Role-based Access Control Research Articles

Fortifying Application Security: Integrating OAuth2 Single Sign-On with Precision Role-Based Access Control

In today's digital era, securing applications has become paramount due to the increasing sophistication of cyber threats and the proliferation of data breaches. This paper explores how integrating OAuth2 Single Sign-On (SSO) with precision Role-Based Access Control (RBAC) can significantly enhance application security. By unifying authentication and authorization mechanisms, organizations can streamline user access while mitigating risks associated with over-privileged accounts and credential fatigue. We delve into the OAuth2 protocol architecture, dissect the core components of RBAC, and present strategies for their effective integration. Through real-world case studies and comparative analyses, we highlight the benefits, challenges, and future trends of this integration. Our findings underscore the necessity for robust security frameworks that adapt to evolving threats, emphasizing the role of OAuth2 SSO and RBAC in fortifying application security. Keywords Application Security, OAuth2, Single Sign-On, Role-Based Access Control, Authentication, Authorization, Identity Providers, JSON Web Tokens, Zero Trust Security, Adaptive Authentication, Machine Learning, Identity Management, User Experience, Credential Fatigue, Cyber Threats, Access Control

Combating Antimicrobial Resistance Through a Data-Driven Approach to Optimize Antibiotic Use and Improve Patient Outcomes: Protocol for a Mixed Methods Study.

It is projected that drug-resistant infections will lead to 10 million deaths annually by 2050 if left unabated. Despite this threat, surveillance data from resource-limited settings are scarce and often lack antimicrobial resistance (AMR)-related clinical outcomes and economic burden. We aim to build an AMR and antimicrobial use (AMU) data warehouse, describe the trends of resistance and antibiotic use, determine the economic burden of AMR in Uganda, and develop a machine learning algorithm to predict AMR-related clinical outcomes. The overall objective of the study is to use data-driven approaches to optimize antibiotic use and combat antimicrobial-resistant infections in Uganda. We aim to (1) build a dynamic AMR and antimicrobial use and consumption (AMUC) data warehouse to support research in AMR and AMUC to inform AMR-related interventions and public health policy, (2) evaluate the trends in AMR and antibiotic use based on annual antibiotic and point prevalence survey data collected at 9 regional referral hospitals over a 5-year period, (3) develop a machine learning model to predict the clinical outcomes of patients with bacterial infectious syndromes due to drug-resistant pathogens, and (4) estimate the annual economic burden of AMR in Uganda using the cost-of-illness approach. We will conduct a study involving data curation, machine learning-based modeling, and cost-of-illness analysis using AMR and AMU data abstracted from procurement, human resources, and clinical records of patients with bacterial infectious syndromes at 9 regional referral hospitals in Uganda collected between 2018 and 2026. We will use data curation procedures, FLAIR (Findable, Linkable, Accessible, Interactable and Repeatable) principles, and role-based access control to build a robust and dynamic AMR and AMU data warehouse. We will also apply machine learning algorithms to model AMR-related clinical outcomes, advanced statistical analysis to study AMR and AMU trends, and cost-of-illness analysis to determine the AMR-related economic burden. The study received funding from the Wellcome Trust through the Centers for Antimicrobial Optimisation Network (CAMO-Net) in April 2023. As of October 28, 2024, we completed data warehouse development, which is now under testing; completed data curation of the historical Fleming Fund surveillance data (2020-2023); and collected retrospective AMR records for 599 patients that contained clinical outcomes and cost-of-illness economic burden data across 9 surveillance sites for objectives 3 and 4, respectively. The data warehouse will promote access to rich and interlinked AMR and AMU data sets to answer AMR program and research questions using a wide evidence base. The AMR-related clinical outcomes model and cost data will facilitate improvement in the clinical management of AMR patients and guide resource allocation to support AMR surveillance and interventions. PRR1-10.2196/58116.

