Service-Based Hybrid Access Control Technology with Priority Level for the Internet of Vehicles under the Cloud Architecture

The communication process of devices in IoV under cloud architecture needs to be protected by access control models. However, existing access control models have difficulty establishing the appropriate granularity of permissions in the face of large amounts of data in IoV. Moreover, the access control model may need to temporarily change user privileges to accommodate the dynamic nature of IoV scenarios, a requirement that is difficult to implement for traditional access control models. The unstable connection status of devices in IoV also creates problems for access control. The service (composed of role and attribute) based access control model (in IoV) S-RABAC (V), under the Cloud computing architecture, introduces a formal theoretical model. The model uses attribute grouping and prioritization mechanisms to form a hierarchical structure. The permission combination pattern in the hierarchical structure can avoid duplicate permissions and reduce the number of permissions while ensuring fine-grained permissions. Different layers in the model have different priorities, and when a user’s permission requires temporary changes, it can be adjusted to the corresponding layers according to the user’s priority. In addition, users are allowed to keep their assigned privileges for a period to avoid frequent access control because of unstable connections. We have implemented the proposed access control model in Alibaba Cloud Computing and given six example demonstrations. The experiment shows that this is an access control model that can protect IoV security more effectively. Various unique mechanisms in the model enable S-RABAC(V) to improve the overall access control efficiency. The model adds some extra features compared to ABAC and RBAC and can generate more access control decisions using the priority mechanism.

Download Full-text

Challenges of Meta Access Control Model Enforcement to an Increased Interoperability

Encyclopedia of Information Science and Technology, Fourth Edition ◽

10.4018/978-1-5225-2255-3.ch056 ◽

2018 ◽

pp. 651-661 ◽

Cited By ~ 1

Author(s):

Sérgio Luís Guerreiro

Keyword(s):

Access Control ◽

Control Model ◽

Control Mechanisms ◽

Access Control Model ◽

Extra Effort ◽

Access Control Models ◽

Control Models ◽

Ontological Approach ◽

Core Issues ◽

Access Data

When organizations are collaborating, their access control models need to interoperate. However, nowadays in the industry, there are too many access control models variants and, most of times; the interoperability enforcement consumes an extra effort. In this context, this paper identifies the challenges towards how to design and enforce a meta-access control model to facilitate the interoperability between the different access control mechanisms available. The problem is posed using an ontological approach. Then, the challenges are explained using a descriptive explanation of the meta access control enforcement. The core issues addressed are: access models interoperability, standardization of storage for access data and provisioning of access models.

Download Full-text

A New Scalable and Expandable Access Control Model for Distributed Database Systems in Data Security

Scientific Programming ◽

10.1155/2020/8875069 ◽

2020 ◽

Vol 2020 ◽

pp. 1-10

Author(s):

Mehmet Guclu ◽

Cigdem Bakir ◽

Veli Hakkoymaz

Keyword(s):

Access Control ◽

Database Systems ◽

Distributed Database ◽

Control Model ◽

Access Control Model ◽

Distributed Database Systems ◽

Access Control Models ◽

Control Models ◽

Proposed Model ◽

Private Network

Access control models are an important tool developed for securing today’s data systems. Institutions use the access control models specifically to define who their employees are, what they can do, which resources they can reach, and which processes they can perform and use them to manage the whole process. This is a very hard and costly process for institutions with distributed database systems. However, access control models cannot be implemented in a qualified way due to the fact that the conditions for defining users’ demands to reach resources distributed on different servers, one of which is consequentially bound to the other, the verification and authorization of those user demands, and being able to monitor the actions of the users cannot be configured in an efficient way all the time. With our model suggested in this study, the aim is to automatically calculate the permissions and access levels of all users defined in the distributed database systems for the objects, and, in this way, we will reach a more efficient decision as to which objects the users can access while preventing their access to the information they do not need. Our proposed model in this study has been applied to real life data clusters from organizations providing health and education services and a public service. With the proposed model, all models have been run on servers sharing resources in a private network. The performance of the proposed model has been compared to that of traditional access models. It was confirmed that the proposed model presented an access control model providing more accurate access level results as well as being scalable to many distributed database systems.

