CN106873992B - Multi-element access control mechanism description and analysis method - Google Patents

Abstract

The invention relates to a multi-element access control mechanism description and analysis method, which comprises the following steps: defining a multi-element access control mechanism description language for describing an object and an access control strategy of a user by a mathematical language; describing an access control mechanism designed by a user according to an access control mechanism description language to generate a description source file; carrying out language analysis on the description source file to generate an algorithm description intermediate code; and selecting a code bottom library corresponding to the computer programming language according to the target code requirement of the user to generate the target code. The invention can be suitable for the access control theory researchers to describe, and can be in seamless butt joint with the computer programming language; for an access control theory researcher, description is carried out through a similar mathematical language, and the realization details of a computer do not need to be concerned; for computer professionals, the accurate realization code of the multi-element access control mechanism can be obtained, and the safety of the code is ensured.

Description

Multi-element access control mechanism description and analysis method

Technical Field

The invention belongs to the field of access control and authorization management, and particularly relates to a multi-element access control mechanism description and analysis method.

Background

The access control technology is originally used for resource management and authority description of a data sharing system, and meets the requirement that a legal user obtains effective access authority of the system in legal time by effectively monitoring the activity of the user for accessing the resource, and simultaneously prevents an unauthorized user from illegally accessing the system resource. The access control technology research can be divided into access control based on policy description and access control based on cryptographic algorithm. The strategy-based access control technology describes the access strategy of the subject to the object and restricts the access behavior of the subject based on the role, space-time, attribute and the like of the subject; the access control technology based on the cryptographic algorithm introduces the encryption and decryption technology into an application scene of access control and authority management, and a series of representative models and mechanisms are generated.

Multiple access control mechanisms, whether in a policy class or a cryptographic algorithm class, appearing in different application scenarios take multiple elements as development targets, roles are not the only access control elements, and tenses, environments, multi-level security levels, object life cycles, cryptographic parameters and the like need to be considered in the access control and authorization processes. Various access control mechanisms are improved in aspects of performance, safety and the like, but most access control designers are workers in the theoretical research or mathematical field, and the described mechanisms, protocols and even algorithms can be analyzed and proved only from the aspect of mathematical theory, so that the safety of the access control designers is ensured in the theoretical level; the performance was evaluated by theoretical analysis.

However, in general, the design of the access control mechanism is relatively strange to the design of computer programming languages and related programs by theoretical researchers, and programming implementation is difficult and programming bugs often occur, so that performance test and security analysis of the access control mechanism are influenced, and the original design intention of the access control mechanism cannot be expressed; computer programmers are generally unfamiliar with mathematical theories and descriptions contained in the design of the access control mechanism, and the problem that the implementation is disjointed from the design due to understood deviation is easy to occur in the programming implementation process. The above reasons are the major dilemmas faced by the design and testing of the multi-element access control mechanism at present. Therefore, how to design a multi-element access control description language and an analysis method thereof, which are not only suitable for the description of an access control theory researcher, but also can be seamlessly docked with a computer programming language, is very important.

Disclosure of Invention

The invention aims to provide a multi-element access control mechanism description and analysis method.

The technical scheme for realizing the purpose of the invention is as follows: a multi-element access control mechanism description and analysis method comprises the following steps:

firstly, defining a multi-element access control mechanism description language for describing an object and an access control strategy of a user by a mathematical language;

secondly, describing the access control mechanism designed by the user according to the access control mechanism description language to generate a description source file;

thirdly, performing language analysis on the description source file to generate an algorithm description intermediate code;

and fourthly, selecting a code bottom library corresponding to the computer programming language according to the target code requirement of the user to generate the target code.

Compared with the prior art, the invention has the following remarkable advantages:

(1) the multi-element access control mechanism description and analysis method can be suitable for the description of access control theory researchers, and can be in seamless connection with a computer programming language;

for an access control theory researcher, description is carried out through a similar mathematical language, so that the performance evaluation of a mechanism can be realized, and the realization details of a computer do not need to be concerned;

for computer professionals, the accurate realization code of the multi-element access control mechanism can be obtained, and the safety of the code is ensured.

Drawings

FIG. 1 is a flow chart of a method for describing and parsing a multi-element access control mechanism according to the present invention.

