WO2014188743A1 - Dispositif de contrôle d'accès et procédé et programme de contrôle d'accès - Google Patents

Dispositif de contrôle d'accès et procédé et programme de contrôle d'accès Download PDF

Info

Publication number
WO2014188743A1
WO2014188743A1 PCT/JP2014/052851 JP2014052851W WO2014188743A1 WO 2014188743 A1 WO2014188743 A1 WO 2014188743A1 JP 2014052851 W JP2014052851 W JP 2014052851W WO 2014188743 A1 WO2014188743 A1 WO 2014188743A1
Authority
WO
WIPO (PCT)
Prior art keywords
hierarchy
access
information
hierarchical
rank
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2014/052851
Other languages
English (en)
Japanese (ja)
Inventor
優 小杉
雅之 佐藤
仁志 楓
光義 山足
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mitsubishi Electric Corp
Original Assignee
Mitsubishi Electric Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mitsubishi Electric Corp filed Critical Mitsubishi Electric Corp
Priority to JP2015518114A priority Critical patent/JP5980421B2/ja
Priority to CN201480029654.5A priority patent/CN105229662B/zh
Publication of WO2014188743A1 publication Critical patent/WO2014188743A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Definitions

  • the present invention relates to access control using a hierarchical structure.
  • multi-tenant management technology As a basic technology for realizing a cloud service and SaaS (Software as a Service), there is “multi-tenant management technology” in which one application program (hereinafter referred to as an application) is shared by a plurality of companies (tenants).
  • the purpose of the multi-tenant management technology is to reduce hardware (H / W) resources and software (S / W) resources by sharing applications among a plurality of companies, thereby reducing costs.
  • a flexible access authority can be set by associating a user attribute with an access authority (for example, Patent Document 1).
  • the “user information table” manages not only users but also attributes such as tenants and departments, and the “access authority assignment table” has what attributes for each authority to perform access control. It manages whether the user can use the application.
  • an application originally used in a certain building may be made available to other buildings or tenants belonging to other buildings in order to expand the service range.
  • an application originally used in a certain building may be made available to other buildings or tenants belonging to other buildings in order to expand the service range.
  • Patent Document 1 there is no mention of history management and no mention of an organizational hierarchical structure. If the above request is to be realized based on the technology of Patent Document 1, if the organizational hierarchy structure is changed, all access authority assignments set when the organizational hierarchy structure is changed are all It is necessary to review.
  • the main object of the present invention is to solve such a problem, and even when the definition of the hierarchical structure is changed, the main object is to minimize the amount of data repair work associated with the change. To do.
  • An access control apparatus for storing hierarchy rank information indicating ranks between hierarchies in a hierarchical structure composed of a plurality of hierarchies;
  • a hierarchy element information storage unit that stores a hierarchy element information that is a pair of hierarchy elements that are elements constituting a hierarchy, and a pair of hierarchical elements that belong to two different hierarchies is shown for each combination of hierarchies,
  • An access permission condition information storage unit that stores access permission condition information in which an access permission condition that is a condition for permitting access to an access restriction resource to which access is restricted is associated with a specific hierarchical element;
  • An access request receiving unit that receives an access request for requesting access to an access restricted resource from a user associated with any one of the hierarchical elements;
  • the hierarchy element associated with the user is determined, and based on the rank between the hierarchies indicated in the hierarchy rank information, the hierarchy element or the hierarchy element one level above which is paired with the determined hierarchy element
  • a hierarchical element of a lower hierarchy is extracted from the hierarchical element information, and
  • a hierarchy element extractor that repeats the operation until reaching a specific hierarchy, By comparing the hierarchy element determined by the hierarchy element extraction unit and the extracted hierarchy element with the specific hierarchy element indicated in the access permission condition, access to the access restricted resource is made in response to the access request. And an access permission / rejection determination unit that determines whether to permit or not.
  • hierarchical rank information indicating the rank between hierarchies is stored, and a pair of hierarchical elements belonging to two different hierarchies stores hierarchical element information indicated for each combination of hierarchies.
  • a hierarchical structure is constructed based on the hierarchical order information and the hierarchical element information, starting from the hierarchical element associated with the user who made the access request.
  • the hierarchical relationship between hierarchies is only defined, and the hierarchical relationship between hierarchical elements is not defined, even if there is a change in the hierarchical structure, it is only necessary to modify the hierarchy order information. The amount of work can be kept to a minimum.
  • FIG. 3 is a diagram illustrating an example of a system configuration according to the first embodiment.
  • 1 is a diagram illustrating a configuration example of an access control apparatus according to Embodiment 1.
  • FIG. 3 is a diagram illustrating a configuration example of an operation request according to the first embodiment.
  • FIG. 6 is a diagram showing an example of access authority information managed by an access authority management unit according to the first embodiment.
  • FIG. 6 is a diagram illustrating an example of hierarchy definition information managed by a hierarchy definition management unit according to Embodiment 1.
  • FIG. 3 is a diagram illustrating a configuration example of a business logic unit according to the first embodiment.
  • FIG. 3 is a diagram illustrating a configuration example of a business logic information management unit according to the first embodiment.
  • FIG. 4 is a flowchart showing an operation example of a process receiving unit according to the first embodiment.
  • FIG. 4 is a flowchart showing an operation example of an F-RBAC unit according to the first embodiment.
  • FIG. 3 is a flowchart showing an operation example of a business logic unit according to the first embodiment.
  • FIG. 6 is a diagram showing an example of a hierarchical structure change request according to the first embodiment.
  • FIG. 4 is a flowchart showing an operation example of an F-RBAC unit according to the first embodiment.
  • FIG. 3 is a diagram illustrating a hardware configuration example of the access control apparatus according to the first embodiment.
  • Embodiment 1 In this embodiment, in order to enable the same application to be shared by various users, data access rights and application use rights (hereinafter referred to as access rights) in a multi-tenant application are efficiently managed.