Building an Impenetrable Vault: Advanced Cybersecurity Strategies for Database Servers

Organizations are relying more on database servers as storage for important information. This makes it imperative for strong measures against cyber-attack to safeguard sensitive data. The study focusses on some advanced ways of protecting database servers from cyber-crime and these are: SQL injection prevention, role-based access control, data encryption techniques, and insider threat mitigation. It also looks into the latest developments in the area such as machine learning based abnormality detection, Zero Trust architecture, and multi-factor authentication. Such practices make it possible to establish a multi-layered defensive mechanism that enhances data protection by considering the outside as well as inside dangers. Besides compliance with regulations, maintaining visibility and patch management is vital so as to remain ahead of changing cyberspace dangers. Therefore, this research presents an array of recommendations to address the entire security landscape for resilient database platforms against sophisticated assaults. The conclusions point out that there is need to amalgamate these practices towards ensuring safety in terms of risks related with contemporary database server setups. Key Words: Database Security, SQL Injection, Role-Based Access Control, Data Encryption, Insider Threat, Zero Trust Architecture.

Towards a transformation approach from SecureUML to ‎Alloy

In critical information systems, Role-Based Access Control (RBAC) has been frequently used. The specification of access control policies is an essential step in securing information systems. This article presents a transformative approach for addressing design challenges within these specifications using Model-Driven Architecture (MDA). A method is introduced for specifying and verifying model-based access control (RBAC) rules by combining SecureUML and Alloy, referred to as SecureUML2Alloy. This approach leverages transformation techniques based on metamodels to express the SecureUML source model in the Alloy target model. The SecureUML2Alloy framework allows for the generation of an initial Alloy code that can be extended with facts, functions, and predicates depending on the case. The transformative framework offers a reliable, automated mechanism for verifying security specifications in critical systems, promoting both theoretical and practical advancements in model transformation and formal verification. This method provides a pathway for future automation tools in secure system design and analysis, contributing to the reliability and security of software systems across multiple fields.

Design and implementation of anti-mapping security access technology based on illegal scanning

Abstract In the current field of information security, illegal network scanning activities are prevalent, and such behaviors are usually aimed at detecting security vulnerabilities in network systems and preparing for future attack activities. This study proposes a secure access system based on anti-mapping technology, which aims to effectively block illegal scanning behaviors while ensuring that the normal access of legitimate users is not affected. The system integrates advanced behavioral analysis algorithms that utilize machine learning techniques for deep learning and pattern recognition of network traffic, and is able to accurately distinguish between normal user activities and malicious scanning attempts. At the core of the system is a set of dynamic adaptive identification mechanisms that update the detection algorithms in real time to adapt to emerging scanning techniques and attack strategies by continuously learning from changes in network traffic. In addition, the system employs role-based access control (RBAC) policies to enhance the protection of sensitive resources. The Secure Access Gateway is deployed at the boundary of the network to monitor and filter all ingress traffic, effectively intercepting unauthorized scanning activities by comprehensively evaluating the source, behavior and frequency of traffic. Experimental results show that the proposed two-layer network structure performs well in detecting common threats such as port scanning, DDoS attacks, and SQL injections, with an accuracy rate of over 95%. Especially for complex and covert APT (advanced persistent threat) attacks, the system can significantly reduce the false alarm rate and effectively improve the detection speed. However, when dealing with some highly customized malware, the system's recognition ability still needs to be improved, which indicates that future research needs to focus more on enhancing the ability to learn and adapt to unknown threats.

Block Medcare: Advancing Healthcare Through Blockchain Integration

In an era driven by information exchange, transparency and security hold crucial importance, particularly within the healthcare industry, where data integrity and confidentiality are paramount. This paper investigates the integration of blockchain technology in healthcare, focusing on its potential to revolutionize Electronic Health Records (EHR) management and data sharing. By leveraging Ethereum-based blockchain implementations and smart contracts, we propose a novel system that empowers patients to securely store and manage their medical data. Our research addresses critical challenges in implementing blockchain in healthcare, including scalability, user privacy, and regulatory compliance. We propose a solution that combines digital signatures, Role-Based Access Control, and a multi-layered architecture to enhance security and ensure controlled access. The system's key functions, including user registration, data append, and data retrieval, are facilitated through smart contracts, providing a secure and efficient mechanism for managing health information. To validate our approach, we developed a decentralized application (dApp) that demonstrates the practical implementation of our blockchain-based healthcare solution. The dApp incorporates user-friendly interfaces for patients, doctors, and administrators, showcasing the system's potential to streamline healthcare processes while maintaining data security and integrity. Additionally, we conducted a survey to gain insights into the perceived benefits and challenges of blockchain adoption in healthcare. The results indicate strong interest among healthcare professionals and IT experts, while also highlighting concerns about integration costs and technological complexity. Our findings underscore the transformative potential of blockchain technology in healthcare, pointing towards a new era of patient-centric and secure healthcare services. By addressing current limitations and exploring future enhancements, such as integration with IoT devices and AI-driven analytics, this research contributes to the ongoing evolution of secure, efficient, and interoperable healthcare systems.

