Computer Science

Computer Science ›› 2015, Vol. 42 ›› Issue (4): 123-126.doi: 10.11896/j.issn.1002-137X.2015.04.024

Previous Articles     Next Articles

Access Control Subject Similarity and Constraints

Abdugheni ABDUXUKUR, Kaysar RAHMAN and Nurmamat HELIL   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

559

Abstract: Constraint is an important factor in access control.It restricts sensitive combination of objects to be accumulated into similar subjects.However,conventional access control constraints lack flexibility.In order to improve the flexi-bility of constraints,we firstly respectively analysed potential inner-relationships among subjects and objects,and the relationships between them in access control.Then we proposed the concept of similar subject groups,and on this basis proposed revised access control constraint.Secondly,we implemented an experiment of subjects accessing objects.Experimental result shows the presented constraint is feasible and flexible.This revised constraint not only has the capability of conventional access control constraints,but also effectively prevents similar subjects’ collusive attack to the system.

Key words: Access control constraints,Separation of duty,Chinese wall policy,Subject similarity

[1] Crampton J.Specifying and enforcing constraints in role-basedaccess control[C]∥Proceedings of the eighth ACM symposium on Access control models and technologies.ACM,2003:43-50
[2] Brewer D F C,Nash M J.The chinese wall security policy[C]∥Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy.1989:215-228
[3] Ma X P,Li R X,Lu Z D,et al.Mining constraints in role-based access control[J].Mathematical and Computer Modelling,2012,55(1):87-96
[4] Ahn G J,Sandhu R.Role-based authorization constraints specification[J].ACM Transactions on Information and System Securi-ty (TISSEC),2000,3(4):207-226
[5] Sandhu R S,Coynek E J,Feinsteink H L,et al.Role-Based Access Control Models[J].IEEE computer,1996,29(2):38-47
[6] INCITS A.INCITS 359-2004,American national standard forinformation technology,role based access control[S].NewYork:ANSI INCITS,2004
[7] Helil N,Kim M,Han S.Trust and Risk based Access Controland Access Control Constraints[J].KSII Transactions on Internet & Information Systems,2011,5(11):2254-2271
[8] Sharifi A,Tripunitara M V.Least-restrictive enforcement of the Chinese wall security policy[C]∥Proceedings of the 18th ACM Ssymposium on Access Control Models and Technologies.ACM,2013:61-72
[9] Bijon K Z,Krishman R,Sandhu R.Constraints Specication inAttribute Based Access Control[J].Science,2013,2(3):131-144
[10] Tsai T H,Chen Y C,Huang H C,et al.A practical chinese wall security model in cloud computing[C]∥2011 13th Asia-Pacific Network Operations and Management Symposium (APNOMS).IEEE,2011:1-4
[11] 何永忠,李晓峰,冯登国.RBAC 实施中国墙策略及其变种的研究[J].计算机研究与发展,2007,44(4):615-622
[12] 张毅辉,梁久祯.侵略型中国墙安全模型的 RBAC 配置的扩展研究[J].计算机工程与应用,2010,46(29):114-116
[13] Priebe T,Fernandez E B,Mehlau J I,et al.A pattern system for access control[M]∥Research Directions in Data and Applications Security XVIII.Springer US,2004:235-249
[14] Baracaldo N,Joshi J.A trust-and-risk aware rbac framework:tackling insider threat[C]∥Proceedings of the 17th ACM symposium on Access Control Models and Technologies.ACM,2012:167-176
[15] Chari S,Lobo J,Molloy I.Practical risk aggregation in rbacmodels[C]∥Proceedings of the 17th ACM symposium on Access Control Models and Technologies.ACM,2012:117-118
[16] Palla G,Derényi I,Farkas I,et al.Uncovering the overlapping community structure of complex networks in nature and society[J].Nature,2005,435(7043):814-818
[17] Farkas I,ábel D,Palla G,et al.Weighted network modules[J].New Journal of Physics,2007,9(6):180
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.