备可以是云计算平台中用于实现数据存储处理功能的一个服务器或者多个服务器的集合,数据提供方在数据市场中上架的数据被存储在所述存储设备中。在进行数据交换时,数据使用方和数据提供方之间并不直接进行数据的交换,数据使用方如需要获得某一上架的数据,会向数据提供方发送一个购买该数据的购买申请(即为授权请求),数据提供方在收到购买申请后,若同意该次购买,则会向数据使用方发送一个同意购买的审批信息(即为授权信息),此时数据使用方就可以根据同意购买的审批信息区向云计算平台中用于存储数据的存储设备请求获取对应的数据,由此完成 数据的获取。由于数据提供方和数据使用方之间通过申请和授权的方式交换数据,适用于云计算平台下大数据处理的应用场景,即使不对数据本身进行加密,数据传播的安全性也能够得到有效控制。Here, the authorization request for the input data indicates that the device 1 as the data consumer desires to obtain the input data usage right request, and the corresponding authorization information indicates that the data provider device agrees that the data consumer uses the data. If the data is exchanged in the actual application scenario, the data provider puts the data to be sold on the data market provided by the cloud computing platform, so that the data user can know which data is currently available for purchase. The storage device may be a server or a collection of multiple servers in the cloud computing platform for implementing data storage processing functions, and data that is uploaded by the data provider in the data market is stored in the storage device. In the data exchange, the data consumer and the data provider do not directly exchange data. If the data user needs to obtain a certain shelf data, the data provider sends a purchase request to purchase the data (ie, For the authorization request), after receiving the purchase request, the data provider, if it agrees to the purchase, sends an approval message (that is, authorization information) to the data user to agree to the purchase, and the data user can agree according to the consent. The purchased approval information area requests the storage device for storing data in the cloud computing platform to obtain corresponding data, thereby completing Acquisition of data. Since the data provider and the data user exchange data by means of application and authorization, it is applicable to the application scenario of big data processing under the cloud computing platform, and the security of data transmission can be effectively controlled even if the data itself is not encrypted.
根据所述输入数据生成输出数据时,根据数据的实际处理目的,可以采用不同的生成方式,包括但不限于:对数据进行统计分析(例如ETL,Extract Transform Load,数据抽取、转换、加载),或者对数据进行数据挖掘等。例如,所述输入数据为由数据提供方A处购买的数据表,对该数据表进行统计分析,抽取数据表中的某几项数据,然后对数据进行转换(例如对数据格式进行转换)后,再将转换后的数据加载至新的数据表,从而生成一张新的数据表(即为输出数据)。再如,所述输入数据包括分别由数据提供方A、B、C处购买的数据表A、数据表B以及数据服务C,其中,数据表A为多个城市未来几天的气温数据,数据表B为这几个城市未来几天内的降雨概率数据,数据服务C为根据气温以及降雨概率对雨伞销量的趋势预测,通过上述数据,可以生成数据表D,该数据表D包含的数据为几个城市中未来几天内雨伞的销量的预测数据。在此,本领域技术人员应能理解上述关于输出数据的生成方式仅为举例,其他现有的或今后可能出现的方式如可适用于本申请,也应包含在本申请保护范围以内,并在此以引用方式包含于此。When the output data is generated according to the input data, different generation manners may be adopted according to the actual processing purpose of the data, including but not limited to: statistical analysis of the data (eg, ETL, Extract Transform Load, data extraction, conversion, loading), Or data mining, etc. For example, the input data is a data table purchased by the data provider A, statistically analyzing the data table, extracting some data in the data table, and then converting the data (for example, converting the data format). Then, the converted data is loaded into a new data table to generate a new data table (that is, output data). For another example, the input data includes a data table A, a data table B, and a data service C respectively purchased by the data providers A, B, and C, wherein the data table A is temperature data of a plurality of cities in the next few days, and data. Table B shows the rainfall probability data for the cities in the next few days. The data service C is a trend forecast for the sales of umbrellas based on the temperature and the probability of rain. Through the above data, the data table D can be generated. The data contained in the data table D is Forecast data on sales of umbrellas in several cities in the next few days. Here, those skilled in the art should understand that the above-mentioned manner of generating output data is only an example, and other existing or future possible manners, such as applicable to the present application, are also included in the scope of protection of the present application, and This is hereby incorporated by reference.
在上述应用场景下,输入数据的访问控制策略可以独立于输入数据进行存储,此时在数据生成装置完成输出数据的生成后,所述策略获取装置120向所述存储设备发送查询请求,并接收所述存储设备根据所述查询请求发送的所述输入数据的访问控制策略。仍以前述数据表A、数据表B以及数据服务C生成数据表D的场景为例,在数据表A、数据表B以及数据服务C上架时,数据提供方已将这些数据的访问控制策略提交至云计算平台中用于存储数据的服务器(即存储设备)中,在生成数据表D后,设备1的策略获取装置会向存储设备进行查询,以获取输入数据的访问控制策略。In the above application scenario, the access control policy of the input data may be stored independently of the input data. After the data generating device completes the generation of the output data, the policy obtaining device 120 sends a query request to the storage device, and receives the request. The access control policy of the input data sent by the storage device according to the query request. Taking the scenario of the data table A, the data table B, and the data service C to generate the data table D as an example, when the data table A, the data table B, and the data service C are racked, the data provider has submitted the access control policy of the data. In the server (ie, the storage device) for storing data in the cloud computing platform, after the data table D is generated, the policy obtaining device of the device 1 queries the storage device to obtain an access control policy of the input data.
具体地,策略生成装置130根据所述输入数据与输出数据之间的映射关系,并根据预设规则由所述输入数据的访问控制策略生成所述输出数据 的访问控制策略。由于输出数据的访问控制策略是基于输入数据和输出数据的映射关系生成,使得对于输入数据和输出数据其访问权限存在一定的延续性。接上例,数据表D对应的输入数据为数据表A、数据表B以及数据服务C,其预设规则可以根据数据的特点以及业务需求来设置,例如数据表A内包含了较为敏感的数据,不适合让用户随意导出使用,其设置的访问控制策略为不允许导出,那么可以采用严格控制的预设规则:即对输入数据的访问控制策略中的访问权限求交集,作为输出数据的访问控制策略。此时,即使数据表B和数据服务C的访问控制策略为允许导出,数据表D仍然为不可导出。当然,也可以采用宽松控制的预设规则:即对输入数据的访问控制策略中的访问权限求并集,作为输出数据的访问控制策略。此时,数据表A、数据表B以及数据服务C中只要有一个采用了允许导出,那么生成的数据表D也允许导出。在此,本领域技术人员应能理解上述预设规则仅为举例,其他现有的或今后可能出现的其它形式的预设规则如可适用于本申请,也应包含在本申请保护范围以内,并在此以引用方式包含于此。Specifically, the policy generating apparatus 130 generates the output data according to the mapping relationship between the input data and the output data, and according to the preset rule by the access control policy of the input data. Access control strategy. Since the access control strategy of the output data is generated based on the mapping relationship between the input data and the output data, there is a certain continuity of access rights for the input data and the output data. In the above example, the input data corresponding to the data table D is the data table A, the data table B, and the data service C. The preset rules can be set according to the characteristics of the data and the business requirements. For example, the data table A contains more sensitive data. It is not suitable for the user to export and use. The access control policy is not allowed to be exported. Then, the strict control rule can be adopted: the access permission in the access control policy of the input data is intersected as the output data access. Control Strategy. At this time, even if the access control policy of the data table B and the data service C is allowed to be exported, the data table D is still not exportable. Of course, it is also possible to adopt a preset rule of loose control: that is, a union of access rights in an access control policy of input data as an access control strategy for output data. At this time, as long as one of the data table A, the data table B, and the data service C adopts the allowable export, the generated data table D is also allowed to be exported. Herein, those skilled in the art should understand that the above-mentioned preset rules are only examples, and other existing preset rules that may appear in the future may be applicable to the present application, and should also be included in the scope of protection of the present application. It is hereby incorporated by reference.
根据应用场景的不同,所述输入数据的访问控制策略包括用于控制设备对所述输入数据的多项访问权限,所述输出数据的访问控制策略包括用于控制设备对所述输出数据的多项访问权限,以适应不同应用场景的需求。以本申请实施例中提及的数据交易的场景为例,访问控制策略包含的访问权限可以包括但不限于:是否允许上架,是否允许导出,是否允许在开发环境访问等。其中,允许上架是指数据提供方可以将该数据在数据市场中上架,即可以将该数据及由此生成的数据授权给数据使用方。所述开发环境是指数据提供方内部进行数据开发或者分析的私有环境。一般在数据交易的场景下,数据由各个数据提供方进行生产,数据生产的过程即为由输入数据生成输出数据的过程。在生成过程中,可以从其它数据提供方购买的数据中提取样本数据,来进行相关的数据开发或者分析,以生成输出数据。允许在开发环境访问是指在对数据进行开发或者分析时,没有任何限制,可以提取将该数据的全部内容作为样本数据,若不允许在开发环境访问,则开发或者分析时不能直接获取到数据的内容,只能获取到预先 根据该数据的内容提取的样本数据,来进行开发或者分析。Depending on the application scenario, the access control policy of the input data includes a plurality of access rights for controlling the device to the input data, and the access control policy of the output data includes a plurality of control data for controlling the device. Access rights to suit the needs of different application scenarios. For example, in the scenario of the data transaction mentioned in the embodiment of the present application, the access rights included in the access control policy may include, but are not limited to, whether to allow the shelf, whether to allow the export, whether to allow access in the development environment, and the like. Wherein, allowing the shelf is means that the data provider can put the data in the data market, that is, the data and the data generated thereby can be authorized to the data consumer. The development environment refers to a private environment in which data is developed or analyzed internally by the data provider. Generally, in the case of data transaction, data is produced by each data provider, and the process of data production is a process of generating output data from input data. During the generation process, sample data may be extracted from data purchased by other data providers for related data development or analysis to generate output data. Allowing access in the development environment means that there is no restriction on the development or analysis of the data. The entire content of the data can be extracted as sample data. If access is not allowed in the development environment, the data cannot be directly obtained during development or analysis. Content can only be obtained in advance Development or analysis is performed based on the sample data extracted from the content of the data.
