Relevant bibliographies by topics / Data access control policies / Journal articles

Journal articles on the topic 'Data access control policies'

To see the other types of publications on this topic, follow the link: Data access control policies.
Author: Grafiati
Published: 6 September 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Data access control policies.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Jain, Taniya. "Secure Big Data Access Control Policies for Cloud Computing Environment." International Journal of Innovative Research in Computer Science & Technology 5, no. 2 (March 31, 2017): 253–56. http://dx.doi.org/10.21276/ijircst.2017.5.2.8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Bouganim, Luc, Francois Dang Ngoc, and Philippe Pucheral. "Dynamic access-control policies on XML encrypted data." ACM Transactions on Information and System Security 10, no. 4 (January 2008): 1–37. http://dx.doi.org/10.1145/1284680.1284684.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Brewster, Christopher, Barry Nouwt, Stephan Raaijmakers, and Jack Verhoosel. "Ontology-based Access Control for FAIR Data." Data Intelligence 2, no. 1-2 (January 2020): 66–77. http://dx.doi.org/10.1162/dint_a_00029.

Full text
Abstract:
This paper focuses on fine-grained, secure access to FAIR data, for which we propose ontology-based data access policies. These policies take into account both the FAIR aspects of the data relevant to access (such as provenance and licence), expressed as metadata, and additional metadata describing users. With this tripartite approach (data, associated metadata expressing FAIR information, and additional metadata about users), secure and controlled access to object data can be obtained. This yields a security dimension to the “A” (accessible) in FAIR, which is clearly needed in domains like security and intelligence. These domains need data to be shared under tight controls, with widely varying individual access rights. In this paper, we propose an approach called Ontology-Based Access Control (OBAC), which utilizes concepts and relations from a data set's domain ontology. We argue that ontology-based access policies contribute to data reusability and can be reconciled with privacy-aware data access policies. We illustrate our OBAC approach through a proof-of-concept and propose that OBAC to be adopted as a best practice for access management of FAIR data.
APA, Harvard, Vancouver, ISO, and other styles
4

Aziz, Benjamin. "Towards open data-driven evaluation of access control policies." Computer Standards & Interfaces 56 (February 2018): 13–26. http://dx.doi.org/10.1016/j.csi.2017.09.001.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Yaokumah, Winfred. "Modelling the Impact of Administrative Access Controls on Technical Access Control Measures." Information Resources Management Journal 30, no. 4 (October 2017): 53–70. http://dx.doi.org/10.4018/irmj.2017100104.

Full text
Abstract:
Almost all computing systems and applications in organizations include some form of access control mechanisms. Managing secure access to computing resources is an important but a challenging task, requiring both administrative and technical measures. This study examines the influence of administrative access control measures on technical access control mechanisms. Based on the four access control clauses defined by ISO/IEC27002, this study develops a model to empirically test the impact of access control policies on systems and applications control activities. The study employs Partial Least Square Structural Equation Modelling (PLS-SEM) to analyze data collected from 223 samples through a survey questionnaire. The results show that the greatest significant impact on applications and systems access control measures is through access control policies mediated by users' responsibilities and accountability and user access management activities. But the direct impact of access control policies on applications and systems access control measures is not significant.
APA, Harvard, Vancouver, ISO, and other styles
6

Pervez, Zeeshan, Asad Masood Khattak, Sungyoung Lee, Young-Koo Lee, and Eui-Nam Huh. "Oblivious access control policies for cloud based data sharing systems." Computing 94, no. 12 (August 21, 2012): 915–38. http://dx.doi.org/10.1007/s00607-012-0206-z.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Venkatesan, G., and K. Ambika. "Indexing Policies in Cloud Information Accountability for Data Sharing." Asian Journal of Computer Science and Technology 2, no. 1 (May 5, 2013): 22–27. http://dx.doi.org/10.51983/ajcst-2013.2.1.1712.

Full text
Abstract:
Indexing Policies in Cloud Information Accountability for Data Sharing presents a new way to supplement the current consumption and delivery model for IT services based on the Internet, by providing for dynamically scalable and often virtualized resources as a service over the Internet. Here, User Control Policies files and Access control policies files are indexed, and then only we can search the particular file easily. Cloud Information Accountability (CIA) framework, based on the notion of information accountability. One of the main innovative features of the CIA framework lies in its ability of maintaining lightweight and powerful accountability that combines aspects of access control, usage control and authentication. By means of the CIA, data owners can track not only whether or not the service-level agreements are being honored, but also enforce access and usage control rules as needed.. Access control policies and user control policies are spread across the cloud within the control of Cloud Service provider, the new user can enter their authorized login and fetch needed files, when these files are indexed. The integrity checks and oblivious hashing (OH) technique to our system in order to strengthen the dependability of our system in case of compromised JRE and also I updated to log records structure to provide additional guarantees of integrity and authenticity.
APA, Harvard, Vancouver, ISO, and other styles
8

Liu, Gang, Guofang Zhang, Quan Wang, Shaomin Ji, and Lizhi Zhang. "Fine-grained access control method for private data in android system." International Journal of Distributed Sensor Networks 15, no. 3 (March 2019): 155014771984023. http://dx.doi.org/10.1177/1550147719840232.

Full text
Abstract:
In Android systems, sensitive information associated with system permission is exposed to the application completely once it gains the permission. To solve this problem, this article presents a fine-grained access control framework for sensitive information based on eXtensible Access Control Markup Language data flow model. In this framework, a user can define access policies for each application and resource and the application’s access request to sensitive information is evaluated by these policies. Therefore, all access requests must comply with the security policy irrespective of whether they have gained the permission associated with the information. This helps to protect sensitive data outside the Android permission mechanism. In order to facilitate users to manage policies, the proposed framework implements automatic policy generation and policy conflict detection functions. The framework is implemented in TaintDroid and experiments indicate that the improvement is effective in achieving fine-grained access control to sensitive information and does not adversely affect the system overhead costs.
APA, Harvard, Vancouver, ISO, and other styles
9

Sabitha, S., and M. S. Rajasree. "Access control based privacy preserving secure data sharing with hidden access policies in cloud." Journal of Systems Architecture 75 (April 2017): 50–58. http://dx.doi.org/10.1016/j.sysarc.2017.03.002.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Guo, Jinyi, Wei Ren, Yi Ren, and Tianqin Zhu. "A Watermark-Based in-Situ Access Control Model for Image Big Data." Future Internet 10, no. 8 (July 29, 2018): 69. http://dx.doi.org/10.3390/fi10080069.

