scholarly journals Game Analysis of Access Control Based on User Behavior Trust

Information ◽  
2019 ◽  
Vol 10 (4) ◽  
pp. 132 ◽  
Author(s):  
Yan Wang ◽  
Liqin Tian ◽  
Zhenguo Chen
Keyword(s):  
Access Control ◽  
User Behavior ◽  
Game Model ◽  
Control Mechanisms ◽  
Trust Value ◽  
Game Analysis ◽  
Network Information ◽  
Scientific Decision ◽  
Traditional Game ◽  
A Current

Due to the dynamics and uncertainty of the current network environment, access control is one of the most important factors in guaranteeing network information security. How to construct a scientific and accurate access control model is a current research focus. In actual access control mechanisms, users with high trust values bring better benefits, but the losses will also be greater once cheating access is adopted. A general access control game model that can reflect both trust and risk is established in this paper. First, we construct an access control game model with user behavior trust between the user and the service provider, in which the benefits and losses are quantified by using adaptive regulatory factors and the user’s trust level, which enhances the rationality of the policy making. Meanwhile, we present two kinds of solutions for the prisoner’s dilemma in the traditional access control game model without user behavior trust. Then, due to the vulnerability of trust, the user’s trust value is updated according to the interaction situation in the previous stage, which ensures that the updating of the user’s trust value can satisfy the “slow rising-fast falling” principle. Theoretical analysis and the simulation experiment both show that this model has a better performance than a traditional game model and can guarantee scientific decision-making in the access control mechanism.

scholarly journals Resource Controllability of Business Processes Under Conditional Uncertainty

2021 ◽  
Author(s):  
Matteo Zavatteri ◽  
Carlo Combi ◽  
Luca Viganò
Keyword(s):  
Access Control ◽  
Business Process ◽  
Process Management ◽  
Business Processes ◽  
Autonomous Systems ◽  
Research Problem ◽  
Current Research Problem ◽  
Constraint Networks ◽  
Process Engine ◽  
A Current

AbstractA current research problem in the area of business process management deals with the specification and checking of constraints on resources (e.g., users, agents, autonomous systems, etc.) allowed to be committed for the execution of specific tasks. Indeed, in many real-world situations, role assignments are not enough to assign tasks to the suitable resources. It could be the case that further requirements need to be specified and satisfied. As an example, one would like to avoid that employees that are relatives are assigned to a set of critical tasks in the same process in order to prevent fraud. The formal specification of a business process and its related access control constraints is obtained through a decoration of a classic business process with roles, users, and constraints on their commitment. As a result, such a process specifies a set of tasks that need to be executed by authorized users with respect to some partial order in a way that all authorization constraints are satisfied. Controllability refers in this case to the capability of executing the process satisfying all these constraints, even when some process components, e.g., gateway conditions, can only be observed, but not decided, by the process engine responsible of the execution. In this paper, we propose conditional constraint networks with decisions (CCNDs) as a model to encode business processes that involve access control and conditional branches that may be both controllable and uncontrollable. We define weak, strong, and dynamic controllability of CCNDs as two-player games, classify their computational complexity, and discuss strategy synthesis algorithms. We provide an encoding from the business processes we consider here into CCNDs to exploit off-the-shelf their strategy synthesis algorithms. We introduce $$\textsc {Zeta}$$ Z E T A , a tool for checking controllability of CCNDs, synthesizing execution strategies, and executing controllable CCNDs, by also supporting user interactivity. We use $$\textsc {Zeta}$$ Z E T A to compare with the previous research, provide a new experimental evaluation for CCNDs, and discuss limitations.

scholarly journals Personalized project recommendations: using reinforcement learning

2019 ◽  
Vol 2019 (1) ◽  
Author(s):  
Faxin Qi ◽  
Xiangrong Tong ◽  
Lei Yu ◽  
Yingjie Wang
Keyword(s):  
Reinforcement Learning ◽  
User Behavior ◽  
Collaborative Work ◽  
Recursive Least Squares ◽  
The Internet ◽  
Dynamic Impact ◽  
Rls Algorithm ◽  
Trust Value ◽  
Q Learning ◽  
Actual Evaluation

AbstractWith the development of the Internet and the progress of human-centered computing (HCC), the mode of man-machine collaborative work has become more and more popular. Valuable information in the Internet, such as user behavior and social labels, is often provided by users. A recommendation based on trust is an important human-computer interaction recommendation application in a social network. However, previous studies generally assume that the trust value between users is static, unable to respond to the dynamic changes of user trust and preferences in a timely manner. In fact, after receiving the recommendation, there is a difference between actual evaluation and expected evaluation which is correlated with trust value. Based on the dynamics of trust and the changing process of trust between users, this paper proposes a trust boost method through reinforcement learning. Recursive least squares (RLS) algorithm is used to learn the dynamic impact of evaluation difference on user’s trust. In addition, a reinforcement learning method Deep Q-Learning (DQN) is studied to simulate the process of learning user’s preferences and boosting trust value. Experiments indicate that our method applied to recommendation systems could respond to the changes quickly on user’s preferences. Compared with other methods, our method has better accuracy on recommendation.

