Fuzzy Role-Based Access Control

Martínez-García, Carles; Navarro‐Arribas, Guillermo; Borrell, Joan

doi:10.1016/j.ipl.2011.02.010

Cited by 19 publications

(7 citation statements)

References 15 publications

(13 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The concept of "fuzzy" has been introduced to the RBAC for achieving better flexibility in handling exceptional requests [25]. The fuzzy RBAC carried out the more relaxed assignments of user-role and role-permission compared with the original RBAC model.…”

Section: Related Workmentioning

confidence: 99%

“…Therefore, the concept of risk and the opposite concept of trust have naturally been introduced as an effective and flexible assistive tool for the authorization decision-making process. For instance, the risk assessment method has already been integrated into classical models like RBAC and multiple levels of security (MLS) [25,26]. By estimating the risk of the certain request based on the specific involving information and comparing the risk with some preset acceptance criteria of risk, these risk-oriented enhanced models have achieved flexible and efficient unattended authorizations for urgent requests which do not comply with the basic access rules in original models.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Feasible Fuzzy-Extended Attribute-Based Access Control Technique

Gao

Zeng

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Attribute-based access control (ABAC) is a maturing authorization technique with outstanding expressiveness and scalability, which shows its overwhelmingly competitive advantage, especially in complicated dynamic environments. Unfortunately, the absence of a flexible exceptional approval mechanism in ABAC impairs the resource usability and business time efficiency in current practice, which could limit its growth. In this paper, we propose a feasible fuzzy-extended ABAC (FBAC) technique to improve the flexibility in urgent exceptional authorizations and thereby improving the resource usability and business timeliness. We use the fuzzy assessment mechanism to evaluate the policy-matching degrees of the requests that do not comply with policies, so that the system can make special approval decisions accordingly to achieve unattended exceptional authorizations. We also designed an auxiliary credit mechanism accompanied by periodic credit adjustment auditing to regulate expediential authorizations for mitigating risks. Theoretical analyses and experimental evaluations show that the FBAC approach enhances resource immediacy and usability with controllable risk.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Feasible Fuzzy-Extended Attribute-Based Access Control Technique

Gao

Zeng

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Non-deterministic access control models could also be considered for implementation of sequences of actions, especially when branches are considered and users can follow any of them. Several of these models exist, of which we emphasize: probabilistic models to determine risk [15][16] [17], cognitive-based systems [18] and fuzzy theory-based models [19] [20]. Ultimately, the SeqBAC model presented here is meant to be deterministic, which would allow security experts to conduct auditing and to keep a level of assurance that no unexpected access decision is made.…”

Section: Related Workmentioning

confidence: 99%

SeqBAC: A Sequence-Based Access Control Model (S)

Regateiro

Pereira

Aguiar

2018

International Conferences on Software Engineering and Knowledge Engineering

View full text Add to dashboard Cite

Access control, when used in the context of database applications, is aimed to supervise the requests made by legitimate users to access sensitive data. These requests represent actions that a user can perform on a database and they typically read or write data. While this supervision can be formalized at a higher level, e.g. using an access control model such as RBAC, in the end, the data access is done through each authorized action. Therefore, the current access control models enforce their policies on an action by action basis, being unable to support relations of order between them. In many database applications, access to data is not done randomly, but by following very specific sequences of actions which are not supervised. This paper argues that a better security policy can be achieved by supervising these sequences. Thus, previous research is leveraged to propose a formalized model, capable of enforcing access control over the sequences of actions that can complement existing access control models.

show abstract

“…They then compared the ontology of similar frameworks [3]. This process considerably reduced the difficulties encountered by cloud service providers.…”

mentioning

confidence: 99%

An A-RBAC mechanism for a multi-tenancy cloud environment

Yang

Guo

2014

2014 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace &Amp; Elec

View full text Add to dashboard Cite

With the evolution of software technology, companies require more highperformance hardware to enhance their competitiveness. Cloud computing is the result of distributed computing and grid computing processes and is gradually being seen as the solution to the companies. Cloud computing can virtualizes existing software and hardware to reduce costs. Thus, companies only require high Internet bandwidth and devices to access cloud service on the Internet. This would decrease many overhead costs and the number of IT staff required. When many companies rent a cloud service simultaneously, this is called a multitenancy cloud service. However, how to access resource safely is important if adopt multi-tenancy cloud computing technology. The cloud computing environment is vulnerable to network-related attacks. This research improves the role-based access control authorization mechanism and combines it with attribute check mechanism to determine which tenant that user can access. The enhanced authorization can improve the safety of cloud computing services and protected the data privacy.

show abstract

Fuzzy Role-Based Access Control

Cited by 19 publications

References 15 publications

A Feasible Fuzzy-Extended Attribute-Based Access Control Technique

A Feasible Fuzzy-Extended Attribute-Based Access Control Technique

SeqBAC: A Sequence-Based Access Control Model (S)

An A-RBAC mechanism for a multi-tenancy cloud environment

Contact Info

Product

Resources

About