CN114282591B - Dynamic security level real-time division method, terminal equipment and storage medium - Google Patents
Dynamic security level real-time division method, terminal equipment and storage medium Download PDFInfo
- Publication number
- CN114282591B CN114282591B CN202111369332.3A CN202111369332A CN114282591B CN 114282591 B CN114282591 B CN 114282591B CN 202111369332 A CN202111369332 A CN 202111369332A CN 114282591 B CN114282591 B CN 114282591B
- Authority
- CN
- China
- Prior art keywords
- security level
- data resource
- desensitization
- real
- dynamic security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000000586 desensitisation Methods 0.000 claims abstract description 50
- 230000003068 static effect Effects 0.000 claims abstract description 28
- 238000013507 mapping Methods 0.000 claims abstract description 9
- 238000004590 computer program Methods 0.000 claims description 19
- 238000013475 authorization Methods 0.000 claims description 14
- 230000006870 function Effects 0.000 claims description 6
- 238000000638 solvent extraction Methods 0.000 claims description 3
- 230000035945 sensitivity Effects 0.000 description 4
- 238000007726 management method Methods 0.000 description 3
- 230000002265 prevention Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a dynamic security level real-time dividing method, terminal equipment and a storage medium, wherein the method comprises the following steps: s1: setting classification dimensions of data resources and categories contained in each classification dimension, setting a static security level according to the categories of each data resource in different classification dimensions, and constructing a static security level mapping table according to the static security level; s2: initializing a desensitization lower bound L, a desensitization period T, a desensitization rate k () and a desensitization mode M; s3: after receiving the data resource, searching a corresponding static security level x from a static security level mapping table; s4: judging whether the data resource is in an open state, if so, setting the dynamic security level y of the data resource as a desensitization lower boundary L; otherwise, entering S5; s5: according to the desensitization period of the data resource obtained in real time, calculating the real-time dynamic security level: the invention introduces data open control and data desensitization control to realize the real-time control of the security level of the data resource.
Description
Technical Field
The present invention relates to the field of big data processing, and in particular, to a dynamic security level real-time dividing method, a terminal device, and a storage medium.
Background
Data fusion, circulation and sharing in the big data age are necessarily trends, and data with different sensitivity levels inevitably coexist in the process, and related operations can cause important risks in terms of privacy disclosure and other safety when the data are unordered. How to implement corresponding security protection measures on data resources with different sensitivity levels, and improving the security of data in the access process are key contents of current data management.
The management and use requirements of different roles on data are different, data needed by users are provided during circulation sharing of the data, and data classification management is the basis of authorization of the data during opening. Most of the hierarchical classification that has landed is a static process, not considering the problem: the sensitivity of the data resource may change along with the deduction of the state and time in the life cycle, and the traditional authorization mode is also a mode which can be authorized by following the higher right of the visitor than the data sensitivity level, so that the safety prevention and control requirements of cross systems, cross fields and cross services cannot be met.
At present, strict specifications are not available in the process of defining and using data, and unified standards which are practically feasible are lacking, such as industrial data classification guidelines (trial run) and financial data security classification guidelines (financial data security classification guidelines), which are generally standing at the angle of enterprises, and classification engineering is implemented by taking the self business requirements as the principle, so that the method has the characteristics of strong subjectivity, high maintenance difficulty and inflexible classification mode, and classification management is very important for role-based authorization control.
Disclosure of Invention
In order to solve the above problems, the present invention provides a dynamic security level real-time division method, a terminal device and a storage medium.
The specific scheme is as follows:
a dynamic security level real-time dividing method comprises the following steps:
S1: setting classification dimensions of data resources and categories contained in each classification dimension, setting static security levels corresponding to the data resources according to the categories of each data resource in different classification dimensions, and constructing a static security level mapping table according to the static security levels of the data resources corresponding to all the categories in all the classification dimensions;
S2: initializing a desensitization lower bound L, a desensitization period T, a desensitization rate k () and a desensitization mode M, wherein when M=0, the desensitization of the data resource in a sudden change mode is indicated, and when M=1, the desensitization of the data resource in a gradual change mode is indicated;
s3: after receiving the data resource, searching a static security level x corresponding to the data resource from a static security level mapping table according to the data resource category of the data resource under different classification dimensions;
s4: judging whether the data resource is in an open state, if so, setting the dynamic security level y of the data resource as a desensitization lower boundary L; otherwise, entering S5;
s5: according to the desensitization period t of the data resource obtained in real time, calculating the real-time dynamic security level y corresponding to the data resource by the following formula:
Wherein H (-) represents a step function and θ represents 0 to 0 The variable between them is that,Representing no greater thanIs the largest integer of (a).