  • the structure of will be described. More specifically, in the present embodiment, a configuration that minimizes the amount of data modification work associated with a change even when the definition of the hierarchical structure is changed will be described.
  • FIG. 1 shows a system configuration example according to the present embodiment.
  • terminals 001 and 002 are terminal devices arranged in a tenant company that uses a service, and are assumed to be personal computers, mobile terminals, and the like.
  • Web browsers 001a and 002a are installed in the terminals 001 and 002. It is assumed that the user who operates the terminals 001 and 002 is an employee of another tenant company. It is also possible to install a plurality of terminals in the same tenant company and use the same application in three or more tenant companies.
  • the terminal 000 is a terminal device used by a system administrator and an operator who manages the system shown in FIG. 1, and is assumed to be a personal computer, a mobile terminal, or the like.
  • a web browser 000a is installed in the terminal 000.
  • the network 003 is a communication path used when the terminals 001 and 002 use the access control device 004, and may be the Internet and a LAN (Local Area Network).
  • the access control device 004 determines whether or not to permit access to an access restriction resource whose access is restricted.
  • business logic application that allows access only to users belonging to a specific organization and users having specific attributes is used as an example of an access restriction resource.
  • the access control device 004 includes a process accepting unit 005, a flexible role-based access control unit (Flexible Role-based Access Control unit; hereinafter referred to as F-RBAC unit) 006, a business logic unit 007, a business logic unit 007, It has a logic information management unit 008, a user information management unit 009, an access authority management unit 010, a role assignment management unit 011, a hierarchy definition management unit 012 and an organization information management unit 013.
  • F-RBAC unit Flexible Role-based Access Control unit
  • the process accepting unit 005 receives a request transmitted from the terminals 001 and 002, and performs the process described later.
  • the process reception unit 005 receives an operation request (access request) that is a request for requesting access to the access restricted resource from the terminals 001 and 002.
  • the process reception unit 005 corresponds to an example of an access request reception unit.
  • the F-RBAC unit 006 determines the presence / absence of access authority based on the request contents of the terminals 001 and 002 and information managed in the access control device 004.
  • the F-RBAC unit 006 corresponds to an example of a hierarchy element extraction unit, an access permission determination unit, and a hierarchy order change unit.
  • the business logic unit 007 performs business processing such as work management and accounting processing.
  • the business logic information management unit 008 manages information used by the business logic unit 007.
  • the user information management unit 009 manages information on users who can operate the application.
  • the access authority management unit 010 manages access authority for business logic.
  • the role assignment management unit 011 manages organizations that can access the business logic based on the correspondence between the access authority information and the organization information.
  • the role assignment management unit 011 corresponds to an example of an access permission condition information storage unit.
  • the hierarchy definition management unit 012 manages the definition of the organizational hierarchy structure used in the system.
  • the hierarchy definition management unit 012 corresponds to an example of a hierarchy order information storage unit.
  • the organization information management unit 013 manages information on the organization that uses the application.
  • the organization information management unit 013 corresponds to an example of a hierarchical element information storage unit.
  • FIG. 2 It should be noted that a plurality of elements in FIG. 2 can exist and have a redundant structure.
  • the operation request 201 in FIG. 3 is an example of request contents transmitted from the terminals 001 and 002.
  • the operation request 201 includes authentication information such as the user ID and password of the user who issued the operation request 201, operation details for the business logic unit 007, and header information necessary for communication.
  • the HTTP HyperText Transfer Protocol
  • FTP File Transfer Protocol
  • JMS Java (registered trademark) Message
  • Service or the like can be substituted if it is possible to have the above contents.
  • the operation request 201 includes a communication header 202, authentication information 203, and operation content 204.
  • the communication header 202 is header information necessary for communication between the terminal 001 and the access control apparatus 004, and includes information on a request transmission source and a request transmission destination.
  • the authentication information 203 indicates the authentication information of the request transmission source user, and includes the user ID and password of the user as an example.
  • the operation content 204 indicates an operation request content to the business logic unit 007 of the request transmission source user, and includes, for example, a business logic type and operation content (data reference, data update, etc.).
  • FIG. 4 shows an example of user information 301 managed by the user information management unit 009.
  • the user information 301 holds information on users who use the access control device 004, and each user can be uniquely identified by the user ID.
  • the user information 301 includes a user name, an organization ID of an organization to which the user belongs, and a password necessary for user authentication.
  • FIG. 5 shows an example of the access authority information 401 managed by the access authority management unit 010.
  • the access authority information 401 holds information on the operation authority range of the business logic unit 007 managed by the access control apparatus 004 and the operation authority range of the access control apparatus 004 itself. For example, whether or not to operate the business logic A and whether or not the access authority can be operated are stored as operable contents. It should be noted that some restrictions may be imposed on whether or not the operation is possible, for example, only reference is possible.
  • FIG. 6 shows an example of role assignment information 501 managed by the role assignment management unit 011.
  • the role assignment information 501 manages the correspondence between the access authority information 401 and the organization information, and holds information indicating which organization can perform the operation.
  • the authority assignment target can be set not only for the organization but also for the entire building and the entire tenant.
  • the role assignment information can be divided into information on the role itself and information representing the correspondence between the role and the organization. As shown in FIG.
