| 摘要 |
<p>A group (ER) of access rules (Re) for subjects (Su) to access objects (Ob) is verified in a chip card-type data processing means wherein the subjects and objects are users and applications. Each rule defines a subject's right to perform an action on an object. In particular, after the deletion or addition of a rule or a given subject (Su) relating to a given object (Ob), suspect rules (SuROb) which apply to the given subject and object are searched for (ET4) among all the access rules. The entity responsible for access rules is prompted (ET5) to delete each rule found by the search so that the rule found can be deleted (ET7), particularly in coherence (ET8-ET14) with rules relating to the given subject in groups, or maintained (ET6).</p> |
