发明名称 |
METHOD FOR EXPANDING THE SECURITY KERNEL WITH SYSTEM FOR PRIVILEGE FLOW PREVENTION BASED ROLE |
摘要 |
PURPOSE: A security kernel extension method in a role base access control system for separating a login user and a process user is provided to systematically utilize various access restriction by supplying a role-based access control function. CONSTITUTION: A security policy setting unit includes a user property setting unit(101), a role setting unit(102), an OBS(Objects) and OPS(Operations) setting unit and a PA(Permission Assignment). A security function performance unit includes a system call controller, a process user property controller, and the access controller and a role base access controller. The compulsory access unit determines an access permission by comparison between an object security property of the OBS profile. |
申请公布号 |
KR20100001524(A) |
申请公布日期 |
2010.01.06 |
申请号 |
KR20080061460 |
申请日期 |
2008.06.27 |
申请人 |
REDGATE CO., LTD. |
发明人 |
KIM, SANG CHEOL;KIM, KI HYUN |
分类号 |
G06F21/31;G06F21/12;G06F21/60;H04L9/32 |
主分类号 |
G06F21/31 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|