Papers by Keyword: Access Control

Abstract: The aim of the project is to implement a facial recognition system for access control to enter a room. The facial image captured by a webcam and then be detected/tracked using Haar face tracking algorithm. Principal Component Analysis (PCA) and Linear Discriminant Analysis (LDA) algorithm have been used for face recognition. The system was tested with 10 users from the member of a laboratory room. Each user registered 100 images for training of the PCA and LDA. The recognition rate achieved using PCA was 70% and 97% for LDA.

Abstract: Cloud storage as a popular application in cloud services, are developing from single cloud service provider towards multiple cloud service providers. As a consequence, users need to manage their files from different sources and share in multi-clouds. While the conventional access control models are no longer suitable in multi-clouds environment. Therefore, a multi-clouds access control model based on XACML, named MCACM, is proposed here to implement access control in multi-clouds environment. In this model, cross-clouds access control is enabled through extending standard XACML framework. At last, we implemented a prototype of MCACM, and performance evaluation results show that our scheme is efficient.

Abstract: Attribute-based encryption (ABE) can keep data privacy and realize fine-grained access control. However, the notion of file hierarchy hasn't been presented until now. The problem, the multiple hierarchical files to be shared only using once encryption scheme, cannot be effectively solved. Based on the access structure layered model, a novel access control scheme about file hierarchy is proposed by using ABE to solve the problem. The proposed scheme will not only decrease the number of access structures to one, but also only require a secret key to decrypt all the authorization files. It is proved to be secure against the chosen-plaintext attack (CPA) under the decision bilinear Diffie-Hellman (DBDH) assumption. In addition, the performance analysis results indicate that the proposed scheme is efficient and practical when a large number of hierarchical files are shared.

Abstract: This article aims at the defects in access control strategy of multi-level security firewall, and presents its security classification, scope and access rules for improved methods for the sake of enhancing the security of the firewall.

Abstract: Nowadays, with the in-depth development of networking, informatization and integration the access control system has become more and more popular and important in campus. Most access control systems were developed based on MCU with the characteristics of fixed functions and hardly to extend. A kind of campus intelligent access control system based on ARM is introduced in this paper. The overall structure of the system is as follow: the communication way between host computer and the access controller is TCP/IP protocol; using CAN-BUS for communication between access controller and RFID reader. In the design process, top-down design ideas has been adopted. From the overall structure to the local design, from the host computer to access controller and RFID reader, by means of functional analysis, process planning, hardware design and software programming, finally developed a campus intelligent access control system with excellent exhibitions on powerful, stability and scalability.

Abstract: In order to meet growing demand of storage resources, improve the security and integrity of enterprise information resources, this paper analyzes storage resources status and existing problems of Foshan XY Elec-Mech Limited Corp in the first. Based on detailed analysis of cloud storage hierarchy and its advantages, the cloud storage framework is designed to meet enterprise’s demands, security control strategies and backup strategies are also discussed. After implementation, the integration of information resources in multi-systems and multi-platforms may realized for providing users with massive information storage and access services. Furthermore, when disaster coming, multiple backups may be used to recovery for ensuring the continuity of enterprise’s business processing.

Abstract: This paper presents an approach to various forms of security and different access levels required in an information system by analyzing mathematical models that can be applied to this field. By describing their structural characteristics and how they find implementation in the study of information security, this paper underlines the necessity, means and effectiveness of information security modeling. The conclusions of this paper highlight the importance of a well-defined security risk management and how achieving this goal provides an opening for future research.

Abstract: According to cross domain access control has model cannot solve the problem of record history operation; the application of trust evaluation theory reference XACML structure presents a new model. First of all, this paper introduces based on subjective logic trust evaluation theory and XACML standard decision framework. Secondly, combining trust management technology, puts forward the applied in Web cross domain access control T - WAC model, solved the cross domain access of trust computation and update. Finally, through the simulation experiments, using test data of the new model of the effect of the contrast analysis. The results show that T - WAC model can automatically adjust the authorization, achieves the anticipated effect.

Abstract: In view of the current popular cloud storage access control, some security problems were still existed. To solve the problem which the cloud service provider can’t verify the user write permissions by the CP-ABE based cloud storage access control, in this paper a cloud storage access control method is proposed which is based on the encryption algorithm of the cipher-text (CP-ABE) and the attribute-based signature (ABS). This method not only achieves the cloud storage environment information privacy and integrity, but also supports inheritance authorization and scalability.

Abstract: A method for implementing privileged management in security management based on role base access control model (RBAC₂) is proposed. The idea is creating the users security information space and the security information space for the data base management system separately. The rule and method are given for implementing the mapping from the former onto the latter. The structure of the system for implementing the security management system in the client/server environment is also presented. The adoptability, easy usability and maintainability are primary characters of the method.