scholarly journals TRUST- BASED MODELING MAC-TYPE ACCESS CONTROL THROUGH ACCESS AND ACTIONS CONTROL POLICIES

2021 ◽  
Vol XXVIII (2) ◽  
pp. 67-78
Author(s):  
Marcel Danilescu ◽  
◽  
Victor Besliu ◽  
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Business Environment ◽  
Role Based Access Control ◽  
Access Control Policy ◽  
Discretionary Access Control ◽  
Mandatory Access Control ◽  
Attribute Based Access Control ◽  
Role Based ◽  
Control Modeling

In recent decades, the number of researches on access control and user actions in computer systems has increased. Over time, there have been two models of implementing Mandatory Access Control (MAC) policies for government institutions and Discretionary Access Control (DAC) for the business environment, policies that various access control modeling solutions seek to implement. Among the access control modeling solutions developed are Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC), presented in the U.S.A. by the National Institute of Standard and Technology (NIST). In Romania, in 2010, the access control solution based on trust was presented. This paper presents Mandatory Access Control policy modeling using the trust-based access and actions control modeling solution.

scholarly journals ‘R-What?’ Development of a role-based access control policy-writing tool for e-Scientists

2005 ◽  
Vol 35 (9) ◽  
pp. 835-856 ◽  
Author(s):  
Sacha Brostoff ◽  
M. Angela Sasse ◽  
David Chadwick ◽  
James Cunningham ◽  
Uche Mbanaso ◽  
...  
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Role Based Access Control ◽  
Access Control Policy ◽  
Role Based

A Service-Based Approach for RBAC and MAC Security

2008 ◽  
pp. 1741-1758
Author(s):  
Charles E. Phillips Jr. ◽  
Steven A. Demurjian ◽  
Thuong Doan ◽  
Keith Bessette
Keyword(s):  
Access Control ◽  
Role Based Access Control ◽  
Distributed Application ◽  
Discretionary Access Control ◽  
Mandatory Access Control ◽  
Wide Range ◽  
Role Based

Middleware security encompasses a wide range of potential considerations, ranging from the ability to utilize the security capabilities of middleware solutions (for example, CORBA, .NET, J2EE, DCE, and so forth) directly out-of-the-box in support of a distributed application to leveraging the middleware itself (paradigm) to realize complex and intricate security solutions (for example, discretionary access control, role-based access control, mandatory access control, and so forth). The objective in this chapter is to address the latter consideration: examining the attainment of advanced security capabilities using the middleware paradigm, namely, role-based access control (RBAC) and mandatory access control (MAC). The resulting security provides a robust collection of services that is versatile and flexible and easily integrates into a distributed application comprised of interacting legacy, COTS, GOTS, databases, servers, clients, and so forth.

Access Control in Mobile and Ubiquitous Environments

2011 ◽  
pp. 278-294 ◽  
Author(s):  
Laurent Gomez ◽  
Annett Laube ◽  
Alessandro Sorniotti
Keyword(s):  
Access Control ◽  
User Authentication ◽  
Control Policy ◽  
Wireless Sensor ◽  
Role Based Access Control ◽  
Control Mechanisms ◽  
Mobile Environment ◽  
Access Control Policy ◽  
New Techniques ◽  
Role Based

Access control is the process of granting permissions in accordance to an authorization policy. Mobile and ubiquitous environments challenge classical access control solutions like Role-Based Access Control. The use of context-information during policy definition and access control enforcement offers more adaptability and flexibility needed for these environments. When it comes to low-power devices, such as wireless sensor networks, access control enforcement is normally too heavy for such resourceconstrained devices. Lightweight cryptography allows encrypting the data right from its production and the access is therefore intrinsically restricted. In addition, all access control mechanisms require an authenticated user. Traditionally, user authentication is performed by means of a combination of authentication factors, statically specified in the access control policy of the authorization service. Within ubiquitous and mobile environment, there is a clear need for a flexible user authentication using the available authentication factors. In this chapter, different new techniques to ensure access control are discussed and compared to the state-of-the-art.

Research of Role's Creation-Based Access Control Policy

2013 ◽  
Vol 791-793 ◽  
pp. 1790-1793
Author(s):  
Jing Mei Li ◽  
Bao Quan Zhang ◽  
Yan Xia Wu
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Role Based Access Control ◽  
Access Control Policy ◽  
Application System ◽  
Access Control Policies ◽  
Access Control System ◽  
Role Based ◽  
Improved Design ◽  
Dynamic Proxy

Role-based access control policy has been widely applied to various access control system design. In order to improve the flexibility of authorization check design and convenience of management, this paper uses the principle of dynamic proxy design to optimize this process, also provide a method which is Spring AOP based of transaction management for program running. The role-create method proposed can configure the users authority flexible. The improved design concept can achieve the basic requirements if role-based access control policies, and improve the efficiency of project development and security of application system maximum.

Fuzzy Role Based Access Control Design using Fuzzy Ontology

2019 ◽  
Vol 10 (4) ◽  
pp. 118-136 ◽  
Author(s):  
Chandra Mouliswaran Subramanian ◽  
Aswani Kumar Cherukuri
Keyword(s):  
Access Control ◽  
Web Application ◽  
Control Policy ◽  
Role Based Access Control ◽  
Access Control Policy ◽  
Fuzzy Ontology ◽  
Related Information ◽  
Role Based ◽  
The Right ◽  
Representation Techniques

Fuzzy role-based access control (FRBAC) is essential for risk-based environments in many futuristic applications, even though role-based access control (RBAC) is the efficient and widely used access control model for enterprise applications. In FRBAC, authorization related information is vague. It brings the fuzziness in mapping among the components of FRBAC such as user, role and permission. Holding the fuzziness in FRBAC, it is challenging for the security engineer to verify the constraints and correctness of access control policy. On verifying the constraints and correctness of access control policy, knowledge representation techniques are much useful in practice. In this scenario, representing FRBAC using fuzzy ontology might be the right choice for semantic web application. The main objective of this article is to represent the access permissions of FRBAC using fuzzy ontology and verify whether the constraints of FRBAC are possible to get implemented in it or not.

scholarly journals A Semi-Formal Multi-Policy Secure Model for Semantic Spatial Trajectories

2016 ◽  
Author(s):  
Xingang Wang
Keyword(s):  
Access Control ◽  
Role Based Access Control ◽  
Discretionary Access Control ◽  
Mandatory Access Control ◽  
Role Based ◽  
Spatial Trajectories

With the proliferation of locating devices, more and more raw spatial trajectories are formed, and many works enrich these raw trajectories with semantics, and mine patterns from both raw and semantic trajectories, but access control of spatial trajectories is not considered yet. We present a multi-policy secure model for semantic spatial trajectories. In our model, Mandatory Access Control, Role Based Access Control and Discretionary Access control are all enforced, separately and combined, and we represent the model semi-formally in Ontology Web Language.

Sign in / Sign up

Export Citation Format

Share Document