当输入数据的访问控制策略包含多项访问权限时,对应的严格控制的预设规则和宽松控制的预设规则分为别:分别对所述输入数据的访问控制策略中的多项访问权限求交集,作为所述输出数据的访问控制策略;以及分别对所述输入数据的访问控制策略中的多项访问权限求并集,作为所述输出数据的访问控制策略。以数据表E、数据表F、数据表G、数据表H、数据表I为例,其输入输出的映射关系为:(E、F、G)→(H、I),即由数据表E~G,生成了两张新的数据表H、I。假设其访问控制策略定义如下:AP1,是否允许上架;AP2,是否允许导出;AP3,是否允许在开发环境访问,那么When the access control policy of the input data includes multiple access rights, the corresponding strict control preset rule and the loose control preset rule are separately classified: respectively, multiple access rights in the access control policy of the input data are respectively sought An intersection, as an access control policy of the output data; and a plurality of access rights in the access control policy of the input data, respectively, as an access control policy of the output data. Taking data table E, data table F, data table G, data table H, and data table I as an example, the mapping relationship between input and output is: (E, F, G) → (H, I), that is, by data table E ~G, generated two new data tables H, I. Assume that its access control policy is defined as follows: AP1, whether it is allowed to be on the shelf; AP2, whether to allow export; AP3, whether to allow access in the development environment, then
数据表E(AP1,AP2,AP3)=(1,0,0);Data table E (AP1, AP2, AP3) = (1, 0, 0);
数据表F(AP1,AP2,AP3)=(1,1,0);Data table F (AP1, AP2, AP3) = (1, 1, 0);
数据表G(AP1,AP2,AP3)=(1,1,1);Data table G (AP1, AP2, AP3) = (1, 1, 1);
那么根据严格控制的预设规则,生成的数据表H和数据表I的访问控制策略为:数据表H、I(AP1,AP2,AP3)=(1,0,0)∩(1,1,0)∩(1,1,1)=(1,0,0),即仅允许上架,而不允许导出以及在开发环境访问。对应地,根据宽松控制的预设规则,生成的数据表H和数据表I的访问控制策略为:数据表H、I(AP1,AP2,AP3)=(1,0,0)∪(1,1,0)∪(1,1,1)=(1,1,1),即允许上架、允许导出并且允许在开发环境访问。通过设置不同的预设规则以及多项不同的访问权限,使得数据访问控制的粒度较细,从而满足大数据云计算平台下灵活多样的访问控制需求。Then, according to the strict control preset rule, the access control policies of the generated data table H and data table I are: data table H, I (AP1, AP2, AP3) = (1, 0, 0) ∩ (1, 1, 0) ∩(1,1,1)=(1,0,0), which is only allowed on the shelf, and is not allowed to be exported and accessed in the development environment. Correspondingly, according to the preset rule of loose control, the access control policies of the generated data table H and data table I are: data table H, I (AP1, AP2, AP3) = (1, 0, 0) ∪ (1, 1,0)∪(1,1,1)=(1,1,1), which allows for shelves, allows export, and allows access in the development environment. By setting different preset rules and multiple different access rights, the granularity of data access control is finer, thus meeting the flexible and diverse access control requirements of the big data cloud computing platform.
进一步地,本申请实施例还提供了一种优选的用于数据访问控制的设备1,由于在生成输出数据以及输出数据的访问控制策略后,设备1也可以作为数据提供方,将其生产的输出数据进行上架,授权给其它数据使用方使用,使得技术方案更适用于云计算平台的数据交换的应用场景。所述设备1的结构如图2所示,除图1示出的数据生成装置110、策略获取装置120、策略生成装置130之外,还包括发送装置140。具体地,所述发送装置140在根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略之后,将所述输出数据及其对应的访问控制策略发送至存储设 备。在此,本领域技术人员应当理解,数据生成装置110、策略获取装置120和策略生成装置130分别与图1实施例中对应装置的内容相同或基本相同,为简明起见,故在此不再赘述,并以引用的方式包含于此。Further, the embodiment of the present application further provides a preferred device 1 for data access control. Since the device 1 can also generate the output data and the access control policy of the output data, the device 1 can also be used as a data provider. The output data is put on the shelf and authorized for use by other data users, so that the technical solution is more suitable for the application scenario of data exchange of the cloud computing platform. The structure of the device 1 is as shown in FIG. 2, and includes a transmitting device 140 in addition to the data generating device 110, the policy obtaining device 120, and the policy generating device 130 shown in FIG. Specifically, the sending device 140 sends the output data and its corresponding access control policy to the storage device after generating an access control policy of the output data according to the access control policy of the input data. Ready. The content of the data generating device 110, the policy obtaining device 120, and the policy generating device 130 are the same as or substantially the same as those of the corresponding device in the embodiment of FIG. 1 for the sake of brevity, and therefore will not be described herein. And is included here by reference.
在上述应用场景中,若设备1生成的数据表H和数据表I均允许上架,则设备1可以将所述数据表H、数据表I及其对应的访问控制策略发送至存储设备,使得其它数据使用方提出使用数据表H和数据表I的购买申请,以完成数据的交易。In the above application scenario, if both the data table H and the data table I generated by the device 1 are allowed to be on the shelf, the device 1 may send the data table H, the data table I and its corresponding access control policy to the storage device, so that the other The data consumer proposes to use the purchase request of data table H and data table I to complete the transaction of the data.
进一步地,本申请实施例还提供了一种更优选的用于数据访问控制的设备1,该设备1的结构如图3所示,除图2示出的数据生成装置110、策略获取装置120、策略生成装置130和发送装置140之外,还包括授权处理装置150,以完成对于其它数据使用方提出的授权请求的审批。具体地,授权处理装置150在将所述输出数据及其对应的访问控制策略发送至存储设备之后,接收来自数据使用方设备的针对所述输出数据的授权请求,根据所述授权请求生成针对所述输出数据的授权信息,并向所述数据使用方设备发送所述授权信息,以使所述数据使用方设备根据所述授权信息由所述存储设备获取所述输出数据。在此,本领域技术人员应当理解,数据生成装置110、策略获取装置120、策略生成装置130、发送装置140分别与图2实施例中对应装置的内容相同或基本相同,为简明起见,故在此不再赘述,并以引用的方式包含于此。Further, the embodiment of the present application further provides a more preferred device 1 for data access control. The structure of the device 1 is as shown in FIG. 3, except for the data generating device 110 and the policy obtaining device 120 shown in FIG. In addition to the policy generating device 130 and the transmitting device 140, the authorization processing device 150 is further included to complete the approval of the authorization request made by other data consumers. Specifically, after the output processing data and the corresponding access control policy are sent to the storage device, the authorization processing device 150 receives an authorization request for the output data from the data consumer device, and generates a target for the authorization request according to the authorization request. Declaring authorization information of the output data, and transmitting the authorization information to the data consumer device, so that the data consumer device acquires the output data by the storage device according to the authorization information. Here, those skilled in the art should understand that the data generating device 110, the policy obtaining device 120, the policy generating device 130, and the transmitting device 140 are respectively the same or substantially the same as the corresponding devices in the embodiment of FIG. 2, and for the sake of brevity, This is not repeated here and is hereby incorporated by reference.
其中,所述针对输出数据的授权请求、授权信息与前述的针对输入数据的授权请求、授权信息的表示的内容基本相同,其区别仅在于此时设备1所表示的是数据提供方设备,该输出数据被其它数据使用方获取后,作为其它数据使用方的进行数据生成的输入数据被使用。在上述应用场景中,若数据使用方需要购买数据表H,那么数据提供方就会接收到来自针对数据表H的购买请求,若同意该次购买,则会向数据使用方发送一个同意购买的审批信息。数据提供方和数据使用方之间通过申请和授权的方式交换数据,适用于云计算平台下大数据处理的应用场景,即使不对数据本身进行加密,数据传播的安全性也能够得到有效控制。The content of the authorization request and the authorization information for the output data is substantially the same as the foregoing description of the authorization request for the input data and the authorization information, and the difference is only that the device 1 represents the data provider device at this time. After the output data is acquired by other data consumers, the input data for data generation by other data consumers is used. In the above application scenario, if the data consumer needs to purchase the data table H, the data provider receives the purchase request from the data table H, and if the purchase is agreed, the data user is sent a consent purchase. Approval information. The data provider and the data user exchange data by means of application and authorization. It is applicable to the application scenario of big data processing under the cloud computing platform. Even if the data itself is not encrypted, the security of data transmission can be effectively controlled.
