A Role-Based Administrative Model for Administration of Heterogeneous Access Control Policies and its Security Analysis

Singh, M. P.; Sural, Shamik; Vaidya, Jaideep; Atluri, Vijayalakshmi

doi:10.1007/s10796-021-10167-z

Cited by 7 publications

(6 citation statements)

References 52 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• Effective administration is vital for managing access authorization changes, policy configurations, and access control-related attributes (creation, adjustment and updates) [88], [89]. Administering access control systems is necessary to accommodate changes and ensure their continued operation.…”

Section: Discussionmentioning

confidence: 99%

Exploring the Role of Machine Learning in Enhancing Access Control Systems: A Comprehensive Review

Ait el hadj

2023

IJCDS

View full text Add to dashboard Cite

Access control (AC) systems are crucial for safeguarding sensitive data and resources, yet the increasing complexity of dynamic environments has underscored the need for more accurate and efficient solutions. Therefore, there is a growing need to enhance the accuracy, efficiency, and decision-making capabilities of AC systems. Machine learning (ML) techniques offer promising solutions to address these challenges and automate access control processes. This paper conducts a systematic review of ML techniques in AC systems, involving a comprehensive analysis covering the identification and classification of ML models and their specific applications. Through a meticulous examination of 62 relevant studies published between 2000 and 2023, the review reveals a predominant focus on innovative solutions and adaptations to enhance access control decision-making. Comparative studies play a significant role in assessing different ML approaches, with a focus on identifying the most effective methods for addressing access control challenges. Notably, Attribute-Based Access Control (ABAC) and Role-Based Access Control (RBAC) emerge as the predominant models, while Support Vector Machine (SVM) tops the list as the most commonly employed ML technique, followed by Random Forest (RF) and Decision Tree (DT). The review evaluates the performance and effectiveness of ML models in AC systems, highlighting their strengths and limitations. Additionally, it addresses significant challenges in the field and identifies potential directions for future research. This systematic review provides valuable insights into the current state of ML-based access control systems, fostering further advancements in this vital domain.

show abstract

Section: Discussionmentioning

confidence: 99%

Exploring the Role of Machine Learning in Enhancing Access Control Systems: A Comprehensive Review

Ait el hadj

2023

IJCDS

View full text Add to dashboard Cite

show abstract

“…To address this, Singh et al [16] have presented a framework that enables the specification and enforcement of heterogeneous access control policies, such as RBAC and ABAC, as data in the Database. Additionally, Singh et al [17] have also presented a novel methodology for analyzing the security properties of heterogeneous access control policies. The proposed methodology models policies as facts using Datalog and analyses them through the μz tool in the presence of the administrative model.…”

Section: Security Analysis Of Rbacmentioning

confidence: 99%

Role of Access Control in Information Security: A Security Analysis Approach

Singh¹

2023

Information Security and Privacy in the Digital World - Some Selected Topics

View full text Add to dashboard Cite

Information plays a vital role in decision-making and driving the world further in the ever-growing digital world. Authorization, which comes immediately after authentication, is essential in restricting access to information in the digital world. Various access control models have been proposed to ensure authorization by specifying access control policies. Security analysis of access control policies is a highly challenging task. Additionally, the security analysis of decentralized access control policies is complex because decentralization simplifies policy administration but raises security concerns. Therefore, an efficient security analysis approach is required to ensure the correctness of access control policies. This chapter presents a propositional rule-based machine learning approach for analyzing the Role-Based Access Control (RBAC) policies. Specifically, the proposed method maps RBAC policies into propositional rules to analyze security policies. Extensive experiments on various datasets containing RBAC policies demonstrate that the machine learning-based approach can offer valuable insight into analyzing RBAC policies.

show abstract

“…This model is suitable for environments with a clear organizational structure and few role changes.Kamboj et al [2] proposed a RBAC model based on blockchain smart contracts to deal with attack methods such as man-in-the-middle attacks in organizational scenarios. The approach uses the ethereum blockchain platform and its smart contract functionality to model user resource communication.Singh et al in [3] proposed a complete role-based management model (named RAMHAC) to manage heterogeneous access control policies. We also introduce a new approach to analyze the presence of heterogeneous access control policies in RAMHAC by modeling the policies with Datalog facts and using the μz tool.…”

Section: Access Control Policies and Modelsmentioning

confidence: 99%

Overview of security access control mechanisms

Yang,

Yu,

Tang

et al. 2023

Second International Conference on Applied Statistics, Computational Mathematics, and Software Engineering (ASCMSE 2023)

View full text Add to dashboard Cite

As the core of a computer system, the operating system stores a large amount of sensitive data and critical resources, and in order to ensure the security of these resources, security access control technology has come into being. Security access control technology plays an important role in operating system security. It effectively prevents security risks such as information leakage, data corruption and system breakdown by restricting and controlling users' access to system resources. Security access control technology not only restricts the resources that users can access, but also ensures that users can only perform operations within their authorization, thus protecting the confidentiality, integrity and availability of the system. Security access control technologies use a variety of policies and mechanisms to achieve precise control and protection of resources. These technologies manage and restrict user access through roles, permissions, tags and policies to ensure that only authorized users can access sensitive data and resources, thereby maintaining the stability and trustworthiness of the operating system.

show abstract

A Role-Based Administrative Model for Administration of Heterogeneous Access Control Policies and its Security Analysis

Cited by 7 publications

References 52 publications

Exploring the Role of Machine Learning in Enhancing Access Control Systems: A Comprehensive Review

Exploring the Role of Machine Learning in Enhancing Access Control Systems: A Comprehensive Review

Role of Access Control in Information Security: A Security Analysis Approach

Overview of security access control mechanisms

Contact Info

Product

Resources

About