Abstract
Establishing trust in a subject requesting access to a sensitive resource object is fundamental in history-aware access control models. A subject's past behaviour could be used as an indication about the subject's trustworthiness. In fact, a subject's trust plays a significant role in deciding the associated access rights in, for example, context-aware access control models. Recently, there have been efforts to accommodate the subject's trust level to provide smart security services including access control. Some proposals utilise data mining techniques, whereas some incorporate statistical methods to compute the subject's trust value. Most of the models fail to identify malicious attempts from genuine subjects. In this paper, we propose a new model that bridges the gap by incorporating the concepts of Recency, Frequency and Sensitivity (RFS) in trust computation. The model is formally defined and prototyped in Java using the XACML RBAC profile and its run-time performance is investigated. The results show the model adds a significant overhead on top of the RBAC core model. However, the trust computation process could be done off-line cutting down that overhead dramatically, thus providing an affordable solution.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