Full text
Abstract:
When large images are used for big data analysis, they impose new challenges in protecting image privacy. For example, a geographic image may consist of several sensitive areas or layers. When it is uploaded into servers, the image will be accessed by diverse subjects. Traditional access control methods regulate access privileges to a single image, and their access control strategies are stored in servers, which imposes two shortcomings: (1) fine-grained access control is not guaranteed for areas/layers in a single image that need to maintain secret for different roles; and (2) access control policies that are stored in servers suffers from multiple attacks (e.g., transferring attacks). In this paper, we propose a novel watermark-based access control model in which access control policies are associated with objects being accessed (called an in-situ model). The proposed model integrates access control policies as watermarks within images, without relying on the availability of servers or connecting networks. The access control for images is still maintained even though images are redistributed again to further subjects. Therefore, access control policies can be delivered together with the big data of images. Moreover, we propose a hierarchical key-role-area model for fine-grained encryption, especially for large size images such as geographic maps. The extensive analysis justifies the security and performance of the proposed model
APA, Harvard, Vancouver, ISO, and other styles
11

Arunajyothi, G. "Key based Access Control Policies to Solve Security in Cloud Data Sharing." International Journal of Emerging Research in Management and Technology 6, no. 12 (June 11, 2018): 45. http://dx.doi.org/10.23956/ijermt.v6i12.33.

Full text
Abstract:
Cloud achieves not just diverse levels of accommodation and proficiency issues albeit persistently advancing in such manner, additionally extraordinary difficulties in the field of information assurance. SaaS based distributed computing stockpiling suppliers, for example, google, send space have been there for calm at some point with the security viewpoint continually being disregarded. So we propose a cloud construction modeling that addresses the security perspective as for encryption, access control and with respect to risk assessment, key controls, and monitoring and reporting execution sign. We additionally broaden it with data transmission estimation plan which is another key execution pointer of mists. Contrasted with before methodologies this plan has a lesser calculation overhead and is considered cutting edge because of usage of every conceivable execution parameter of cloud area.
APA, Harvard, Vancouver, ISO, and other styles
12

Muppavarapu, Vineela, and Soon M. Chung. "Semantic-Based Access Control for Data Resources in Open Grid Services Architecture." International Journal of Grid and High Performance Computing 6, no. 2 (April 2014): 1–23. http://dx.doi.org/10.4018/ijghpc.2014040101.

Full text
Abstract:
This paper proposes a semantic-based access control system for the data resources in the Open Grid Services Architecture - Data Access and Integration (OGSA-DAI). OGSA-DAI is a widely used middleware for integrating data resources in Grids. However, the identity-based access control in OGSA-DAI causes substantial overhead for the resource providers in virtual organizations (VOs), because the access control information of individual users has to be maintained by each resource provider. To solve these problems, the authors propose a semantic-based access control system using Shibboleth and ontology. Shibboleth, an attribute authorization service, is used to manage the user attributes, and the Web Ontology Language (OWL) is used to represent the ontology of the data resources and users. By using ontology, VOs can resolve the differences in their terminologies and specify access control policies based on concepts and user roles, instead of individual resources and user identities. As a result, the administration overhead of the resource providers is reduced considerably. In addition, the eXtensible Access Control Markup Language (XACML) is used to specify the access control policies uniformly across multiple VOs. The authors also developed an XACML policy administration tool that allows the administrators to create, update, and manage XACML policies. The performance analysis shows that our proposed system adds only a small overhead to the existing security mechanism of OGSA-DAI.
APA, Harvard, Vancouver, ISO, and other styles
13

Meneka, M., and K. Meenakshisundaram. "An Enhancement Role and Attribute Based Access Control Mechanism in Big Data." International Journal of Electrical and Computer Engineering (IJECE) 8, no. 5 (October 1, 2018): 3187. http://dx.doi.org/10.11591/ijece.v8i5.pp3187-3193.

Full text
Abstract:
To be able to leverage big data to achieve enhanced strategic insight and make informed decision, an efficient access control mechanism is needed for ensuring end to end security of such information asset. Attribute Based Access Control (ABAC), Role Based Access Control (RBAC) and Event Based Access Control (EBAC) are widely used access control mechanisms. The ABAC system is much more complex in terms of policy reviews, hence analyzing the policy and reviewing or changing user permission are quite complex task. RBAC system is labor intensive and time consuming to build a model instance and it lacks flexibility to efficiently adapt to changing user’s, objects and security policies. EBAC model considered only the events to allocate access controls. Yet these mechanisms have limitations and offer feature complimentary to each other. So in this paper, Event-Role-Attribute based fine grained Access Control mechanism is proposed, it provide a flexible boundary which effectively adapt to changing user’s, objects and security policies based on the event. The flexible boundary is achieved by using temporal and environment state of an event. It improves the big data security and overcomes the disadvantages of the ABAC and RBAC mechanisms. The experiments are conducted to prove the effectiveness of the proposed Event-Role-Attribute based Access Control mechanism over ABAC and RBAC in terms of computational overhead.
APA, Harvard, Vancouver, ISO, and other styles
14

Lakaraju, Sandeep, Dianxiang Xu, and Yong Wang. "Analysis of Healthcare Workflows in Accordance with Access Control Policies." International Journal of Healthcare Information Systems and Informatics 11, no. 1 (January 2016): 1–20. http://dx.doi.org/10.4018/ijhisi.2016010101.

Full text
Abstract:
Healthcare information systems deal with sensitive data across complex workflows. They often allow various stakeholders from different environments to access data across organizational boundaries. This elevates the risk of exposing sensitive healthcare information to unauthorized personnel, leading ‘controlling access to resources' a major concern. To prevent unwanted access to sensitive information, healthcare organizations need to adopt effective workflows and access control mechanisms. Many healthcare organizations are not yet considering or do not know how to accommodate the ‘context' element as a crucial element in their workflows and access control policies. The authors envision the future of healthcare where ‘context' will be considered as a crucial element. They can accommodate context through a new element ‘environment' in workflows, and can accommodate context in policies through well-known attribute based access control mechanism (ABAC). This research mainly addresses these problems by proposing a model to integrate workflows and access control policies and thereby identifying workflow activities that are not being protected by access control policies and improving the workflow activities and/or existing access control policies using SARE (Subject, Action, Resource, and environment) elements.
APA, Harvard, Vancouver, ISO, and other styles
15

Kuts, D. V., and S. V. Porshnev. "THE FEATURES OF MANDATORY ACCESS CONTROL MODEL IN MODERN UNAUTHORIZED ACCESS DATA PROTECTION TOOLS." Journal of the Ural Federal District. Information security 20, no. 3 (2020): 27–33. http://dx.doi.org/10.14529/secur200303.

