Abstract
In this paper, we propose a scheme of semantic-based role matching and dynamic inspection for smart access control. The basic roles are established first, and then they are allocated to each user via a semantic analysis so that each user obtains the role with the most appropriate access. Our scheme explains the process of basic role establishment. In the process of role matching, our scheme applies the analytic hierarchy process to match roles. The established roles matched to users should not be fixed after the first round matching process. In practice, the type of user often varies, and the role matched to the user requires updating accordingly. Our scheme proposes that the system inspect roles dynamically and adjust or apply re-matching after matching. Re-matching roles not only further guarantees system security but also can bring about a better user experience. In addition, user requests can be refused by the system during process operation. This will yield an incomplete operation or generate incorrect data. To ensure the consistency of user operation, we introduce the concept of a transaction. The proposed scheme ensures the rationality of access control and data security based on semantic approaches and the analytic hierarchy process (AHP).
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ahn G-J, Sandhu R (2000) Role-based authorization constraints specification. ACM Trans Inf Syst Secur 3(4):207–226
Badii A, Crouch M, Lallah C (2010) A context-awareness framework for intelligent networked embedded systems. In: 2010 third international conference on advances in human-oriented and personalized mechanisms, technologies and services (CENTRIC). IEEE, pp 105–110. https://doi.org/10.1109/CENTRIC.2010.29
Bertino E, Bonatti PA, Ferrari E (2001) Trbac: a temporal role-based access control model. ACM Trans Inf Syst Secur 4(3):191–233
Chang DY (1996) Applications of extent analysis method on fuzzy AHP. Eur J Oper Res 95:649–655
Chatterjee S (2015) A structure-based software reliability allocation using fuzzy analytic hierarchy process a structure-based software reliability allocation using fuzzy analytic hierarchy process. Int J Syst Sci 46(3):513–525
Chessa S, Maestrini P (2003) Dependable and secure data storage and retrieval in mobile, wireless networks. Int'I Conf Depend Sys Net 207–16
Choi C, Choi J, Kim P (2014) Ontology-based access control model for security policy reasoning in cloud computing. J Supercomput 67(3):711–722
Eom J-H, Park S-H, Chung T-M (2008) A study on architecture of access control system with enforced security control for ubiquitous computing environment. J Korea Inst Inf Secur Cryptol 18(5):71–81
Foltz PW (1996) Latent semantic analysis for text-based research. Behav Res Methods Instrum Comput 28:197–202
Guan H, Wang T, Chen W (2009) Exploring architecture-based software reliability allocation using a dynamic programming algorithm. In: Proceedings of the second symposium international computer science and computational technology (ISCSCT ‘09), Huangshan, P. R. China, p 106–109
Guo K, Li YH, Lu YM (2017) An alternative-service recommending algorithm based on semantic similarity. China Comm 14(8):124–136
Halperin D et al (2008) Security and privacy for implantable medical devices. IEEE Pervasive Comp 7(1):30–39
Joshi JBD, Bertino E, Latif U, Ghafoor A (2005) A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng 17(1):4–23
Kalajainen T (2007) An access control model in a semantic data structure: case process modelling of a bleaching line. Department of Computer Science and Engineering, Helsinke University of Technology Master’s Thesis
Kropp T (2006) System threats and vulnerabilities (power system protection). IEEE Power Energ Mag 4(2):46–50
Laham D (1997b) Latent semantic analysis approaches to categorization. In: MG Shafto & P Langley. Hillsdale: Lawrence Erlbaum Associates, Inc
Lee H (1993) A structure methodology for software development effort prediction using the analytic hierarchy process. J Syst Softw 21:179–186
Li N, Tripunitara MV (2006) Security analysis in role-based access control. ACM Trans Inf Syst Secur 9(4):391–420
Nair R, Tambe M, Marsella S (2003) Role allocation and reallocation in multiagent teams: towards a practical analysis. In: AAMAS ‘03. ACM, New York, pp 552–559. https://doi.org/10.1145/860575.860664
Richardson R (2008) CSI computer crime and security survey. Computer Security Institute, New York, pp 1–31
Sidagni M (2014) Method and system for managing computer system vulnerabilities US, US8756698
Tahir MN (2007) C-RBAC: contextual role-based access control model. Ubiquit Comput Commun J 2(3):67–74
Taninaka Y, Ohura N (2003) Method and system of monitoring vulnerabilities US, US20030140250
Wang Q et al (2009) Dependable and secure sensor data storage with dynamic integrity assurance. Proc. IEEE INFOCOM
Zoua D, Heb L, Jina H, Chenc X (2009) CRBAC: imposing multi-grained constraints on the RBAC model in the multi-application environment. J Netw Comput Appl 32(2):402–411
Acknowledgements
This work was supported in part by the Korea government (Ministry of Science, ICT & Future Planning), Grant/Award Number: NRF-2015R1C1A1A01053301. This work was also supported in part by the Fundamental Research Funds for the Central Universities under Grant 2015B30614, and in part by the Natural Science Foundation of Jiangsu Province under Grant BK20160287.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Su, X., Liu, Y., Geng, Y. et al. Semantic-based role matching and dynamic inspection for smart access control. Multimed Tools Appl 77, 18545–18562 (2018). https://doi.org/10.1007/s11042-017-5220-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-017-5220-x