在此,本领域技术人员应当能够理解,在云计算平台中,任意用户的 数据处理操作均可以由云计算平台内的计算机集群完成,例如利用虚拟机技术,数据提供方设备、数据使用方设备所执行的数据处理操作均可以由计算机集群内的实现类似功能的实体设备集合完成(例如具有数据处理以及收发功能的服务器),而用户的本地设备可以仅仅实现接入所述云计算平台的应用接口的功能。Here, those skilled in the art should be able to understand that in the cloud computing platform, any user's The data processing operations can all be performed by a computer cluster within the cloud computing platform. For example, by using virtual machine technology, data processing operations performed by the data provider device and the data consumer device can be performed by a set of physical devices in the computer cluster that implement similar functions. Completion (eg, a server with data processing and transceiving functions), and the user's local device may only implement the functionality of accessing the application interface of the cloud computing platform.
图4示出了本申请实施例提供的一种用于数据访问控制的方法,该方法包括以下步骤:FIG. 4 shows a method for data access control provided by an embodiment of the present application, the method comprising the following steps:
步骤S401,获取输入数据,并根据所述输入数据生成输出数据;Step S401, acquiring input data, and generating output data according to the input data;
步骤S402,获取所述输入数据的访问控制策略,其中,所述输入数据的访问控制策略用于控制设备对所述输入数据的访问权限;Step S402, acquiring an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data;
步骤S403,根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,其中,所述输出数据的访问控制策略用于控制设备对所述输出数据的访问权限。Step S403: Generate an access control policy of the output data according to the access control policy of the input data, where the access control policy of the output data is used to control access authority of the device to the output data.
由于输入数据和输出数据之间具有输入和输出的映射关系,在将输出数据用于交换时,使得输出数据能够根据其上游的输入数据自动获得输出数据自身的访问控制策略,使得存在输入输出关系的输入数据和输出数据在传播性上具有一定的一致性,提高数据交换场景下数据访问控制的安全性。Since the input data and the output data have a mapping relationship between input and output, when the output data is used for exchange, the output data can automatically obtain an access control strategy of the output data according to the input data upstream thereof, so that there is an input-output relationship. The input data and the output data have a certain consistency in the propagation, and the security of the data access control in the data exchange scenario is improved.
在某一数据交换的应用场景下,用户包括数据提供方以及数据使用方,对于某一用户,既可以数据提供方,同时也可以是数据使用方。其中,数据提供方向数据使用方提供数据,而数据使用方能够根据得到的数据生成新的数据,并且根据数据之间的输入和输出关系获得新的数据的访问控制策略。在此,前述用于数据访问控制的方法的执行主体是作为数据使用方设备,若数据提供方和数据使用方之间的数据交换通过云计算平台实现,则执行上述方法的数据使用方设备可以是云计算平台中用于实现数据获取以及处理功能的一个服务器或者多个服务器的集合。在此,本领域技术人员应当能够理解,所述输入数据是指数据提供方提供的源数据,所述输出数据是指根据输入数据生成的数据。输入数据和输出数据包括但不限于:数据表、用户自定义函数、数据服务以及报表等,通过设定的访问控 制策略,来控制包括设备对这些数据的访问权限。其中,访问权限可以根据具体的应用场景来设置,例如是否可以导出等。在此,所述输入数据可以是由多个数据提供方获取的多项不同的数据,也可以是数据使用方设备自身产生的数据,例如由数据提供方处购买的数据表,由数据提供方处购买的数据服务,或者数据使用方设备生成的用户自定义函数。In a certain data exchange application scenario, the user includes the data provider and the data consumer. For a certain user, the data provider and the data consumer can be used. Wherein, the data providing direction data user provides data, and the data user can generate new data according to the obtained data, and obtain an access control strategy of the new data according to the input and output relationship between the data. Here, the foregoing execution body of the method for data access control is a data consumer device. If the data exchange between the data provider and the data consumer is implemented by the cloud computing platform, the data consumer device performing the above method may It is a collection of servers or servers used in the cloud computing platform to implement data acquisition and processing functions. Here, those skilled in the art should be able to understand that the input data refers to source data provided by a data provider, and the output data refers to data generated according to input data. Input data and output data include but are not limited to: data tables, user-defined functions, data services, and reports, etc. A policy to control access to the data, including the device. The access rights may be set according to specific application scenarios, such as whether they can be exported or the like. Here, the input data may be a plurality of different data acquired by a plurality of data providers, or may be data generated by the data consumer device itself, such as a data table purchased by the data provider, by the data provider. The data service purchased at, or the user-defined function generated by the data consumer device.
当作为数据使用方时,步骤S101中获取输入数据,具体包括于向数据提供方设备发送针对所述输入数据的授权请求,并在接收到所述数据提供方设备根据所述授权请求生成的针对所述输入数据的授权信息后,根据所述授权信息由存储设备获取输入数据。When the data is used as a data consumer, the input data is acquired in step S101, specifically, including: sending an authorization request for the input data to the data provider device, and receiving, according to the authorization request, the generated data provider device After the authorization information of the input data is received, the input data is acquired by the storage device according to the authorization information.
在此,针对输入数据的授权请求表示作为数据使用方希望获得输入数据使用权的请求,而对应的授权信息表示数据提供方同意数据使用方使用该数据的信息。若在实际应用场景中数据的交换采用交易的方式,则数据提供方将待出售的数据在云计算平台提供的数据市场中上架,使得数据使用方能够获知当前有哪些数据当前可以购买。所述存储设备可以是云计算平台中用于实现数据存储处理功能的一个服务器或者多个服务器的集合,数据提供方在数据市场中上架的数据被存储在所述存储设备中。在进行数据交换时,数据使用方和数据提供方之间并不直接进行数据的交换,数据使用方如需要获得某一上架的数据,会向数据提供方发送一个购买该数据的购买申请(即为授权请求),数据提供方在收到购买申请后,若同意该次购买,则会向数据使用方发送一个同意购买的审批信息(即为授权信息),此时数据使用方就可以根据同意购买的审批信息区向云计算平台中用于存储数据的存储设备请求获取对应的数据,由此完成数据的获取。由于数据提供方和数据使用方之间通过申请和授权的方式交换数据,适用于云计算平台下大数据处理的应用场景,即使不对数据本身进行加密,数据传播的安全性也能够得到有效控制。Here, the authorization request for the input data indicates that the data consumer wishes to obtain the input data usage right, and the corresponding authorization information indicates that the data provider agrees that the data consumer uses the data. If the data is exchanged in the actual application scenario, the data provider puts the data to be sold on the data market provided by the cloud computing platform, so that the data user can know which data is currently available for purchase. The storage device may be a server or a collection of multiple servers in the cloud computing platform for implementing data storage processing functions, and data that is uploaded by the data provider in the data market is stored in the storage device. In the data exchange, the data consumer and the data provider do not directly exchange data. If the data user needs to obtain a certain shelf data, the data provider sends a purchase request to purchase the data (ie, For the authorization request), after receiving the purchase request, the data provider, if it agrees to the purchase, sends an approval message (that is, authorization information) to the data user to agree to the purchase, and the data user can agree according to the consent. The purchased approval information area requests the storage device for storing data in the cloud computing platform to acquire corresponding data, thereby completing the acquisition of the data. Since the data provider and the data user exchange data by means of application and authorization, it is applicable to the application scenario of big data processing under the cloud computing platform, and the security of data transmission can be effectively controlled even if the data itself is not encrypted.
根据所述输入数据生成输出数据时,根据数据的实际处理目的,可以采用不同的生成方式,包括但不限于:对数据进行统计分析(例如ETL,Extract Transform Load,数据抽取、转换、加载),或者对数据进行数据挖掘等。例如,所述输入数据为由数据提供方A处购买的数据表,对该数据 表进行统计分析,抽取数据表中的某几项数据,然后对数据进行转换(例如对数据格式进行转换)后,再将转换后的数据加载至新的数据表,从而生成一张新的数据表(即为输出数据)。再如,所述输入数据包括分别由数据提供方A、B、C处购买的数据表A、数据表B以及数据服务C,其中,数据表A为多个城市未来几天的气温数据,数据表B为这几个城市未来几天内的降雨概率数据,数据服务C为根据气温以及降雨概率对雨伞销量的趋势预测,通过上述数据,可以生成数据表D,该数据表D包含的数据为几个城市中未来几天内雨伞的销量的预测数据。在此,本领域技术人员应能理解上述关于输出数据的生成方式仅为举例,其他现有的或今后可能出现的方式如可适用于本申请,也应包含在本申请保护范围以内,并在此以引用方式包含于此。When the output data is generated according to the input data, different generation manners may be adopted according to the actual processing purpose of the data, including but not limited to: statistical analysis of the data (eg, ETL, Extract Transform Load, data extraction, conversion, loading), Or data mining, etc. For example, the input data is a data table purchased by the data provider A, the data The table performs statistical analysis, extracts some data in the data table, and then converts the data (for example, converts the data format), and then loads the converted data into a new data table to generate a new data. Table (that is, output data). For another example, the input data includes a data table A, a data table B, and a data service C respectively purchased by the data providers A, B, and C, wherein the data table A is temperature data of a plurality of cities in the next few days, and data. Table B shows the rainfall probability data for the cities in the next few days. The data service C is a trend forecast for the sales of umbrellas based on the temperature and the probability of rain. Through the above data, the data table D can be generated. The data contained in the data table D is Forecast data on sales of umbrellas in several cities in the next few days. Here, those skilled in the art should understand that the above-mentioned manner of generating output data is only an example, and other existing or future possible manners, such as applicable to the present application, are also included in the scope of protection of the present application, and This is hereby incorporated by reference.