Full text
Abstract:
This article describes the features of mandatory access control model in unauthorized ac-cess data protection tools, which can affect its efficiency. Also, some flaws of unauthorized ac-cess data protection tools and possible scenarios of unauthorized access bypassing these tools are analyzed. The countermeasures and methods of its application, eliminating detected flaws are offered. The conclusions about necessarity of analyze of unauthorized access data protec-tion tools policies and revision of its severeness, if it is necessary, were made.
APA, Harvard, Vancouver, ISO, and other styles
16

Li, Jian, and William K. Cheung. "Access Control on Semantic Web Data Using Query Rewriting." International Journal of Organizational and Collective Intelligence 1, no. 2 (April 2010): 46–66. http://dx.doi.org/10.4018/joci.2010040103.

Full text
Abstract:
Semantic Web technologies allow on-line resources to be semantically annotated to support more effective and intelligent online services. However, ontologies sometimes may contain sensitive information. Providing access to them requires proper control to ensure the data protection requirement. Yet, the protection should not be too restrictive to make the access management inflexible. While there has been recent work on policy-based access control, in this paper, the authors present a policy representation specifically for access control on ontology-based data and explain how issues like policy propagation and policy conflict resolution are addressed. The authors present bucket-based query rewriting algorithms for realizing the access control policies to avoid sensitive resources leakage in the context of the Semantic Web. The authors validate the correctness of the proposed mechanisms by going through some illustrative examples in detail.
APA, Harvard, Vancouver, ISO, and other styles
17

Shirsath, Rakesh, and Dr K. V. Daya Sagar. "A Review of fine grained access control techniques." International Journal of Engineering & Technology 7, no. 2.7 (March 18, 2018): 20. http://dx.doi.org/10.14419/ijet.v7i2.7.10249.

Full text
Abstract:
Nowadays cloud computing is most demanding technology where computing resources are availed as per demand through Internet. Cloud computing model also brings many challenges for confidentiality, integrity, privacy of data and data access control. As cloud computing develops vigorously, an increasing number of enterprises and individuals are motivated to upload their data sources to the public cloud server for sharing. It is not entirely credible for enterprises and individuals to transfer data owing to the openness of the cloud server, so they must encrypt data before uploading and also loose direct control of data. Therefore, an elastic access control or fine-grained access control approach for data is urgently required and becomes a challenging open problem. In this paper, the issue of access control is discussed by defining traditional access policies. Attribute based access policy is analysed with its types. Finally, comparison is made among all policies with respect to various parameters.
APA, Harvard, Vancouver, ISO, and other styles
18

Huang, Jie, and Dehua Wu. "Access Control Model Scheme based on Policy Grading in Natural Language Processing Blockchain Environment." Mobile Information Systems 2022 (August 8, 2022): 1–9. http://dx.doi.org/10.1155/2022/4365944.

Full text
Abstract:
In order to solve many problems such as secure storage of access policies and distrust of third parties in complex and dynamic big data environment, a hierarchical access control model under block chain environment (BP-ABAC) is proposed. Access control policies are stored in blockchain in the form of smart contracts, and access control policies are classified in contract design. Users can obtain the access permission of the corresponding policy set according to the rating evaluation. Access to a resource is obtained when the request attribute matches the policy in the policy set. The simulation results show that the model can grant corresponding access control permissions according to different users’ access requests, improve the time efficiency and accuracy of the access control process, and improve the security and privacy of the storage of access policies and the interaction of data sharing.
APA, Harvard, Vancouver, ISO, and other styles
19

Trojer, Thomas, Basel Katt, Ruth Breu, Thomas Schabetsberger, and Richard Mair. "Managing Privacy and Effectiveness of Patient-Administered Authorization Policies." International Journal of Computational Models and Algorithms in Medicine 3, no. 2 (April 2012): 43–62. http://dx.doi.org/10.4018/jcmam.2012040103.

Full text
Abstract:
A central building block of data privacy is the individual right of information self-determination. Following from that when dealing with shared electronic health records (SEHR), citizens, as the identified individuals of such records, have to be enabled to decide what medical data can be used in which way by medical professionals. In this context individual preferences of privacy have to be reflected by authorization policies to control access to personal health data. There are two potential challenges when enabling patient-controlled access control policy authoring: First, an ordinary citizen neither can be considered a security expert, nor does she or he have the expertise to fully understand typical activities and workflows within the health-care domain. Thus, a citizen is not necessarily aware of implications her or his access control settings have with regards to the protection of personal health data. Both privacy of citizen’s health-data and the overall effectiveness of a health-care information system are at risk if inadequate access control settings are in place. This paper refers to scenarios of a case study previously conducted and shows how privacy and information system effectiveness can be defined and evaluated in the context of SEHR. The paper describes an access control policy analysis method which evaluates a patient-administered access control policy by considering the mentioned evaluation criteria.
APA, Harvard, Vancouver, ISO, and other styles
20

Seifermann, Stephan, Robert Heinrich, Dominik Werle, and Ralf Reussner. "Detecting violations of access control and information flow policies in data flow diagrams." Journal of Systems and Software 184 (February 2022): 111138. http://dx.doi.org/10.1016/j.jss.2021.111138.

Full text
APA, Harvard, Vancouver, ISO, and other styles
21

Tang, Xiao Yong, Jin Wei Li, and Gui Ping Liao. "A Trust-Aware Access Control Policy for Cloud Data Protection." Applied Mechanics and Materials 411-414 (September 2013): 40–44. http://dx.doi.org/10.4028/www.scientific.net/amm.411-414.40.

Full text
Abstract:
The use of Cloud computing systems to run large-scale scientific, business and consumer based IT applications has increased rapidly in recent years. More and more Cloud users concern the data privacy protection and security in such systems. A natural way to tackle this problem is to adopt data encryption and access control policy. However, this solution is inevitably introduced a heavy computation overhead. In this paper, we first establish a trust model between Cloud servers and Cloud users. Then, we build the trust-aware attribute-based access control policies according to Cloud user trust level and Cloud request attributes. This technique can give different encryption and decryption data to Cloud user and substantive reduce the computation overhead of Cloud computing.
APA, Harvard, Vancouver, ISO, and other styles
22

Zhang, Jian, Jin Yao, and Kun Huang. "Research on Access Control Policy for Confidential Information System." Applied Mechanics and Materials 263-266 (December 2012): 3064–67. http://dx.doi.org/10.4028/www.scientific.net/amm.263-266.3064.

