A Meta-level Access Control Model for Adapting Diverse Access Control Policies on OS Environment

2008 ◽  
Author(s):  
Jun-Hyung Park ◽  
Jung-Sun Kim ◽  
Jae-Hyun Seo ◽  
Minsoo Kim
Keyword(s):  
Access Control ◽  
Control Model ◽  
Access Control Model ◽  
Control Policies ◽  
Access Control Policies ◽  
Meta Level

scholarly journals MUTATION TESTING OF ACCESS CONTROL POLICIES

2021 ◽  
Vol 5 (1) ◽  
pp. 118-122
Author(s):  
Galina Cherneva ◽  
Pavlо Khalimov
Keyword(s):  
Access Control ◽  
Computer Security ◽  
Large Degree ◽  
Control Model ◽  
Security Requirements ◽  
Direct Access ◽  
Access Control Model ◽  
Control Policies ◽  
Modern Computer ◽  
Access Control Policies

One of the most important and integral components of modern computer security are access control systems. The objective of an access control system (ACS) is often described in terms of protecting system resources against inappropriate or unwanted user access. However, a large degree of sharing can interfere with the protection of resources, so a sufficiently detailed AC policy should allow selective exchange of information when, in its absence, sharing can be considered too risky in general. Erroneous configurations, faulty policies, as well as flaws in the implementation of software can lead to global insecurity. Identifying the differences between policy specifications and their intended functions is crucial because the correct implementation and enforcement of the policies of a particular application is based on the premise that the specifications of this policy are correct. As a result of the policy, the specifications presented by the models must undergo rigorous validation and legalization through systematic checks and tests to ensure that the specifications of the policies really correspond to the wishes of the creators. Verifying that access control policies and models are consistent is not a trivial and critical task. And one of the important aspects of such a check is a formal check for inconsistency and incompleteness of the model, and the security requirements of the policy, because the access control model and its implementation do not necessarily express policies that can also be hidden, embedded by mixing with direct access restrictions or another access control model.

Supporting Complex Access Control Policy in PDM System

2009 ◽  
Vol 16-19 ◽  
pp. 703-707
Author(s):  
Chun Xiao Ye ◽  
Yun Qing Fu ◽  
Hong Xiang
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Control Model ◽  
Access Control Policy ◽  
Access Control Model ◽  
Control Policies ◽  
Role Assignment ◽  
Access Control Policies ◽  
Extended Access ◽  
Model Complex

Based on previous works, this paper proposed an extended access control model for PDM system. In this model, complex access control policies are expressed and enforced to ensure the security of user role assignment, delegation and revocation of PDM system. To reduce system administrator’s work, the model provides an auto revocation mechanism which can be triggered by time, access control policies and user states. This paper also propose an implementation system architecture, an auto revocation algorithm and some examples to show how this complex policy supported access control model works in PDM system.

scholarly journals A Watermark-Based in-Situ Access Control Model for Image Big Data

2018 ◽  
Vol 10 (8) ◽  
pp. 69 ◽  
Author(s):  
Jinyi Guo ◽  
Wei Ren ◽  
Yi Ren ◽  
Tianqin Zhu
Keyword(s):  
Big Data ◽  
Access Control ◽  
Control Model ◽  
Single Image ◽  
Access Control Model ◽  
Control Policies ◽  
Fine Grained ◽  
Access Control Policies ◽  
Proposed Model

When large images are used for big data analysis, they impose new challenges in protecting image privacy. For example, a geographic image may consist of several sensitive areas or layers. When it is uploaded into servers, the image will be accessed by diverse subjects. Traditional access control methods regulate access privileges to a single image, and their access control strategies are stored in servers, which imposes two shortcomings: (1) fine-grained access control is not guaranteed for areas/layers in a single image that need to maintain secret for different roles; and (2) access control policies that are stored in servers suffers from multiple attacks (e.g., transferring attacks). In this paper, we propose a novel watermark-based access control model in which access control policies are associated with objects being accessed (called an in-situ model). The proposed model integrates access control policies as watermarks within images, without relying on the availability of servers or connecting networks. The access control for images is still maintained even though images are redistributed again to further subjects. Therefore, access control policies can be delivered together with the big data of images. Moreover, we propose a hierarchical key-role-area model for fine-grained encryption, especially for large size images such as geographic maps. The extensive analysis justifies the security and performance of the proposed model

scholarly journals An Algebraic Model to Analyze Role-Based Access Control Policies

2018 ◽  
Vol 12 (10) ◽  
pp. 50
Author(s):  
Khair Eddin Sabri
Keyword(s):  
Access Control ◽  
Algebraic Model ◽  
Control Model ◽  
Role Based Access Control ◽  
Access Control Model ◽  
Prototype Tool ◽  
Access Control Policies ◽  
Proposed Model ◽  
Access Information ◽  
Role Based

Role-Based Access Control (RBAC) is a well known access control model used to preserve the confidentiality of information by specifying the ability of users to access information based on their roles. Usually these policies would be manipulated by combining or comparing them especially when defined in a distributed way. Furthermore, these policies should satisfy predefined authorization constraints. In this paper, we present an algebraic model for specifying and analyzing RBAC policies. The proposed model enables us to specify policies and verify the satisfaction of predefined authorization constraints. Furthermore, the model allows us to combine policies and analyze their effect on predefined constraints. The model consists of few operators that give simplicity in specifying polices. We present a prototype tool used for facilitating the analysis.

G-R_TRBAC access control model in grid environment

2009 ◽  
Vol 28 (12) ◽  
pp. 3214-3216
Author(s):  
Yi DING ◽  
Yong FANG ◽  
An-min ZHOU ◽  
Jiao ZENG ◽  
Yu FAN
Keyword(s):  
Access Control ◽  
Control Model ◽  
Grid Environment ◽  
Access Control Model

scholarly journals An access control model for the Internet of Things based on zero-knowledge token and blockchain

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Lihua Song ◽  
Xinran Ju ◽  
Zongke Zhu ◽  
Mengchen Li
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Single Point ◽  
Control Model ◽  
Third Party ◽  
Security Level ◽  
Zero Knowledge ◽  
Access Control Model ◽  
Test Analysis ◽  
Zero Knowledge Proof

AbstractInformation security has become a hot topic in Internet of Things (IoT), and traditional centralized access control models are faced with threats such as single point failure, internal attack, and central leak. In this paper, we propose a model to improve the access control security of the IoT, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deploy attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration. Secondly, encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids attribute ownership exposure problem. Besides, the use of smart contracts solves the problem of low computing efficiency of IoT devices and the waste of blockchain computing power resources. Finally, a prototype of IoT access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.

Sign in / Sign up

Export Citation Format

Share Document