Skip to main content
SpringerLink
Log in

A novel multilayer AAA model for integrated applications

  • Original Article
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

Nowadays, one of the problems in current authentication, authorization and accounting (AAA) model is lack of accurate roadmap of access management in integrated applications based on operational needs. In the current systems, attributes are used as effective parameters of AAA in static form. We want to present that, in order to have an efficient AAA model, we should consider AAA requirements via multilayers security policies. In this paper, a comprehensive approach is represented which defines designing AAA not only for operational and implementation level, but also in the enterprise level. In this regard, the proposed model provides all security requirements for the establishment of appropriate application-level AAA. Some of these requirements must be obtained from regulations and threat modeling, and some of other are calculated by business processes and also operational levels. According to proposed multilayer approach, the evaluation must be considered in several dimensions. So, we’ll evaluate several aspects of the proposed model. The results show that the proposed model covers many security requirements as well. It can also be useful to enhance the information security in integrated applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Nakhjiri M, Nakhjiri M (2005) AAA and network security for mobile access: radius, diameter, EAP, PKI and IP mobility. Wiley, London

    Book  Google Scholar 

  2. Bertino E, Ghinita G, Kamra A (2011) Access control for databases: concepts and systems. Found Trends Databases 3(1–2):1–148

    MATH  Google Scholar 

  3. Majumder A (2014) Taxonomy and classification of access control models for cloud environments. In: Mahmood Z (ed) Continued rise of the cloud. Springer, London, pp 23–53

    Google Scholar 

  4. Schweitzer D et al. (2007) A visual approach to teaching formal access models in security. In: Proceedings of national colloquium for information systems security education. Boston University, Boston. Academic Conferences

  5. Aluvalu R (2015) A survey on access control models in cloud computing. In: Satapathy SC (ed) Emerging ICT for bridging the future—proceedings of the 49th annual convention of the computer society of India. Springer, Berlin, pp 653–664

    Google Scholar 

  6. Jafarian JH (2008) A context-aware mandatory access control model for multilevel security environments. In: Harrison MD, Sujan M (eds) Computer safety, reliability, and security. Springer, Berlin, pp 401–414

    Chapter  Google Scholar 

  7. Yadav A, Shah R (2015) Review on database access control mechanisms and models. Int J Comput Appl 120(18):21–24

    Google Scholar 

  8. Van Tilborg H, Jajodia S (2011) Encyclopedia of cryptography and security, 2nd edn. Springer, Berlin

    Book  MATH  Google Scholar 

  9. Jafarian JH, Amini M (2009) CAMAC: a context-aware mandatory access control model. ISC Int J Inf Secur 1(1):35–54

    Google Scholar 

  10. Kamboj P (2016) Analysis of role-based access control in software-defined networking. In: Pant M (ed) Proceedings of fifth international conference on soft computing for problem solving. Springer, Berlin, pp 687–697

    Google Scholar 

  11. Sharma et al (2013) AMTRAC: an administrative model for temporal role-based access control. Comput Secur 39(1):201–218

    Article  MathSciNet  Google Scholar 

  12. Chen L (2012) Risk-aware role-based access control. In: Meadows C, Fernandez-gago C (eds) Security and trust management. Springer, Berlin, pp 140–156

    Chapter  Google Scholar 

  13. Salim F et al (2013) Budget-aware role based access control. Comput Secur 35(1):37–50

    Article  MathSciNet  Google Scholar 

  14. Zhou X, Wang Z (2007) An access control model of workflow system integrating RBAC and TBAC. In: Wang W (ed) Integration and innovation orient to e-society. Springer, Berlin, pp 246–251

    Google Scholar 

  15. Hu VC et al (2014) Guide to attribute based access control (ABAC) definition and considerations. NIST Special Publication 800-162, USA

  16. Smari W, Clemente P, Lalande J (2014) An extended attribute based access control model with trust and privacy: application to a collaborative crisis management system. Future Gener Comput Syst 31(1):147–168

    Article  Google Scholar 

  17. Almutairi A, Sarfraz M, Ghafoor A (2015) Risk-aware management of virtual resources in access controlled service-oriented cloud datacenters. IEEE Trans Cloud Comput PP:1

  18. Kandala et al (2011) An attribute based framework for risk-adaptive access control models. In: Sixth international conference on availability, reliability and security (ARES). IEEE, Vienna, pp 236–241