Further, the classification dimension of the data resource comprises two classification dimensions of a resource attribute and a service field.
Further, the classes included in the service domain dimension are divided into two classes, wherein the first class includes two classes a 1、a2, and each class includes a plurality of classes, specifically: 3 secondary categories { a 11,a12,a13}、a2 contained in a 1 and 2 secondary categories { a 21,a22 }; the categories contained in the resource attribute dimension are divided into two levels, wherein the first level comprises b 1、b2、b3 three levels of categories, and each level of category comprises a plurality of second levels of categories, specifically: b 1 of 3 secondary classes { b 11,b12,b13}、b2 of 2 secondary classes { b 21,b22}、b3 of 3 secondary classes { b 31,b32,b33 }.
Further, the security level is classified into 5 levels, and the higher the security level is, the greater the access restriction is.
Further, whether the data resource is in an open state is controlled by an open state adjustment parameter s, and when s=1, the data resource is in the open state; when s=0, it means that the data resource is in a non-open state.
An authorization method based on dynamic security level real-time division comprises the following steps:
s101: when a data resource access request is received, extracting role information of a visitor and accessed data resource information;
S102: determining the dynamic security level of the accessed data resource based on the dynamic security level real-time dividing method;
S103: and judging whether the access of the visitor is authorized or not according to the dynamic security level of the accessed data resource and the role information of the visitor.
The terminal equipment for dividing the dynamic security level in real time comprises a processor, a memory and a computer program which is stored in the memory and can run on the processor, wherein the steps of the method for dividing the dynamic security level in real time are realized when the processor executes the computer program.
A computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the dynamic security level real-time partitioning method described above according to an embodiment of the present invention.
According to the technical scheme, on the basis of the existing service data classification, data open control and data desensitization control are introduced and serve as two nodes for controlling the security level of the data resource, so that the real-time controllability of the security level of the data resource is realized.
Drawings
Fig. 1 is a flowchart of a dynamic security level real-time dividing method according to a first embodiment of the present invention.
Fig. 2 is a flowchart of an authorization method based on dynamic security level real-time division in accordance with a first embodiment of the present invention.
Detailed Description
For further illustration of the various embodiments, the invention is provided with the accompanying drawings. The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate embodiments and together with the description, serve to explain the principles of the embodiments. With reference to these matters, one of ordinary skill in the art will understand other possible embodiments and advantages of the present invention.
The invention will now be further described with reference to the drawings and detailed description.
Embodiment one:
The embodiment of the invention provides a dynamic security level real-time dividing method, as shown in fig. 1, comprising the following steps:
S1: setting classification dimensions of data resources and categories contained in each classification dimension, setting static security levels corresponding to the data resources according to the categories of each data resource in different classification dimensions, and constructing a static security level mapping table according to the static security levels of the data resources corresponding to all the categories in all the classification dimensions.
The data resources in each field have specific classification dimensions related to service properties, the service properties of the data resources can be comprehensively analyzed by determining the classification dimensions, and on the premise of covering all the data resources as much as possible, a proper classification strategy is searched to establish the granularity of each classification dimension, and the general classification dimension is not more than 3 dimensions.
As shown in table 1, in this embodiment, in combination with analysis viewpoints of authoritative experts, the classification dimension of the data resource is set to include two classification dimensions of the resource attribute and the service domain. The first dimension is a service field, and the included categories are divided into two levels, wherein the first level comprises a 1、a2 two levels of categories, and each level of category comprises a plurality of second levels of categories, specifically: 3 secondary categories { a 11,a12,a13}、a2 contained in a 1 and 2 secondary categories { a 21,a22 }; the second dimension is a resource attribute, and the included categories are divided into two levels, wherein the first level comprises b 1、b2、b3 three levels of categories, and each level of category comprises a plurality of second levels of categories, specifically: b 1 of 3 secondary classes { b 11,b12,b13}、b2 of 2 secondary classes { b 21,b22}、b3 of 3 secondary classes { b 31,b32,b33 }.
TABLE 1
The security level is used to define the access rights of the data resource, and as shown in table 2, the higher the security level, the greater the access definition. The static security level corresponding to each data resource is determined according to the category under each corresponding classification dimension, and if the setting of the total static security level in this embodiment includes 1-5 levels as shown in table 2, the static security level of the data resource is 1 level if the data resource belongs to a 11 category under the classification dimension of the service domain and belongs to a b 11 category under the classification dimension of the resource attribute; the static security level of the data resource is 4-level if the data resource belongs to the a 13 category under the service domain classification dimension and the b 22 category under the resource attribute classification dimension.
