An Access Control Mechanism Based on Active Domain

In the traditional access control mechanism, it is hard to record and control the course of reading and writing. The confidentiality is destroyed by the abnormal reading out, and the integrity is lost by the abnormal writing in. And so many threats come from Internet applications in recent years. The question is how to trigger the control the reading and writing in time. We present the concept of active domain, and it is created for each visit. Our approach is to build an access control mechanism and polices based on active domain. (1) It triggers the system to create active domain for a program it the beginning of running. (2) The reading or writing or communicating trigger the checking for the validity and consistency between the action and the active domain. If it exits abnormal action, the control layer based on active domain would end the visit on time. For the mechanism, we built triggering and system mechanism and the rules. The real-time triggering and control mechanism strengthen the safety and security of the system.