首页>
外国专利>
Generating rule-based access control policies using a bytecode instrumentation system
Generating rule-based access control policies using a bytecode instrumentation system
展开▼
机译:使用字节码检测系统生成基于规则的访问控制策略
展开▼
页面导航
摘要
著录项
相似文献
摘要
Instrumentation codes are inserted into predetermined portions of a bytecode. Every transaction referenced in the bytecode is virtually combined and arranged hierarchically to describe a virtual transaction stack describing the computer-based resources accessed during the transaction. Based at least on the origin of the transaction, the characteristics of the transaction and the computer-based resources accessed during the transaction, the sensitivity of the transaction, and the security context of each of the computer-based resources accessed during the transaction are determined. A policy store is searched for at least one access control policy referencing the transaction, or the computer-based resources requested accessed by the transaction. If such an access control policy is found, it is selectively modified to refer exclusively to the transaction and the corresponding sensitive computer-based resources. Otherwise, a new access control policy exclusively referencing the data-oriented transactions and the corresponding sensitive computer-based resources is created.
展开▼