Fig. 2 is a flow diagram illustrating a multi-element access control mechanism.

Fig. 3 is a schematic diagram illustrating a body definition flow of a multi-element access control mechanism.

Fig. 4 is a schematic diagram illustrating an object definition flow of a multi-element access control mechanism.

Fig. 5 is a schematic diagram illustrating a policy function definition flow of the multi-element access control mechanism.

Fig. 6 is a schematic diagram of a parsing flow of a multi-element access control mechanism description language.

Detailed Description

With reference to fig. 1, a method for describing and parsing a multi-element access control mechanism according to the present invention includes the following steps:

firstly, defining a multi-element access control mechanism description language for describing an object and an access control strategy of a user by a mathematical language;

secondly, describing the access control mechanism designed by the user according to the access control mechanism description language to generate a description source file;

thirdly, performing language analysis on the description source file to generate an algorithm description intermediate code;

and fourthly, selecting a code bottom library corresponding to the computer programming language according to the target code requirement of the user to generate the target code.

Further, the definition of the multi-element access control mechanism description language in the first step comprises keyword definition, mechanism overall definition, variable definition, subject definition, object definition and policy function definition;

the keyword definition comprises def, var, subject, time, env, mls, object, lifecycle, crypt, permissions, operations and policies keywords which are respectively used for representing mechanism totality, variables, a subject tense, a subject environment, multi-level security level, an object life cycle, password parameters, authority, operation type and strategy authorization function definition;

the mechanism overall definition takes a keyword \ def as a start, takes/def as a termination, and has a format definition of "\ def subject objects policies/def", describing that the subject is in the policy corresponding to the access object;

for example, a policy p1 describing access by subject s1 to guest o1 is defined in the form:

\def s1o1p1/def

the variable definition starts with the keyword \ var and ends with/var, and the format is defined as "\\ var variable name variable content/var", the content description of the variable follows the rule ('a' - 'Z' | '0' - '9') +, i.e. contains the case of the letters a-Z and any combination of the numbers;

for example: \ var subjects s1/var

The body definition starts with the keyword \ subject, ends with/subject, and the format definition is "\ subject body ID, role, time: tense, env: environment, mls: multi-level security attributes, operation type, permissions/subjects ";

the subject ID is defined by variable var;

the description of the role is defined and described through variable keywords;

the tense is defined by the keyword time: for start, the format is defined as "time: (< time >) "or" time: (startfrom: < time > end at: < time >) "; < time > is a time point representing the inclusion of date, hour, minute, second, using year-month-day: the method comprises the following steps: dividing into: the format of seconds;

for example: at time 2017, 11/1/am 7:00:00, described as time: 2017-11-1:7:00:00, with the time depicted in a 24 hour period.

Environment definition is defined by the keyword env: the method comprises the steps of starting, describing a physical position, a network address, hardware information and software information, wherein the physical position, the hardware information and the software information are in a format description form of a variable var, and the network address is in standard IPv4 and IPv6 formats;

the hardware information can be MAC address or name of specific hardware environment, and the software can contain name of operating system and information system; for example: env: room 1192.168.0.1 HP-PC-1003linux2.4.16 indicates that access is required in the linux2.4.16 software environment using a computer named HP-PC-1003 at an IP address of 192.168.0.1 in room 1.

The multi-level security attribute is defined by the keyword "mls: "as initial, in the format" mls: security level information "which is in the form of a natural number;

for example: mls: 1, indicating a security level of 1.

The operation type is represented by the keyword "operations: "start, format" operations: operation ", where the operation is described as a descriptive form of var, divided into" read, write, execute ";

rights are defined by the keyword "permissions: to start with, the format "properties: rights description ", where rights description is a description of var, by", "divided;

for example: properties: p1, p 2; representing that the rights p1, p2 correspond to the policy ID in the policy description.

The object definition starts with the keyword \ object and ends with the/object, and the format definition is as follows: "\ object ID, lifecycle, multi-level security attributes, password parameter/object";

the object ID is defined by variable var;

the lifecycle definition is defined by the keyword "lifecycle: "start, format" life cycle: the life cycle phase ID (startfrom: < date > end: < date >) ", where < date > is a time point representing the inclusion of date, hour, minute, second, in the year-month-day: the method comprises the following steps: dividing into: the second format.