在上述应用场景下,输入数据的访问控制策略可以独立于输入数据进行存储,此时在完成输出数据的生成后,步骤S102获取所述输入数据的访问控制策略,具体包括:向所述存储设备发送查询请求,并接收所述存储设备根据所述查询请求发送的所述输入数据的访问控制策略。仍以前述数据表A、数据表B以及数据服务C生成数据表D的场景为例,在数据表A、数据表B以及数据服务C上架时,数据提供方已将这些数据的访问控制策略提交至云计算平台中用于存储数据的服务器(即存储设备)中,在生成数据表D后,会向存储设备进行查询,以获取输入数据的访问控制策略。In the above application scenario, the access control policy of the input data may be stored independently of the input data. After the generation of the output data is completed, the step S102 obtains the access control policy of the input data, which includes: to the storage device. Sending a query request, and receiving an access control policy of the input data sent by the storage device according to the query request. Taking the scenario of the data table A, the data table B, and the data service C to generate the data table D as an example, when the data table A, the data table B, and the data service C are racked, the data provider has submitted the access control policy of the data. To the server (ie, the storage device) for storing data in the cloud computing platform, after the data table D is generated, the storage device is queried to obtain an access control policy for the input data.
具体地,步骤S103根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,包括:根据所述输入数据与输出数据之间的映射关系,并根据预设规则由所述输入数据的访问控制策略生成所述输出数据的访问控制策略。由于输出数据的访问控制策略是基于输入数据和输出数据的映射关系生成,使得对于输入数据和输出数据其访问权限存在一定的延续性。接上例,数据表D对应的输入数据为数据表A、数据表B以及数据服务C,其预设规则可以根据数据的特点以及业务需求来设置,例如数据表A内包含了较为敏感的数据,不适合让用户随意导出使用,其设置的访问控制策略为不允许导出,那么可以采用严格控制的预设规则:即对输入 数据的访问控制策略中的访问权限求交集,作为输出数据的访问控制策略。此时,即使数据表B和数据服务C的访问控制策略为允许导出,数据表D仍然为不可导出。当然,也可以采用宽松控制的预设规则:即对输入数据的访问控制策略中的访问权限求并集,作为输出数据的访问控制策略。此时,数据表A、数据表B以及数据服务C中只要有一个采用了允许导出,那么生成的数据表D也允许导出。在此,本领域技术人员应能理解上述预设规则仅为举例,其他现有的或今后可能出现的其它形式的预设规则如可适用于本申请,也应包含在本申请保护范围以内,并在此以引用方式包含于此。Specifically, the step S103 is configured to generate an access control policy of the output data according to the access control policy of the input data, including: according to a mapping relationship between the input data and the output data, and inputting the data according to a preset rule. The access control policy generates an access control policy for the output data. Since the access control strategy of the output data is generated based on the mapping relationship between the input data and the output data, there is a certain continuity of access rights for the input data and the output data. In the above example, the input data corresponding to the data table D is the data table A, the data table B, and the data service C. The preset rules can be set according to the characteristics of the data and the business requirements. For example, the data table A contains more sensitive data. It is not suitable for users to export and use. The access control policy is not allowed to export. Then you can use the strict control preset rule: The intersection of access rights in the data access control policy is used as an access control policy for output data. At this time, even if the access control policy of the data table B and the data service C is allowed to be exported, the data table D is still not exportable. Of course, it is also possible to adopt a preset rule of loose control: that is, a union of access rights in an access control policy of input data as an access control strategy for output data. At this time, as long as one of the data table A, the data table B, and the data service C adopts the allowable export, the generated data table D is also allowed to be exported. Herein, those skilled in the art should understand that the above-mentioned preset rules are only examples, and other existing preset rules that may appear in the future may be applicable to the present application, and should also be included in the scope of protection of the present application. It is hereby incorporated by reference.
根据应用场景的不同,所述输入数据的访问控制策略包括用于控制设备对所述输入数据的多项访问权限,所述输出数据的访问控制策略包括用于控制设备对所述输出数据的多项访问权限,以适应不同应用场景的需求。以本申请实施例中提及的数据交易的场景为例,访问控制策略包含的访问权限可以包括但不限于:是否允许上架,是否允许导出,是否允许在开发环境访问等。其中,允许上架是指数据提供方可以将该数据在数据市场中上架,即可以将该数据及由此生成的数据授权给数据使用方。所述开发环境是指数据提供方内部进行数据开发或者分析的私有环境。一般在数据交易的场景下,数据由各个数据提供方进行生产,数据生产的过程即为由输入数据生成输出数据的过程。在生成过程中,可以从其它数据提供方购买的数据中提取样本数据,来进行相关的数据开发或者分析,以生成输出数据。允许在开发环境访问是指在对数据进行开发或者分析时,没有任何限制,可以提取将该数据的全部内容作为样本数据,若不允许在开发环境访问,则开发或者分析时不能直接获取到数据的内容,只能获取到预先根据该数据的内容提取的样本数据,来进行开发或者分析。Depending on the application scenario, the access control policy of the input data includes a plurality of access rights for controlling the device to the input data, and the access control policy of the output data includes a plurality of control data for controlling the device. Access rights to suit the needs of different application scenarios. For example, in the scenario of the data transaction mentioned in the embodiment of the present application, the access rights included in the access control policy may include, but are not limited to, whether to allow the shelf, whether to allow the export, whether to allow access in the development environment, and the like. Wherein, allowing the shelf is means that the data provider can put the data in the data market, that is, the data and the data generated thereby can be authorized to the data consumer. The development environment refers to a private environment in which data is developed or analyzed internally by the data provider. Generally, in the case of data transaction, data is produced by each data provider, and the process of data production is a process of generating output data from input data. During the generation process, sample data may be extracted from data purchased by other data providers for related data development or analysis to generate output data. Allowing access in the development environment means that there is no restriction on the development or analysis of the data. The entire content of the data can be extracted as sample data. If access is not allowed in the development environment, the data cannot be directly obtained during development or analysis. The content can only be obtained by sampling data extracted in advance based on the content of the data for development or analysis.
当输入数据的访问控制策略包含多项访问权限时,对应的严格控制的预设规则和宽松控制的预设规则分为别:分别对所述输入数据的访问控制策略中的多项访问权限求交集,作为所述输出数据的访问控制策略;以及分别对所述输入数据的访问控制策略中的多项访问权限求并集,作为所述输出数据的访问控制策略。以数据表E、数据表F、数据表G、数据表H、 数据表I为例,其输入输出的映射关系为:(E、F、G)→(H、I),即由数据表E~G,生成了两张新的数据表H、I。假设其访问控制策略定义如下:AP1,是否允许上架;AP2,是否允许导出;AP3,是否允许在开发环境访问,那么When the access control policy of the input data includes multiple access rights, the corresponding strict control preset rule and the loose control preset rule are separately classified: respectively, multiple access rights in the access control policy of the input data are respectively sought An intersection, as an access control policy of the output data; and a plurality of access rights in the access control policy of the input data, respectively, as an access control policy of the output data. Data table E, data table F, data table G, data table H, The data table I is an example, and the mapping relationship between the input and output is: (E, F, G) → (H, I), that is, two new data tables H and I are generated from the data tables E to G. Assume that its access control policy is defined as follows: AP1, whether it is allowed to be on the shelf; AP2, whether to allow export; AP3, whether to allow access in the development environment, then
数据表E(AP1,AP2,AP3)=(1,0,0);Data table E (AP1, AP2, AP3) = (1, 0, 0);
数据表F(AP1,AP2,AP3)=(1,1,0);Data table F (AP1, AP2, AP3) = (1, 1, 0);
数据表G(AP1,AP2,AP3)=(1,1,1);Data table G (AP1, AP2, AP3) = (1, 1, 1);
那么根据严格控制的预设规则,生成的数据表H和数据表I的访问控制策略为:数据表H、I(AP1,AP2,AP3)=(1,0,0)∩(1,1,0)∩(1,1,1)=(1,0,0),即仅允许上架,而不允许导出以及在开发环境访问。对应地,根据宽松控制的预设规则,生成的数据表H和数据表I的访问控制策略为:数据表H、I(AP1,AP2,AP3)=(1,0,0)∪(1,1,0)∪(1,1,1)=(1,1,1),即允许上架、允许导出并且允许在开发环境访问。通过设置不同的预设规则以及多项不同的访问权限,使得数据访问控制的粒度较细,从而满足大数据云计算平台下灵活多样的访问控制需求。Then, according to the strict control preset rule, the access control policies of the generated data table H and data table I are: data table H, I (AP1, AP2, AP3) = (1, 0, 0) ∩ (1, 1, 0) ∩(1,1,1)=(1,0,0), which is only allowed on the shelf, and is not allowed to be exported and accessed in the development environment. Correspondingly, according to the preset rule of loose control, the access control policies of the generated data table H and data table I are: data table H, I (AP1, AP2, AP3) = (1, 0, 0) ∪ (1, 1,0)∪(1,1,1)=(1,1,1), which allows for shelves, allows export, and allows access in the development environment. By setting different preset rules and multiple different access rights, the granularity of data access control is finer, thus meeting the flexible and diverse access control requirements of the big data cloud computing platform.
进一步地,本申请实施例还提供了一种优选的用于数据访问控制的方法,若某一用户使用该方法生成输出数据以及输出数据的访问控制策略后,该也可以作为数据提供方,将其生产的输出数据作上架,授权给其它数据使用方使用,使得技术方案更适用于云计算平台的数据交换的应用场景。由此,该方法处理流程如图5所示,包括以下步骤:Further, the embodiment of the present application further provides a preferred method for data access control. If a user uses the method to generate output data and an access control policy for outputting data, the method may also serve as a data provider. The output data of the production is put on the shelf and authorized for use by other data users, so that the technical solution is more suitable for the application scenario of data exchange of the cloud computing platform. Thus, the processing flow of the method is as shown in FIG. 5, and includes the following steps:
步骤S501,获取输入数据,并根据所述输入数据生成输出数据;Step S501, acquiring input data, and generating output data according to the input data;
步骤S502,获取所述输入数据的访问控制策略,其中,所述输入数据的访问控制策略用于控制设备对所述输入数据的访问权限;Step S502: Acquire an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data.
步骤S503,根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,其中,所述输出数据的访问控制策略用于控制设备对所述输出数据的访问权限;Step S503, generating an access control policy of the output data according to the access control policy of the input data, where the access control policy of the output data is used to control access authority of the device to the output data;
步骤S504,将所述输出数据及其对应的访问控制策略发送至存储设备。Step S504, the output data and its corresponding access control policy are sent to the storage device.
例如,在上述应用场景中,若生成的数据表H和数据表I均允许上架, 则用户可以将所述数据表H、数据表I及其对应的访问控制策略发送至存储设备,使得其它数据使用方提出使用数据表H和数据表I的购买申请,以完成数据的交易。For example, in the above application scenario, if both the generated data table H and the data table I are allowed to be put on the shelf, Then the user can send the data table H, the data table I and its corresponding access control policy to the storage device, so that other data consumers propose to use the purchase request of the data table H and the data table I to complete the transaction of the data.
进一步地,本申请实施例还提供了一种更优选的用于数据访问控制的方法,该方法的处理流程如图6所示,包括以下步骤:Further, the embodiment of the present application further provides a more preferred method for data access control. The processing flow of the method is as shown in FIG. 6, and includes the following steps:
步骤S601,获取输入数据,并根据所述输入数据生成输出数据;Step S601, acquiring input data, and generating output data according to the input data;
步骤S602,获取所述输入数据的访问控制策略,其中,所述输入数据的访问控制策略用于控制设备对所述输入数据的访问权限;Step S602: Acquire an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data.
步骤S603,根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,其中,所述输出数据的访问控制策略用于控制设备对所述输出数据的访问权限;Step S603, generating an access control policy of the output data according to the access control policy of the input data, where the access control policy of the output data is used to control access authority of the device to the output data;
步骤S604,将所述输出数据及其对应的访问控制策略发送至存储设备;Step S604, the output data and its corresponding access control policy are sent to the storage device;
步骤S605,接收来自数据使用方设备的针对所述输出数据的授权请求,根据所述授权请求生成针对所述输出数据的授权信息,并向所述数据使用方设备发送所述授权信息,以使所述数据使用方设备根据所述授权信息由所述存储设备获取所述输出数据。Step S605, receiving an authorization request for the output data from the data consumer device, generating authorization information for the output data according to the authorization request, and transmitting the authorization information to the data consumer device, so that The data consumer device acquires the output data by the storage device according to the authorization information.
其中,所述针对输出数据的授权请求、授权信息与前述的针对输入数据的授权请求、授权信息的表示的内容基本相同,其区别仅在于该方法的执行主体在执行步骤S605时是作为数据提供方设备,该输出数据被其它数据使用方获取后,作为其它数据使用方的进行数据生成的输入数据被使用。在上述应用场景中,若数据使用方需要购买数据表H,那么数据提供方就会接收到来自针对数据表H的购买请求,若同意该次购买,则会向数据使用方发送一个同意购买的审批信息。数据提供方和数据使用方之间通过申请和授权的方式交换数据,适用于云计算平台下大数据处理的应用场景,即使不对数据本身进行加密,数据传播的安全性也能够得到有效控制。The authorization request and authorization information for the output data are substantially the same as the foregoing content of the authorization request for the input data and the authorization information, except that the execution body of the method is provided as data when performing step S605. The square device, after the output data is acquired by other data consumers, is used as input data for data generation by other data consumers. In the above application scenario, if the data consumer needs to purchase the data table H, the data provider receives the purchase request from the data table H, and if the purchase is agreed, the data user is sent a consent purchase. Approval information. The data provider and the data user exchange data by means of application and authorization. It is applicable to the application scenario of big data processing under the cloud computing platform. Even if the data itself is not encrypted, the security of data transmission can be effectively controlled.
在此,本领域技术人员应当能够理解,在云计算平台中,任意用户的数据处理操作均可以由云计算平台内的计算机集群完成,例如利用虚拟机技术,数据提供方设备和数据使用方设备所执行的数据处理操作均可以由 计算机集群内的实现类似功能的实体设备集合完成(例如具有数据处理以及收发功能的服务器),而用户的本地设备可以仅仅实现接入所述云计算平台的应用接口的功能。Here, those skilled in the art should be able to understand that in the cloud computing platform, any user's data processing operations can be completed by a computer cluster within the cloud computing platform, such as using virtual machine technology, data provider devices, and data consumer devices. The data processing operations performed can be performed by The collection of physical devices implementing similar functions within the computer cluster is completed (for example, a server having data processing and transceiving functions), and the local device of the user may only implement the function of accessing the application interface of the cloud computing platform.
图7示出了采用上述数据访问控制方法的云计算环境下的数据交易平台,该平台的功能框架如图7所示,包括了以下几个功能模块:数据库模块710、数据交换发布模块720、数据加工任务模块730、实时血缘采集模块740、安全访问控制模块750、访问控制策略查询模块760、数据库模块710、数据交换发布模块720、数据加工任务模块730、实时血缘采集模块740、安全访问控制模块750以及访问控制策略查询模块760。上述功能模块中,数据库模块710用于实现前述存储设备的相关功能,而其余功能模块则用于实现设备1在作为数据使用方设备或者数据提供方设备时的相应功能,其具体实现可以是于云计算平台中实现特定功能的计算机或者计算机集群。对于某一用户,在作为数据提供方或者数据使用方使用该数据交易平台实现数据交易以及进行数据访问控制时,可以使用用户本地设备(例如本地计算机、移动终端等)提供的应用接口接入云计算平台中实现特定功能的计算机或者计算机集群,以实现上述功能模块的相关功能。FIG. 7 shows a data transaction platform in a cloud computing environment using the above data access control method. The functional framework of the platform is as shown in FIG. 7 and includes the following functional modules: a database module 710, a data exchange publishing module 720, The data processing task module 730, the real-time blood edge collection module 740, the security access control module 750, the access control policy query module 760, the database module 710, the data exchange publishing module 720, the data processing task module 730, the real-time blood edge collection module 740, and the security access control Module 750 and access control policy query module 760. In the above functional module, the database module 710 is used to implement the related functions of the foregoing storage device, and the remaining functional modules are used to implement the corresponding functions of the device 1 when it is used as a data consumer device or a data provider device, and the specific implementation may be A computer or cluster of computers that implement specific functions in a cloud computing platform. For a certain user, when the data provider or the data consumer uses the data transaction platform to implement data transaction and perform data access control, the application interface provided by the user local device (for example, a local computer, a mobile terminal, etc.) can be used to access the cloud. A computer or computer cluster that implements a specific function in the computing platform to implement the related functions of the above functional modules.
具体地,数据库模块710用于保存交易数据、交易数据对应的访问控制策略、以及其它功能模块在运行过程中产生的运行数据等,在云计算环境下,数据库模块可以采用分布式的数据库。其中,所述交易数据为数据提供方和数据使用方之间交换的数据,对于某一用户其购买到的交易数据即为前述的输入数据,该用户生成的、且上架进行交换的交易数据即为前述的输出数据。Specifically, the database module 710 is configured to save the transaction data, the access control policy corresponding to the transaction data, and the running data generated by other functional modules during the running process. In the cloud computing environment, the database module may adopt a distributed database. The transaction data is data exchanged between the data provider and the data consumer, and the transaction data purchased by the user is the aforementioned input data, and the transaction data generated by the user and exchanged on the shelf is For the aforementioned output data.
数据交换发布模块720用于发布数据以进行数据交换,设置交易数据的访问控制策略,使得交易数据上架,可以被其它用户申请购买,并且根据授权信息向数据使用方发放交易数据。The data exchange issuing module 720 is configured to issue data for data exchange, set an access control policy of the transaction data, so that the transaction data is put on the shelf, can be purchased by other users, and issue transaction data to the data user according to the authorization information.
数据加工任务模块730用于对交换得到的数据进行加工处理,即前述方法中根据输入数据生成输出数据,由于一般情况下生成的方式可以通过程序预先设定,因此数据加工处理任务可以由工作流调度周期性的执行。The data processing task module 730 is configured to process the data obtained by the exchange, that is, the output data is generated according to the input data in the foregoing method. Since the manner of generating in general can be preset by the program, the data processing processing task can be performed by the workflow. Schedule periodic execution.
实时血缘采集模块740用于在完成数据加工处理后,采集血缘关系, 其中血缘关系表示输入数据和输出数据之间的映射关系,即指示了由哪些数据生成了哪些数据。The real-time blood collection module 740 is configured to collect the blood relationship after the data processing is completed. The blood relationship indicates the mapping relationship between the input data and the output data, that is, which data is generated by which data.