  • the role assignment information 501 includes an access permission condition which is a condition for permitting access (operation and reference) to an access restriction resource (tenant A business logic, building A business logic) as a specific hierarchical element. It is shown in association with (under T001, under B001). T001 and B001 are a tenant ID and a building ID, respectively, as shown in FIG.
  • the role assignment information 501 corresponds to an example of access permission condition information
  • the role assignment management unit 011 corresponds to an example of an access permission condition information storage unit as described above.
  • FIG. 7 shows the hierarchy definition information 601 managed by the hierarchy definition management unit 012.
  • the hierarchy definition information 601 has an expiration date indicating the order of the entities such as buildings, tenants, and organizations that use the access control device 004, and the period during which the hierarchy structure is valid.
  • the hierarchy ID: ST001 in FIG. 7 defines a structure in which a building is arranged at the top of the hierarchical structure, a tenant is arranged under the building, and an organization is arranged under the tenant.
  • buildings, tenants, and organizations are listed as examples of hierarchies. For example, it is possible to define an entity called a region in the upper hierarchy of a building or an entity called a branch office under a tenant. It is.
  • the hierarchy definition information 601 indicates the rank between hierarchies in the hierarchy structure, and corresponds to an example of the hierarchy rank information.
  • the hierarchy definition management unit 012 corresponds to an example of a hierarchy order information storage unit.
  • FIG. 8 shows information managed by the organization information management unit 013.
  • the organization information management unit 013 includes building information 701, tenant information 702, organization information 703, building / tenant correspondence information 704, tenant / organization correspondence information 705, and building / organization correspondence information 706.
  • the building information 701 holds information on a building that uses the access control device 004. Each building can be identified by a building ID. In addition to the building ID, attribute information such as a building name and a building location can be held.
  • the tenant information 702 holds information on a tenant that uses the access control device 004. Each tenant can be identified by a tenant ID. In addition to the tenant ID, it is also possible to hold attribute information such as a tenant name and tenant contract details.
  • the organization information 703 holds information on the organization that uses the access control device 004. Each organization can be identified by the organization ID. In addition to the organization ID, it is also possible to hold attribute information such as the organization name and the person in charge (organization head) in the organization. In addition, about the organization, since a hierarchical structure between organizations can be considered as in the case where a section is placed under the department, the organization (parent organization) corresponding to the upper hierarchy of the organization is also included as information.
  • the building / tenant correspondence information 704 indicates a correspondence relationship between the building managed by the building information 701 and the tenant managed by the tenant information 702.
  • the building / tenant correspondence information 704 holds an attribute that uniquely identifies a building and a tenant, such as a building ID / tenant ID. Also, if the building / tenant correspondence has an expiration date, the expiration date is retained as an attribute.
  • the tenant / organization correspondence information 705 indicates a correspondence relationship between the tenant managed by the tenant information 702 and the organization managed by the organization information 703.
  • the tenant / organization correspondence information 705 holds attributes such as a tenant ID / organization ID that can uniquely identify a tenant and an organization. If the tenant / organization correspondence has an expiration date, the expiration date is stored as an attribute.
  • the building / organization correspondence information 706 indicates a correspondence relationship between the building managed by the building information 701 and the organization managed by the organization information 703.
  • the building / organization correspondence information 706 holds an attribute such as a building ID / organization ID that can uniquely identify a building and an organization.
  • the expiration date is held as an attribute.
  • the tenant / organization correspondence information 705, and the building / organization correspondence information 706, a pair of hierarchical elements that are elements constituting a hierarchy and are related to each other in two different hierarchies. are shown for each combination of hierarchies. Specifically, regarding the building hierarchy and the tenant hierarchy, in the building / tenant correspondence information 704, a pair of B001 which is a hierarchy element of the building hierarchy and T001 which is a hierarchy element of the tenant hierarchy, and B001 which is a hierarchy element of the building hierarchy. And a pair of T002 which is a hierarchical element of the tenant hierarchy is described.
  • the tenant / organization correspondence information 705 a pair of T001 that is a hierarchy element of the tenant hierarchy and ORGT001 that is a hierarchy element of the organization hierarchy, and T001 that is a hierarchy element of the tenant hierarchy and the organization hierarchy Is described as being equivalent to ORGT002, which is a hierarchical element of As for the building hierarchy and the organization hierarchy
  • the building / organization correspondence information 706 a pair of B001 which is a hierarchy element of the building hierarchy and ORGT001 which is a hierarchy element of the organization hierarchy, B001 which is a hierarchy element of the building hierarchy and the organization hierarchy Is described as being equivalent to ORGT002, which is a hierarchical element of
  • the building / tenant correspondence information 704, the tenant / organization correspondence information 705, and the building / organization correspondence information 706 correspond to examples of hierarchical element information.
  • the organization information management unit 013 corresponds to an example of a hierarchical element information storage unit as described above.
  • FIG. 9 shows the internal configuration of the business logic unit 007.
  • the business logic unit 007 includes a business logic unit A 801, a business logic unit B 802, and a business logic unit C 803.
  • the business logic unit A 801 is in charge of different tasks such as employment management
  • the business logic unit B 802 is accounting management
  • the business logic unit C 803 is in / out room management.
  • the number of logics in the business logic unit 007 is arbitrary, and the number of internal business logics can be increased or decreased in accordance with the increase or decrease in business logic handled by the access control device 004.
  • FIG. 10 shows the internal configuration of the business logic information management unit 008.
  • the business logic information management unit 008 includes a business logic A information management unit 901, a business logic B information management unit 902, and a business logic C information management unit 903.
  • the business logic A information management unit 901 manages information handled by the business logic unit A 801