The multi-level security attribute is defined by the keyword "mls: "as initial, in the format" mls: security level information "which is in the form of a natural number;

the password parameters are represented by the keyword "crypt: the algorithm type key is defined in a variable mode;

the strategy definition takes the keyword "\\ policies" as the starting point and "/policies" as the ending point, and has the formats of "\\ policies strategy description 1, strategy description 2, strategy description 3, … and strategy description N/policies";

the policy description is in the format of "policy ID: and specifically describing, the policy ID is defined in a variable form, and specifically describing authorization, re-authorization and revocation.

For example: the strategy p1 represents authorization Grant, p2 represents Revoke, and is represented as:

\policies p1，p2

p1:Grant

p2:Revoke

/policies

further, in the second step, the user describes the designed access control mechanism according to the access control mechanism description language, and the specific process of generating the description source file is as follows:

firstly, defining a mechanism overall by using a keyword def, and describing the corresponding relation of a subject, an object and a strategy contained in the mechanism;

secondly, describing variables contained in the mechanism by using a keyword var, wherein the variables relate to description and definition of a subject ID, an object ID, a subject operation type, authority and other intermediate variables;

then, describing the subject and the object and the corresponding access control elements thereof by the subject keyword and the object keyword; the access control elements of the subject comprise roles, tenses, environments and multilevel security attributes, and the access control elements of the object comprise life cycles, multilevel security attributes and password parameters;

and finally, performing policy authorization function description by using the keyword policies.

Further, the third step of performing language parsing on the description source file comprises performing lexical analysis, syntactic analysis and semantic analysis on the multi-element access control mechanism description language in the description file.

Furthermore, the code bottom library in the fourth step comprises a bottom function library and a password realization function library.

The present invention will be further described with reference to the following specific examples.

Examples

FIG. 1 depicts a flow diagram of a multi-element access control mechanism description and resolution. The multi-element access control description and analysis method of the embodiment comprises the following steps:

firstly, defining a multi-element access control mechanism description language for an access control mechanism design user to carry out description of a mathematical language for an access control subject and an access control strategy;

the access control mechanism description language is specific to a user and cannot be directly identified and operated for a computer, and the described algorithm can be resolved into object codes which can be identified and operated by the computer.

And secondly, describing the designed access control mechanism by the user according to the access control mechanism description language to generate a description source file, wherein the user specifically describes the description source file according to the flow shown in fig. 2.

Here, the access control policy of the host s1 to the guest o1 is described, and the host s1, the guest o1 and the corresponding policy p1 are defined; where subject s1 has a role of teacher, security level 1, 1 month 11 days in time 2017, 8: 00:00 starts in 2017 on 12.1.00: 00, in classroom IV, with network address: 192.168.0.12, using HP-PC, software environment Win operating system, permission p1 corresponds to the type of read operation. Object o1 security level 1, created during lifecycle creation, with the cryptographic algorithm AES, key 1E2F3C 67. The policy p1 authorizes the conclusion to Grant. Further, subject s1 was presented with a teacher role, security level 1, time 2017, 1 month, 11 days, 8: 00:00 starts in 2017 on 12.1.00: 00, in classroom IV, with network address: 192.168.0.12, using HP-PC, the software environment Win operating system can read object o1 under the lifecycle creation phase, which is the encryption algorithm AES, key 1E2F3C 67.

Description of the examples above steps:

1) the general definition of the mechanism is described, the general definition of the mechanism starts with a keyword \ def, ends with/def, and defines the format as \ def subject objects policies/def, and describes the policy corresponding to the subject object in the access object.

2) And defining mechanism related variables, starting with the keyword \ var and ending with the/var, and defining the format as the variable content/var of the \ var variable name.

3) Defining a main body and elements thereof, starting with a keyword/subject and ending with the/subject, wherein the format is defined as: project body ID, role, time: tense, env: environment, mls: multi-level security attributes, operation type, rights/subject.

The specific steps are shown in fig. 3:

(1) description subject ID

(2) Describing subject roles

(3) Describing temporal attributes

(4) Describing environmental attributes

(5) Describing multi-level security attributes

(6) Describing types of operations

(7) Describing rights

The above description follows the specific description rules of the multi-element access control mechanism description language.