Full text
Abstract:
How to achieve secure access control in multi-domain is a hot research topic in the information security field. The access control policy for confidential information system is different from that for ordinary commercial information system, because the former concerns about the confidentiality of the data and the latter concerns about the integrity. Emphatically discusses the access control policies for confidential information system, including single-domain and multi-domain environment, and presents two useful access control policies for multi-domain.
APA, Harvard, Vancouver, ISO, and other styles
23

Li, Teng, Jiawei Zhang, Yanbo Yang, Wei Qiao, and Yangxu Lin. "Auditable and Times limitable Secure Data Access Control for Cloud-based Industrial Internet of Things." Journal of Networking and Network Applications 1, no. 3 (2021): 129–38. http://dx.doi.org/10.33969/j-nana.2021.010306.

Full text
Abstract:
Recently, the rapid development of Internet of things (IoT) and cloud computing technologies have greatly facilitated various industrial applications and Industrial IoT (IIoT). The widely deployed IIoT devices and large capacity of cloud significantly benefit for and bring convenience to various industrial sectors. However, there exist a large number of concerns about data security in IIoT, especially when a majority of sensitive IIoT data is shared in cloud. Although as one of the most promising technique, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) can provide fine-grained access control for IIoT data shared in cloud, there are still many drawbacks which impede the direct adoption of conventional CP-ABE. On the one hand, unlimited IIoT data access times may disable data access service of cloud and bring serious consequences. On the other hand, the access policies of ciphertexts usually consist of much sensitive information and cause privacy exposure. Moreover, the high computation overhead also extremely hinders resource-limited users in IIoT applications. To solve these problems, we propose TAHP-CP-ABE, a k-times and auditable hidden-policy CP-ABE scheme which is suitable for resource-limited users and privacy-aware access policies with data access times limitation in IIoT applications. Specifically, TAHP-CP-ABE preserves the privacy of access policies by hiding only attribute values and realizes limited access times as well as efficient IIoT ciphertexts decryption with decryption test and outsourced decryption. The security analysis and experimental results indicate that TAHP-CP-ABE is secure, efficient and practical.
APA, Harvard, Vancouver, ISO, and other styles
24

Zheng, Kaifa, Caiyang Ding, and Jinchen Wang. "A Secure Data-Sharing Scheme for Privacy-Preserving Supporting Node–Edge–Cloud Collaborative Computation." Electronics 12, no. 12 (June 19, 2023): 2737. http://dx.doi.org/10.3390/electronics12122737.

Full text
Abstract:
The node–edge–cloud collaborative computation paradigm has introduced new security challenges to data sharing. Existing data-sharing schemes suffer from limitations such as low efficiency and inflexibility and are not easily integrated with the node–edge–cloud environment. Additionally, they do not provide hierarchical access control or dynamic changes to access policies for data privacy preservation, leading to a poor user experience and lower security. To address these issues, we propose a data-sharing scheme using attribute-based encryption (ABE) that supports node–edge–cloud collaborative computation (DS-ABE-CC). Our scheme incorporates access policies into ciphertext, achieving fine-grained access control and data privacy preservation. Firstly, considering node–edge–cloud collaborative computation, it outsources the significant computational overhead of data sharing from the owner and user to the edge nodes and the cloud. Secondly, integrating deeply with the “node–edge–cloud” scenario, the key distribution and agreement between all entities embedded in the encryption and decryption process, with a data privacy-preserving mechanism, improve the efficiency and security. Finally, our scheme supports flexible and dynamic access control policies and realizes hierarchical access control, thereby enhancing the user experience of data sharing. The theoretical analysis confirmed the security of our scheme, while the comparison experiments with other schemes demonstrated the practical feasibility and efficiency of our approach in node–edge–cloud collaborative computation.
APA, Harvard, Vancouver, ISO, and other styles
25

Alattab, Ahmed Abdu, Reyazur Rashid Irshad, Anwar Ali Yahya, and Amin A. Al-Awady. "Privacy Protected Preservation of Electric Vehicles’ Data in Cloud Computing Using Secure Data Access Control." Energies 15, no. 21 (October 31, 2022): 8085. http://dx.doi.org/10.3390/en15218085.

Full text
Abstract:
Cloud computing provides a ubiquitous data storage and access mechanism for organizations, industries, and smart grids to facilitate their operations. However, the concern in cloud storage systems is to secure data access control toward authentication for sensitive data, such as the electric vehicles (EVs) requesting information for attending a charging service. Consequently, denying an authentic user’s request will result in delaying the requested service, thereby leading to service inefficiency. The role-based access control (RBAC) plays a crucial role in securing and authenticating such time-sensitive data. The design mechanism of roles is based on skills, authority, and responsibilities for organizations. For EVs, the roles are based on the type of membership, such as permanent, occasional, or one-time. In this paper, we propose a new RBAC access control and privacy-preserving information access method toward the coarse-grained measure control and privacy protection in the cloud storage system for EVs. The data can be encrypted and decrypted based on the types of users who possess appropriate access permission toward authorized and unauthorized users according to their roles specified by role-based access control policies. The proposed approach has been simulated with various role-based scenarios, and the efficiency was evaluated against state-of-the-art role-based access-control techniques.
APA, Harvard, Vancouver, ISO, and other styles
26

Emad F. Khalaf, Emad F. Khalaf. "A Survey of Access Control and Data Encryption for Database Security." journal of King Abdulaziz University Engineering Sciences 28, no. 1 (January 4, 2017): 19–30. http://dx.doi.org/10.4197/eng.28-1.2.

Full text
Abstract:
With the vast amount of data generated nowadays, organizing and managing of these data are very important to allow the users to access, retrieve, and update their data by using database systems (DBS). Most of the current organizations use DBS to increase the efficiency and the productivity of their organizations, but the security threats are becoming more dangerous to the DB. So, protection of data by keeping it integrated and secured from any undesirable intrusion became the highest priority for these organizations. DB security provides various techniques to protect data from any threats. This paper discusses two techniques used in the DB field to achieve integrity and confidentiality of the data, by using access control policies and data encryption.
APA, Harvard, Vancouver, ISO, and other styles
27

Iyer, Padmavathi, and Amirreza Masoumzadeh. "Learning Relationship-Based Access Control Policies from Black-Box Systems." ACM Transactions on Privacy and Security 25, no. 3 (August 31, 2022): 1–36. http://dx.doi.org/10.1145/3517121.

