Abstract: A secret-key managing method includes: constructing a multi-node secret-key storing system, in response to secret-key data required by an encryption-decryption service program being not in an operating state, storing the secret-key data into a random node in the multi-node secret-key storing system, and controlling the secret-key data to migrate among nodes in the multi-node secret-key storing system according to a predetermined migration rule, rather than directly storing in the internal memory corresponding to the encryption-decryption service program, the attacker cannot know the storage position of the secret-key data, and thus has difficulty in stealing the secret-key data with conventional attacking means. Moreover, when a secret-key invoking request based on the encryption-decryption service program is received, the storage position of the secret-key data at the current moment can be determined based on the predetermined migration rule, to feed back the secret-key invoking request.

Abstract: The present application provides an access control method, device, apparatus, and readable storage medium. The method comprises: receiving and parsing an access request, and determining a subject and an object corresponding to the access request; by using a security access strategy, obtaining a first result of whether the subject has permission to access the object, and determining whether a match access control linked list exists; when the access control linked list exists, by using the access control linked list, obtaining a second result whether the subject has permission to access the object; when the second result is obtained, by using the second result, performing control processing on the access request; or when the second result is not obtained, by using the first result, performing control processing on the access request.

Abstract: The present application is applicable to the technical field of security management, and discloses a secret-key managing method, a secret-key managing apparatus, a secret-key managing device and a non-transitory readable storage medium. By constructing a multi-node secret-key storing system, in response to secret-key data required by an encryption-decryption service program being not in an operating state, storing the secret-key data into a random node in the multi-node secret-key storing system, and controlling the secret-key data to migrate among nodes in the multi-node secret-key storing system according to a predetermined migration rule, rather than directly storing in the internal memory corresponding to the encryption-decryption service program, the attacker cannot know the storage position of the secret-key data, and thus has difficulty in stealing the secret-key data with conventional attacking means.

Abstract: Disclosed in the present application are an access control method and apparatus, and a device and a readable storage medium. The method comprises: receiving and parsing an access request, and determining a subject and an object, which correspond to the access request; obtaining, by using a security access strategy, a first result of whether the subject has permission to access the object, and determining whether there is a matching access control linked list; if there is an access control linked list, obtaining, by using the access control linked list, a second result of whether the subject has permission to access the object; when the second result is obtained, performing control processing on the access request by using the second result; and when the second result is not obtained, performing control processing on the access request by using the first result.