  • the business logic B information management unit 902 manages the business logic unit B 802
  • the business logic C information management unit 903 manages information handled by the business logic unit C 803.
  • the business logic A information management unit 901 has an employee list, attendance record, attendance date calendar, etc. used in the work management logic. Note that the number of internal information can be increased or decreased as in the business logic unit 007. Further, if there is information that is shared by each information management unit, it can be shared.
  • the user A belonging to the tenant A operates the business logic A in the access control device 004, the user A uses the Web browser 001a of the terminal 001 to check his / her authentication information and business logic.
  • a request for operation content is issued in the form of an operation request 201.
  • the request reception unit 005 centrally executes request management and response generation.
  • FIG. 3 shows an operation request 201 transmitted by the user with the user ID: U001 using the terminal 001 and requesting data reference of the business logic A (business ID: L001).
  • the user A belongs to the organization with the organization ID: ORG001
  • the organization with the organization ID: ORG001 belongs to the tenant with the tenant ID: T001
  • the tenant with the tenant ID: T001 has the building ID: It belongs to the building of B001.
  • the access control device 004 does not hold information in which the hierarchical relationship between hierarchical elements as shown in FIG. 19 is defined in advance, and when an operation request 201 is received, as described later, the F-RBAC unit 006 analyzes the hierarchical relationship between the hierarchical elements using the information shown in FIGS. 7 and 8.
  • the process accepting unit 005 acquires the authentication information 203 and the operation content 204 from the received operation request 201, outputs the authentication information 203 and the operation content 204 to the F-RBAC unit 006, and performs an operation on the business logic of the requesting user.
  • the F-RBAC unit 006 is inquired of whether it is possible (S101).
  • the process reception unit 005 determines whether or not the user can operate from the inquiry result of the F-RBAC unit 006 (S102).
  • the process accepting unit 005 delivers the operation content 204 of the operation request 201 to the business logic unit 007 (S103). Then, the process reception unit 005 returns an operation request result to the business logic unit 007 to the terminal 001a as a response (S104).
  • the process accepting unit 005 returns a response indicating that the operation is impossible to the terminal 001a (S105).
  • the F-RBAC unit 006 acquires information necessary for authentication such as a user ID and a password from the authentication information 203 received from the process reception unit 005 (S201).
  • the F-RBAC unit 006 inquires of the user information management unit 009 about information on the user having the user ID acquired from the authentication information 203 (S202).
  • the F-RBAC unit 006 verifies whether or not the user authentication is successful (S203). Specifically, the F-RBAC unit 006 verifies by the following procedure.
  • the F-RBAC unit 006 confirms from the response of the user information management unit 009 whether there is a user having the user ID acquired in S201. If there is no corresponding user, authentication is not possible. If there is a corresponding user, it is determined whether the password acquired from the authentication information 203 matches the password managed by the user information management unit 009. If the passwords match, authentication succeeds. If they do not match, authentication fails.
  • the F-RBAC unit 006 acquires the business ID of the business logic to be operated by the user from the operation content 204 received from the processing reception unit 005, and the access authority A list of access authorities associated with the logic of the business ID is acquired in the management unit 010 (S204).
  • the F-RBAC unit 006 obtains the record of authority ID: A001 and the record of authority ID: A002 of FIG. 5 based on the business ID: L001 if the operation content 204 of FIG.
  • the F-RBAC unit 006 obtains information on the current hierarchy order from the hierarchy definition management unit 012 (S205).
  • hierarchical order information in which “building>tenant> organization” is described is acquired.
  • the F-RBAC unit 006 acquires information on the organization to which the user belongs from the organization information management unit 013 based on the information on the organization ID of the organization to which the user belongs from the user information acquired from the user information management unit 009 (S206). ).
  • the organization to which the target user A belongs is the organization with the organization ID: ORG001 from FIG.
  • the F-RBAC unit 006 based on the hierarchy order information acquired from the hierarchy definition management unit 012 and the organization information acquired from the organization information management unit 013, the building, tenant, The acquisition of organization information is repeated until there is no higher-level organization (S207). Since the hierarchy order acquired in S205 is “Build>Tenant> Organization”, the F-RBAC unit 006 first forms a hierarchy that is paired with the organization ID: ORG001 in the tenant hierarchy that is one level above the organization. Search for an element. Specifically, the F-RBAC unit 006 searches the tenant / organization correspondence information 705 in FIG. 8 and extracts the tenant ID: T001 paired with the organization ID: ORG001.
  • the F-RBAC unit 006 searches the hierarchy order “building>tenant> organization” for a hierarchy element that is paired with the tenant ID: T001 in the building hierarchy that is one hierarchy above the tenant. Specifically, the F-RBAC unit 006 searches the building / tenant correspondence information 704 in FIG. 8 and extracts the building ID: B001 paired with the tenant ID: T001.
  • the F-RBAC unit 006 acquires from the role assignment management unit 011 role assignment information that matches the access authority obtained in S204 and the organization, tenant, and building obtained in S206 and S207 (S208).
  • the F-RBAC unit 006 acquires a record with a role assignment ID: R001 and a record with a role assignment ID: R002.
  • the F-RBAC unit 006 determines whether or not the role assignment acquired in S208 exists (S209). For organizations, it is checked whether there is an assignment in order from the upper hierarchy.
  • the F-RBAC unit 006 determines that the authentication is successful and returns a success response to the process reception unit 005 (S210). Since the operation request 201 in FIG. 3 requires data reference, it matches the “role name: only building business logic A can be referred to” in FIG. 6, and the F-RBAC unit 006 succeeds in the process reception unit 005. Returns a response.
  • the F-RBAC unit 006 determines that the authentication has failed, and returns a failure response to the process reception unit 005 (S211).
  • the business logic unit 007 determines which business logic in the business logic unit 007 is designated from the operation content 204 received from the process reception unit 005, and delivers the operation content to the internal business logic ( S301). In the following, the operation will be described assuming that the business logic unit A801 in FIG. 9 is designated.
