Scenario-aware access control model
Dynamic access control model is the theoretical basis for constructing a dynamic access control system for big data.However, most existing access control models can only fulfill dynamic access control in a single scenario and are unable to adapt to access control in multiple types of dynamic scenari...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2024-02-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024003 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530287291367424 |
|---|---|
| author | Dibin SHAN Xuehui DU Wenjuan WANG Na WANG Aodi LIU |
| author_facet | Dibin SHAN Xuehui DU Wenjuan WANG Na WANG Aodi LIU |
| author_sort | Dibin SHAN |
| collection | DOAJ |
| description | Dynamic access control model is the theoretical basis for constructing a dynamic access control system for big data.However, most existing access control models can only fulfill dynamic access control in a single scenario and are unable to adapt to access control in multiple types of dynamic scenarios.These scenarios include changes in the contextual environment of big data, changes in entity relationships, and changes in the state of objects.To address these issues, an analysis was conducted based on the research of existing access control models and the dynamic factors of big data.Subsequently, scenario-aware access control (SAAC) model was proposed, which was based on dynamic factor conversion and scenario unified modeling.All types of dynamic factors were converted into basic elements such as attributes and relationships.Then, scene information was incorporated to model the various types of constituent elements in a unified manner.A big data dynamic access control model was constructed based on scene information to support multi-type dynamic factors and extended dynamic factors.The working framework of the SAAC model was designed, and the SAAC rule learning algorithm and SAAC rule execution algorithm were proposed corresponding to the workflow of the framework.This enabled the automatic learning of access control rules and dynamic access control decision-making.The security of the proposed model was analyzed and verified by introducing the non-transitive non-interference theory.To validate the effectiveness of the access control policy mining method of the proposed model, experimental comparisons were conducted between the SAAC model and baseline models such as ABAC-L, PBAC-X, DTRM, and FB-CAAC using four datasets.The experimental results demonstrate that the SAAC model and its strategy mining method outperforms the baseline models in terms of metrics such as area under the curve AUC, monotonicity, and steepness of the ROC curve.This verification confirms that the proposed model can support multiple types of dynamic factors and dynamic factor extensions, and that the combined effect of the access control rules obtained from its mining algorithm is relatively high. |
| format | Article |
| id | doaj-art-5bc61626058f4b4ba10b70cda953557c |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2024-02-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-5bc61626058f4b4ba10b70cda953557c2025-01-15T03:05:13ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2024-02-0110587859581630Scenario-aware access control modelDibin SHANXuehui DUWenjuan WANGNa WANGAodi LIUDynamic access control model is the theoretical basis for constructing a dynamic access control system for big data.However, most existing access control models can only fulfill dynamic access control in a single scenario and are unable to adapt to access control in multiple types of dynamic scenarios.These scenarios include changes in the contextual environment of big data, changes in entity relationships, and changes in the state of objects.To address these issues, an analysis was conducted based on the research of existing access control models and the dynamic factors of big data.Subsequently, scenario-aware access control (SAAC) model was proposed, which was based on dynamic factor conversion and scenario unified modeling.All types of dynamic factors were converted into basic elements such as attributes and relationships.Then, scene information was incorporated to model the various types of constituent elements in a unified manner.A big data dynamic access control model was constructed based on scene information to support multi-type dynamic factors and extended dynamic factors.The working framework of the SAAC model was designed, and the SAAC rule learning algorithm and SAAC rule execution algorithm were proposed corresponding to the workflow of the framework.This enabled the automatic learning of access control rules and dynamic access control decision-making.The security of the proposed model was analyzed and verified by introducing the non-transitive non-interference theory.To validate the effectiveness of the access control policy mining method of the proposed model, experimental comparisons were conducted between the SAAC model and baseline models such as ABAC-L, PBAC-X, DTRM, and FB-CAAC using four datasets.The experimental results demonstrate that the SAAC model and its strategy mining method outperforms the baseline models in terms of metrics such as area under the curve AUC, monotonicity, and steepness of the ROC curve.This verification confirms that the proposed model can support multiple types of dynamic factors and dynamic factor extensions, and that the combined effect of the access control rules obtained from its mining algorithm is relatively high.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024003big dataaccess controldynamic factorsscenariosnon-interference theory |
| spellingShingle | Dibin SHAN Xuehui DU Wenjuan WANG Na WANG Aodi LIU Scenario-aware access control model 网络与信息安全学报 big data access control dynamic factors scenarios non-interference theory |
| title | Scenario-aware access control model |
| title_full | Scenario-aware access control model |
| title_fullStr | Scenario-aware access control model |
| title_full_unstemmed | Scenario-aware access control model |
| title_short | Scenario-aware access control model |
| title_sort | scenario aware access control model |
| topic | big data access control dynamic factors scenarios non-interference theory |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024003 |
| work_keys_str_mv | AT dibinshan scenarioawareaccesscontrolmodel AT xuehuidu scenarioawareaccesscontrolmodel AT wenjuanwang scenarioawareaccesscontrolmodel AT nawang scenarioawareaccesscontrolmodel AT aodiliu scenarioawareaccesscontrolmodel |