If the classification dimension is one-dimensional or three-dimensional, a corresponding one-dimensional or three-dimensional mapping table can be constructed.
TABLE 2
S2: the desensitization lower bound L, the desensitization period T, the desensitization rate k (), and the desensitization mode M are initialized.
Desensitization refers to the time duration that the data resource enters the unopened state during the desensitization period t.
The lower desensitization bound L represents the lowest possible security level that is derived from the class of the data resource in the different classification dimensions, and is set empirically by a person skilled in the art, typically not higher than the static security level to which the data resource corresponds.
The desensitization period T indicates that when the desensitization period T reaches the desensitization period T, the security level of the data resource is likely to be changed greatly, and the size thereof is set empirically by those skilled in the art.
The desensitization rate k (-) represents the desensitization rate in the actual usage scenario, and is generally defined as k (t) =1, i.e. the security level is reduced by 1 level every time a desensitization period passes, and in other embodiments, the security level can be set to other values according to the needs by those skilled in the art, which is not limited herein.
The desensitization mode M is used for controlling the desensitization mode of the data resource, when M=0, the data resource is desensitized in a sudden change mode, and if the desensitization period T reaches a desensitization period T, the security level of the data resource is directly reduced to a desensitization lower limit L; when m=1, it means that the data resource is desensitized in a gradual mode, the desensitization rate is k (t) until the security level falls to the desensitization lower boundary L.
S3: after receiving the data resource, searching a static security level x corresponding to the data resource from a static security level mapping table according to the data resource category of the data resource under different classification dimensions.
S4: judging whether the data resource is in an open state, if so, setting the dynamic security level y of the data resource as a desensitization lower boundary L; otherwise, S5 is entered.
In this embodiment, the open state is controlled by the open state adjustment parameter s, and when s=1, it indicates that the data resource is in the open state; when s=0, it means that the data resource is in a non-open state.
S5: according to the desensitization period t of the data resource obtained in real time, calculating the real-time dynamic security level y corresponding to the data resource by the following formula:
Wherein, H (-) represents a step function, in H (T-T), H (T-T) =0 when T-T is less than or equal to 0, and H (T-T) =1 when T-T > 0; θ represents 0 to A variable therebetween; Representing no greater than Is the largest integer of (a).
As the desensitization period t increases, the dynamic security level y gradually decreases, and according to the authorization policy shown in table 2, the security level of the data resource and the change of the authorization policy along with the desensitization period t are shown in table 3.
TABLE 3 Table 3
| Desensitization period t | Data security level y A | Authorization policy |
| t<T | 5 | Accessible to specific personnel and specific services |
| 2T>t>T | 4 | The department of the unit and the business can be accessed |
| t>2T | 3 | Related units, related services (less than level 2 scope) are accessible |
Further, the embodiment further includes an authorization method based on the dynamic security level real-time division, as shown in fig. 2, based on the above method for dynamic security level real-time division, which includes the following steps:
s101: when a data resource access request is received, extracting role information of a visitor and accessed data resource information;
S102: determining the dynamic security level of the accessed data resource based on a dynamic security level real-time dividing method;
S103: and judging whether the access of the visitor is authorized or not according to the dynamic security level of the accessed data resource and the role information of the visitor.
The role information of the visitor may be a user name when the visitor registers, and in step S103, it is determined whether the visitor is authorized for the access, and according to the dynamic security level of the data resource, the authorization range of the role information of the visitor corresponding to the security level is obtained from the security level division table shown in table 2, and it is determined whether the role information of the visitor is within the authorization range, and if yes, it is determined that the visitor is authorized for the access.
The embodiment of the invention solves the problem that the access authority of the data resource possibly changes along with state and time deduction in the prior art, and endows the data resource with dynamic properties which can be calculated in real time throughout the life cycle by introducing data state control and data desensitization control as control variables. On the other hand, according to the security level of the data, a corresponding authentication and authorization strategy is configured, so that the visitor is effectively controlled to be used as different roles, and access in different operations is executed, and an authorization mode based on the roles is realized.
According to the embodiment, the human technical experience is applied to static hierarchical classification and parameter configuration of two dynamic control nodes, the full-automatic real-time calculation function of a computer is exerted, the accurate prevention and control of data resources are realized through the organic combination of the static hierarchical classification and the parameter configuration of the two dynamic control nodes, global regulation and local fine adjustment are supported, and effective support can be provided for a data security prevention and control system in various data systems.
