RTBAC: A Risk-Aware Topic-Based Access Control Model for Text Data with Paragraph-Level Authorization

Abstract

Granting users precise access rights is one of the purposes of access control technologies. With the increasing requirements of fine-grained authorization, too strict or too loose access control models may cause many problems. In this paper, aiming at insufficient authorizations in text databases, we propose a risk-aware topic-based access control (RTBAC) model, which uses topics to represent the content relationships between users and data. The RTBAC model also uses risk technologies to grant users corresponding access rights based on their historical behaviours and their access requests. The RTBAC model is a fine-grained access control model, and the authorization of RTBAC can reach the paragraph level. Experimental results show that RTBAC is an efficient access control model and the access control granularity of the RTBAC model is more than 3 times that of the existing content-based access control models.