Abstract
The generalized trusted user-to-role assignment role-based access control (TURA-RBAC) scheme is first integrated and proposed in this paper, which is a new trusted role-based access control (RBAC) model. It could give a solution to cope with the problem on when many malicious users who want to launch insider threats (InTs) are assigned to an RBAC system. In the other words, the untrusted case is a type of InTs. The approach takes the advantages via soft computing approaches which are chosen by the system to evaluate each user in same interactive session. Upon finding some malicious access content, the user will be denied access to the role as well as the role-based RSA key. The main contributions are described as the following: first, this scheme designs a user-to-role assignment utilizing content awareness via soft computing techniques. Second, a novel generalization model of trusted RBAC is defined in this paper, which adds a new role-to-key assignment into the trusted RBAC model. Third, both the RSA algorithm and AKL approach are combined together into the role hierarchy structure in the TURA-RBAC model. Fourth, the dynamic change in role-to-key assignment in the role hierarchy is designed in this paper. In addition, the scheme provides a scheme that could achieve not only reduce the damage from InTs, but also easy implementation for trusted RBAC. In the end, the discussions, comparisons and security analyses are also presented in this paper.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Akl SG, Taylor PD (1983) Cryptographic solution to a problem of access control in a hierarchy. ACM Trans Comput Syst 1(3):239–248
Balamurugan B, Krishna PV (2015) Enhanced role-based access control for cloud security, artificial intelligence and evolutionary algorithms in engineering systems. Adv Intell Syst Comput 324:837–852
Cao J, Yao ZA (2005) An improved access control scheme for hierarchical groups. In: Proceedings of the 19th international conference on advanced information networking and applications, pp 719–723
Chang CC, Lin C-H, Lee W, Hwang P-C (2004) Secret sharing with access structures in a hierarchy. In: Proceedings of the 18th international conference on advanced information networking and application, pp 123–126
Chen HC, Christiana A (2014) A role-based RSA key management approach in a hierarchy scheme. In: Proceedings of eighth international conference on innovative mobile and internet services in ubiquitous computing (IMIS2014), pp 258–264, Birmingham, UK, 2–4 July 2014
Chen HC (2010) A generalized temporal and spatial role-based access control model. J Netw 5(8):912–920
Choi JH, Kang DH, Jang H, Eom YI (2008) Adaptive access control scheme utilizing context awareness in pervasive computing environments. In: Proceedings of IEEE international performance, computing and communications conference (IPCCC 2008), pp 491–498
Coyne E, Weil TR (2013) ABAC and RBAC: scalable, flexible, and auditable access management. IT Prof 15(3):14–16
Desmedt Y (1988)Society and group oriented cryptography: a new concept. In: Proceedings of conference on the theory and applications of cryptographic techniques on advances in cryptology (CRYPTO’87), Springer, Berlin, pp 120–127
Feng F, Lin C, Peng D, Li J (2008) A trust and context based access control model for distributed systems. In: Proceedings of 10th IEEE international conference on high performance computing and communications, (HPCC2008), pp 629–634 2008
Ferraiolo DF, Kuhn DR (1992) Role-based access controls. In: Proceedings of the 15th national computer security conference, pp 554–563, Oct. 13–16, 1992
Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur 4(3):224–274
Ghodosi H, Pieprzyk J, Chames C, Naini RS (1996) Algorithm for hierarchical croups. In: Proceedings of 1’st security and privacy conference, pp 275–285
Lan Z, Varadharajan V, Hitchens M (2013) Integrating trust with cryptographic role-based access control for secure cloud data storage. In: Proceedings of 12th IEEE international conference on trust, security and privacy in computing and communications (Trust Com 2013), pp 560–569
Li H, Wang S,Tian X, Wei W, Sun C (2015) A survey of extended role-based access control in cloud computing. On the proceedings of the 4th international conference on computer engineering and networks, pp 821–831
Lu R, Li X, Liang Xi, Shen X, Lin X (2011) GRS: the green, reliability, and security of emerging machine to machine communications. IEEE Commun Mag 49(4):28–35
Lu R, Lin X, Zhu H, Liang X, Shen X (2012) BECAN: a bandwidth-efficient cooperative authentication scheme for filtering injected false data in wireless sensor networks. IEEE Trans Parallel distrib Syst 23(1):32–43
May A (2004) Computing the RSA secret key is deterministic polynomial time equivalent to factoring. In: Proceedings on lecture notes in computer science, advances in cryptology—CRYPTO 2004, Springer, Berlin, pp 213–219
MissionMode (2013) Effective incident management: insider security threats. http://www.missionmode.com/blog/insider-threats-are-a-serious-cyber-security-issue/. Accessed date April 9, 2013
Odelu V, Das AK, Goswami A (2013) Scheme for a user hierarchy based on a hybrid algorithm. Smart Comput Rev 3(1):42–54
Patsakis C, Fountas E (2009) Creating RSA trapdoors using lagrange four square theorem. In: Proceedings of 5th international conference on intelligent information hiding and multimedia signal processing, Kyoto. IEEE, pp 779–782
Rivest RL, Kaliski B (2005) RSA problem. In: van Tilborg HCA (ed) Encyclopedia of cryptography and security. Springer, Berlin
Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key algorithms. Commun ACM 21(2):120–126
Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29:38–47
Weber HA (2003) Role-based access control: the NIST solution. Certification: GSEC, Version: 1.4b, Option: 1, SANS Institute Reading Room, Oct. 8, 2003
Acknowledgments
This work was supported in part by the Ministry of Science and Technology, Taiwan, Republic of China, under Grant MOST 103-2221-E-468-027. Also, my gratitude goes to Michael Burton, Asia University, for his kindly assistance with language editing.
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by A. Jara, M.R. Ogiela, I. You and F.-Y. Leu.
Rights and permissions
About this article
Cite this article
Chen, HC. A trusted user-to-role and role-to-key access control scheme. Soft Comput 20, 1721–1733 (2016). https://doi.org/10.1007/s00500-015-1715-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-015-1715-4