Abstract
Providing a dynamic access control model that uses real-time features to make access decisions for IoT applications is one of the research gaps that many researchers are trying to tackle. This is because existing access control models are built using static and predefined policies that always give the same result in different situations and cannot adapt to changing and unpredicted situations. One of the dynamic models that utilize real-time and contextual features to make access decisions is the risk-based access control model. This model performs a risk analysis on each access request to permit or deny access dynamically based on the estimated risk value. However, the major issue associated with building this model is providing a dynamic, reliable, and accurate risk estimation technique, especially when there is no available dataset to describe risk likelihood and impact. Therefore, this paper proposes a Neuro-Fuzzy System (NFS) model to estimate the security risk value associated with each access request. The proposed NFS model was trained using three learning algorithms: Levenberg–Marquardt (LM), Conjugate Gradient with Fletcher–Reeves (CGF), and Scaled Conjugate Gradient (SCG). The results demonstrated that the LM algorithm is the optimal learning algorithm to implement the NFS model for risk estimation. The results also demonstrated that the proposed NFS model provides a short and efficient processing time, which can provide timeliness risk estimation technique for various IoT applications. The proposed NFS model was evaluated against access control scenarios of a children’s hospital, and the results demonstrated that the proposed model can be applied to provide dynamic and contextual-aware access decisions based on real-time features.
Highlights
Traditional access control models, while successful in solving various problems in some situations, are designed to offer a link between information associated with an access control rule logic and a resource to which access is requested
The results demonstrated that the Neuro-Fuzzy System (NFS) model provides an efficient and accurate risk estimation technique that can adapt to the changing conditions in the IoT environment
This paper proposed a novel NFS model to build the risk estimation technique that evaluates security risks associated with access requests
Summary
Traditional access control models, while successful in solving various problems in some situations, are designed to offer a link between information associated with an access control rule logic and a resource to which access is requested. Traditional access control models, which are based on static and predefined policies, cannot manage unanticipated scenarios and situations [1] As a result, they are incompatible with a dynamic and distributed system like the IoT. Proposing the NFS model to overcome flexibility and scalability issues associated with the fuzzy logic system for the risk estimation in the risk-based access control model;. The remainder of this paper is organized as follows: Section 2 presents related work, Section 3 provides an overview of the NFS technique, Section 4 presents the risk-based access control model, Section 5 presents the implementation of the proposed NFS model, Section 6 presents experimental results, Section 7 presents the evaluation of results, and Section 8 is the conclusion
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
