A Design Methodology for User Access Control (UAC) Middleware

2005 ◽  
Author(s):  
R. Steele ◽  
W. Gardner ◽  
R. Rajugan ◽  
T.S. Dillon
Keyword(s):  
Access Control ◽  
Design Methodology ◽  
User Access

scholarly journals Application of Data Mining on Web Usage Data for Security: WebSecuDMiner

2019 ◽  
Author(s):  
Muhammad Zia Aftab Khan ◽  
Jihyun Park
Keyword(s):  
Design Methodology ◽  
Access Pattern ◽  
User Research ◽  
Web Log ◽  
Web Access ◽  
User Access ◽  
Log File ◽  
Access Patterns ◽  
Web Access Pattern ◽  
The Web

The purpose of this paper is to develop WebSecuDMiner algorithm to discover unusual web access patterns based on analysing the potential rules hidden in web server log and user navigation history. Design/methodology/approach: WebSecuDMiner uses equivalence class transformation (ECLAT) algorithm to extract user access patterns from the web log data, which will be used to identify the user access behaviours pattern and detect unusual one. Data extracted from the web serve log and user browsing behaviour is exploited to retrieve the web access pattern that is produced by the same user. Findings: WebSecuDMiner is used to detect whether any unauthorized access have been posed and take appropriate decisions regarding the review of the original rights of suspicious user. Research limitations/implications: The present work uses the database which is extracted from web serve log file and user browsing behaviour. Although the page is viewed by the user, the visit is not recorded in the server log file, since it can be access from the browser's cache.

scholarly journals Evaluating the Performance of Novel JWT Revocation Strategy

2021 ◽  
Author(s):  
László Viktor Jánoky ◽  
Péter Ekler ◽  
János Levendovszky
Keyword(s):  
Access Control ◽  
Real World ◽  
Mathematical Framework ◽  
Web Based ◽  
Novel Approach ◽  
User Access ◽  
Digital Signing

JSON Web Tokens (JWT) provide a scalable, distributed way of user access control for modern web-based systems. The main advantage of the scheme is that the tokens are valid by themselves – through the use of digital signing – also imply its greatest weakness. Once issued, there is no trivial way to revoke a JWT token. In our work, we present a novel approach for this revocation problem, overcoming some of the problems of currently used solutions. To compare our solution to the established solutions, we also introduce the mathematical framework of comparison, which we ultimately test using real-world measurements.

Access Control and Information Flow Control for Web Services Security

2016 ◽  
Vol 11 (1) ◽  
pp. 44-76 ◽  
Author(s):  
Saadia Kedjar ◽  
Abdelkamel Tari ◽  
Peter Bertok
Keyword(s):  
Web Services ◽  
Access Control ◽  
Flow Control ◽  
Information Flow ◽  
Information Flow Control ◽  
User Access ◽  
Web Services Security ◽  
Information Confidentiality ◽  
Security Standards

With the advancement of web services technology, security has become an increasingly important issue. Various security standards have been developed to secure web services at the transport and message level, but application level has received less attention. The security solutions at the application level focus on access control which cannot alone ensure the confidentiality and integrity of information. The solution proposed in this paper consists on a hybrid model that combines access control (AC) and information flow control (IFC). The AC mechanism uses the concept of roles and attributes to control user access to web services' methods. The IFC mechanism uses labels to control how the roles access to the system's objects and verify the information flows between them to ensure the information confidentiality and integrity. This manuscript describes the model, gives the demonstration of the IFC model safety, presents the modeling and implementation of the model and a case study.

Achieving distributed user access control in sensor networks

2012 ◽  
Vol 10 (3) ◽  
pp. 272-283 ◽  
Author(s):  
Haodong Wang ◽  
Qun Li
Keyword(s):  
Sensor Networks ◽  
Access Control ◽  
User Access

Multi-Authority CP-ABE-Based user access control scheme with constant-size key and ciphertext for IoT deployment

2020 ◽  
Vol 53 ◽  
pp. 102503 ◽  
Author(s):  
Soumya Banerjee ◽  
Sandip Roy ◽  
Vanga Odelu ◽  
Ashok Kumar Das ◽  
Samiran Chattopadhyay ◽  
...  
Keyword(s):  
Access Control ◽  
Constant Size ◽  
Control Scheme ◽  
User Access
Sign in / Sign up

Export Citation Format

Share Document