Evaluating Usage Control Deterrents

This paper explores the effectiveness of usage control deterrents. Usage control enables finer-grained control over the usage of objects than do traditional access control models. Deterrent controls are intended to discourage individuals from intentionally violating information security policies or procedures. In this context, an adaptation of usage control is assessed as a proactive means of deterrence control to protect information that cannot be adequately or reasonably protected by access control. These deterrents are evaluated using the design science methodology. Parallel prototypes were developed with the aim of producing multiple alternatives, thereby shifting the focus from purely usability testing to model testing.

Download Full-text

A Modularity and Extensibility Analysis on Authorization Frameworks

Journal of Information Security and Cryptography (Enigma) ◽

10.17648/enig.v2i1.46 ◽

2016 ◽

Vol 2 (1) ◽

pp. 36

Author(s):

Eduardo Martins Guerra ◽

Jefferson O. Silva ◽

Clovis Torres Fernandes

Keyword(s):

Comparative Analysis ◽

Access Control ◽

Multiple Access ◽

Control Model ◽

Security Policies ◽

Basic Form ◽

Access Control Models ◽

Adequate Response ◽

Control Models ◽

Simple Question

Authorization in its most basic form can be reduced to a simple question: “May a subject X access an object Y?” The attempt to implement an adequate response to this authorization question has produced many access control models and mechanisms. The development of the authorization mechanisms usually employs frameworks, which usually implements one access control model, as a way of reusing larger portions of software. However, some authorization requirements, present on recent applications, have demanded for software systems to be able to handle security policies of multiple access control models. Industry has resolved this problem in a pragmatic way, by using the framework to solve part of the problem, and mingling business and the remaining authorization concerns into the code. The main goal of this paper is to present a comparative analysis between the existing frameworks developed either within the academic and industry environments. This analysis uses a motivating example to present the main industry frameworks and consider the fulfillment of modularity, extensibility and granularity requirements facing its suitability for the existing access control models. This analysis included the Esfinge Guardian framework, which is an open source framework developed by the authors that provides mechanisms that allows its extension to implement and combine different authorization models.

Download Full-text

Usage Control Model Based on Regular Grammar

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.433-440.4590 ◽

2012 ◽

Vol 433-440 ◽

pp. 4590-4596

Author(s):

Hai Ying Wu

Keyword(s):

Information System ◽

Access Control ◽

Control Model ◽

Usage Control ◽

Access Control Models ◽

Access Control List ◽

Control Models ◽

Regular Grammar ◽

On Line ◽

Modern Information

Traditional access control models through search Access Control List(ACL) to authorize [1-3]. Traditional access control models fail to satisfy the modern information system, thus Usage Control( UCON ) models were produced and fundamentally enhanced the traditional access control. The UCON models are considered as the next generation access control models. This paper is organized as follow. Section 1 introduces the Usage Control models. Section 2 introduces Regular Grammar ( RG ). Section 3 gives the RG of the 16 core ABC UCON models. Section 4 gives the RG of on-line antivirus procedure. Finally, section 5 summarizes this paper.

Download Full-text

Preserving Privacy in Multimedia Social Networks Using Machine Learning Anomaly Detection

Security and Communication Networks ◽

10.1155/2020/5874935 ◽

2020 ◽

Vol 2020 ◽

pp. 1-14 ◽

Cited By ~ 1

Author(s):

Randa Aljably ◽

Yuan Tian ◽

Mznah Al-Rodhaan

Keyword(s):

Machine Learning ◽

Social Networks ◽

Access Control ◽

Anomaly Detection ◽

Privacy Preservation ◽

Support Vector ◽

Detection Techniques ◽

Access Control Models ◽

Control Models ◽

Multimedia Social Networks

Nowadays, user’s privacy is a critical matter in multimedia social networks. However, traditional machine learning anomaly detection techniques that rely on user’s log files and behavioral patterns are not sufficient to preserve it. Hence, the social network security should have multiple security measures to take into account additional information to protect user’s data. More precisely, access control models could complement machine learning algorithms in the process of privacy preservation. The models could use further information derived from the user’s profiles to detect anomalous users. In this paper, we implement a privacy preservation algorithm that incorporates supervised and unsupervised machine learning anomaly detection techniques with access control models. Due to the rich and fine-grained policies, our control model continuously updates the list of attributes used to classify users. It has been successfully tested on real datasets, with over 95% accuracy using Bayesian classifier, and 95.53% on receiver operating characteristic curve using deep neural networks and long short-term memory recurrent neural network classifiers. Experimental results show that this approach outperforms other detection techniques such as support vector machine, isolation forest, principal component analysis, and Kolmogorov–Smirnov test.

Download Full-text