Full text
Abstract:
Access control policies are crucial in securing data in information systems. Unfortunately, often times, such policies are poorly documented, and gaps between their specification and implementation prevent the system users, and even its developers, from understanding the overall enforced policy of a system. To tackle this problem, we propose the first of its kind systematic approach for learning the enforced authorizations from a target system by interacting with and observing it as a black box. The black-box view of the target system provides the advantage of learning its overall access control policy without dealing with its internal design complexities. Furthermore, compared to the previous literature on policy mining and policy inference, we avoid exhaustive exploration of the authorization space by minimizing our observations. We focus on learning relationship-based access control (ReBAC) policy, and show how we can construct a deterministic finite automaton (DFA) to formally characterize such an enforced policy. We theoretically analyze our proposed learning approach by studying its termination, correctness, and complexity. Furthermore, we conduct extensive experimental analysis based on realistic application scenarios to establish its cost, quality of learning, and scalability in practice.
APA, Harvard, Vancouver, ISO, and other styles
28

Demurjian, Steven A., Eugene Sanzi, Thomas P. Agresta, and William A. Yasnoff. "Multi-Level Security in Healthcare Using a Lattice-Based Access Control Model." International Journal of Privacy and Health Information Management 7, no. 1 (January 2019): 80–102. http://dx.doi.org/10.4018/ijphim.2019010105.

Full text
Abstract:
Controlling access to sensitive personal information is a primary concern in healthcare. Regardless of whether access control policies are determined by patients, healthcare professionals, institutions, legal and regulatory authorities, or some combination of these, assuring the strict enforcement of policies across all systems that store personal health information is the overriding, essential goal of any healthcare security solution. While a comprehensive healthcare security architecture may need to impose specific controls on individual data items, most access control decisions will be based on sensitivity levels automatically assigned to information classes by a “sensitivity profile,” combined with the authorization level of the user. This article proposes the use of multi-level security, defined by lattice-based sensitivity profiles, to ensure compliance with data access restrictions between systems. This security approach accommodates the complexities needed for health data access and benefits from existing, proven tools that are used for defense and national security applications.
APA, Harvard, Vancouver, ISO, and other styles
29

LI, Xinlong. "A Blockchain-Based Verifiable User Data Access Control Policy for Secured Cloud Data Storage." Computational Intelligence and Neuroscience 2022 (April 27, 2022): 1–12. http://dx.doi.org/10.1155/2022/2254411.

Full text
Abstract:
Adding the adequate level of security of information systems dealing with sensitive data, privacy, or defense systems involves some form of access control. The audits performed are dealing with the determination of the allowed activities of the legal users, when attempting to access resources of the system. Usually, full access is provided after the user has been successfully authenticated through an authentication mechanism (e.g., password), while the corresponding authorization control is based on the confidentiality level of the respective resources and the authorization level assigned to each user. A very important diversification occurring in modern digital technologies is related to the identification based on blockchain technology, which is presented as a public, distributed data series, unable to modify its history and grouped in time-numbered blocks. In this work, a blockchain-based verifiable user data access control policy for secured cloud data storage is suggested for a version associated with big data in health care. It is an innovative system of applying classified access policies to secure resources in the cloud, which operates based on blockchain technology. System evaluation is carried out by studying a case in its resilience to Eclipse attack under different malicious user capabilities for routing table poisoning.
APA, Harvard, Vancouver, ISO, and other styles
30

Talha, Mohamed, and Anas Abou El Kalam. "Big Data between Quality and Security: Dynamic Access Control for Collaborative Platforms." JUCS - Journal of Universal Computer Science 27, no. 12 (December 28, 2021): 1300–1324. http://dx.doi.org/10.3897/jucs.77046.

Full text
Abstract:
Big Data often refers to a set of technologies dedicated to deal with large volumes of data. Data Quality and Data Security are two essential aspects for any Big Data project. While Data Quality Management Systems are about putting in place a set of processes to assess and improve certain characteristics of data such as Accuracy, Consistency, Completeness, Timeliness, etc., Security Systems are designed to protect the Confidentiality, Integrity and Availability of data. In a Big Data environment, data quality processes can be blocked by data security mechanisms. Indeed, data is often collected from external sources that could impose their own security policies. In many research works, it has been recognized that merging and integrating access control policies are real challenges for Big Data projects. To address this issue, we suggest in this paper a framework to secure data collection in collaborative platforms. Our framework extends and combines two existing frameworks namely: PolyOrBAC and SLA- Framework. PolyOrBAC is a framework intended for the protection of collaborative environments. SLA-Framework, for its part, is an implementation of the WS-Agreement Specification, the standard for managing bilaterally negotiable SLAs (Service Level Agreements) in distributed systems; its integration into PolyOrBAC will automate the implementation and application of security rules. The resulting framework will then be incorporated into a data quality assessment system to create a secure and dynamic collaborative activity in the Big Data context.
APA, Harvard, Vancouver, ISO, and other styles
31

Komal, Unnati. "Data Leakage Detection using Cloud Computing." International Journal for Research in Applied Science and Engineering Technology 11, no. 5 (May 31, 2023): 3129–32. http://dx.doi.org/10.22214/ijraset.2023.52273.

Full text
Abstract:
Abstract: "Data Leakage Detection Using Cloud Computing" is a project that aims to address the growing need to protect sensitive data from unauthorized access and leakage in cloud computing environments. With the increasing use of cloud-based services, there is a growing concern about data privacy and security. The project proposes a solution that leverages cloud computing technology to detect and prevent data leakage in real-time .The proposed system employs data classification, access control, and monitoring mechanisms to prevent unauthorized data access and ensure data privacy. The system is designed to monitor user activities and detect any suspicious behavior that may indicate a potential data leak. The system uses machine learning algorithms to detect anomalies in user behavior and classify data based on its sensitivity level. The system then applies access control policies to restrict user access to sensitive data.
APA, Harvard, Vancouver, ISO, and other styles
32

Dai, Chang Ying, Wen Tao Gong, and Jing Liu. "Access Process of Data-Flow in Cross-Domain Usage Control Model Based on XACML." Advanced Materials Research 143-144 (October 2010): 1275–79. http://dx.doi.org/10.4028/www.scientific.net/amr.143-144.1275.

Full text
Abstract:
With the rapid development of information technology, more and more requesters need accessing the services in different access domains, which make the access process in cross-domain become more difficultly. The traditional access control models couldn’t solve the access process for their design limitations and diversity access policies. Usage control model (UCON) was proposed to strengthen the expression of access control model, but UCON is only a conceptual model. How to use the UCON in access process? It is worthwhile to further study. Extensible access control markup language (XACML) is an open standard XML-based language, which can be used to describe the security policy. In order to solve the access process in different access domains, based on XACML, access process of data-flow in cross-domain usage control model is proposed in the paper. Access process of data-flow cross different domains in XACML is introduced to solve the cross-domain problem. Finally, a small example is given to verify the effectiveness of access process.
APA, Harvard, Vancouver, ISO, and other styles
33

Haguouche, Samira, and Zahi Jarir. "Towards a Secure and Borderless Collaboration between Organizations: An Automated Enforcement Mechanism." Security and Communication Networks 2018 (October 21, 2018): 1–13. http://dx.doi.org/10.1155/2018/1572812.