  • the business logic unit A801 performs an operation while referring to and updating information handled by the business logic A information management unit 901 in the business logic information management unit 008 based on the operation content received from the business logic unit 007 in S301 (S302). .
  • the business logic unit A 801 returns a response to the processing reception unit 005 via the business logic unit 007 for the result of performing S302 (S303).
  • FIG. 14 shows an example of a hierarchical structure change request that is a request that the system user transmits to the access control apparatus 004 using the terminal 000 when the hierarchical structure of the access control apparatus 004 is changed.
  • a system user who manages the access control device 004 transmits a hierarchical structure change request 1301 to the access control device 004 using the Web browser 000a of the terminal 000.
  • the hierarchy structure change request 1301 is a request for requesting to change the hierarchy order in the hierarchy definition information 601 of FIG.
  • the F-RBAC unit 006 changes the hierarchical order in the hierarchical definition information 601. change. Note that the operation of the process accepting unit 005 and the operation up to the authentication of the F-RBAC unit 006 are the same as S101 to S105 and S201 to S203 described above.
  • the process reception unit 005 returns a response to the terminal 000.
  • the F-RBAC unit 006 acquires the operation content 1304 describing the hierarchical structure change information from the hierarchical structure change request 1301 received from the process accepting unit 005 (S401). Next, the F-RBAC unit 006 issues a hierarchical structure definition change request to the hierarchy definition management unit 012 for the operation content 1304 acquired in S401 (S402).
  • the hierarchy definition management unit 012 changes, for example, the hierarchy definition information 601 in FIG. 7 to the hierarchy definition information 602 in FIG. 16 in accordance with the request received in S402.
  • “tenant>building> organization” is defined as a new hierarchy order. Further, the hierarchy order “building>tenant> organization” before the change is held in the hierarchy definition information 602 together with the expiration date.
  • the F-RBAC unit 006 returns the operation result to the process reception unit 005 after the processing of the hierarchy definition management unit 012 is completed (S403).
  • the F-RBAC unit 006 performs the process of FIG. 12 based on the changed hierarchy order.
  • the hierarchical element is searched in the direction toward the upper hierarchy (S207).
  • the hierarchical element may be searched in the direction toward the lower hierarchy.
  • a hierarchy definition management unit that manages the structure of the organization hierarchy and the validity period of the hierarchy structure;
  • the hierarchy is traced in order from the top while interpreting the organizational hierarchical structure, and the role assignment target is compared with the organizational hierarchy position to which the user who uses the system belongs.
  • a tenant access control device, method, and program provided with an access control unit that realizes the change of the hierarchical structure in the system by changing the expiration date of the hierarchical structure explained.
  • the tenant access control apparatus, method, and program provided with an access control unit that determines whether or not access is possible based on information on whether or not an access authority management unit can access when an individual uses an application in the system have been described.
  • Embodiment 2 FIG. In the present embodiment, differences from the first embodiment will be described. Operations and configurations other than those described below are the same as those in the first embodiment.
  • FIG. 17 shows the hierarchy definition information 610 of the hierarchy definition management unit 012 according to this embodiment.
  • information corresponding to the business logic is added as an attribute, such as a business ID, as compared with the hierarchy definition information 601 in FIG. 7.
  • the hierarchical structure can be changed for each business logic. That is, in the hierarchy definition information 610 according to the present embodiment, a hierarchy order is defined for each business logic (access restricted resource).
  • FIG. 18 shows a business logic definition 910 of the business logic information management unit 008 according to this embodiment. Unlike FIG. 10, in FIG. 18, a business ID is assigned to each business logic.
  • the F-RBAC unit 006 acquires a business ID from the operation request 201 when acquiring the hierarchical order in S205 of FIG. The hierarchical order corresponding to the acquired business ID is acquired, and the acquired hierarchical order is used for the subsequent determination of the presence of access authority.
  • It has a hierarchy definition manager with an organizational hierarchy for each application in the system,
  • a tenant access control apparatus, method, and program provided with an access control unit that switches the organizational hierarchy structure for each application by the hierarchy definition management unit when an individual uses an application in the system and determines whether access is possible have been described.
  • the access control device 004 is a computer, and each element of the access control device 004 can be realized by a program.
  • an arithmetic device 1901, an external storage device 1902, a main storage device 1903, a communication device 1904, and an input / output device 1905 are connected to the bus.
  • the arithmetic device 1901 is a CPU (Central Processing Unit) that executes a program.
  • the external storage device 1902 is, for example, a ROM (Read Only Memory), a flash memory, or a hard disk device.
  • the main storage device 1903 is a RAM (Random Access Memory).
  • the “ ⁇ management unit” illustrated in FIG. 2 is realized by the external storage device 1902 or the main storage device 1903.
  • the communication device 1904 corresponds to the physical layer of the process reception unit 005.
  • the input / output device 1905 is, for example, a mouse, a keyboard, a display device, or the like.
  • the program is normally stored in the external storage device 1902, and is sequentially read into the arithmetic device 1901 and executed while being loaded in the main storage device 1903.
  • the program is a program that realizes the functions described as “ ⁇ unit” (excluding “ ⁇ management unit”, the same applies hereinafter) shown in FIG.
  • an operating system (OS) is also stored in the external storage device 1902. At least a part of the OS is loaded into the main storage device 1903, and the arithmetic unit 1901 executes “OS” while executing “OS” shown in FIG. ”Is executed.
  • variable values are stored in the main storage device 1903 as files.
  • the encryption key / decryption key, random number value, and parameter may be stored in the main storage device 1903 as a file.
  • the configuration in FIG. 20 is merely an example of the hardware configuration of the access control device 004, and the hardware configuration of the access control device 004 is not limited to the configuration shown in FIG. Also good.
  • the access control method according to the present invention can be realized by the procedure shown in the first and second embodiments.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

