An efficient fine grained access control scheme based on attributes for enterprise class applications

Chatterjee, Santanu; Gupta‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬‬, Amit Kumar; Mahor, Vinod; Sarmah, Tilak

doi:10.1109/icspct.2014.6884907

Cited by 9 publications

(8 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Access control is one of the key aspects of information security [42]. Access Control is a mechanism to provide privileges to a user to access a particular asset, only if this user is authorized [19] and Access Control is domain specific. Methods that are widely used in Access Control mentioned in [17], [43] are: DAC, MAC, and RBAC.…”

Section: Related Work On Access Controlmentioning

confidence: 99%

“…R-MAC provides a secure data exchange framework using some of those components to help preserve the ownership of data at a fine granularity. Fine-grained access control provides the right privileges to a user to grant him/her access to an asset only if this user is authorized [19]. In addition, XML security technologies provide fine-grained and persistent security controls that move with the data.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Access Control Model for Modern Virtual e-Government Services: Saudi Arabian Case Study

Albrahim¹,

Alsalamah²,

Alsalamah³

et al. 2018

ijacsa

View full text Add to dashboard Cite

Government services require intensive information exchange and interconnection among governmental agencies to provide specialized online services and allow informed decision-making. This could compromise the integrity, confidentiality, and/or availability of the information being exchanged. Government agencies are accountable and liable for the protection of information they possess and use on a least privilege security principle basis even after dissemination. However, traditional access control models are short of achieving this as they do not allow dynamic access to unknown users to the system, they do not provide security controls at a fine-grained level, and they do not provide persistent control over this information. This paper proposes a novel secure access control model for cross-governmental agencies. The secure model deploys a Role-centric Mandatory Access Control MAC (R-MAC) model, suggests a classification scheme for e-Government information, and enforces its application using XML security technologies. By using the proposed model, privacy could be preserved by having dynamic, persistent, and fine-grained control over their shared information.

show abstract

Section: Related Work On Access Controlmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Access Control Model for Modern Virtual e-Government Services: Saudi Arabian Case Study

Albrahim¹,

Alsalamah²,

Alsalamah³

et al. 2018

ijacsa

View full text Add to dashboard Cite

show abstract

“…Controlling access rights to different portions of data is the key concept of Fine-Grained Access Control (FGAC). FGAC governs the access to data by each user of the system (Chatterjee et al, 2014, Harith and Gábor, 2009, Jinyuan and Yuguang, 2010, Liu et al, 2012, Yu et al, 2010, Rizvi et al, 2004 based on the "need-to-know" principle. The lack of FGAC is an open problem in HISs.…”

Section: Introductionmentioning

confidence: 99%

Achieving Patient-Centered Fine-Grained Access Control in Hospital Information Systems - Using Business Process Management Systems

AlThqafi

Alsalamah

Daraiseh

2016

Proceedings of the 9th International Joint Conference on Biomedical Engineering Systems and Technologies

View full text Add to dashboard Cite

Access Control to patients' medical information in Hospital Information Systems (HIS) is a challenge in modern Patient-Centered (PC) healthcare. Fine-Grained Access Control (FGAC) in particular has been identified as one of the security requirements in these systems. In FGAC, only parts of medical information that are relevant and required by healthcare providers are accessed at the point of care. This cannot be achieved without a holistic view of a medical condition through a Patient-Centered Fine-Grained Access Control (PCFGAC), in which patient-centricity is considered. This research proposes using Business Process Management (BPM) to achieve PCFGAC in order to provide a real-time access control based on a "need-to-know" principle. Through a prototype that uses BPM, security requirements of PCFGAC were met. These include: authority control, informed decision support, fine-grained access control, and dynamic policies support. Thus, a contribution to the knowledge and practice has been introduced.

show abstract

“…It substantiates the reaching of these systems to the flexible and trustable access control technology much faster [20]. However, this flexibility increases the occurrences of policy conflicts and makes the maintenance and administration of the policies difficult [48][49][50][51].…”

Section: Attribute Based Access Controlmentioning

confidence: 99%

“…A hierarchical structure is built with the role designations. Thus, a user coming to the system is assigned to the roles according to status, the requested access field, and the requested administration privileges [20,21]. Besides, similar to how it happens in other systems, rather than making the permissions and limitations work all the time, these are called into action if the user needs them via the role.…”

Section: Role Based Access Controlmentioning

confidence: 99%

Survey on Access Control Mechanisms in Cloud Computing

Karataş

Akbulut

2018

JCSM

View full text Add to dashboard Cite

The benefits that Internet-based applications and services have given to the end user with today's cloud computing technology are very remarkable. The distributed services instantly scaled over the Internet provided by cloud computing can be achieved by using some mechanisms in the background. It is a critical task for end users to control access to resources because lack of control often leads to security risks. In addition, this may cause systems to fail. This paper describes seven different access control mechanisms used in cloud computing platforms for different purposes. Besides, the advantages and disadvantages of various models developed from previous service-based architectures and used for cloud computing are detailed and classified. During the assessments, NIST's metrics were taken as a reference, and in the study, 109 articles from the past decade were examined. We also compared our research with the existing survey papers.

show abstract

An efficient fine grained access control scheme based on attributes for enterprise class applications

Cited by 9 publications

References 15 publications

Access Control Model for Modern Virtual e-Government Services: Saudi Arabian Case Study

Access Control Model for Modern Virtual e-Government Services: Saudi Arabian Case Study

Achieving Patient-Centered Fine-Grained Access Control in Hospital Information Systems - Using Business Process Management Systems

Survey on Access Control Mechanisms in Cloud Computing

Contact Info

Product

Resources

About