Access control system, access control method, electronic device and control program
First Claim
Patent Images
1. An access control system, comprising:
- an electronic device; and
an access control unit which controls an access between devices mounted on said electronic device;
wherein said access control unit which applies unique secret information set for each said device as a right to access said device on a basis of each task operable on said electronic device and determines whether to allow an access to said device or not according to whether an access requesting task which requests an access to said device has secret information of said device,wherein said access control unithas an access control table in which existence/non-existence of said secret information of said device is set on a basis of said each task, anddetermines whether to allow an access to said device based on said access control table,wherein said access control table includesan access right setting table indicative of allowance/non-allowance of an access to said device, anda change authorization table indicative of allowance/non-allowance of setting change of said access right setting table according to said secret information, and said access control unithas an access right setting table changing unit configured to set, based on an access right setting request from a device having said access requesting task to which said secret information is applied and said change authorization table, a right to access an access target device to be accessed at a task corresponding to the access right setting request to change said access right setting table, andallows a device at which an access right is set to make an access based on said access right setting table as of after change,wherein said access control unit further comprises;
a pseudo secret information generating unit configured to generate, by using random numbers, pseudo secret information from said secret information applied to said access requesting task,a change authorization table changing unit configured to change, in said change authorization table, said secret information of said access target device corresponding to said secret information into said pseudo secret information generated, anda pseudo secret information notifying unit configured to notify said access requesting task of said pseudo secret information generated,wherein said access control unit uses said pseudo secret information in place of said secret information.
4 Assignments
0 Petitions
Accused Products
Abstract
Provided is the access control system for controlling an access on a task basis without modifying a device side to be accessed and without applying a task ID at each access to a device.
The access filter system for controlling an access between devices mounted on an electronic device, which comprises the access control unit for applying a unique device key set for each device as a right to access the device on a basis of a task operable on the electronic device and determining whether to allow an access to the device according to whether an access request task which requests an access to the device has the device key.
-
Citations
38 Claims
-
1. An access control system, comprising:
-
an electronic device; and an access control unit which controls an access between devices mounted on said electronic device; wherein said access control unit which applies unique secret information set for each said device as a right to access said device on a basis of each task operable on said electronic device and determines whether to allow an access to said device or not according to whether an access requesting task which requests an access to said device has secret information of said device, wherein said access control unit has an access control table in which existence/non-existence of said secret information of said device is set on a basis of said each task, and determines whether to allow an access to said device based on said access control table, wherein said access control table includes an access right setting table indicative of allowance/non-allowance of an access to said device, and a change authorization table indicative of allowance/non-allowance of setting change of said access right setting table according to said secret information, and said access control unit has an access right setting table changing unit configured to set, based on an access right setting request from a device having said access requesting task to which said secret information is applied and said change authorization table, a right to access an access target device to be accessed at a task corresponding to the access right setting request to change said access right setting table, and allows a device at which an access right is set to make an access based on said access right setting table as of after change, wherein said access control unit further comprises; a pseudo secret information generating unit configured to generate, by using random numbers, pseudo secret information from said secret information applied to said access requesting task, a change authorization table changing unit configured to change, in said change authorization table, said secret information of said access target device corresponding to said secret information into said pseudo secret information generated, and a pseudo secret information notifying unit configured to notify said access requesting task of said pseudo secret information generated, wherein said access control unit uses said pseudo secret information in place of said secret information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An access control method of controlling an access between devices mounted on an electronic device, comprising:
-
an access control step of applying unique secret information set for each said device as a right to access said device on a basis of each a task operable on said electronic device and determining whether to allow an access to said device or not according to whether an access requesting task which requests an access to said device has secret information of said device, wherein at said access control step, whether to allow an access to said device is determined based on an access control table in which existence/non-existence of said secret information of said device is set on a basis of said each task, wherein said access control table includes an access right setting table indicative of allowance/non-allowance of an access to said device, and a change authorization table indicative of allowance/non-allowance of setting change of said access right setting table according to said secret information, and said access control step includes an access right setting table changing step of setting, based on an access right setting request from a device having said access requesting task to which said secret information is applied and said change authorization table, a right to access an access target device to be accessed at a task corresponding to the access right setting request to change said access right setting table, and wherein an access to a device at which an access right is set is allowed based on said access right setting table as of after change, wherein said access control step further comprises; a pseudo secret information generating step of generating, by using random numbers, pseudo secret information from said secret information applied to said access requesting task, a change authorization table changing step of changing, in said change authorization table, said secret information of said access target device corresponding to said secret information into said pseudo secret information generated, and a pseudo secret information notifying step of notifying said access requesting task of said pseudo secret information generated, wherein said pseudo secret information is used in place of said secret information. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. An electronic device, comprising:
-
an access control unit configured to control an access between devices, wherein said access control unit applies unique secret information set for each said device as a right to access said device on a basis of each task operable on said electronic device and determines whether to allow an access to said device or not according to whether an access requesting task which requests an access to said device has secret information of said device, wherein said access control unit has an access control table in which existence/non-existence of said secret information of said device is set on a basis of said each task, and determines whether to allow an access to said device based on said access control table, wherein said access control table includes an access right setting table indicative of allowance/non-allowance of an access to said device, and a change authorization table indicative of allowance/non-allowance of setting change of said access right setting table according to said secret information, and said access control unit comprises an access right setting table changing unit which sets, based on an access right setting request from a device having said access requesting task to which said secret information is applied and said change authorization table, a right to access an access target device to be accessed at a task corresponding to the access right setting request to change said access right setting table, and allows a device at which an access right is set to make an access based on said access right setting table as of after change, wherein said access control unit further comprises; a pseudo secret information generating unit configured to generate, by using random numbers, pseudo secret information from said secret information applied to said access requesting task, a change authorization table changing unit configured to change, in said change authorization table, said secret information of said access target device corresponding to said secret information into said pseudo secret information generated, and a pseudo secret information notifying unit configured to notify said access requesting task of said pseudo secret information generated, wherein said access control unit uses said pseudo secret information in place of said secret information. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A non-transitory computer readable medium storing a control program for execution on a computer to control an access between devices mounted on an electronic device,
wherein said control program causes said computer to execute an access control processing of applying unique secret information set for each said device as a right to access said device on a basis of a task operable on said electronic device and determining whether to allow an access to said device or not according to whether an access requesting task which requests an access to said device has secret information of said device, wherein said access control table in which existence/non-existence of said secret information of said device is set on a basis of each said task includes an access right setting table indicative of allowance/non-allowance of an access to said device, and a change authorization table indicative of allowance/non-allowance of setting change of said access right setting table according to said secret information, and said access control processing includes an access right setting table changing processing of setting, based on an access right setting request from a device having said access requesting task to which said secret information is applied and said change authorization table, a right to access an access target device to be accessed at a task corresponding to the access right setting request to change said access right setting table, and wherein an access to a device at which an access right is set is allowed based on said access right setting table as of after change, wherein said access control step further comprises: -
a pseudo secret information generating step of generating, by using random numbers, pseudo secret information from said secret information applied to said access requesting task, a change authorization table changing step of changing, in said change authorization table, said secret information of said access target device corresponding to said secret information into said pseudo secret information generated, and a pseudo secret information notifying step of notifying said access requesting task of said pseudo secret information generated, wherein said pseudo secret information is used in place of said secret information. - View Dependent Claims (34, 35, 36, 37, 38)
-
Specification