Selon l'invention, une unité de gestion de définition de hiérarchie (012) stocke une priorité entre niveaux hiérarchiques. Une unité de gestion d'informations d'organisation (013) stocke des informations qui indiquent des paires d'éléments de hiérarchie pour chaque combinaison de niveaux hiérarchiques. Une unité de gestion d'attribution de rôle (011) stocke des informations par lesquelles une condition qui permet un accès est corrélée à un élément de hiérarchie spécifique. Une unité de réception de processus (005) reçoit en entrée, en provenance d'un utilisateur, une requête d'opération demandant accès à des ressources. Une unité F-RBAC (006) identifie un élément de hiérarchie correspondant à l'utilisateur, extrait, des informations de l'unité de gestion d'informations d'organisation (013), un élément de hiérarchie qui est apparié avec l'élément de hiérarchie identifié et se trouve un niveau hiérarchique au-dessus de ce dernier, sur la base de la priorité entre niveaux hiérarchiques, répète l'opération afin d'extraire un élément de hiérarchie d'un niveau qui est apparié avec l'élément de hiérarchie extrait et se trouve un niveau au-dessus de ce dernier, compare l'élément de hiérarchie identifié et les éléments de hiérarchie extraits aux éléments de hiérarchie définis par l'unité de gestion d'attribution de rôle (011), et détermine l'opportunité d'autoriser l'accès.
PCT/JP2014/052851 2013-05-23 2014-02-07 Dispositif de contrôle d'accès et procédé et programme de contrôle d'accès Ceased WO2014188743A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2015518114A JP5980421B2 (ja) 2013-05-23 2014-02-07 アクセス制御装置及びアクセス制御方法及びプログラム
CN201480029654.5A CN105229662B (zh) 2013-05-23 2014-02-07 访问控制装置和访问控制方法