安全访问控制模块750用于通过解析血缘关系,得到输入数据和输出数据之间的映射关系,然后查询输入数据的访问控制策略,并根据输入数据和输出数据之间的映射关系以及输入数据的访问控制策略,计算输出数据的访问控制策略。其中,计算输出数据的访问控制策略的规则已经在前述部分提及,此处不再赘述。The security access control module 750 is configured to obtain a mapping relationship between the input data and the output data by parsing the blood relationship, and then query the access control policy of the input data, and according to the mapping relationship between the input data and the output data and the access of the input data. Control strategy, an access control policy that calculates output data. The rules for calculating the access control policy of the output data have been mentioned in the foregoing section, and are not described herein again.
访问控制策略查询模块760对外提供应用程序接口,使得用户在使用这些交易数据时,能够通过应用程序接口查询数据的访问控制策略,并根据访问控制策略进行数据的安全访问控制,以保证数据在传播过程中的安全性。The access control policy query module 760 provides an external application program interface, so that when using the transaction data, the user can query the access control policy of the data through the application program interface, and perform security access control of the data according to the access control policy to ensure that the data is transmitted. Security in the process.
图8示出了用户使用前述云计算环境下的数据交易平台的交互流程图,进行交互的两个用户分别作为数据提供方和数据使用方。FIG. 8 shows an interaction flowchart of a data transaction platform in which the user uses the aforementioned cloud computing environment, and two users interacting as a data provider and a data consumer respectively.
对于数据提供方,其处理流程包括:For data providers, the processing flow includes:
步骤S801,选择要上架的数据,例如选择一张要发布到数据市场的数据表。Step S801, selecting data to be put on the shelf, for example, selecting a data table to be published to the data market.
步骤S802,确定该数据的访问控制策略,然后通过数据交换发布模块720提交并存储到云计算平台的数据库模块710中。Step S802, determining an access control policy of the data, and then submitting and storing the data to the database module 710 of the cloud computing platform through the data exchange publishing module 720.
步骤S803,进行数据交换。In step S803, data exchange is performed.
对于数据提供方,进行数据交换的步骤具体为:等待数据使用方的购买申请,在接收到购买申请后,可以进行审批,以同意数据使用方获得该数据。For the data provider, the data exchange step is specifically: waiting for the data user's purchase application, and after receiving the purchase application, the approval may be performed to agree to the data user to obtain the data.
对于数据使用方,其处理流程包括:For data consumers, the processing flow includes:
步骤S803,进行数据交换。In step S803, data exchange is performed.
对于数据使用方,进行数据交换的步骤具体为:在数据市场上架的数据中发现需要购买的数据后,向数据提供方发送购买申请,在收到数据提供方同意购买的审批后,由云计算平台的数据库模块710获取该数据。For the data consumer, the data exchange step is specifically: after the data in the data market is found to be purchased, the purchase request is sent to the data provider, and after receiving the approval of the data provider to agree to the purchase, the cloud computing The database module 710 of the platform acquires the data.
步骤S804,使用交换得到数据,将其作为输入数据,并通过数据加工任务模块730进行数据加工处理,以生成新的输出数据。 In step S804, data is obtained by using the exchange as input data, and data processing processing is performed by the data processing task module 730 to generate new output data.
步骤S805,通过血缘采集模块740采集数据的血缘关系。In step S805, the blood relationship of the data is collected by the blood collection module 740.
步骤S806,通过安全访问控制模块750解析血缘关系,得到输入数据和输出数据之间的映射关系。Step S806, the blood relationship is analyzed by the security access control module 750, and a mapping relationship between the input data and the output data is obtained.
步骤S807,通过访问控制策略查询模块760从云计算平台查询输入数据的访问控制策略。Step S807, the access control policy query module 760 queries the access control policy of the input data from the cloud computing platform.
步骤S808,通过安全访问控制模块750,根据预设规则计算得到输出数据的访问控制策略,例如按照严格控制的预设规则,对所述输入数据的访问控制策略中的访问权限求并集,作为所述输出数据的访问控制策略。Step S808, the access control policy for output data is calculated according to the preset rule by the security access control module 750, for example, according to the strict control preset rule, the access authority in the access control policy of the input data is collected and combined as The access control policy of the output data.
步骤S809,将输出数据的访问控制策略存储到云计算平台的数据库模块710中,供需要使用该数据的用户通过应用程序接口查询使用。Step S809, the access control policy of the output data is stored in the database module 710 of the cloud computing platform, and is used by the user who needs to use the data through the application program interface.
综上所述,本申请提供的技术方案在获取输入数据后,根据所述输入数据生成输出数据,然后获取输入数据的访问控制策略,由于输出数据是根据输出数据生成,由此根据输入数据和输出数据之间的输入和输出关系,由输入数据的访问控制策略去生成输出数据的访问控制策略,在将输出数据用于交换时,使得输出数据能够根据其上游的输入数据自动获得输出数据自身的访问控制策略,使得存在输入输出关系的输入数据和输出数据在传播性上具有一定的一致性,提高数据交换场景下数据访问控制的安全性。此外,通过设置不同的预设规则以及多项不同的访问权限,使得数据访问控制的粒度较细,从而满足大数据云计算平台下灵活多样的访问控制需求。In summary, the technical solution provided by the present application generates output data according to the input data after acquiring input data, and then acquires an access control policy of the input data, since the output data is generated according to the output data, thereby according to the input data and The input and output relationship between the output data, the access control strategy of the input data to generate an access control strategy for the output data, and when the output data is used for exchange, the output data can automatically obtain the output data according to the input data upstream thereof. The access control strategy makes the input data and the output data of the input-output relationship have certain consistency in the propagation, and improves the security of the data access control in the data exchange scenario. In addition, by setting different preset rules and multiple different access rights, the granularity of data access control is finer, thus meeting the flexible and diverse access control requirements of the big data cloud computing platform.
需要注意的是,本申请可在软件和/或软件与硬件的组合体中被实施,例如,可采用专用集成电路(ASIC)、通用目的计算机或任何其他类似硬件设备来实现。在一个实施例中,本申请的软件程序可以通过处理器执行以实现上文所述步骤或功能。同样地,本申请的软件程序(包括相关的数据结构)可以被存储到计算机可读记录介质中,例如,RAM存储器,磁或光驱动器或软磁盘及类似设备。另外,本申请的一些步骤或功能可采用硬件来实现,例如,作为与处理器配合从而执行各个步骤或功能的电路。It should be noted that the present application can be implemented in software and/or a combination of software and hardware, for example, using an application specific integrated circuit (ASIC), a general purpose computer, or any other similar hardware device. In one embodiment, the software program of the present application can be executed by a processor to implement the steps or functions described above. Likewise, the software programs (including related data structures) of the present application can be stored in a computer readable recording medium such as a RAM memory, a magnetic or optical drive or a floppy disk and the like. In addition, some of the steps or functions of the present application may be implemented in hardware, for example, as a circuit that cooperates with a processor to perform various steps or functions.
另外,本申请的一部分可被应用为计算机程序产品,例如计算机程序指令,当其被计算机执行时,通过该计算机的操作,可以调用或提供根据 本申请的方法和/或技术方案。而调用本申请的方法的程序指令,可能被存储在固定的或可移动的记录介质中,和/或通过广播或其他信号承载媒体中的数据流而被传输,和/或被存储在根据所述程序指令运行的计算机设备的工作存储器中。在此,根据本申请的一个实施例包括一个装置,该装置包括用于存储计算机程序指令的存储器和用于执行程序指令的处理器,其中,当该计算机程序指令被该处理器执行时,触发该装置运行基于前述根据本申请的多个实施例的方法和/或技术方案。In addition, a portion of the application can be applied as a computer program product, such as computer program instructions, which, when executed by a computer, can be invoked or provided by the operation of the computer The method and/or technical solution of the present application. The program instructions for invoking the method of the present application may be stored in a fixed or removable recording medium, and/or transmitted by a data stream in a broadcast or other signal bearing medium, and/or stored in a The working memory of the computer device in which the program instructions are run. Herein, an embodiment in accordance with the present application includes a device including a memory for storing computer program instructions and a processor for executing program instructions, wherein when the computer program instructions are executed by the processor, triggering The apparatus operates based on the aforementioned methods and/or technical solutions in accordance with various embodiments of the present application.
对于本领域技术人员而言,显然本申请不限于上述示范性实施例的细节,而且在不背离本申请的精神或基本特征的情况下,能够以其他的具体形式实现本申请。因此,无论从哪一点来看,均应将实施例看作是示范性的,而且是非限制性的,本申请的范围由所附权利要求而不是上述说明限定,因此旨在将落在权利要求的等同要件的含义和范围内的所有变化涵括在本申请内。不应将权利要求中的任何附图标记视为限制所涉及的权利要求。此外,显然“包括”一词不排除其他单元或步骤,单数不排除复数。装置权利要求中陈述的多个单元或装置也可以由一个单元或装置通过软件或者硬件来实现。 It is obvious to those skilled in the art that the present application is not limited to the details of the above-described exemplary embodiments, and the present invention can be implemented in other specific forms without departing from the spirit or essential characteristics of the present application. Therefore, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the invention is defined by the appended claims instead All changes in the meaning and scope of equivalent elements are included in this application. Any reference signs in the claims should not be construed as limiting the claim. In addition, it is to be understood that the word "comprising" does not exclude other elements or steps. A plurality of units or devices recited in the device claims may also be implemented by a unit or device by software or hardware.

