ACCESS CONTROL DEVICE AND METHOD THEREOF
First Claim
1. An access control device for separately controlling access of one or more second subjects to data that is kept in one or more of multiple processing nodes by each of one or more first subjects, the second subjects being subjects excluding the first subjects, the processing nodes holding data of the first subjects each controlling access of the respective second subjects to the data of the first subjects based on access control information, comprising:
- trustworthiness information collecting means for collecting trustworthiness information, which indicates trustworthiness of each of the second subjects, from one or more of the multiple processing nodes; and
access control proposal information creating means for creating the access control proposal information, which is used to separately control access of the second subjects to each piece of the data of the first subjects, based on access control information that each of the first subjects sets to its own data in advance, and based on the collected trustworthiness information.
1 Assignment
0 Petitions
Accused Products
Abstract
Access control appropriate to each processing node is achieved by evaluating information published by the processing node. An access control device (4) ranks subjects of consumption activities by their trust values, and determines whether or not the ranked subjects include any subject whose rank is improved from the last time. When there exists a subject whose rank is improved from the last time, a subject having data to which access control information is set against the subject with an improved rank is made a proposal that the protection level in the access control information against the subject with an improved rank should be decreased. The access control device (4) also judges whether or not the ranked subjects include any subject whose rank is worsened from the last time. When there exists a subject whose rank is worsened from the last time, a subject having data to which access control information is set against the subject with a worsened rank is made a proposal that the protection level in the access control information against the subject with a worsened rank should be increased.
107 Citations
11 Claims
-
1. An access control device for separately controlling access of one or more second subjects to data that is kept in one or more of multiple processing nodes by each of one or more first subjects, the second subjects being subjects excluding the first subjects, the processing nodes holding data of the first subjects each controlling access of the respective second subjects to the data of the first subjects based on access control information, comprising:
-
trustworthiness information collecting means for collecting trustworthiness information, which indicates trustworthiness of each of the second subjects, from one or more of the multiple processing nodes; and access control proposal information creating means for creating the access control proposal information, which is used to separately control access of the second subjects to each piece of the data of the first subjects, based on access control information that each of the first subjects sets to its own data in advance, and based on the collected trustworthiness information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An access control method for separately controlling access of one or more second subjects to data that is kept in one or more of multiple processing nodes by each of one or more first subjects, the second subjects being subjects excluding the first subjects, the processing nodes holding data of the first subjects each controlling access of the respective second subjects to the data of the first subjects based on access control information, comprising:
-
a trustworthiness information collecting step of collecting trustworthiness information, which indicates trustworthiness of each of the second subjects, from one or more of the multiple processing nodes; and an access control proposal information creating step of creating the access control proposal information, which is used to separately control access of the second subjects to each piece of the data of the first subjects, based on access control information that each of the first subjects sets to its own data in advance, and based on the collected trustworthiness information. - View Dependent Claims (10)
-
-
11. An access control program for separately controlling access of one or more second subjects to data that is kept in one or more of multiple processing nodes by each of one or more first subjects, the second subjects being subjects excluding the first subjects, the processing nodes holding data of the first subjects each controlling access of the respective second subjects to the data of the first subjects based on access control information, the access control program causing a computer to execute:
-
a trustworthiness information collecting step of collecting trustworthiness information, which indicates trustworthiness of each of the second subjects, from one or more of the multiple processing nodes; and an access control proposal information creating step of creating the access control proposal information, which is used to separately control access of the second subjects to each piece of the data of the first subjects, based on access control information that each of the first subjects sets to its own data in advance, and based on the collected trustworthiness information.
-
Specification