Application of access control model for confidential data

Abstract

In any field, the security of data is extremely important, and it is even related to national security and personal privacy. Within a mature system framework, the design of data security is the most basic and challenging task, and access control is one of the main strategies for Network security prevention. Log as an indispensable part of a secure system can help us to complete traceability after a data breach and to monitor the operation of the application at any time. However, in the existing confidential data management systems, the existing access control methods are not friendly to confidential data, and there are problems of excessive administrator privileges and no confidentiality restrictions. Considering of the fact that the authority and log Module is not well implemented in most confidential data management system, we propose to design a general access control model application. We propose an access control model based on roles and object domains, combined with a security level. Through this model, we can implement three-layer filtering when users access data, thereby ensuring data security and avoiding data leakage problems. At the same time, by implementing the log module, some deficiencies in the log analysis and monitoring of existing confidential data management system can be solved.