Claims (16)

  1. 一种用于数据访问控制的方法,其中,该方法包括:A method for data access control, wherein the method comprises:
    获取输入数据,并根据所述输入数据生成输出数据;Obtaining input data and generating output data according to the input data;
    获取所述输入数据的访问控制策略,其中,所述输入数据的访问控制策略用于控制设备对所述输入数据的访问权限;Acquiring an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data;
    根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,其中,所述输出数据的访问控制策略用于控制设备对所述输出数据的访问权限。And generating, according to the access control policy of the input data, an access control policy of the output data, where the access control policy of the output data is used to control access authority of the device to the output data.
  2. 根据权利要求1所述的方法,其中,获取输入数据,包括:The method of claim 1 wherein obtaining input data comprises:
    向数据提供方设备发送针对所述输入数据的授权请求,并在接收到所述数据提供方设备根据所述授权请求生成的针对所述输入数据的授权信息后,根据所述授权信息由存储设备获取所述输入数据。Sending an authorization request for the input data to the data provider device, and after receiving the authorization information for the input data generated by the data provider device according to the authorization request, according to the authorization information, by the storage device Get the input data.
  3. 根据权利要求2所述的方法,其中,获取所述输入数据的访问控制策略,包括:The method of claim 2, wherein the obtaining an access control policy of the input data comprises:
    向所述存储设备发送查询请求,并接收所述存储设备根据所述查询请求发送的所述输入数据的访问控制策略。Sending a query request to the storage device, and receiving an access control policy of the input data sent by the storage device according to the query request.
  4. 根据权利要求1至3中任一项所述的方法,其中,根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,包括:The method according to any one of claims 1 to 3, wherein the access control policy for generating the output data according to the access control policy of the input data comprises:
    根据所述输入数据与输出数据之间的映射关系,并根据预设规则由所述输入数据的访问控制策略生成所述输出数据的访问控制策略。And generating, according to a mapping relationship between the input data and the output data, an access control policy of the output data by an access control policy of the input data according to a preset rule.
  5. 根据权利要求4所述的方法,其中,所述预设规则包括以下任意一项:The method of claim 4, wherein the preset rule comprises any one of the following:
    对所述输入数据的访问控制策略中的访问权限求交集,作为所述输出数据的访问控制策略;或者Intersecting access rights in the access control policy of the input data as an access control policy of the output data; or
    对所述输入数据的访问控制策略中的访问权限求并集,作为所述输出数据的访问控制策略。The access rights in the access control policy of the input data are summed as an access control policy of the output data.
  6. 根据权利要求4或5所述的方法,其中,所述输入数据的访问控制策略包括用于控制设备对所述输入数据的多项访问权限,所述输出数据的访问控制策略包括用于控制设备对所述输出数据的多项访问权限; The method according to claim 4 or 5, wherein the access control policy of the input data comprises a plurality of access rights for controlling the device to the input data, and the access control policy of the output data comprises a control device Multiple access rights to the output data;
    所述预设规则包括以下任意一项:The preset rule includes any one of the following:
    分别对所述输入数据的访问控制策略中的多项访问权限求交集,作为所述输出数据的访问控制策略;或者Intersecting multiple access rights in the access control policy of the input data as an access control policy of the output data; or
    分别对所述输入数据的访问控制策略中的多项访问权限求并集,作为所述输出数据的访问控制策略。And collecting, by the plurality of access rights in the access control policy of the input data, as an access control policy of the output data.
  7. 根据权利要求1至6中任一项所述的方法,其中,根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略之后,还包括:The method according to any one of claims 1 to 6, wherein after the access control policy of the output data is generated according to the access control policy of the input data, the method further includes:
    将所述输出数据及其对应的访问控制策略发送至存储设备。The output data and its corresponding access control policy are sent to the storage device.
  8. 根据权利要求7所述的方法,其中,将所述输出数据及其对应的访问控制策略发送至存储设备之后,还包括:The method of claim 7, wherein after the output data and the corresponding access control policy are sent to the storage device, the method further includes:
    接收来自数据使用方设备的针对所述输入数据的授权请求,根据所述授权请求生成针对所述输入数据的授权信息,并向所述数据使用方设备发送所述授权信息,以使所述数据使用方设备根据所述授权信息由所述存储设备获取所述输出数据。Receiving an authorization request for the input data from a data consumer device, generating authorization information for the input data according to the authorization request, and transmitting the authorization information to the data consumer device to make the data The consumer device acquires the output data by the storage device according to the authorization information.
  9. 一种用于数据访问控制的设备,其中,该设备包括:A device for data access control, wherein the device comprises:
    数据生成装置,用于获取输入数据,并根据所述输入数据生成输出数据;a data generating device, configured to acquire input data, and generate output data according to the input data;
    策略获取装置,用于获取所述输入数据的访问控制策略,其中,所述输入数据的访问控制策略用于控制设备对所述输入数据的访问权限;a policy obtaining device, configured to acquire an access control policy of the input data, where the access control policy of the input data is used to control access authority of the device to the input data;
    策略生成装置,用于根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略,其中,所述输出数据的访问控制策略用于控制设备对所述输出数据的访问权限。And a policy generating device, configured to generate, according to the access control policy of the input data, an access control policy of the output data, where the access control policy of the output data is used to control access authority of the device to the output data.
  10. 根据权利要求9所述的设备,其中,所述数据生成装置,用于向数据提供方设备发送针对所述输入数据的授权请求,并在接收到所述数据提供方设备根据所述授权请求生成的针对所述输入数据的授权信息后,根据所述授权信息由存储设备获取输入数据,根据所述输入数据生成输出数据。The device according to claim 9, wherein the data generating means is configured to send an authorization request for the input data to a data provider device, and generate the data provider device according to the authorization request After the authorization information for the input data, the input data is acquired by the storage device according to the authorization information, and the output data is generated according to the input data.
  11. 根据权利要求10所述的设备,其中,所述策略获取装置,用于向所述存储设备发送查询请求,并接收所述存储设备根据所述查询请求发送 的所述输入数据的访问控制策略。The device according to claim 10, wherein the policy obtaining means is configured to send a query request to the storage device, and receive the storage device to send according to the query request The access control policy of the input data.
  12. 根据权利要求9至11中任一项所述的设备,其中,策略生成装置,用于根据所述输入数据与输出数据之间的映射关系,并根据预设规则由所述输入数据的访问控制策略生成所述输出数据的访问控制策略。The device according to any one of claims 9 to 11, wherein the policy generating means is configured to control the access of the input data according to a mapping relationship between the input data and the output data according to a preset rule. The policy generates an access control policy for the output data.
  13. 根据权利要求12所述的设备,其中,所述策略生成装置中生成所述输出数据的访问控制策略的预设规则包括以下任意一项:The device according to claim 12, wherein the preset rule of the access control policy for generating the output data in the policy generating device comprises any one of the following:
    对所述输入数据的访问控制策略中的访问权限求交集,作为所述输出数据的访问控制策略;或者Intersecting access rights in the access control policy of the input data as an access control policy of the output data; or
    对所述输入数据的访问控制策略中的访问权限求并集,作为所述输出数据的访问控制策略。The access rights in the access control policy of the input data are summed as an access control policy of the output data.
  14. 根据权利要求12或13所述的设备,其中,所述输入数据的访问控制策略包括用于控制设备对所述输入数据的多项访问权限,所述输出数据的访问控制策略包括用于控制设备对所述输出数据的多项访问权限;The device according to claim 12 or 13, wherein the access control policy of the input data comprises a plurality of access rights for controlling the device to the input data, and the access control policy of the output data comprises a control device Multiple access rights to the output data;
    所述策略生成装置中生成所述输出数据的访问控制策略的预设规则包括以下任意一项:The preset rule of the access control policy for generating the output data in the policy generating apparatus includes any one of the following:
    分别对所述输入数据的访问控制策略中的多项访问权限求交集,作为所述输出数据的访问控制策略;或者Intersecting multiple access rights in the access control policy of the input data as an access control policy of the output data; or
    分别对所述输入数据的访问控制策略中的多项访问权限求并集,作为所述输出数据的访问控制策略。And collecting, by the plurality of access rights in the access control policy of the input data, as an access control policy of the output data.
  15. 根据权利要求9至14中任一项所述的设备,其中,该设备还包括:The device according to any one of claims 9 to 14, wherein the device further comprises:
    发送装置,用于在根据所述输入数据的访问控制策略生成所述输出数据的访问控制策略之后,将所述输出数据及其对应的访问控制策略发送至存储设备。And a sending device, configured to send the output data and its corresponding access control policy to the storage device after the access control policy of the output data is generated according to the access control policy of the input data.
  16. 根据权利要求15所述的设备,其中,该设备还包括:The device of claim 15, wherein the device further comprises:
    授权处理装置,用于在将所述输出数据及其对应的访问控制策略发送至存储设备之后,接收来自数据使用方设备的针对所述输出数据的授权请求,根据所述授权请求生成针对所述输出数据的授权信息,并向所述数据使用方设备发送所述授权信息,以使所述数据使用方设备根据所述授权信息由所述存储设备获取所述输出数据。 And an authorization processing device, configured to: after transmitting the output data and its corresponding access control policy to the storage device, receive an authorization request for the output data from the data consumer device, and generate, according to the authorization request, the And outputting the authorization information of the data, and sending the authorization information to the data consumer device, so that the data consumer device acquires the output data by the storage device according to the authorization information.
PCT/CN2016/090817 2015-08-03 2016-07-21 Method and device for data access control WO2017020716A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510481063.8A CN106407832B (en) 2015-08-03 2015-08-03 Method and equipment for data access control
CN201510481063.8 2015-08-03

