Enhanced Role Based Access Control Mechanism for Electronic Examination System

Onashoga, Adebukola; Abayomi‐Alli, Adebayo; Ogunseye, Timileyin

doi:10.5815/ijcnis.2014.03.01

Cited by 2 publications

(1 citation statement)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Each user has a certain role allocated to them, and each position has a set of privileges to which they alone have access. As a result, the resource management strategy needed for an educational system may be provided by RBAC [6].…”

Section: Introductionmentioning

confidence: 99%

Towards for Designing Educational System Using Role-Based Access Control

2023

IJIES

View full text Add to dashboard Cite

During the COVID-19 pandemic, online electronic educational systems have been used in most schools and universities as they were forced to move their operations from classrooms to online settings. However, these systems face a serious security issue. Access control considers the core of data security for any implemented system. This paper presents the well-known role-based access control (RBAC) approach to enhance system security and improve user role and system privilege. This study also addresses the issues faced by extant schemes, such as security risk tolerance, by proposing a privacy-preserving educational system that utilizes RBAC and smart multifactor authentication. This approach uses an asymmetric cryptosystem based on the Elgamal digital signature operation to provide multi-factor authentication while relying on low-complexity cryptographic hash functions. RBAC manages system security via the "user classification, role authorization, and unified management" approach. By limiting the amount of data that users can access, RBAC is particularly suited for multi-level applications. This approach also uses informal analysis and the Scyther tool to conduct extensive formal security proofs. RBAC offers many benefits, including mutual authentication, identity anonymity, forward secrecy, key management, and high resistance to well-known attacks, such as phishing, replay, Man-In-The-Middle (MITM), and insider attacks. Compared with other schemes, RBAC offers more security features and boasts higher cost effectiveness in processing and communication. Furthermore, our work achieves a good balance between performance and security complexity when compared to the state-of-the-art. So, we get good results at a cost of 0.253 ms for computing and 1326 bits for communication.

show abstract

Section: Introductionmentioning

confidence: 99%