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2013108925 2013-05-23
JP2013-108925 2013-05-23

Publications (1)

Publication Number Publication Date
WO2014188743A1 true WO2014188743A1 (fr) 2014-11-27

Family

ID=51933310

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2014/052851 Ceased WO2014188743A1 (fr) 2013-05-23 2014-02-07 Dispositif de contrôle d'accès et procédé et programme de contrôle d'accès

Country Status (3)

Country Link
JP (1) JP5980421B2 (fr)
CN (1) CN105229662B (fr)
WO (1) WO2014188743A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019225097A1 (fr) * 2018-05-24 2019-11-28 清水建設株式会社 Système de notification d'état d'utilisation d'installation, procédé de notification d'état d'utilisation d'installation et programme
US12411835B2 (en) 2023-01-27 2025-09-09 Rubrik, Inc. Access authorization for audit information in a multi-tenancy data management system
US12461947B2 (en) * 2023-01-27 2025-11-04 Rubrik, Inc. Access authorization for report data in a multi-tenancy data management system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111988173B (zh) * 2020-08-19 2023-09-12 北京安瑞志远科技有限公司 基于多层父子结构租户的租户管理平台和租户管理方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007172154A (ja) * 2005-12-20 2007-07-05 Mitsubishi Space Software Kk アクセス制御装置及びアクセス制御方法及びアクセス制御プログラム
JP2008210376A (ja) * 2007-02-01 2008-09-11 Hitachi Software Eng Co Ltd 組織階層定義システム、グループ階層の構成方法、及び組織階層の表示方法
JP2011076569A (ja) * 2009-10-02 2011-04-14 Ariel Networks Co Ltd アクセス権管理装置およびアクセス権管理プログラム
US20110213789A1 (en) * 2010-02-26 2011-09-01 Salesforce.Com, Inc. System, method and computer program product for determining an amount of access to data, based on a role

