International journal of advanced smart convergence

The Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회)
권호 표지
DOI QR코드

DOI QR Code

An extended Access Control with Uncertain Context

  • Kang, Woojun (Dept. of Business Administration, KC University)
  • Received : 2018.09.23
  • Accepted : 2018.10.08
  • Published : 2018.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

While new information technology advances have made information access and acquisition methods much more diverse and easier, there are side effects that allow illegal access using diverse and high-performance tools. In order to cope with such threats, there are access control methods in database technology, and various studies are being conducted to extend traditional access control to cope with new computing environments. In this paper, we propose an extended access control with uncertain context-awareness. It enables appropriate security policy enforcement even if the contextual constraints specified by the security policy does not match those accompanied by access request query. We extract semantic implications from context tree, and define the argument that can quantitatively measure the semantic difference between two nodes in the context tree. It is used to semantically enforce the security policy, and to prevent the excessive authorization caused by the implication.

Keywords

OTNBCL_2018_v7n4_66_f0001.png 이미지

Figure 1. Hospital Ontology

OTNBCL_2018_v7n4_66_f0002.png 이미지

Figure 2. Context Hierarchy Tree

OTNBCL_2018_v7n4_66_f0003.png 이미지

Figure 3. Context Hierarchy Tree with Instance

OTNBCL_2018_v7n4_66_f0004.png 이미지

Figure 4. Algorithm for generation of LDSC

OTNBCL_2018_v7n4_66_f0005.png 이미지

Figure 5. Algorithm SCCE for Evaluation of Semantic Context Constraints

OTNBCL_2018_v7n4_66_f0006.png 이미지

Figure 6. Algorithm for Semantic Enforcement of Access Control Policy

Table1. Inference Rule extracted from Ontology

OTNBCL_2018_v7n4_66_t0001.png 이미지

References

  1. Weiser, M., "Hot Topics: Ubiquitous Computing", IEEE Computer, 1993.
  2. Kumar, N., Chafle, G., "Context Sensitivity in Role-based Access Control", Operating Systems Review, Vol. 36, No. 3, IBM Journal, 2002.
  3. Wang, X.H., Xhang, D.Q., Gu, T., and Pung, H.K., "Ontology Based Context Modeling and Reasoning using OWL", in PerCom2004 Annual Conference on Pervasive computing and Communications Workshop, 2004.
  4. Rastogi et al, "Access Control over Uncertain Data", PVLDB '08, 2008.
  5. P. Balbiani, "Acces control with uncertain surveillance", International Conference on Web Intelligence, 2005.
  6. Dalvi et al, "Efficient query evaluation on probabilistic databases", VLDB J, 2007.
  7. Sandhu, R., Ferraiolo, D., and Kuhm, R., "The NIST Model for Role-Based Access Control: Towards A Unified Standard", in Proceedings of the fifth ACM workshop on Role-based access control, 2000.
  8. Ranganathan, R, Campbell R.H., "An Infrastructure for context-awareness based on first-order logic", Personal and Ubiquitous Computing, Vol. 7, Issue 6, 2003.
  9. R. Sandhu, P. Samarati., "Access control: principles and practice", IEEE Communication Magazine, vol. 32, 1994.
  10. Qin, L., Atluri, V., "Concept-level Access Control for the Semantic Web", in ACM Workshop on XML Security, 2003.
  11. Byun, J., Bertino, E., Li, N., "Purpose-based Access Control of Complex Data for Privacy Protection", SACMAT, pp102-110, 2005.