Download Full-text

Evolution of access control models for protection of patient details: a survey

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.8.10520 ◽

2018 ◽

Vol 7 (2.8) ◽

pp. 554

Author(s):

Geetanjali Sinha ◽

Prabhu Shankar K.C ◽

Shaurya Jain

Keyword(s):

Access Control ◽

Control Model ◽

Role Based Access Control ◽

Patient Privacy ◽

Access Control Model ◽

Access Control Models ◽

Control Models ◽

Role Hierarchy ◽

Role Based ◽

Electronic Hospital

Hospitals across the world are adapting to Electronic Hospital Information Systems and are moving away from the manual paper systems to provide patients efficient services. Numerous Access ControlModels have been deployed for securing patient privacy one of them being Role Based Access Control Model (RBAC). The current models merely allow access on the basis of roles and role hierarchy without actually understanding the real intention of the person accessing the system. This could lead to a compromise of patient privacy and thus new methods have been evolving. In this survey we will see an evolution of the access control models which lead to the discovery of KC-RBAC (Knowledge Constrained Role Based Access Control) Model which takes into consideration the knowledge related to the medical domain along with the role to provide authorization.

Download Full-text

Research of Access Control Models in Personal Networks

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.989-994.4751 ◽

2014 ◽

Vol 989-994 ◽

pp. 4751-4754

Author(s):

Yu Lan Zhao ◽

Chun Feng Jiang

Keyword(s):

Access Control ◽

Control Model ◽

Personal Networks ◽

Role Based Access Control ◽

Access Control Model ◽

Access Control Models ◽

Control Models ◽

System Resources ◽

Role Based

How to prevent illegal users from sharing system resources was one of the main purposes for MAGNET Security Group. This paper introduced some major access control models such as traditional access control models, role-based access control model (RBAC), task-based access control model (TBAC) and role-task-based access control model (T-RBAC). In the end, a feasible scheme PN_T-RBAC was proposed at the base of the T-RBAC model in existence, which was suitable for the coalition environment of personal networks.

Download Full-text

AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing

2015 IEEE Conference on Collaboration and Internet Computing (CIC) ◽

10.1109/cic.2015.38 ◽

2015 ◽

Cited By ~ 9

Author(s):

Khaled Riad ◽

Zhu Yan ◽

Hongxin Hu ◽

Gail-Joon Ahn

Keyword(s):

Cloud Computing ◽

Access Control ◽

Control Model ◽

Access Control Model ◽

Attribute Based Access Control

Download Full-text

An Intelligent Access Control Model

10.5772/intechopen.95459 ◽

2021 ◽

Author(s):

Shadha Mohamed Sulaiyam ALAmri

Keyword(s):

Cloud Computing ◽

Access Control ◽

New Technologies ◽

Critical Issue ◽

Control Model ◽

Research Approach ◽

Access Control Model ◽

Computing Systems ◽

Control Approach ◽

Attribute Based Access Control

Cybersecurity is a critical issue as the world is moving towered IR4 era (Industrial Revaluation 4.0) where technology is involved, and access to the internet is an imperative need. The traditional computing systems are not able to meet the huge computing demand and growing data (Big-Data). Therefore; new technologies have been evolved such as cloud computing. This chapter is exploring the need for a dynamic access control approach to enhance the Cybersecurity. The scope in this chapter is focusing on IaaS (Infrastructure as a Service) layer of cloud computing. The research approach aims to enhance the basic ABAC (Attribute-Based Access Control) model by adding a context-aware feature and SoD principle. The enhanced model called ABACsh. This proposed enhancement is implemented through a framework based on AI (Artificial Intelligent) to meet the requirements of dynamic systems. The framework is tested in the OpenStack testbed. The results show better performance in the term of computation speed.

Download Full-text

On the representation of role-based access control models by object-oriented HRU model: taxonomic leaf-based hierarchy case

Mathematical Structures and Modeling ◽

10.24147/2222-8772.2020.4.126-135 ◽

2020 ◽

pp. 126-135

Author(s):

S. V. Usov

Keyword(s):

Access Control ◽

Object Oriented ◽

Control Policy ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Access Control Models ◽

Control Models ◽

Security Models ◽

Role Based

In this paper the possibility of representing of some types of role-based access control models by object-oriented discretionary access control model is considered. The role-based security models with taxonomic hierarchy are considered. The permissions of the role-based access control model are represented as a set of pairs of object and access right. A hierarchy of classes of the object-oriented HRU model, based on the role-based access control policy, is constructed. Commands of the object-oriented HRU model, corresponding to the reassignment of roles in the original role-based model, are described.

