Abstract
Based on the analysis of various access control mechanisms, a widely applicable privacy-preserving and security hybrid access control mechanism for systems is proposed. This mechanism, which is called attribute and role based hybrid access control mechanism of encryption and time (ET-ARBHAC), consists of two processes, namely the attribute-based access control (ABAC) process and role-based access control (RBAC) process. In ET-ARBHAC, ABAC procedure is designed to encrypt related attribute values and allocate roles and RBAC procedure is added a re-verified time mechanism to increase system security and save system resources. Theoretical methods and architecture of the mechanism were illustrated in this paper. This study provides precious theoretical contributions for researchers and theoretical references for system/website developers, system operators and system technology vendors.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Jiang, Y., Lin, C., Yin, H., et al.: Security analysis of mandatory access control model. In: IEEE International Conference on Systems (2004)
Bellettini, C., Bertino, E., Ferrari, E.: Role based access control models. Inf. Secur. Techn. Rep. 6(2), 21–29 (2001)
Jha, S., Sural, S., Atluri, V., et al.: Specification and verification of separation of duty constraints in attribute-based access control. IEEE Trans. Inf. Forensics Secur. 13(4), 897–911 (2018)
Sandhu, R.S.: Role-based access control model. IEEE Comput. 29, 38–47 (1996)
Gouglidis, A., Mavridis, I.: domRBAC: an access control model for modern collaborative systems. Comput. Secur. 31(4), 540–556 (2012)
ANSI-INCITS359-2004: Information Technology—Role-Based Access Control. American Nat’l Standards Inst./Int’l Committee for Information Technology Standards (2004)
Servos, D., Osborn, S.L.: Current research and open problems in attribute-based access control. ACM Comput. Surv. 49(4), 1–45 (2017)
Wang, L., Wijesekera, D., Jajodia, S.: A logic-based framework for attribute based access control. In: ACM Workshop on Formal Methods in Security Engineering (2004)
Zhang, X., Li, Y., Nalla, D.: An attribute-based access matrix model. In: Proceedings of the 2005 ACM Symposium on Applied Computing, p. 359 (2005)
Rubio-Medrano, C.E., D’Souza, C., Ahn, G.J.: Supporting secure collaborations with attribute-based access control. In: International Conference on Collaborative Computing: Networking. IEEE (2015)
Shafiq, B., Bertino, E., Ghafoor, A.: Access control management in a distributed environment supporting dynamic collaboration. In: Workshop on Digital Identity Management, pp. 104–112. ACM (2005)
Lee, A.J.: Open problems for usable and secure open systems. In: Proceedings of the Workshop on Usability Research Challenges for Cyber Infrastructure and Tools (2006)
Kuhn, D.R., Coyne, E.J., Weil, T.R.: Adding attributes to role-based access control. Computer 43(6), 79–81 (2010)
Cheng, Y., Park, J., Sandhu, R.: Attribute-aware relationship-based access control for online social networks. In: Atluri, V., Pernul, G. (eds.) DBSec 2014. LNCS, vol. 8566, pp. 292–306. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43936-4_19
Cheng, Y., Park, J., Sandhu, R.: A user-to-user relationship-based access control model for online social networks. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 8–24. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31540-4_2
Jin, X., Sandhu, R., Krishnan, R.: RABAC: role-centric attribute-based access control. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 84–96. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33704-8_8
Acknowledgments
As the research of the thesis is sponsored by National Natural Science Foundation of China (No: 61662017, No: 61262075), Key R & D projects of Guangxi Science and Technology Program (AB17195042), Guangxi Natural Science Foundation (No: 2017GXNSFAA198223), Guilin Science and Technology Project Fund (No: 2016010408), Guangxi Key Laboratory Fund of Embedded Technology and Intelligent System, we would like to extend our sincere gratitude to them.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Cheng, X., Dai, F., Hu, M., Gui, Q. (2019). An Improved Privacy-Preserving and Security Hybrid Access Control Mechanism. In: Shen, S., Qian, K., Yu, S., Wang, W. (eds) Wireless Sensor Networks. CWSN 2018. Communications in Computer and Information Science, vol 984. Springer, Singapore. https://doi.org/10.1007/978-981-13-6834-9_15
Download citation
DOI: https://doi.org/10.1007/978-981-13-6834-9_15
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-6833-2
Online ISBN: 978-981-13-6834-9
eBook Packages: Computer ScienceComputer Science (R0)