Embodiment two:
The invention also provides a dynamic security level real-time division terminal device, which comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the steps in the method embodiment of the first embodiment of the invention are realized when the processor executes the computer program.
Further, as an executable scheme, the dynamic security level real-time division terminal device may be a computing device such as a desktop computer, a notebook computer, a palm computer, and a cloud server. The dynamic security level real-time partitioning terminal device may include, but is not limited to, a processor, a memory. It will be appreciated by those skilled in the art that the above-described composition structure of the dynamic security level real-time division terminal device is merely an example of the dynamic security level real-time division terminal device, and does not constitute limitation of the dynamic security level real-time division terminal device, and may include more or less components than the above, or may combine some components, or different components, for example, the dynamic security level real-time division terminal device may further include an input/output device, a network access device, a bus, and the like, which is not limited by the embodiment of the present invention.
Further, as an executable scheme, the Processor may be a central processing unit (Central Processing Unit, CPU), other general purpose Processor, digital signal Processor (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc. The general processor may be a microprocessor or the processor may be any conventional processor, etc., and the processor is a control center of the dynamic security level real-time division terminal device, and connects various parts of the whole dynamic security level real-time division terminal device by using various interfaces and lines.
The memory may be used to store the computer program and/or the module, and the processor may implement various functions of the dynamic security level real-time division terminal device by running or executing the computer program and/or the module stored in the memory and invoking data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, at least one application program required for a function; the storage data area may store data created according to the use of the cellular phone, etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as a hard disk, memory, plug-in hard disk, smart memory card (SMART MEDIA CARD, SMC), secure Digital (SD) card, flash memory card (FLASH CARD), at least one disk storage device, flash memory device, or other volatile solid-state storage device.
The present invention also provides a computer readable storage medium storing a computer program which when executed by a processor implements the steps of the above-described method of an embodiment of the present invention.
The dynamic security level real-time division terminal device integrated modules/units may be stored in a computer readable storage medium if implemented in the form of software functional units and sold or used as independent products. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a software distribution medium, and so forth.
While the invention has been particularly shown and described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (8)
1. The dynamic security level real-time dividing method is characterized by comprising the following steps of:
S1: setting classification dimensions of data resources and categories contained in each classification dimension, setting a static security level corresponding to each data resource according to the category of each data resource in different classification dimensions, and constructing a static security level mapping table according to the static security level of the data resource corresponding to the category combination in each classification dimension;
S2: initializing a desensitization lower bound L, a desensitization period T, a desensitization rate k () and a desensitization mode M, wherein when M=0, the desensitization of the data resource in a sudden change mode is indicated, and when M=1, the desensitization of the data resource in a gradual change mode is indicated;
s3: after receiving the data resource, searching a static security level x corresponding to the data resource from a static security level mapping table according to the data resource category of the data resource under different classification dimensions;
s4: judging whether the data resource is in an open state, if so, setting the dynamic security level y of the data resource as a desensitization lower boundary L; otherwise, entering S5;
s5: according to the desensitization period t of the data resource obtained in real time, calculating the real-time dynamic security level y corresponding to the data resource by the following formula:
Wherein H (-) represents a step function and θ represents 0 to 0 The variable between them is that,Representing no greater thanIs the largest integer of (a).
2. The dynamic security level real-time division method according to claim 1, wherein: the classification dimension of the data resource comprises two classification dimensions of a resource attribute and a service field.
3. The dynamic security level real-time division method according to claim 2, wherein: the service domain dimension comprises two classes, wherein the first class comprises a 1、a2 two classes, and each class comprises a plurality of classes; the resource attribute dimension comprises two levels of categories, wherein the first level comprises b 1、b2、b3 three levels of categories, and each level of category comprises a plurality of second levels of categories.
4. The dynamic security level real-time division method according to claim 1, wherein: the security level is classified into 5 levels, and the higher the security level is, the greater the access restriction is.
5. The dynamic security level real-time division method according to claim 1, wherein: whether the data resource is in an open state or not is controlled by an open state adjusting parameter s, and when s=1, the data resource is in the open state; when s=0, it means that the data resource is in a non-open state.
6. An authorization method based on dynamic security level real-time division is characterized in that: the method comprises the following steps:
s101: when a data resource access request is received, extracting role information of a visitor and accessed data resource information;
s102: determining a dynamic security level of the accessed data resource based on the dynamic security level real-time partitioning method of any one of claims 1-5;
S103: and judging whether the access of the visitor is authorized or not according to the dynamic security level of the accessed data resource and the role information of the visitor.