  19. Zhang Z (2008) Scalable role & organization based access control and its administration. Doctoral thesis. George Mason University, USA

  20. Zhao L (2008) A role-based access control security model for workflow management system in an e-healthcare enterprise. Doctoral thesis. The Florida Agricultural and Mechanical University, USA

  21. Toahchoodee M (2010) Access control models for pervasive computing environments. Doctoral thesis. Colorado State University, USA

  22. Kirkpatrick M (2011) Trusted enforcement of contextual access control. Doctoral thesis. Purdue University, USA

  23. Chen L (2011) Analyzing and developing role-based access control models. Doctoral thesis. University of London, United Kingdom

  24. Turkmen F (2012) Exploring dynamic constraint enforcement and efficiency in access control. Doctoral thesis. University of Trento, Canada

  25. Salim F (2012) Approaches to access control under uncertainty. Doctoral thesis. Queensland University of Technology, Australian State

  26. Nistgov (2016) Nistgov. Retrieved 1 April, 2016, from http://csrc.nist.gov/publications/fips/fips200/FIPS-200-final-march.pdf

  27. Nistgov (2016) Nistgov. Retrieved 1 April, 2016, from http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf

  28. Cisco (2015) Token authentication. In: Cisco (ed) Authentication, authorization, and accounting configuration guide, Cisco IOS Release 15M&T. Cisco Systems, San Jose, pp 321–326

    Google Scholar 

  29. Hastings N, Franklin J (2015) Considerations for identity management in public safety mobile networks. National Institute of Standards and Technology (NIST), Maryland

    Book  Google Scholar 

  30. Isoorg (2016) ISO. Retrieved 13 August, 2016, from http://www.iso.org/iso/catalogue_detail.htm?csnumber=23615

  31. Federal Chief Information Officers Council & The Federal Enterprise Architecture (2011) Federal identity, credential, and access management (FICAM) roadmap and implementation guidance, 2 edn. Federal Chief Information Officers Council and the Federal Enterprise Architecture, USA

  32. ISO/IEC (2014) ISO/IEC 27000:2014, Information technology—security techniques—information security management systems: ISO/IEC

  33. Information Systems Audit and Control Association (2012) COBIT 5 for information security. ISACA, Rolling Meadows

    Google Scholar 

  34. Rezakhani et al (2011) Mapping ITIL services to ontology-based model to more use in enterprises. In: 5thSASTech, Khavaran Higher-education Institute. Khavaran Higher-education Institute Publisher, Mashhad, pp 1–8

  35. Oasis-openorg (2016) Oasis-openorg. Retrieved 1 April, 2016, from http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html

  36. Jackson D (2011) Application abstractions: logic, language, and analysis (Revised Edition edn). Mit Press

  37. Mankai M, Logrippo L (2005) Access control policies: modeling and validation. In: Proceedings of the 5th NOTERE conference. Notre Dame: University of Notre Dame Press, Gatineau, pp 85–91

  38. Alissa K (2015) BP-XACML an authorisation policy language for business processes. In: Foo E, Stebila D (eds) Information security and privacy. Springer, Berlin, pp 307–325

    Chapter  Google Scholar 

  39. Nuffel DV, Backer MD (2012) Multi-abstraction layered business process modeling. Comput Ind 63(2):131–147

    Article  Google Scholar 

  40. Boulares S (2015) Information flow-based security levels assessment for access control systems. In: Benyoucef M (ed) E-technologies. Springer, Berlin, pp 105–121

    Google Scholar 

  41. Wikipediaorg (2016) Wikipediaorg. Retrieved 11 July, 2016, from https://en.wikipedia.org/wiki/Insider_threat

  42. United States Government US Army (2015) Field manual FM 3-99 airborne and air assault operations. Army Field Manual, USA

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information, communications and Security Technologies Complex, Malek-Ashtar University of Technology, Tehran, Iran

    Afshin Rezakhani & Hossein Shirazi

  2. Department of Computer Engineering, Islamic Azad University, Zanjan Branch, Zanjan, Iran

    Nasser Modiri

Authors
  1. Afshin Rezakhani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hossein Shirazi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nasser Modiri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Afshin Rezakhani.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rezakhani, A., Shirazi, H. & Modiri, N. A novel multilayer AAA model for integrated applications. Neural Comput & Applic 29, 887–901 (2018). https://doi.org/10.1007/s00521-016-2610-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-016-2610-3

Keywords

Search

Navigation