Combining Pretty Good Privacy and Role-Based Access Control Technologies for Access Protection to Confidential Data

Combining Pretty Good Privacy and Role-Based Access Control Technologies for Access Protection to Confidential Data

The Critical Role of Role-Based Access Control (RBAC) in securing backup, recovery, and storage systems

In the contemporary digital landscape, safeguarding data through robust access control mechanisms is crucial. Role-Based Access Control (RBAC) is an effective strategy for managing access to backup and recovery systems, as well as storage devices. RBAC assigns permissions based on user roles, thereby enforcing the principle of least privilege and enhancing data security. This blog explores the significance of RBAC in these contexts and extends its relevance to ransomware and malware threats, as well as disaster recovery. Supported by scientific research and industry case studies, it underscores how RBAC can mitigate risks, ensure regulatory compliance, and improve data management practices.

Insights from ARCOS-V’s Transition to Remote Data Collection during the COVID-19 Pandemic: A Descriptive Study

Introduction: The ARCOS-V study, an epidemiological study on stroke and transient ischaemic attack (TIA), faced the challenge of continuing data collection amidst the COVID-19 pandemic. This study aimed to describe the methodological changes and challenges encountered during the transition from paper-based methods to digital data collection for the ARCOS-V study and to provide insights into the potential of using digital tools to transform epidemiological research. Methods: The study adapted to remote data collection using REDCap and Zoom, involving daily health record reviews, direct data entry by trained researchers, and remote follow-up assessments. The process was secured with encryption and role-based access controls. The transition period was analysed to evaluate the effectiveness and challenges of the new approach. Results: The digital transition allowed for uninterrupted monitoring of stroke and TIA cases during lockdowns. Using REDCap and Zoom improved data reach, accuracy, and security. However, it also revealed issues such as the potential for systematic data entry errors and the need for robust security measures to protect sensitive health information. Conclusion: The ARCOS-V study’s digital transformation exemplifies the resilience of epidemiological research in the face of a global crisis. The successful adaptation to digital data collection methods highlights the potential benefits of such tools, particularly as we enter a new age of artificial intelligence (AI).

HEALTHSOLID 4.0: A novel solid-pod and blockchain-enabled framework for role-based access control and secure healthcare information exchange

HEALTHSOLID 4.0: A novel solid-pod and blockchain-enabled framework for role-based access control and secure healthcare information exchange

Optimizing Identity Management: Key Strategies for Effective Governance and Administration

The significance of identity management has escalated in today's digital environment, where sensitive information is frequently at risk of breaches and unauthorized access. This research aims to investigate the best governance and administrative practices to enhance identity management systems, with a focus on security, privacy, and usability. By analyzing current industry standards, regulations, and technological advancements, the study intends to provide valuable insights for organizations seeking to improve their identity management capabilities. The research employs a mixed-methods approach, combining quantitative surveys and data analysis with qualitative interviews, to achieve a comprehensive understanding of current practices and challenges in identity governance and administration. Key components such as authentication, authorization, and access control are examined, with practical recommendations provided to enhance identity management strategies. The study emphasizes the importance of adopting role-based access control (RBAC), continuous monitoring and compliance, identity lifecycle management, and integrating identity governance with IT infrastructure. Additionally, it highlights the significance of effective password management, robust authentication measures, and the implementation of Single Sign-On (SSO) solutions to improve security and user experience. The research also underscores the critical role of data encryption and protection measures in safeguarding sensitive information and mitigating data breach risks. By adhering to best practices in identity management, organizations can strengthen their overall cybersecurity posture, ensure regulatory compliance, and build trust among stakeholders in an increasingly complex digital landscape.

Survey paper on Secured Data Retrieval from a distributed database using custom blockchain and Role Base Access Control.