4) The object definition starts with the keyword \ object and ends with the/object, and the format definition is as follows:

object ID, lifecycle, multi-level security attributes, password parameter/object

The specific steps are shown in fig. 4:

(1) describing object ID

(2) Describing the Life cycle

(3) Describing multi-level security attributes

(4) Describing cryptographic parameters

The above description follows the specific description rules of the multi-element access control mechanism description language.

5) Policy definition starts with the keyword \ policies and ends with/policies. The format is \ policies strategy description 1, strategy description 2, strategy description 3 and strategy description N/policies;

the specific steps are shown in fig. 5:

(1) describing policy ID

(2) Describing policies

After the above description, the user will generate a description file of algorithm class mathematics, which is defined as an access control. The file contents are as follows:

\def s1o1p1/def

\var

subject s1，

object o1，

policies p1

/var

\subject

s1，

teacher，

time：(startfrom：2017-1-11:8:00:00endat：2017-1-12:16:00:00)，

env：roomIV 192.168.0.12HP-PC Win，

mls：1，

operations:read，

permissions：p1

/subject

\object

o1，

lifecycle:creation(startfrom:2017-1-11:7:00:00endat:2017-1-23:19:00:00)，

mls:1，

crypt：AES 1E2F3C67

/object

\policiesp1

p1:Grant

/policies

the above mechanism describes some simple logical statements involved in the language as follows:

if … … then … … (else) … … indicates a condition decision, in the form of "if condition describes the then … …" or "if condition describes the then … … else … …", where else statements are optional and then the then and else correspond to the associated execution statements, respectively. The description of the conditions uses the operators "═ and"! Meaning equal to and unequal to.

The above definitions and descriptions are limited to the embodiment, and the specific subject and object elements, operation types and authorization descriptions can be expanded according to the requirements of the user.

And thirdly, analyzing the description file Access control. As shown in fig. 6, the specific process is as follows:

(1) the lexical analysis is carried out on the multi-element access control mechanism description file, and the main work comprises the following steps:

1) preprocessing, namely removing invalid characters such as invalid spaces, tabulation characters and line feed characters;

2) identifying the keywords, assigning corresponding attribute values for the keywords, and preparing corresponding TOKEN codes for a syntax analysis program;

3) identifying constants of character strings, numbers and characters, storing the numbers, and preparing corresponding TOKEN codes for a syntax analysis program;

(2) and (4) carrying out syntactic analysis on the multi-element access control mechanism description file, decomposing the result of lexical analysis into each syntactic unit according to the syntactic rule of the mathematical description language, and checking and identifying syntactic errors.

The grammar analysis mainly relies on a TOKEN code table generated in the lexical analysis to identify various grammar components respectively comprising keywords, variables, subjects, objects, elements and strategy functions, and to identify keyword word writing errors and parentheses mismatching errors.

(3) Performing semantic analysis on the multi-element access control mechanism description file, performing recognition and analysis on specific semantic meanings of the description language, and performing static semantic inspection, for example: whether the specified variables are defined or not, whether the types are matched or not, whether the access control objects, the element description and the strategy authorization function are not described completely and completely or not are specified, and relevant semantic information is collected for the code generation stage.

The following table information is constructed through semantic analysis:

1) a global variable and constant information table;

2) a policy authorization function information table;

3) a policy authorization function statement information table;

(4) generating intermediate codes

The intermediate code generated at this time is already similar to the code corresponding to the computer programming language specified by the user, but the implementation of the specific sub-function has not been processed.

The fourth step: and selecting a code bottom library corresponding to the computer programming language according to the target code requirement of the user to generate the target code.

The step depends on a sub-function calling information table in the intermediate code, selects in the existing agent bottom layer support library, calls different sub-function implementation programs and related codes, and generates a corresponding header function generation list.

Integrating the intermediate code generated in the third step with the subfunction code and header file information generated in the fourth step to generate output files, access control.

The description language and the method can be used for description addition according to the specific requirements of users, and the customization and the adaptation of the description and the analysis method are finally realized through the updating of the analysis program.

