Abstract
The substantial advancements in information technologies have brought unprecedented concepts and challenges to provide solutions and integrate advanced and self-ruling systems in critical and heterogeneous structures. The new generation of networking environments (e.g., the Internet of Things (IoT), cloud computing, etc.) are dynamic and ever-evolving environments. They are composed of various private and public networks, where all resources are distributed and accessed from everywhere. Protecting resources by controlling access to them is a complicated task, especially with the presence of cybercriminals and cyberattacks. What makes this reality also challenging is the diversity and the heterogeneity of access control (AC) models, which are implemented and integrated with a countless number of information systems. The evolution of ubiquitous computing, especially the concept of Industry 4.0 and IoT applications, imposes the need to enhance AC methods since the traditional methods are not able to answer the increasing demand for privacy and security standards. To address this issue, we propose a Hierarchical, Extensible, Advanced, and Dynamic (HEAD) AC metamodel for dynamic and heterogeneous structures that is able to encompass the heterogeneity of the existing AC models. Various AC models can be derived, and different static and dynamic AC policies can be generated using its components. We use Eclipse (xtext) to define the grammar of our AC metamodel. We illustrate our approach with several successful instantiations for various models and hybrid models. Additionally, we provide some examples to show how some of the derived models can be implemented to generate AC policies.
Highlights
The current generation of networking environments, referring to dynamic and everevolving environments, such as the Internet of Things (IoT), cloud computing, etc., with several millions of users who need access to information stored in distributed data centers and servers via various types of devices, makes the process of controlling access challenging and very complicated
To enhance access control (AC) methods, the era of developing AC metamodels began within the decade to serve as unifying frameworks with advanced AC features that are able to include most features of AC models in order to define a larger set of AC policies and upgrade the defined policies [5,10,11]
The evolution of ubiquitous information systems has introduced significant challenges related to security and access control
Summary
The current generation of networking environments, referring to dynamic and everevolving environments, such as the Internet of Things (IoT), cloud computing, etc., with several millions of users who need access to information stored in distributed data centers and servers via various types of devices (wearable devices, mobile phones, tablets, . . . ), makes the process of controlling access challenging and very complicated. Implementing AC methods in complicated and distributed environments with several millions of users who might be assigned to different levels of roles, categories, groups, etc., and who request access to millions of objects, which might be distributed in levels in several sites, need a generic, dynamic, and extensible AC metamodel that supports the hierarchy of components, for example, objects, roles, categories, actions, and maybe conditions. Our concern in this paper falls under the fifth stage of developing AC methods For this purpose, we propose a Hierarchical, Extensible, Advanced, and Dynamic (HEAD) AC metamodel with unconventional features to assist developers and security experts to include its components in designing secure ISs that conform to organizational AC security policies.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