These days, there has been a paradigm shift in the upkeep of Electronic Medical Records (EMRs) in mobile cloud environments. This involves integrating cloud computing with mobile devices to facilitate the transmission of healthcare information between patients and healthcare professionals. With the help of this innovative approach, healthcare may be provided with a high degree of flexibility, minimal overhead costs, and electronic health record access. This new strategy also raises concerns about the security of the networks that enable e-health systems and the privacy of patient data. Finding a solution to efficiently distribute EMRs across mobile users in mobile cloud settings while also upholding the highest security standards is a challenging task. In this paper, explored two different distributed blockchain and cloud frameworks for EMR sharing that combine blockchain technology with a mobile cloud's Decentralised Interplanetary File System (DIFS). Based on the empirical findings, it seems that the idea provides a practical way to protect critical patient data from possible threats and guarantee the dependability of data transfers on mobile clouds. There are notable performance improvements in areas like data privacy protections, minimal network latency, maximum security levels, and lightweight access control when comparing the results of this security analysis and performance assessment to those of earlier data sharing models.

Role-Based Access Control (RBAC) Enabled Secure and Efficient Data Processing Framework for IoT Networks

Internet of Things (IoT) has the potential to significantly impact various domains e.g. health, transportation, automation, and emergency response to both man-made and natural disasters, particularly in scenarios where human decision is challenging. In this research a Role-Based Access Control (RBAC) Enabled Secure and Efficient Data Processing Framework for IoT Networks has been proposed. This framework ensures robust security and optimized data handling through granular access control mechanisms based on predefined roles. By leveraging RBAC, it mitigates unauthorized access risks, thereby safeguarding sensitive IoT data during transmission and storage. Our approach emphasizes efficiency by streamlining data processing workflows, reducing latency, and optimizing resource utilization. The framework is designed to scale with IoT network expansions and adapt to evolving security needs, promising enhanced reliability and trustworthiness in data operations for contemporary IoT environments. According to this research work current security effectiveness is 99 percent.Home area network (HAN) can be used for smart connectivity of different home appliances using IoT and automatic start and stop feature may be possible.Access control server (ACS) is used to control access and provide permission for different operations.

Innovative Solutions for High School Inventory Management: An Information System Approach

This paper explores the development and implementation of an innovative information system designed to enhance inventory management in high schools. Traditional inventory methods, often reliant on manual tracking, are prone to errors and inefficiencies, which can hinder resource allocation and decision-making. By adopting an information system approach, schools can automate processes, improve data accuracy, and provide real-time access to inventory information. The study outlines key features such as real-time tracking, automated alerts, and role-based access controls, which are critical to the system's effectiveness. The results demonstrate significant improvements in workflow efficiency, data accuracy, and overall resource management. Despite the challenges associated with system implementation, including cost and training requirements, the benefits make this approach a compelling solution for modernizing high school inventory practices. The paper concludes with recommendations for broader adoption and further research to optimize these systems for educational settings.

Data Protection in Healthcare Information Systems Using Cryptographic Algorithm with Base64 512 bitsAgnes

Recent advancement in technology in Healthcare Information Systems has led to a rise in cyber-attacks and data leakages at the data level. Existing data-level protection techniques that are developed to ensure data-level protection in Healthcare Information Systems lack integration of key security models such as Mandatory Access Controls, Role Based Access Controls and database security approaches in the design and development of data protection methods. In this study, science research methodology was used to design and develop a cryptographic algorithm with Base64 512 bits to enhance data protection at the data level. The algorithm was tested in a healthcare information system through experiments and simulations. The performance of the algorithm was tested to evaluate encryption and decryption process, strength on brute force attack and plain text vulnerability. The results of the observations showed that the developed algorithm with Base64, AES with fixed length of 512 bits, achieved optimal performance.

Cloud-Based Access Control Including Time and Location

Location-based services (LBS) offer various functionalities, but ensuring secure access to sensitive user data remains a challenge. Traditional access control methods often need more detail to enforce location-specific restrictions. This paper proposes a new approach that utilizes the Generalized Spatio-Temporal Role-Based Access Control Model (GSTRBAC) within the context of LBS. GSTRBAC grants access based on user credentials, authorized locations, and access times, providing a detailed approach to securing LBS data. We introduce an optimized cloud-based GSTRBAC implementation suitable for deployment in modern LBS architectures. The system uses two secure communication protocols tailored to different security requirements. This allows for efficient communication for less-sensitive data while offering robust protection for highly sensitive information. Additionally, a proof-of-concept mobile application demonstrates the system’s functionality and efficiency within an LBS environment. Our evaluation confirms the effectiveness of the cloud-based GSTRBAC implementation in enforcing location-specific access control while maintaining resource and time efficiency.