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3956149B2 (ja) * 2005-12-19 2007-08-08 インターナショナル・ビジネス・マシーンズ・コーポレーション リソース・コンテンツのアクセス制御方法、システム、およびプログラム
CN103038778A (zh) * 2010-06-23 2013-04-10 惠普发展公司,有限责任合伙企业 授权控制

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007172154A (ja) * 2005-12-20 2007-07-05 Mitsubishi Space Software Kk アクセス制御装置及びアクセス制御方法及びアクセス制御プログラム
JP2008210376A (ja) * 2007-02-01 2008-09-11 Hitachi Software Eng Co Ltd 組織階層定義システム、グループ階層の構成方法、及び組織階層の表示方法
JP2011076569A (ja) * 2009-10-02 2011-04-14 Ariel Networks Co Ltd アクセス権管理装置およびアクセス権管理プログラム
US20110213789A1 (en) * 2010-02-26 2011-09-01 Salesforce.Com, Inc. System, method and computer program product for determining an amount of access to data, based on a role

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019225097A1 (fr) * 2018-05-24 2019-11-28 清水建設株式会社 Système de notification d'état d'utilisation d'installation, procédé de notification d'état d'utilisation d'installation et programme
JP2019204350A (ja) * 2018-05-24 2019-11-28 清水建設株式会社 設備利用状況公開システム、設備利用状況公開方法およびプログラム
JP7107745B2 (ja) 2018-05-24 2022-07-27 清水建設株式会社 設備利用状況公開システム、設備利用状況公開方法およびプログラム
US12411835B2 (en) 2023-01-27 2025-09-09 Rubrik, Inc. Access authorization for audit information in a multi-tenancy data management system
US12461947B2 (en) * 2023-01-27 2025-11-04 Rubrik, Inc. Access authorization for report data in a multi-tenancy data management system

Also Published As

Publication number Publication date
CN105229662B (zh) 2018-02-02
JP5980421B2 (ja) 2016-08-31
JPWO2014188743A1 (ja) 2017-02-23
CN105229662A (zh) 2016-01-06

Similar Documents

Publication Publication Date Title
US10855790B2 (en) Servicing asset requests via proxy
US11750609B2 (en) Dynamic computing resource access authorization
CN115335827B (zh) 用于实现基于角色的访问控制聚类机器学习模型执行模块的方法和装置
US10826844B2 (en) Transmission of tags and policies with data objects
US12164652B1 (en) Analyzing privilege escalation risks using a multi-layer reasoning framework
Ananthakrishnan et al. Globus platform‐as‐a‐service for collaborative science applications
US20220058285A1 (en) Systems and methods for computer-implemented data trusts
US11539707B2 (en) Dynamic security policy consolidation
CN108351771B (zh) 维持对于在部署到云计算环境期间的受限数据的控制
EP2715971B1 (fr) Automatisation des reconnexions à des services en nuage
JP2020526820A (ja) 分散型台帳を用いて公共のソフトウェアコンポーネント・エコシステムを管理するためのシステムおよび方法
Chard et al. Globus Nexus: A platform-as-a-service provider of research identity, profile, and group management
US11556238B1 (en) Implementation of architecture document via infrastructure as code
CN116940931B (zh) 使用谓词的字符串自动推理的分布式分解
Jin et al. Role and attribute based collaborative administration of intra-tenant cloud iaas
KR102295593B1 (ko) 인증 문서를 자동으로 생성하는 기법
JP5991386B2 (ja) ネットワークシステム
US12132735B1 (en) Specification language for generating graph reachability-based analyses for cloud-based system resources
JP5980421B2 (ja) アクセス制御装置及びアクセス制御方法及びプログラム
US11233787B2 (en) Automated on call and ad hoc access to restricted resources
US12468725B2 (en) Data distribution and access within a multi-zone computing platform
EP3513316B1 (fr) Environnement de recherche personnalisé
US12445429B2 (en) System and method for authentication as a service
US20170235924A1 (en) System and Network for Controlling Content and Accessibility
US12368716B1 (en) Verifying translated access controls for application modernization

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201480029654.5

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14800483

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2015518114

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: IDP00201507441

Country of ref document: ID

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14800483

Country of ref document: EP

Kind code of ref document: A1