Claims (2)

1. A multi-element access control mechanism description and analysis method is characterized by comprising the following steps aiming at access control based on a cryptographic algorithm:

firstly, defining a multi-element access control mechanism description language for describing an object and an access control strategy of a user by a mathematical language;

secondly, describing the access control mechanism designed by the user according to the access control mechanism description language to generate a description source file; the specific process is as follows:

firstly, defining a mechanism overall by using a keyword def, and describing the corresponding relation of a subject, an object and a strategy contained in the mechanism;

secondly, describing variables contained in the mechanism by using a keyword var, wherein the variables relate to description and definition of a subject ID, an object ID, a subject operation type, authority and other intermediate variables;

then, describing the subject and the object and the corresponding access control elements thereof by the subject keyword and the object keyword; the access control elements of the subject comprise roles, tenses, environments and multilevel security attributes, and the access control elements of the object comprise life cycles, multilevel security attributes and password parameters;

finally, using keywords to describe a policy authorization function;

thirdly, performing language analysis on the description source file to generate an algorithm description intermediate code;

fourthly, according to the target code requirement of the user, selecting a code bottom library corresponding to the computer programming language to generate a target code; the code bottom library comprises a bottom function library and a password realization function library;

defining a multi-element access control mechanism description language in a first step, wherein the multi-element access control mechanism description language comprises a keyword definition, a mechanism overall definition, a variable definition, a subject definition, an object definition and a policy function definition;

the keyword definition comprises def, var, subject, time, env, mls, object, lifecycle, crypt, permissions, operations and policies keywords which are respectively used for representing mechanism totality, variables, a subject tense, a subject environment, multi-level security level, an object life cycle, password parameters, authority, operation type and strategy authorization function definition;

the mechanism overall definition takes a keyword \ def as a start, takes/def as a termination, and has a format definition of "\ def subject objects policies/def", describing that the subject is in the policy corresponding to the access object;

the variable definition starts with the keyword \ var and ends with/var, and the format is defined as "\\ var variable name variable content/var", the content description of the variable follows the rule ('a' - 'Z' | '0' - '9') +, i.e. contains the case of the letters a-Z and any combination of the numbers;

the body definition starts with the keyword \ subject, ends with/subject, and the format definition is "\ subject body ID, role, time: tense, env: environment, mls: multi-level security attributes, operation type, permissions/subjects ";

the subject ID is defined by variable var;

the description of the role is defined and described through variable keywords;

the tense is defined by the keyword time: for start, the format is defined as "time: (< time >) "or" time: (startfrom: < time > end at: < time >) "; < time > is a time point representing the inclusion of date, hour, minute, second, using year-month-day: the method comprises the following steps: dividing into: the format of seconds;

environment definition is defined by the keyword env: the method comprises the steps of starting, describing a physical position, a network address, hardware information and software information, wherein the physical position, the hardware information and the software information are in a format description form of a variable var, and the network address is in standard IPv4 and IPv6 formats;

the multi-level security attribute is defined by the keyword "mls: "as initial, in the format" mls: security level information "which is in the form of a natural number;

the operation type is represented by the keyword "operations: "start, format" operations: operation ", where the operation is described as a descriptive form of var, divided into" read, write, execute ";

rights are defined by the keyword "permissions: to start with, the format "properties: rights description ", where rights description is a description of var, by", "divided;

the object definition starts with the keyword \ object and ends with the/object, and the format definition is as follows: "\ object ID, lifecycle, multi-level security attributes, password parameter/object";

the object ID is defined by variable var;

the lifecycle definition is defined by the keyword "lifecycle: "start, format" life cycle: the life cycle phase ID (startfrom: < date > end: < date >) ", where < date > is a time point representing the inclusion of date, hour, minute, second, in the year-month-day: the method comprises the following steps: dividing into: the format of seconds;

the multi-level security attribute is defined by the keyword "mls: "as initial, in the format" mls: security level information "which is in the form of a natural number;

the password parameters are represented by the keyword "crypt: the algorithm type key is defined in a variable mode;

the strategy definition takes the keyword "\\ policies" as the starting point and "/policies" as the ending point, and has the formats of "\\ policies strategy description 1, strategy description 2, strategy description 3, … and strategy description N/policies";

the policy description is in the format of "policy ID: and specifically describing, the policy ID is defined in a variable form, and specifically describing authorization, re-authorization and revocation.

2. The method of claim 1, wherein the third step of linguistic parsing the description source file comprises lexical, syntactic and semantic parsing of a multi-element access control mechanism description language in the description file.

Images