A dynamic attribute-based risk aware access control model (DA-RAAC) for cloud computing

Aluvalu, Rajanikanth; Muddana, Akkalakshmi

doi:10.1109/iccic.2016.7919618

Cited by 11 publications

(5 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Daoud et al [30] proposed the use of dynamic risk-and role-based access control to prevent intrusions against cloud computing, which combines eXtensible access control markup language decisions, risk analysis, and vulnerability reviews to obtain the appropriate access decisions. Rajani Kanth Aluvalu et al [31] proposed a risk-aware model based on dynamic attributes. It is combined with a common access control model, where risk calculation and attributes used for access control will be combined.…”

Section: Related Workmentioning

confidence: 99%

Risk and UCON-based Access Control Model for Healthcare Big Data

Jiang

Xue

et al. 2023

Preprint

View full text Add to dashboard Cite

The rapid development of healthcare big data has brought certain convenience to medical research and health management, but privacy protection of healthcare big data is an issue that must be considered in the process of data application. Access control is one of the methods for privacy protection, but traditional access control models cannot adapt to the dynamic, continuous, and real-time characteristics of healthcare big data scenarios. In this paper, we propose an access control model based on risk quantification and usage control (RQ-UCON). The model adds a risk quantification module to the traditional UCON model to achieve privacy protection of medical data. This module classifies risks into direct and indirect risks and quantifies them based on the physician's visit history. The model stores the quantified risk values as subject attributes. The RQ-UCON model uses an improved Exponentially Weighted Moving Average (EWMA) and penalty factors to predict risk value and to update the risk values of the subject attributes in real-time. The RQ-UCON model uses agglomerative hierarchical clustering to cluster the risk values of physicians within the department, resulting in risk intervals for each physician's operational behavior. Each risk interval is stored as a condition in the RQ-UCON model. Finally, according to the model whether the subject attributes meet the model conditions to determine whether the subject has the corresponding access rights, and according to the risk interval to grant the subject the corresponding access rights. Through the final experiment, it can be seen that the access control model proposed in this paper has a certain control on the excessive access behavior of doctors and has a certain limitation on the privacy leakage of healthcare big data.

show abstract

Section: Related Workmentioning

confidence: 99%

Risk and UCON-based Access Control Model for Healthcare Big Data

Jiang

Xue

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…Other risk-based access control models have also been proposed in recent years. Aluvalu et al proposed a dynamic attribute-based risk-aware access control model, which could be hybridized with static access control models with various attribute encryptions, such as KP-ABE, CP-ABE, and HASBE [42]. Based on an extension of XACML, Dos Santos et al proposed a framework for enforcing risk-based policies [43].…”

Section: Risk-based Access Controlsmentioning

confidence: 99%

RTBAC: A Risk-Aware Topic-Based Access Control Model for Text Data with Paragraph-Level Authorization

Yang

2022

Security and Communication Networks

View full text Add to dashboard Cite

Granting users precise access rights is one of the purposes of access control technologies. With the increasing requirements of fine-grained authorization, too strict or too loose access control models may cause many problems. In this paper, aiming at insufficient authorizations in text databases, we propose a risk-aware topic-based access control (RTBAC) model, which uses topics to represent the content relationships between users and data. The RTBAC model also uses risk technologies to grant users corresponding access rights based on their historical behaviours and their access requests. The RTBAC model is a fine-grained access control model, and the authorization of RTBAC can reach the paragraph level. Experimental results show that RTBAC is an efficient access control model and the access control granularity of the RTBAC model is more than 3 times that of the existing content-based access control models.

show abstract

“…Those which are based on the RBAC model [35,36,37] use security policies that focus on the role of the user instead of his identity. Those based on the ABAC model [38,39,40,41], use security policies that focus on user attributes and their values (name, email address, role). In a Cloud environment, we notice the use of the new ARBAC model [42,43,44], which is the combination of the RBAC and ABAC models, where the role of the user is considered as an attribute but the security policies are based only on it.…”

Section: Authorizationmentioning

confidence: 99%

Grid and Cloud Computing Security: A Comparative Survey

Namane¹,

Ghoualmi²

2019

ijcna

View full text Add to dashboard Cite

The major purpose of this article is to know the security requirements and their solutions in grid and cloud computing environments. We first focused generally on the security issue in grids as in cloud computing where we examined all the articles proposed in the literature. Then, we classify them according to the treated security issue (authentication, access control, integrity, confidentiality or multiple security issues). A comparative study was carried out between the different techniques presented in each class of each environment. The same classification is done with research articles concerning security issues in cloud computing environment. The study was followed by a comparison between the different proposed techniques for each class in grid computing with those proposed within the same class in cloud. As a result we found that the access control issue is the most considered research area in both grid and cloud computing environments.

show abstract

A dynamic attribute-based risk aware access control model (DA-RAAC) for cloud computing

Cited by 11 publications

References 15 publications

Risk and UCON-based Access Control Model for Healthcare Big Data

Risk and UCON-based Access Control Model for Healthcare Big Data

RTBAC: A Risk-Aware Topic-Based Access Control Model for Text Data with Paragraph-Level Authorization

Grid and Cloud Computing Security: A Comparative Survey

Contact Info

Product

Resources

About