Publications (1)

Publication Number Publication Date
WO2017020716A1 true WO2017020716A1 (en) 2017-02-09

Family

ID=57943803

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/090817 WO2017020716A1 (en) 2015-08-03 2016-07-21 Method and device for data access control

Country Status (2)

Country Link
CN (1) CN106407832B (en)
WO (1) WO2017020716A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021002953A1 (en) * 2019-07-03 2021-01-07 Microsoft Technology Licensing, Llc Execution environment and gatekeeper arrangement
CN112783857A (en) * 2020-12-31 2021-05-11 北京知因智慧科技有限公司 Data blood reason management method and device, electronic equipment and storage medium

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108038227B (en) * 2017-12-25 2021-09-21 苏州中晟宏芯信息科技有限公司 Data export system
CN112182023B (en) * 2020-09-25 2023-04-11 中国科学院信息工程研究所 Big data access control method and device, electronic equipment and storage medium
CN114650149A (en) * 2020-12-02 2022-06-21 中国移动通信有限公司研究院 Authorization policy processing method, system and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7428748B2 (en) * 2004-05-27 2008-09-23 International Business Machines Corporation Method and system for authentication in a business intelligence system
CN101377782A (en) * 2007-08-31 2009-03-04 富士施乐株式会社 Electronic information management device, method for controlling access, and method for transferring data
CN104378386A (en) * 2014-12-09 2015-02-25 浪潮电子信息产业股份有限公司 Method for cloud data confidentiality protection and access control
CN104520805A (en) * 2012-08-29 2015-04-15 赛门铁克公司 Secure app ecosystem with key and data exchange according to enterprise information control policy

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2004264582B2 (en) * 2003-06-05 2010-05-13 Intertrust Technologies Corporation Interoperable systems and methods for peer-to-peer service orchestration
CN102314449B (en) * 2010-07-05 2013-11-06 日电(中国)有限公司 Postposition data access filter and filtering method
CN104573430B (en) * 2013-10-21 2018-05-18 华为技术有限公司 A kind of data access authority control method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7428748B2 (en) * 2004-05-27 2008-09-23 International Business Machines Corporation Method and system for authentication in a business intelligence system
CN101377782A (en) * 2007-08-31 2009-03-04 富士施乐株式会社 Electronic information management device, method for controlling access, and method for transferring data
CN104520805A (en) * 2012-08-29 2015-04-15 赛门铁克公司 Secure app ecosystem with key and data exchange according to enterprise information control policy
CN104378386A (en) * 2014-12-09 2015-02-25 浪潮电子信息产业股份有限公司 Method for cloud data confidentiality protection and access control

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021002953A1 (en) * 2019-07-03 2021-01-07 Microsoft Technology Licensing, Llc Execution environment and gatekeeper arrangement
US11526613B2 (en) 2019-07-03 2022-12-13 Microsoft Technology Licensing, Llc Execution environment and gatekeeper arrangement
CN112783857A (en) * 2020-12-31 2021-05-11 北京知因智慧科技有限公司 Data blood reason management method and device, electronic equipment and storage medium
CN112783857B (en) * 2020-12-31 2023-10-20 北京知因智慧科技有限公司 Data blood-margin management method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN106407832B (en) 2021-03-09
CN106407832A (en) 2017-02-15

Similar Documents

Publication Publication Date Title
WO2017020716A1 (en) Method and device for data access control
Hong et al. An overview of multi-cloud computing
US9473374B2 (en) Integrated metering of service usage for hybrid clouds
TW202002587A (en) Block chain-based data processing method and device
Jrad et al. SLA based service brokering in intercloud environments
Barik et al. SOA-FOG: Secure service-oriented edge computing architecture for smart health big data analytics
US20140114822A1 (en) Method and system for creating tax configuration templates
JP2016539427A (en) Pattern matching across multiple input data streams
US9459897B2 (en) System and method for providing data analysis service in cloud environment
Essa et al. IFHDS: intelligent framework for securing healthcare bigdata
US9178698B1 (en) Dynamic key management
WO2017190557A1 (en) Object data association index system, and construction and application method for the system
Al-Sayed et al. CloudFNF: An ontology structure for functional and non-functional features of cloud services
Chaeikar A prospective study of mobile cloud computing
JP2016520900A (en) Integration of cloud services for online sharing
WO2018188607A1 (en) Stream processing method and device
Sudhakar Yadav et al. Cloud-based healthcare monitoring system using Storm and Kafka
US8627341B2 (en) Managing events generated from business objects
CN110008261B (en) External change detection
US11856002B2 (en) Security broker with consumer proxying for tee-protected services
Dalčeković et al. Enabling the IoT paradigm through multi-tenancy supported by scalable data acquisition layer
Jadhav et al. Opportunities and challenges in integrating cloud computing and big data analytics to e-governance
Marian et al. Analysis of Different SaaS Architectures from a Trust Service Provider Perspective
US20130152181A1 (en) Portal based case status management
Karthikeyan et al. A comprehensive survey on variants and its extensions of big data in cloud environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16832204

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16832204

Country of ref document: EP

Kind code of ref document: A1