7. The utility model provides a terminal equipment is divided in real time to dynamic security level which characterized in that: comprising a processor, a memory and a computer program stored in the memory and running on the processor, which processor, when executing the computer program, carries out the steps of the method according to any one of claims 1 to 6.
8. A computer-readable storage medium storing a computer program, characterized in that: the computer program, when executed by a processor, implements the steps of the method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111369332.3A CN114282591B (en) | 2021-11-18 | 2021-11-18 | Dynamic security level real-time division method, terminal equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111369332.3A CN114282591B (en) | 2021-11-18 | 2021-11-18 | Dynamic security level real-time division method, terminal equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114282591A CN114282591A (en) | 2022-04-05 |
| CN114282591B true CN114282591B (en) | 2024-09-27 |
Family
ID=80869433
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111369332.3A Active CN114282591B (en) | 2021-11-18 | 2021-11-18 | Dynamic security level real-time division method, terminal equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114282591B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20240039962A1 (en) * | 2022-08-01 | 2024-02-01 | International Business Machines Corporation | Internet-of-things device security optimization |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109597843A (en) * | 2018-12-19 | 2019-04-09 | 北京锐安科技有限公司 | Data managing method, device, storage medium and the electronic equipment of big data environment |
| CN110795756A (en) * | 2019-09-25 | 2020-02-14 | 江苏满运软件科技有限公司 | Data desensitization method and device, computer equipment and computer readable storage medium |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7302708B2 (en) * | 2004-03-11 | 2007-11-27 | Harris Corporation | Enforcing computer security utilizing an adaptive lattice mechanism |
| CN112364377B (en) * | 2020-11-11 | 2023-06-06 | 国网山东省电力公司电力科学研究院 | Data classification grading safety protection system suitable for power industry |
-
2021
- 2021-11-18 CN CN202111369332.3A patent/CN114282591B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109597843A (en) * | 2018-12-19 | 2019-04-09 | 北京锐安科技有限公司 | Data managing method, device, storage medium and the electronic equipment of big data environment |
| CN110795756A (en) * | 2019-09-25 | 2020-02-14 | 江苏满运软件科技有限公司 | Data desensitization method and device, computer equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114282591A (en) | 2022-04-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Colombo et al. | Privacy aware access control for big data: A research roadmap | |
| EP2521066A1 (en) | Fine-grained relational database access-control policy enforcement using reverse queries | |
| CN106878325B (en) | A kind of method and device of determining access privilege | |
| CN101847197A (en) | Method for controlling document access authority | |
| CN106650418A (en) | Android access control system and method based onmulti-strategy | |
| CN110928963B (en) | Column-level authority knowledge graph construction method for operation and maintenance service data table | |
| CN114282591B (en) | Dynamic security level real-time division method, terminal equipment and storage medium | |
| Martinelli et al. | Too long, did not enforce: A qualitative hierarchical risk-aware data usage control model for complex policies in distributed environments | |
| US10038724B2 (en) | Electronic access controls | |
| US11750619B2 (en) | Modify assigned privilege levels and limit access to resources | |
| Ma et al. | Role mining based on permission cardinality constraint and user cardinality constraint | |
| CN111967046B (en) | Self-adaptive access control method for big data resources | |
| CN118157997B (en) | User authority management method | |
| Wang et al. | Personalized Privacy Protecting Model in Mobile Social Network. | |
| CN115550010B (en) | Key environment access control method based on block chain | |
| Gkioulos et al. | Enhancing usage control for performance: An architecture for systems of systems | |
| Yang et al. | Research on way of evaluating cloud end user behavior's credibility based on the methodology of multilevel fuzzy comprehensive evaluation | |
| CN117499124A (en) | Access control method and device | |
| Milosavljević et al. | Context-sensitive constraints for access control of business processes | |
| CN116346432A (en) | Access control system, electronic equipment and storage medium of energy industry internet | |
| CN110717192B (en) | Big data security oriented access control method based on Key-Value accelerator | |
| Chen et al. | Mobile internet access control strategy based on trust perception | |
| Gkioulos et al. | Enhancing usage control for performance: A proposal for systems of systems (research poster) | |
| CN118101261B (en) | Lake-table integrated-based data security sharing method and system | |
| Wang et al. | Security level protection for intelligent terminals based on differential privacy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |