A Fine-Grained Access Control Scheme for Electronic Health Records Based on Roles and Attributes

Zhang, Shaobo; Yang, Shuo; Zhu, Guorong; Luo, Entao; Zhang, Jiyong; Xiang, Desheng

doi:10.1007/978-981-19-0468-4_3

Cited by 5 publications

(2 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, Kim et al [3] have demonstrated RBAC usage in video surveillance using smart contracts, whereas Shaobo et al [4] used RBAC to ensure fine-grained access to electronic health records. Additionally, Gurucharansing et al [5] demonstrated the use of RBAC in specifying large-scale application access control policies.…”

Section: Applications Of Rbacmentioning

confidence: 99%

Role of Access Control in Information Security: A Security Analysis Approach

Singh¹

2023

Information Security and Privacy in the Digital World - Some Selected Topics

View full text Add to dashboard Cite

Information plays a vital role in decision-making and driving the world further in the ever-growing digital world. Authorization, which comes immediately after authentication, is essential in restricting access to information in the digital world. Various access control models have been proposed to ensure authorization by specifying access control policies. Security analysis of access control policies is a highly challenging task. Additionally, the security analysis of decentralized access control policies is complex because decentralization simplifies policy administration but raises security concerns. Therefore, an efficient security analysis approach is required to ensure the correctness of access control policies. This chapter presents a propositional rule-based machine learning approach for analyzing the Role-Based Access Control (RBAC) policies. Specifically, the proposed method maps RBAC policies into propositional rules to analyze security policies. Extensive experiments on various datasets containing RBAC policies demonstrate that the machine learning-based approach can offer valuable insight into analyzing RBAC policies.

show abstract

Section: Applications Of Rbacmentioning

confidence: 99%

Role of Access Control in Information Security: A Security Analysis Approach

Singh¹

2023

Information Security and Privacy in the Digital World - Some Selected Topics

View full text Add to dashboard Cite

show abstract

“…In the literature, this concept of mapping the dynamic characteristic of users to determine the role is referred to as the fine-grained access control (FGAC) model. In a WSN, the goal of FGAC is to map the unique privilege right to the user or end device based on attributes to access the piece of information [40].…”

Section: Machine Learning For Role Engineeringmentioning

confidence: 99%

Automatic Hybrid Access Control in SCADA-Enabled IIoT Networks Using Machine Learning

Usman

Sarfraz

Habib

et al. 2023

Sensors

View full text Add to dashboard Cite

The recent advancements in the Internet of Things have made it converge towards critical infrastructure automation, opening a new paradigm referred to as the Industrial Internet of Things (IIoT). In the IIoT, different connected devices can send huge amounts of data to other devices back and forth for a better decision-making process. In such use cases, the role of supervisory control and data acquisition (SCADA) has been studied by many researchers in recent years for robust supervisory control management. Nevertheless, for better sustainability of these applications, reliable data exchange is crucial in this domain. To ensure the privacy and integrity of the data shared between the connected devices, access control can be used as the front-line security mechanism for these systems. However, the role engineering and assignment propagation in access control is still a tedious process as its manually performed by network administrators. In this study, we explored the potential of supervised machine learning to automate role engineering for fine-grained access control in Industrial Internet of Things (IIoT) settings. We propose a mapping framework to employ a fine-tuned multilayer feedforward artificial neural network (ANN) and extreme learning machine (ELM) for role engineering in the SCADA-enabled IIoT environment to ensure privacy and user access rights to resources. For the application of machine learning, a thorough comparison between these two algorithms is also presented in terms of their effectiveness and performance. Extensive experiments demonstrated the significant performance of the proposed scheme, which is promising for future research to automate the role assignment in the IIoT domain.

show abstract