Novel method for transferring access control list rules to synchronize security protection in a locator/identifier separation protocol environment with cross-segment host mobility

2018 ◽  
Vol 32 (3) ◽  
pp. e3868
Author(s):  
Ta-Te Lu
Keyword(s):  
Access Control ◽  
Access Control List ◽  
Host Mobility ◽  
Novel Method

scholarly journals The Simulation of Access Control List (ACLs) Network Security for Frame Relay Network at PT. KAI Palembang

2019 ◽  
pp. 49
Author(s):  
Kurniati Kurniati ◽  
Rahmat Novrianda Dasmen
Keyword(s):  
Network Security ◽  
Access Control ◽  
Computer Network ◽  
Relay Network ◽  
Railway Transportation ◽  
Access Control List ◽  
Development Life Cycle ◽  
Computer Network Security ◽  
Packet Tracer ◽  
Frame Relay

PT. KAI Palembang is a branch of PT. Kereta Api Indonesia (KAI) Persero located in South Sumatra Province, where PT. KAI Persero is an Indonesian State-Owned Enterprise that organizes railway transportation which provide services including passenger and goods transportation. PT. KAI Palembang has a computer network connected to PT. KAI Persero central is located in Jakarta. Now, PT. KAI Palembang is trying to improve computer network security, where one of them is limiting the access of users who connected to PT. KAI Palembang computer network. This can be done by implementing Access Control Lists (ACLs) and Frame Relay on PT. KAI Palembang computer network. In this research used the Network Development Life Cycle (NDLC) method which has several stages, namely Analysis, Design, Simulation Prototyping, Implementation, Monitoring and Management. This research method is used because the results of this research will be displayed in the Cisco packet tracer simulator. In addition, the results of this research were tested using a ping test between computers to show that the ACLs design had been running well.  

scholarly journals Role-Mining Optimization with Separation-of-Duty Constraints and Security Detections for Authorizations

2019 ◽  
Vol 11 (9) ◽  
pp. 201 ◽  
Author(s):  
Wei Sun ◽  
Shiwei Wei ◽  
Huaping Guo ◽  
Hongbing Liu
Keyword(s):  
Access Control ◽  
Optimization Approach ◽  
Role Based Access Control ◽  
Control Mechanisms ◽  
Engineering Technology ◽  
Role Mining ◽  
Novel Method ◽  
Separation Of Duty ◽  
Role Based ◽  
The Given

Role-based access control (RBAC), which has been regarded as one of the most popular access-control mechanisms, is featured by the separation-of-duty constraints, mutually exclusive constraints, and the least-privileges principle. Role mining, a bottom-up role-engineering technology, is an effective method to migrate from a non-RBAC system to an RBAC system. However, conventional role-mining approaches not only do not consider the separation of duty constraints, but also cannot ensure the security of a constructed RBAC system when the corresponding mined results violate the separation of a duty constraint and/or the least-privileges principle. To solve these problems, this paper proposes a novel method called role-mining optimization with separation-of-duty constraints and security detections for authorizations (RMO_SODSDA), which mainly includes two aspects. First, we present a role-mining-optimization approach for satisfying the separation of duty constraints, and we constructed different variants of mutually exclusive constraints to correctly implement the given separation of duty constraints based on unconstrained role mining. Second, to ensure the security of the constructed system and evaluate authorization performance, we reduced the authorization-query problem to a maximal-satisfiability problem. The experiments validate the effectiveness and efficiency of the proposed method.

Sign in / Sign up

Export Citation Format

Share Document