Download Full-text

Access Control Models

Cyber Warfare and Cyber Terrorism ◽

10.4018/978-1-59140-991-5.ch037 ◽

2011 ◽

pp. 318-326

Author(s):

Romuald Thion

Keyword(s):

Access Control ◽

Computer Systems ◽

Control Model ◽

Role Based Access Control ◽

Security Mechanism ◽

Access Control Model ◽

Access Control Models ◽

Control Models ◽

Role Based

Access control, or authorization, is arguably the most fundamental and most pervasive security mechanism in use today in computer systems. In computer systems, to grant authorization is to determine whether a subject can access resources. Informally speaking it is to decide “who can do what.” Access control is critical to enforce confidentiality (only authorized users can read information) and integrity (only authorized users can alter information) in computer systems, preventing hackers and cyber-terrorists from reading and modifying sensitive files. Several access control models have been proposed since 1960 up today: from simple access matrix to task based access control through military models. Each one providing a different way to organize and express users’ privileges. For example, the role based access control model aggregate privileges thanks to the concept of role: all users receive permissions only through the roles to which they are assigned. We first introduce the purpose of access control, then we describe models in use today, their specificities and the mechanisms which they rely on. The end of the this chapter is dedicated to current issues on access control.

Download Full-text

Risk-Based Access Control Model: A Systematic Literature Review

Future Internet ◽

10.3390/fi12060103 ◽

2020 ◽

Vol 12 (6) ◽

pp. 103

Author(s):

Hany F. Atlam ◽

Muhammad Ajmal Azad ◽

Madini O. Alassafi ◽

Abdulrahman A. Alshdadi ◽

Ahmed Alenezi

Keyword(s):

Access Control ◽

Dynamic Models ◽

Environmental Changes ◽

Risk Estimation ◽

Control Model ◽

Security Risk ◽

Access Control Model ◽

Access Control Models ◽

Control Models ◽

Access Request

Most current access control models are rigid, as they are designed using static policies that always give the same outcome in different circumstances. In addition, they cannot adapt to environmental changes and unpredicted situations. With dynamic systems such as the Internet of Things (IoT) with billions of things that are distributed everywhere, these access control models are obsolete. Hence, dynamic access control models are required. These models utilize not only access policies but also contextual and real-time information to determine the access decision. One of these dynamic models is the risk-based access control model. This model estimates the security risk value related to the access request dynamically to determine the access decision. Recently, the risk-based access control model has attracted the attention of several organizations and researchers to provide more flexibility in accessing system resources. Therefore, this paper provides a systematic review and examination of the state-of-the-art of the risk-based access control model to provide a detailed understanding of the topic. Based on the selected search strategy, 44 articles (of 1044 articles) were chosen for a closer examination. Out of these articles, the contributions of the selected articles were summarized. In addition, the risk factors used to build the risk-based access control model were extracted and analyzed. Besides, the risk estimation techniques used to evaluate the risks of access control operations were identified.

Download Full-text

The techniques of formalization of OS Astra Linux Special Edition access control model using Event-B formal method for verification using Rodin and ProB

PRIKLADNAYa DISKRETNAYa MATEMATIKA ◽

10.17223/20710410/52/5 ◽

2021 ◽

pp. 83-96

Author(s):

P. N. Devyanin ◽

◽

M. A. Leonova ◽

Keyword(s):

Model Checking ◽

Access Control ◽

Formal Method ◽

Control Model ◽

Special Edition ◽

Deductive Verification ◽

Access Control Model ◽

Access Control Models ◽

Control Models

The paper presents techniques to specification access control model of OS Astra Linux Special Edition (the MROSL DP-model) in the formalized notation (formalized using the Event-B formal method), that are based on the use of several global types, separation of general total functions into specific total functions, reduction in the number of invariants and guard of events, which iterate over subsets of a certain set. The result of using these techniques was the simplification of automated deductive verification of formalized notation using the Rodin tool and adaptation of the model to verification by model checking formalized notation using the ProB tool. These techniques can be useful in development of the MROSL DP-model, and also in development of other access control models and verification using appropriate tools.

Download Full-text