2015
DOI: 10.1002/sec.1303
|View full text |Cite
|
Sign up to set email alerts
|

Risk adaptive hybrid RFID access control system

Abstract: Dynamic environments pose a challenge for traditional access control models where permissions are granted or revoked merely based on predefined and static access policies making them incapable of dynamically adapting to changing conditions. Risk adaptive access control models have been gaining more attention in the research community as an alternative approach to overcome the limitations of traditional access control models. Radio Frequency Identification (RFID) is an emerging technology widely utilized in bot… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

1
7
0

Year Published

2016
2016
2023
2023

Publication Types

Select...
4
2
1

Relationship

0
7

Authors

Journals

citations
Cited by 7 publications
(8 citation statements)
references
References 16 publications
1
7
0
Order By: Relevance
“…In this research, an enhanced access control system, which utilizes user behaviour and time analysis to detect anomalous access behaviour and quantifies the risk value using a multilevel fuzzy inference system, is proposed (EHRA-MFIS). The proposed EHRA-MFIS system extends previous hybrid RFID risk adaptive access control systems [10] [11] called HRA and HRA-MFIS, respectively. It uses the same systems proposed in [10] and [11].…”
Section: Introductionmentioning
confidence: 95%
“…In this research, an enhanced access control system, which utilizes user behaviour and time analysis to detect anomalous access behaviour and quantifies the risk value using a multilevel fuzzy inference system, is proposed (EHRA-MFIS). The proposed EHRA-MFIS system extends previous hybrid RFID risk adaptive access control systems [10] [11] called HRA and HRA-MFIS, respectively. It uses the same systems proposed in [10] and [11].…”
Section: Introductionmentioning
confidence: 95%
“…Figure 1 illustrates the main parties to the NFC mobile payment application, as follows: (1) the credit card that is identified through the NFC mobile to deliver the payment service to the customer; (2) the point of sale (POS) that is integrated with the NFC technology; and (3) the authentication center (AuC) that serves as the trusted third party (TTP), which includes the security parameters of NFC mobiles and NFC POSs in the payment system. In general, payment is performed through the following operations [6,13,16,22,23,24]: (1) the customer tabs the NFC mobile in the range of the NFC POS to send the payment request message; (2) the NFC POS resends the payment request message to the AuC; (3) the AuC checks the security information of both POS NFC and NFC mobile devices; (4) the AuC transmits the response payment message to the NFC POS; (5) the latter authenticates the NFC mobile; (6) the NFC POS sends the response payment message to the NFC mobile; and (7) on receiving the response payment message, the NFC mobile verifies the NFC POS and completes the payment operation. Numerous authentication protocols have been proposed to overcome the security drawbacks in NFC mobile payment applications [25,26,27,28,29].…”
Section: Figure 1 Nfc Mobile Payment Application Partiesmentioning
confidence: 99%
“…Moreover, to conceal the identities of the authentication parties, the SAP-NFC protocol renews the identities and the secret keys of the NFC devices in each successful authentication session. Consequently, this protocol can defeat existing attacks on NFC mobile payment applications [4,9,13]. NFC technology is used to establish the connection between the NFC mobile and the NFC POS [29].…”
Section: Figure 1 Nfc Mobile Payment Application Partiesmentioning
confidence: 99%
“…However, in mobile objects, the implementation of security significantly degrades the system's performance or changes the data capture, affecting the storage of information, which has led to the development of models and policies for improving confidentiality protection and governance for object tracking data [177,178]. There are access control methods based on IPv6 [179], more simple approaches that work without a backend system [180], and hybrid systems that support online and offline modes, to adapt according to the rules [181]. These methods are used, for example, to control access for vehicles [182] and healthcare environments [182].…”
Section: Access Controlmentioning
confidence: 99%