For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Method of Data Collection in Requirement Analysis Phase Based on ERP
p.1495
Programming and Implementation of File Encryption System Based on Matrix Transformation
p.1502
Analysis of the Universal Embedded Database Model Based on TPMS
p.1507
Discussion on the Software Engineering Data Modeling in OWL
p.1512
Role-Based Risk Adaptive Access Control Model
p.1516
Construction of Virtual Packaging Lab Based on Virtual Instrument and Information Control
p.1522
Service-Oriented Computational Biology Community Cloud
p.1527
Research on Network Public Opinion Monitoring Based on Matrix Theory and Mathematical Statistics
p.1533
Research and Implementation of Embedded Linux System Power Optimization
p.1538

Role-Based Risk Adaptive Access Control Model

Article Preview

Abstract:

To solve the problem of only considering constraint verification and ignoring current running environmental security, Economical risk is applied in Role-Based Access Control (RBAC) to weigh user needs and environmental security according to context information and current environment. A model for Role-Based Risk Adaptive Access Control (RRAAC) combining traditional RBAC with new Risk Adaptable Access Control (RAdAC), and the method of risk calculation used in RRAAC model and its mathematic analysis and verification are presented in this paper. This RRAAC model has already been realized in a general personnel management system and experimental result shows that this model possesses great flexibility and certain adaptability coping with environmental changes during access control and task executing in business processes.

You might also be interested in these eBooks
Linear Drives for Industry Applications IX View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 416-417)

Pages:

1516-1521

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.416-417.1516

Citation:

Cite this paper

Online since:

September 2013

Authors:

Dan Hua Huang, Ya Qian Yang

Keywords:

Access Control (AC), RBAC, Risk Adaptive

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] FU Song-ling, TAN Qing-ping. Security Task & Role-based Distributed Workflow Model. Journal of National University of Defense Technology, 26(3): 57-62, (2004).

Google Scholar

[2] R. McGraw. Risk-Adaptable Access Control (RAdAC). NIST-National Institute of Standards and Technology-Information Technology Laboratory, (2009).

Google Scholar

[3] R. Choudhary. A Policy Based Architecture for NSA RAdAC Model. Proceedings of IEEE Workshop on Information Assurance and Security, 294-301, (2005).

DOI: 10.1109/iaw.2005.1495966

Google Scholar

[4] S. Kandala, R. Sandhu, V. Bhamidipati. An Attribute Based Framework for Risk-Adaptive Access Control Models. The Sixth International Conference on Availability and Security, 236-241, (2011).

DOI: 10.1109/ares.2011.41

Google Scholar

[5] W. Han, Q. Ni, H. Chen. Apply Measurable Risk to Strength Security of a Role-Based Delegation supporting Workflow System. IEEE International Symposium on Policies for Distributed Systems and Networks, 45-52, (2009).

DOI: 10.1109/policy.2009.26

Google Scholar

[6] WU Xin-song, HE Ye-ping, ZHOU Zhou-yi, LIANG Hong-liang. An Environment-Adaptive Role-Based Access Control Model. Journal of Computer Research and Development, 48(6), 983-990, (2011).

Google Scholar

[7] P. C. Cheng, P. Rohatgi, et al. Fuzzy multi-level security: An experiment on quantified risk-adaptive access control. IEEE Syposium on Security and Privacy, (2007).

DOI: 10.1109/sp.2007.21

Google Scholar

[8] Q. Ni, E. Bertino, J. Lobo. Risk-based access control systems built on fuzzy inferences. ASIACCS, (2010).

Google Scholar

[9] Q. Wang, H. Jin. Quantified risk-adaptive access control for patient privacy protection in health information systems. ASIACCS, (2011).

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.