Abstract
Due to the dynamics and uncertainty of the current network environment, access control is one of the most important factors in guaranteeing network information security. How to construct a scientific and accurate access control model is a current research focus. In actual access control mechanisms, users with high trust values bring better benefits, but the losses will also be greater once cheating access is adopted. A general access control game model that can reflect both trust and risk is established in this paper. First, we construct an access control game model with user behavior trust between the user and the service provider, in which the benefits and losses are quantified by using adaptive regulatory factors and the user’s trust level, which enhances the rationality of the policy making. Meanwhile, we present two kinds of solutions for the prisoner’s dilemma in the traditional access control game model without user behavior trust. Then, due to the vulnerability of trust, the user’s trust value is updated according to the interaction situation in the previous stage, which ensures that the updating of the user’s trust value can satisfy the “slow rising-fast falling” principle. Theoretical analysis and the simulation experiment both show that this model has a better performance than a traditional game model and can guarantee scientific decision-making in the access control mechanism.
Highlights
Access control is one of the most important methods for guaranteeing information security.Conventional access control mechanisms, such as discretionary access control (DAC) [1,2], mandatory access control (MAC) [3,4], and role-based access control (RBAC) [5,6,7,8], satisfy the access control requirements of most service providers
We propose two types of access control game models, one is the game model without user trust and the other is the game model considering user trust
Construct access control game model considering user trust, in which the utility of the user and the service provider are quantified using user trust level x and adaptive regulatory factor β j, and risk is reflected in an implicit way in the utility function
Summary
Access control is one of the most important methods for guaranteeing information security. A solution to the prisoner’s dilemma in the traditional access control game model without user trust is proposed in this paper. The experiment shows that the user’s trust value presents a slowly increasing trend on the whole with the increase of interaction times This is because our game model has potential incentive effects on the benign collaboration between the user and the service provider.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have