Introducing Role-Based Access Control to a Secure Virtual Machine Monitor: Security Policy Enforcement Mechanism for Distributed Computers

In this chapter, the authors propose the expression and the modelling of the most important principles of privacy. They deduce the relevant privacy requirements that should be integrated in existing security policy models, such as RBAC models. They suggest the application of a unique model for both access control and privacy requirements. Thus, an access control model is to be enriched with new access constraints and parameters, namely the privacy contexts, which should implement the consent and the notification concepts. For this purpose, the authors introduce the Privacy-aware Organisation role Based Access Control (PrivOrBAC) model.

Download Full-text

Security Policy Management for Systems Employing Role Based Access Control Model

Information Technology Journal ◽

10.3923/itj.2009.726.734 ◽

2009 ◽

Vol 8 (5) ◽

pp. 726-734 ◽

Cited By ~ 8

Author(s):

Chao Huang ◽

Jianling Sun ◽

Xinyu Wang ◽

Yuanjie Si

Keyword(s):

Access Control ◽

Security Policy ◽

Control Model ◽

Role Based Access Control ◽

Policy Management ◽

Access Control Model ◽

Role Based

Download Full-text

Adding Context into an Access Control Model for Computer Security Policy

Advances in Machine Learning Applications in Software Engineering ◽

10.4018/978-1-59140-941-1.ch016 ◽

2011 ◽

pp. 439-456

Author(s):

Shangping Ren ◽

Jeffrey J.P. Tsai ◽

Ophir Frieder

Keyword(s):

Access Control ◽

Computer Security ◽

Security Policy ◽

Contextual Information ◽

Control Model ◽

External Information ◽

Role Based Access Control ◽

Access Control Model ◽

Role Based ◽

Access Policies

In this chapter, we present the role-based context constrained access control (RBCC) model. The model integrates contextual constraints specified in first-order logic with the standard role-based access control (RBAC). In the RBCC access control model, the permission assignment functions are constrained by the user’s current accessing contexts. The accessing contests are further categorized in two classes, that is, system contexts and application contexts. System contexts may contain accessing time, accessing location, and other security-related system information; while application contexts are abstractions of relationships among different types of entities (i.e., subjects, roles, and objects) as well as implicit relationships derived from protected information content and external information. The ability to integrate contextual information allows the RBCC model to be flexible and capable of specifying a variety of complex access policies and providing tight and just-intime permission activations. A set of medical domain examples will be used to demonstrate the expressiveness of the RBCC model.

Download Full-text

A Spatio-Temporal Role-Based Access Control Model for Wireless LAN Security Policy Management

Information Systems, Technology and Management - Communications in Computer and Information Science ◽

10.1007/978-3-642-12035-0_9 ◽

2010 ◽

pp. 76-88 ◽

Cited By ~ 1

Author(s):

P. Bera ◽

S. K. Ghosh ◽

Pallab Dasgupta

Keyword(s):

Access Control ◽

Wireless Lan ◽

Security Policy ◽

Control Model ◽

Role Based Access Control ◽

Policy Management ◽

Access Control Model ◽

Spatio Temporal ◽

Role Based

Download Full-text

Prevention of Cyber-Attacks in Healthcare Informatics

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.d7858.049420 ◽

2020 ◽

Vol 9 (4) ◽

pp. 822-826

Keyword(s):

Access Control ◽

Clinical History ◽

Cyber Attacks ◽

Policy Enforcement ◽

Role Based Access Control ◽

Healthcare Informatics ◽

Fine Grained ◽

Access Control Policies ◽

Role Based ◽

Stored Information

Healthcare Informatics (HCI) empowers patient to deal with their own therapeutic records in a digitalized and centralized path. The main aim of this paper is accessing this stored information on cloud by authorized personnel, anywhere, anytime through any device. Healthcare Informatics contains sensitive patient data, clinical history that should to be protected against unauthorized users on cloud. In this study, role-based access control and fine-grained access control were proposed. The results of this study are utilized in the policy enforcement and the access control policies. With the help of cryptographic techniques, the proposed algorithm in this study, provides the higher-level privacy and prevention of cyber-attacks in healthcare informatics

Download Full-text

Privacy-Aware Organisation-Based Access Control Model (PrivOrBAC)

Threats, Countermeasures, and Advances in Applied Information Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-0978-5.ch017 ◽

2012 ◽

pp. 335-360 ◽

Cited By ~ 1

Author(s):

Nabil Ajam ◽

Nora Cuppens-Boulahia ◽

Fréderic Cuppens

Keyword(s):

Access Control ◽

Security Policy ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Privacy Requirements ◽

Policy Models ◽

Unique Model ◽

Role Based

In this chapter, the authors propose the expression and the modelling of the most important principles of privacy. They deduce the relevant privacy requirements that should be integrated in existing security policy models, such as RBAC models. They suggest the application of a unique model for both access control and privacy requirements. Thus, an access control model is to be enriched with new access constraints and parameters, namely the privacy contexts, which should implement the consent and the notification concepts. For this purpose, the authors introduce the Privacy-aware Organisation role Based Access Control (PrivOrBAC) model.

Download Full-text

RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments

Sensors ◽

10.3390/s20102960 ◽

2020 ◽

Vol 20 (10) ◽

pp. 2960 ◽

Cited By ~ 1

Author(s):

Christina Michailidou ◽

Vasileios Gkioulos ◽

Andrii Shalaginov ◽

Athanasios Rizos ◽

Andrea Saracino

Keyword(s):

Access Control ◽

Security Policy ◽

Dynamic Networks ◽

Multicriteria Decision Making ◽

Security Policies ◽

Policy Enforcement ◽

Role Based Access Control ◽

Monitoring And Control ◽

Attribute Based Access Control ◽

Present Response

The enforcement of fine-grained access control policies in constrained dynamic networks can become a challenging task. The inherit constraints present in those networks, which result from the limitations of the edge devices in terms of power, computational capacity and storage, require an effective and efficient access control mechanism to be in place to provide suitable monitoring and control of actions and regulate the access over the resources. In this article, we present RESPOnSE, a framework for the specification and enforcement of security policies within such environments, where the computational burden is transferred to high-tier nodes, while low-tier nodes apply risk-aware policy enforcement. RESPOnSE builds on a combination of two widely used access control models, Attribute-Based Access Control and Role-Based Access Control, exploiting the benefits each one provides. Moreover, the proposed mechanism is founded on a compensatory multicriteria decision-making algorithm, based on the calculation of the Euclidean distance between the run-time values of the attributes present in the security policy and their ideal values, as those are specified within the established policy rules.

Download Full-text