Full text
Abstract:
During the last decade, organizations have been more and more aware of the benefits of engaging in collaborative activities. To attain a required collaborative objective, they are obligated to share sensitive resources such as data, services, and knowledge. However, sharing sensitive and private resources and exposing them for an external usage may prevent the organizations involved from collaborating. Therefore, this usage requires more preoccupation with security issues. Access control is one of these required security concerns. Several access control models are defined in the literature and this multitude of models creates heterogeneity of access control policies between the collaborating organizations. In this paper, we propose Access Control in Cross-Organizational coLLABoration ACCOLLAB, a solution for automatic mapping between heterogeneous access control policies in cross-organizational collaboration. To carry out this mapping, we suggest a mechanism founded mainly on XACML profiles and on a generic language derivative of XACML we define as Generic-XACML. We also formally prove that the mapping does not affect decision evaluation of policies. Thereby the proposed contribution ACCOLLAB allows each collaborating organization to communicate their access control policies and adopt other’s policies without affecting their existing access control systems.
APA, Harvard, Vancouver, ISO, and other styles
34

Patil, Suraj Krishna, Sandipkumar Chandrakant Sagare, and Alankar Shantaram Shelar. "Use of Purpose and Role Based Access Control Mechanisms to Protect Data Within RDBMS." International Journal of Software Innovation 8, no. 1 (January 2020): 82–91. http://dx.doi.org/10.4018/ijsi.2020010105.

Full text
Abstract:
Privacy is the key factor to handle personal and sensitive data, which in large chunks, is stored by database management systems (DBMS). It provides tools and mechanisms to access and analyze data within it. Privacy preservation converts original data into some unknown form, thus protecting personal and sensitive information. Different access control mechanisms such as discretionary access control, mandatory access control is used in DBMS. However, they hardly consider purpose and role-based access control in DBMS, which incorporates policy specification and enforcement. The role based access control (RBAC) regulates the access to resources based on the roles of individual users. Purpose based access control (PuBAC) regulates the access to resources based on purpose for which data can be accessed. It regulates execution of queries based on purpose. The PuRBAC system uses the policies of both, i.e. PuBAC and RBAC, to enforce within RDBMS.
APA, Harvard, Vancouver, ISO, and other styles
35

Huang, Yi, Xin Qiang Ma, Dan Ning Li, and Rong Wu. "Research and Applications of Access Control Based on Logic SQL Database System." Advanced Materials Research 143-144 (October 2010): 672–76. http://dx.doi.org/10.4028/www.scientific.net/amr.143-144.672.

Full text
Abstract:
Access control is the process of mediating every request to data and services maintained by a system and determining whether the request should be granted or denied. Access control policies are security policies that govern access to resources. It can be applied to several new types of databases. LogicSQL is an object relational database management system implemented with the advanced (formula-lock based) concurrency control protocol, and the steged database architecture. In this paper, we discuss access control in multilevel database management systems applies and illustrate the main applies of access control in the LogicSQL database system.
APA, Harvard, Vancouver, ISO, and other styles
36

Xiong, An Ping, and Xin Xin He. "Multiple Access Control Struction for Cloud with Ciphertext." Applied Mechanics and Materials 556-562 (May 2014): 5888–92. http://dx.doi.org/10.4028/www.scientific.net/amm.556-562.5888.

Full text
Abstract:
The attribute-based encryption scheme of cloud storage application environment helps achieve a flexible access control and confidentiality of the data. However, at present efficient and fine-grained access control can not be achieved. This is caused by the heavy re-encryption workload of data owner while attribute revocation. Besides, there is no solution to revoke user directly. By introducing key segmentation and proxy re-encryption technology to encrypt the part of the heavy work to the cloud service provider to perform, the new scheme greatly reduces the computational cost of data owner. In addition, a special attribute which the data owner controls independently is added to construct different attribute domains of CP-ABE so that the data owner can completely control of the user permissions. The new scheme not only can support multiple threshold fine access control policies, but also can achieve cancellation directly to the user as well as to the user attribute. Experimental results show that the new scheme is superior to the general scheme, achieve highly efficient, fine, and flexible access control.
APA, Harvard, Vancouver, ISO, and other styles
37

Zhong, Ting, You Peng Sun, and Qiao Liu. "Fine-Grained Access Control with Efficient Revocation in Cloud Storage." Applied Mechanics and Materials 571-572 (June 2014): 79–89. http://dx.doi.org/10.4028/www.scientific.net/amm.571-572.79.

Full text
Abstract:
In the cloud storage system, the server is no longer trusted, which is different from the traditional storage system. Therefore, it is necessary for data owners to encrypt data before outsourcing it for sharing. Simultaneously, the enforcement of access policies and support of policies updates becomes one of the most challenging issues. Ciphertext-policy attribute-based encryption (CP-ABE) is an appropriate solution to this issue. However, it comes with a new obstacle which is the attribute and user revocation. In this paper, we propose a fine-grained access control scheme with efficient revocation based on CP-ABE approach. In the proposed scheme, we not only realize an efficient and immediate revocation, but also eliminate some burden of computational overhead. The analysis results indicate that the proposed scheme is efficient and secure for access control in cloud storage systems.
APA, Harvard, Vancouver, ISO, and other styles
38

Truong, Hien, José L. Hernández-Ramos, Juan A. Martinez, Jorge Bernal Bernabe, Wenting Li, Agustin Marin Frutos, and Antonio Skarmeta. "Enabling Decentralized and Auditable Access Control for IoT through Blockchain and Smart Contracts." Security and Communication Networks 2022 (June 2, 2022): 1–14. http://dx.doi.org/10.1155/2022/1828747.

Full text
Abstract:
The increase in the interconnection of physical devices and the emergence of the 5 G paradigm foster the generation and distribution of massive amounts of data. The complexity associated with the management of these data requires a suitable access control approach that empowers citizens to control how their data are shared, so potential privacy issues can be mitigated. While well-known access control models are widely used in web and cloud scenarios, the IoT ecosystem needs to address the requirements of lightness, decentralization, and scalability to control the access to data generated by a huge number of heterogeneous devices. This work proposes CapBlock, a design that integrates a capability-based access control model and blockchain technology for a fully distributed evaluation of authorization policies and generation of access credentials using smart contracts. CapBlock is intended to manage the access to information in federated IoT environments where data need to be managed through access control policies defined by different data providers. The feasibility of CapBlock has been successfully evaluated in the scope of the EU research project IoTCrawler, which aims at building a secure search engine for IoT data in large-scale scenarios.
APA, Harvard, Vancouver, ISO, and other styles
39

Pereira, Óscar Mortágua, Diogo Domingues Regateiro, and Rui L. Aguiar. "Secure, Dynamic and Distributed Access Control Stack for Database Applications." International Journal of Software Engineering and Knowledge Engineering 25, no. 09n10 (November 2015): 1703–8. http://dx.doi.org/10.1142/s0218194015710035.

