ROLL-BASED ACCESS CONTROL METHOD AND SYSTEM

摘要

PROBLEM TO BE SOLVED: To convert an RBAC policy designed at a policy definition point so as to become the minimum authority into policies of policy execution points based on various restrictions of an access control mechanism and connection forms of systems since many policy execution points exist from diversity of pieces of equipment to be managed in a cloud system.;SOLUTION: In a method for converting an RBAC policy defined at a policy definition point into policies at a plurality of policy execution points, the policy definition point and the policy execution points are connected with a network, and the policy definition point executes: processing for generating matrixes of functions of objects and the respective systems; and processing for converting the RBAC policy into the policies at the policy execution points by performing constraint programming by using the RBAC policy, restrictions of an access control mechanism at the policy execution points, and connection forms of the systems as constraints.;COPYRIGHT: (C)2015,JPO&INPIT