Trust-based Access Control Model with Quantification Method for Protecting Sensitive Attributes

Mohd Rafiz Salji,Nur Izura Udzir,Hamidah Ibrahim,Nor Fazlida Mohd Sani,Mohd Izuan Hafez Ninggal

doi:10.14569/ijacsa.2022.0130282

Mohd Rafiz Salji, Nur Izura Udzir + Show 3 more

Open Access

https://doi.org/10.14569/ijacsa.2022.0130282

Copy DOI

Abstract

The prevailing trend of the seamless digital collec-tion has prompted privacy concerns to the organization. In enforc-ing the automation of privacy policies and laws, access control has been one of the most devoted subjects. Despite the recent advances in access control frameworks and models, there are still issues that hinder the implementation of successful access control. This paper illustrates the problem of the previous model which typically preserves data without explicitly considering the protection of sensitive attributes. This paper also highlights the drawback of the previous works which provides inaccurate calculation to specify user’s trustworthiness. Therefore, a trust-based access control (TBAC) model is proposed to protect sensitive attributes. A quantification method that provides accurate calculation of the two user properties is also proposed, namely: seniority and behaviour to specify user’s trustworthiness. Experiment have been conducted to compare the proposed quantification method and the previous quantification methods. The result shows that the proposed quantification method is stricter and accurate in specifying user’s trustworthiness as compared to the previous works. Therefore, based on the result, this study resolves the issue of specifying the user’s trustworthiness. This study also indicates that the issue of protecting sensitive attributes has been resolved.

Highlights

Nowadays, information technology is growing exponentially, with an increasing number of hardware and software designed to make it easier for people to do their everyday work
This paper extends the previous works [13], [14], [15] by introducing an access control model based on trust that explicitly protects sensitive attributes, and in order to protect it, the user is calculated by using the quantification method to accurately specify the user’s trustworthiness
The proposed quantification method shows the calculation of the user seniority and behaviour, while the previous quantification methods present the quantification of the user history | experience and recommendation

Summary

Introduction

Information technology is growing exponentially, with an increasing number of hardware and software designed to make it easier for people to do their everyday work This technology helps people to preserve their data privacy by using a wide variety of applications. In the previous models [13], [14], [15], trusted user, i.e., senior role, were granted more data access than the untrusted user, i.e., www.ijacsa.thesai.org (IJACSA) International Journal of Advanced Computer Science and Applications, Vol 13, No 2, 2022 junior roles. These previous models did not mention which data could be accessed or not by trusted and untrusted users This may lead the administrator to select any categories of data to be permitted or prohibited access by each trust level of the user. An access control model based on trust needs to be proposed to protect sensitive attributes

Objectives

Methods

Results

Conclusion