Full text
Abstract:
In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: (1) if policies are complex, their enforcement can lead to performance decay of database servers; (2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.
APA, Harvard, Vancouver, ISO, and other styles
40

Kaushik, Shweta, and Charu Gandhi. "Fine Grained Decentralized Access Control With Provable Data Transmission and User Revocation in Cloud." International Journal of Information Security and Privacy 15, no. 2 (April 2021): 29–52. http://dx.doi.org/10.4018/ijisp.2021040102.

Full text
Abstract:
Cloud computing started a new era for IT enterprises. It allows the movement of application from local to remote location, massive data storage. Owner has access to centralized or decentralized data storage server, where data management handled by remote vendor. But, the heterogeneous and dynamic nature of cloud introduces security challenges. Among them, access control and integrity checking are most important which incur high consideration. Attribute-based encryption is one of the access control technique which allows integration of access policies, attributes, and encrypted data. In this paper, a new fine-grained decentralized data access control technique with user revocation has been proposed. Here, service provider is responsible for verifying the user authenticity. The proposed schema supports integrity checking and user revocation. The integrity checking proof validates that the user data is intact and revocation mechanism will help to revoke the user in linear time. Moreover, the proposed access control and authentication schemes are decentralized and comparable to other approaches.
APA, Harvard, Vancouver, ISO, and other styles
41

Shen, Xieyang, Chuanhe Huang, Danxin Wang, and Jiaoli Shi. "A Privacy-Preserving Attribute-Based Encryption System for Data Sharing in Smart Cities." Wireless Communications and Mobile Computing 2021 (October 8, 2021): 1–15. http://dx.doi.org/10.1155/2021/6686675.

Full text
Abstract:
Information leakage and efficiency are the two main concerns of data sharing in cloud-aided IoT. The main problem is that smart devices cannot afford both energy and computation costs and tend to outsource data to a cloud server. Furthermore, most schemes focus on preserving the data stored in the cloud but omitting the access policy is typically stored in unencrypted form. In this paper, we proposed a fine-grained data access control scheme based on CP-ABE to implement access policies with a greater degree of expressiveness as well as hidden policies from curious cloud service providers. Moreover, to mitigate the extra computation cost generated by complex policies, an outsourcing service for decryption can be used by data users. Further experiments and extensive analysis show that we significantly decrease the communication and computation overhead while providing a high-level security scheme compared with the existing schemes.
APA, Harvard, Vancouver, ISO, and other styles
42

Helil, Nurmamat, and Kaysar Rahman. "CP-ABE Access Control Scheme for Sensitive Data Set Constraint with Hidden Access Policy and Constraint Policy." Security and Communication Networks 2017 (2017): 1–13. http://dx.doi.org/10.1155/2017/2713595.

Full text
Abstract:
CP-ABE (Ciphertext-Policy Attribute-Based Encryption) with hidden access control policy enables data owners to share their encrypted data using cloud storage with authorized users while keeping the access control policies blinded. However, a mechanism to prevent users from achieving successive access to a data owner’s certain number of data objects, which present a conflict of interest or whose combination thereof is sensitive, has yet to be studied. In this paper, we analyze the underlying relations among these particular data objects, introduce the concept of the sensitive data set constraint, and propose a CP-ABE access control scheme with hidden attributes for the sensitive data set constraint. This scheme incorporates extensible, partially hidden constraint policy. In our scheme, due to the separation of duty principle, the duties of enforcing the access control policy and the constraint policy are divided into two independent entities to enhance security. The hidden constraint policy provides flexibility in that the data owner can partially change the sensitive data set constraint structure after the system has been set up.
APA, Harvard, Vancouver, ISO, and other styles
43

Stojanov, Riste, Vladimir Zdraveski, and Dimitar Trajanov. "Challenges and Opportunities in Applying Semantics to Improve Access Control in the Field of Internet of Things." Electronics ETF 21, no. 2 (August 8, 2018): 66. http://dx.doi.org/10.7251/els1721066s.

Full text
Abstract:
The increased number of IoT devices results in continuously generated massive amounts of raw data. Parts of this data are private and highly sensitive as they reflect owner’s behavior, obligations, habits, and preferences. In this paper, we point out that flexible and comprehensive access control policies are “a must” in the IoT domain. The Semantic Web technologies can address many of the challenges that the IoT access control is facing with today. Therefore, we analyze the current state of the art in this area and identify the challenges and opportunities for improved access control in a semantically enriched IoT environment. Applying semantics to IoT access control opens a lot of opportunities, such as semantic inference and reasoning, easy data sharing, data trading, new approaches to authentication, security policies based on a natural language and enhances the interoperability using a common ontology.
APA, Harvard, Vancouver, ISO, and other styles
44

Zhang, Duo, Shangping Wang, Yinglong Zhang, Qian Zhang, and Yaling Zhang. "A Secure and Privacy-Preserving Medical Data Sharing via Consortium Blockchain." Security and Communication Networks 2022 (May 18, 2022): 1–15. http://dx.doi.org/10.1155/2022/2759787.

Full text
Abstract:
Medical data sharing is of great significance in promoting smart medicine. However, the heterogeneity of information systems used by various medical institutions makes sharing difficult. In addition, since medical data involves a great deal of sensitive information, sharing it could easily lead to the leakage of personal privacy. Blockchain, gained popularity as a distributed ledger technology, has great potential to connect heterogeneous systems and provides authenticity and integrity guarantees for medical data sharing. Focusing on the issues of medical data sharing and privacy protection, we propose a medical data sharing scheme based on consortium blockchain. To achieve access control, attribute-based access control technique is implemented, where patients preset attribute-specific access policies for their medical records, and record requesters are described by a set of attributes. For patients, we devise a hybrid storage mode to write access policies of medical records on the consortium blockchain network and store encrypted medical records off-chain. Leveraging blockchain and smart contracts, access privilege control and access history tracking can be realized. To enhance the key management, a tree of medical records is constructed for each patient, and by simply keeping the medical record trees, patients can recover their encryption keys at any time. Furthermore, we carry out an extensive analysis to show the high security and efficiency of our proposed scheme. Finally, we build a Quorum consortium blockchain on the Tencent Cloud and deploy smart contracts on the chain to simulate transactions in our scheme. The experiment results indicate the proposed scheme achieves good feasibility.
APA, Harvard, Vancouver, ISO, and other styles
45

Ibraimi, Luan, Qiang Tang, Pieter Hartel, and Willem Jonker. "Exploring Type-and-Identity-Based Proxy Re-Encryption Scheme to Securely Manage Personal Health Records." International Journal of Computational Models and Algorithms in Medicine 1, no. 2 (April 2010): 1–21. http://dx.doi.org/10.4018/jcmam.2010040101.