Access Control Mechanisms in Named Data Networks

2021 ◽  
Vol 54 (3) ◽  
pp. 1-35
Author(s):  
Boubakr Nour ◽  
Hakima Khelifi ◽  
Rasheed Hussain ◽  
Spyridon Mastorakis ◽  
Hassine Moungla
Keyword(s):  
Access Control ◽  
Holistic Approach ◽  
Future Internet ◽  
Lessons Learned ◽  
Future Research ◽  
Communication Model ◽  
Control Mechanisms ◽  
Internet Communication ◽  
Future Internet Architecture ◽  
Comprehensive Survey

Information-Centric Networking (ICN) has recently emerged as a prominent candidate for the Future Internet Architecture (FIA) that addresses existing issues with the host-centric communication model of the current TCP/IP-based Internet. Named Data Networking (NDN) is one of the most recent and active ICN architectures that provides a clean-slate approach for Internet communication. NDN provides intrinsic content security where security is directly provided to the content instead of communication channel. Among other security aspects, Access Control (AC) rules specify the privileges for the entities that can access the content. In TCP/IP-based AC systems, due to the client-server communication model, the servers control which client can access a particular content. In contrast, ICN-based networks use content names to drive communication and decouple the content from its original location. This phenomenon leads to the loss of control over the content, causing different challenges for the realization of efficient AC mechanisms. To date, considerable efforts have been made to develop various AC mechanisms in NDN. In this article, we provide a detailed and comprehensive survey of the AC mechanisms in NDN. We follow a holistic approach towards AC in NDN where we first summarize the ICN paradigm, describe the changes from channel-based security to content-based security, and highlight different cryptographic algorithms and security protocols in NDN. We then classify the existing AC mechanisms into two main categories: Encryption-based AC and Encryption-independent AC . Each category has different classes based on the working principle of AC (e.g., Attribute-based AC, Name-based AC, Identity-based AC). Finally, we present the lessons learned from the existing AC mechanisms and identify the challenges of NDN-based AC at large, highlighting future research directions for the community.

Evolutionary game analysis of information sharing by institutional investors

2021 ◽  
pp. 1-9
Author(s):  
Hua Li ◽  
Qingqing Lou ◽  
Qiubai Sun ◽  
Bowen Li
Keyword(s):  
Information Sharing ◽  
Institutional Investors ◽  
Information Exchange ◽  
Evolutionary Game ◽  
Stable State ◽  
Point Of View ◽  
Game Model ◽  
Game Analysis ◽  
Relationship Network ◽  
The Relationship

In order to solve the conflict of interests of institutional investors, this paper uses evolutionary game model. From the point of view of information sharing, this paper discusses four different situations. Only when the sum of risk and cost is less than the penalty of free riding, the evolution of institutional investors will eventually incline to the stable state of information sharing. That is, the phenomenon of hugging. The research shows that the institutional investors are not independent of each other, but the relationship network of institutional investors for the purpose of information exchange. The content of this paper enriches the research on information sharing of institutional investors.

scholarly journals Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

2014 ◽  
Vol 2014 ◽  
pp. 1-8 ◽  
Author(s):  
Seungsoo Baek ◽  
Seungjoo Kim
Keyword(s):  
Social Network ◽  
Access Control ◽  
User Behavior ◽  
Online Social Network ◽  
Sociological Approach ◽  
Access Control Models ◽  
Control Rules ◽  
Access Control Rules ◽  
Dynamic Trust ◽  
Privacy Breaches

There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

A cloud-user behavior assessment based dynamic access control model

2015 ◽  
Vol 8 (S3) ◽  
pp. 1966-1975 ◽  
Author(s):  
Xu Jing ◽  
Zhengnan Liu ◽  
Shuqin Li ◽  
Bin Qiao ◽  
Gexu Tan
Keyword(s):  
Access Control ◽  
User Behavior ◽  
Control Model ◽  
Behavior Assessment ◽  
Access Control Model ◽  
Cloud User ◽  
Dynamic Access Control

Software Applications as an Ensuring Means the Quality of Service the Wi-Fi networks

2021 ◽  
pp. 106-115
Author(s):  
С.В. Шевелев ◽  
А.Б. Семенов
Keyword(s):  
Wireless Networks ◽  
Quality Of Service ◽  
Access Control ◽  
Real Time ◽  
Control Mechanism ◽  
Fine Tuning ◽  
Control Mechanisms ◽  
Software Applications ◽  
Access Control Mechanism

Рассмотрены принципы обеспечения заданного уровня качества обслуживания QoS в беспроводных сетях, позволяющие достигнуть устойчивого функционирования программных приложений реального времени за счет тонкой настройки приоритезации генерируемого ими трафика. Основное внимание уделяется механизму управления доступом на основе конкуренции и контролируемого доступа, а также их расширениям. Затронуты вопросы инкапсуляции базовых механизмов управления в решения более высоких уровней EDCA и TXOP. Приведены расчетные значения соответствующих параметров. The principles of ensuring a given level of quality of QoS service in wireless networks are considered, which allow achieving the stable functioning of real-time software applications by fine-tuning the prioritization of the traffic generated by them. The main focus is on the competition-based access control mechanism and controlled access, as well as their extensions. The issues of encapsulation of basic control mechanisms in solutions of higher levels of EDCA and TXOP are touched upon. The calculated values of the corresponding parameters are given.

Challenges of Meta Access Control Model Enforcement to an Increased Interoperability

2018 ◽  
pp. 651-661 ◽  
Author(s):  
Sérgio Luís Guerreiro
Keyword(s):  
Access Control ◽  
Control Model ◽  
Control Mechanisms ◽  
Access Control Model ◽  
Extra Effort ◽  
Access Control Models ◽  
Control Models ◽  
Ontological Approach ◽  
Core Issues ◽  
Access Data

When organizations are collaborating, their access control models need to interoperate. However, nowadays in the industry, there are too many access control models variants and, most of times; the interoperability enforcement consumes an extra effort. In this context, this paper identifies the challenges towards how to design and enforce a meta-access control model to facilitate the interoperability between the different access control mechanisms available. The problem is posed using an ontological approach. Then, the challenges are explained using a descriptive explanation of the meta access control enforcement. The core issues addressed are: access models interoperability, standardization of storage for access data and provisioning of access models.

Sign in / Sign up

Export Citation Format

Share Document