Leveraging Machine Learning to Improve Access Control Mechanisms in Data Warehousing

This paper delves into integrating Machine Learning (ML) algorithms into Access Control Mechanisms (ACM) within Data Warehouses (DW) to enhance both security and operational efficiency. Traditional ACMs, notably role-based access control (RBAC), often struggle with adapting to dynamic threats and complex access patterns. ML tackles these issues by improving access decision accuracy through real-time anomaly detection and adaptive control based on user behavior and contextual insights. The study examines the implementation and benefits of ML-enhanced ACMs in DW environments, highlighting their effectiveness in mitigating unauthorized access and insider threats. This research also addresses critical considerations, such as privacy protections and the interpretability of ML models, crucial for maintaining regulatory compliance and stakeholder trust. Ultimately, this study emphasizes ML's pivotal contribution to advancing security practices within Data Warehouses (DWs) and proposes future research directions to enhance adaptive security measures in evolving digital landscapes.

Resiliency Analysis of Role-Based Access Control via Constraint Enforcement and Mathematical Programming

Resiliency Analysis of Role-Based Access Control via Constraint Enforcement and Mathematical Programming

ABC REAL ESTATE MANAGEMENT SYSTEM

Abstract— This thesis presents the development and implementation of the ABC Real Estate Management System, a web-based application built using PHP and MySQL. The system is designed to streamline property management for real estate agencies, property managers, and individual landlords. It offers a user-friendly interface that caters to two primary user groups: general users and administrators. Users can search for properties based on location and features, utilize a loan calculator for financial planning, and express interest in properties. Administrators have comprehensive control over the system, including managing user accounts, property listings, and potentially real estate agents. The system emphasizes three key aspects: improved user experience, enhanced efficiency, and increased security. User-friendliness ensures that both users and admins can interact with the system intuitively. Efficiency is achieved through quick property discovery and streamlined property management tasks. Security is reinforced by implementing role-based access control, ensuring that only authorized users can access and modify sensitive data. By leveraging PHP and MySQL, the ABC Real Estate Management System addresses common challenges in property management, fostering a more efficient, secure, and user-friendly experience for both property seekers and managers. This thesis provides a detailed analysis of the system’s design, development, and potential impact on the real estate industry. Keywords: Real estate management system (REMS), Efficiency in property management, Streamlining property operations.

Real Estate Website

Abstract— This paper presents a novel real estate management system designed to address the inefficiencies faced in the contemporary property market. Developed using PHP and MySQL, the system offers a user-friendly web application that streamlines the processes for both property seekers and managers. Catering to distinct user groups, it empowers users with a comprehensive property database searchable by location and desired features. Additionally, users can leverage a built-in loan calculator (depending on implementation) for financial planning and potentially express interest in suitable properties. Admins, on the other hand, benefit from comprehensive management functionalities. These include user account management, property listing creation, editing, and availability control. The system also offers the potential to manage real estate agents, further enhancing its functionality for larger organizations. This user-centric approach prioritizes a user-friendly interface that simplifies searching, listing management, and overall interaction with the system. To ensure data security and integrity, the system implements robust role-based access control, restricting access to sensitive information based on user roles. Furthermore, a powerful search function facilitates efficient property discovery, allowing users to find their ideal properties with minimal effort. This paper delves into the details of the system, outlining its functionalities, the chosen development methodology (e.g., Agile), and the software and hardware requirements for running the application. It also acknowledges the system’s limitations in its initial phase, such as the potential need for future expansion of search filters or communication tools. Finally, the paper explores the exciting future scope of the system, including advanced search capabilities, integrated communication features, mobile application development, and potential integration with smart home technologies and machine learning for personalized recommendations. Keywords – Real Estate Management System, Property Management System, PHP,MySQL,User-Friendly Interface