Full text
Abstract:
Commercial Web-based Personal-Health Record (PHR) systems can help patients to share their personal health records (PHRs) anytime from anywhere. PHRs are very sensitive data and an inappropriate disclosure may cause serious problems to an individual. Therefore commercial Web-based PHR systems have to ensure that the patient health data is secured using state-of-the-art mechanisms. In current commercial PHR systems, even though patients have the power to define the access control policy on who can access their data, patients have to trust entirely the access-control manager of the commercial PHR system to properly enforce these policies. Therefore patients hesitate to upload their health data to these systems as the data is processed unencrypted on untrusted platforms. Recent proposals on enforcing access control policies exploit the use of encryption techniques to enforce access control policies. In such systems, information is stored in an encrypted form by the third party and there is no need for an access control manager. This implies that data remains confidential even if the database maintained by the third party is compromised. In this paper we propose a new encryption technique called a type-and-identity-based proxy re-encryption scheme which is suitable to be used in the healthcare setting. The proposed scheme allows users (patients) to securely store their PHRs on commercial Web-based PHRs, and securely share their PHRs with other users (doctors).
APA, Harvard, Vancouver, ISO, and other styles
46

Szabó, Zoltán, and Vilmos Bilicki. "Access Control of EHR Records in a Heterogeneous Cloud Infrastructure." Acta Cybernetica 25, no. 2 (December 7, 2021): 485–516. http://dx.doi.org/10.14232/actacyb.290283.

Full text
Abstract:
Since the advent of smartphones, IoT and cloud computing, we have seen an industry-wide requirement to integrate different healthcare applications with each other and with the cloud, connecting multiple institutions or even countries. But despite these trends, the domain of access control and security of sensitive healthcare data still raises a serious challenge for multiple developers and lacks the necessary definitions to create a general security framework addressing these issues. Taking into account newer, more special cases, such as the popular heterogeneous infrastructures with a combination of public and private clouds, fog computing, Internet of Things, the area becomes more and more complicated. In this paper we will introduce a categorization of these required policies, describe an infrastructure as a possible solution to these security challenges, and finally evaluate it with a set of policies based on real-world requirements.
APA, Harvard, Vancouver, ISO, and other styles
47

Краснов, С. А., А. А. Нечай, and О. Н. Бамбурова. "An approach to declining access in information systems based on intellectual data analysis." Vestnik of Russian New University. Series «Complex systems: models, analysis, management», no. 4 (January 10, 2022): 95–105. http://dx.doi.org/10.18137/rnu.v9187.21.04.p.095.

Full text
Abstract:
Рассматриваются различия между тематическим разграничением доступа и другими известными политиками безопасности, обосновывается выбор тематического подхода. Представлена модель подхода к тематическому разграничению доступа на основе интеллектуального анализа данных. Приведено сравнение существующих методов интеллектуального анализа данных и предложено использовать нейронные сети в качестве решения задачи классификации при тематическом подходе к разграничению доступа. This paper discusses the differences between thematic access control and other well-known security policies, justifies the choice of the thematic approach. A model of approach to thematic access control based on data mining is proposed. A comparison of the existing data mining methods is given and it is proposed to use neural networks as a solution to the classification problem in the proposed thematic approach to access control.
APA, Harvard, Vancouver, ISO, and other styles
48

Nagasubramanian, Gayathri, Rakesh kumar Sakthivel, and Fadi Al-Turjman. "Secure and Consistent Job Administration Using Encrypted Data Access Policies in Cloud Systems." Computers & Electrical Engineering 96 (December 2021): 107520. http://dx.doi.org/10.1016/j.compeleceng.2021.107520.

Full text
APA, Harvard, Vancouver, ISO, and other styles
49

Liu, Xueyan, Yukun Luo, and Xiaotao Yang. "Traceable Attribute-Based Secure Data Sharing with Hidden Policies in Mobile Health Networks." Mobile Information Systems 2020 (August 3, 2020): 1–12. http://dx.doi.org/10.1155/2020/3984048.

Full text
Abstract:
The growing need to store, share, and manage medical and health records has resulted in electronic medical health sharing system (mHealth), which provides intelligent medical treatment for people. Attribute-based encryption (ABE) is regarded as a new cryptology to enhance fine-grained access control over encrypted sharing data in mHealth. However, some existing attribute-based mHealth systems not only violate the one-to-many application characteristics of attribute-based encryption mechanism but also destroy the anonymity of user. In this study, an efficient scheme is proposed to tackle the above defaults and offer two-way anonymity of data owner and data user by introducing a pseudoidentity. The computation of hidden access policy is reduced by removing the bilinear pairing, whereas the interaction between cloud storage and data user is avoided to save bandwidth during trapdoor generation. We also consider the temporal factor of the uploaded information by introducing access validity. Security and performance analyses show that the proposed scheme is efficient without reducing security.
APA, Harvard, Vancouver, ISO, and other styles
50

Liu, Meiping, Cheng Yang, Hao Li, and Yana Zhang. "An Efficient Attribute-Based Access Control (ABAC) Policy Retrieval Method Based on Attribute and Value Levels in Multimedia Networks." Sensors 20, no. 6 (March 20, 2020): 1741. http://dx.doi.org/10.3390/s20061741.

Full text
Abstract:
Internet of Multimedia Things (IoMT) brings convenient and intelligent services while also bringing huge challenges to multimedia data security and privacy. Access control is used to protect the confidentiality and integrity of restricted resources. Attribute-Based Access Control (ABAC) implements fine-grained control of resources in an open heterogeneous IoMT environment. However, due to numerous users and policies in ABAC, access control policy evaluation is inefficient, which affects the quality of multimedia application services in the Internet of Things (IoT). This paper proposed an efficient policy retrieval method to improve the performance of access control policy evaluation in multimedia networks. First, retrieve policies that satisfy the request at the attribute level by computing based on the binary identifier. Then, at the attribute value level, the depth index was introduced to reconstruct the policy decision tree, thereby improving policy retrieval efficiency. This study carried out simulation experiments in terms of the different number of policies and different policy complexity situation. The results showed that the proposed method was three to five times more efficient in access control policy evaluation and had stronger scalability.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Data access control policies' for other source types:
Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography