Trust-based Access Control Model Research Articles

Trust-based Access Control Model with Quantification Method for Protecting Sensitive Attributes

The prevailing trend of the seamless digital collec-tion has prompted privacy concerns to the organization. In enforc-ing the automation of privacy policies and laws, access control has been one of the most devoted subjects. Despite the recent advances in access control frameworks and models, there are still issues that hinder the implementation of successful access control. This paper illustrates the problem of the previous model which typically preserves data without explicitly considering the protection of sensitive attributes. This paper also highlights the drawback of the previous works which provides inaccurate calculation to specify user’s trustworthiness. Therefore, a trust-based access control (TBAC) model is proposed to protect sensitive attributes. A quantification method that provides accurate calculation of the two user properties is also proposed, namely: seniority and behaviour to specify user’s trustworthiness. Experiment have been conducted to compare the proposed quantification method and the previous quantification methods. The result shows that the proposed quantification method is stricter and accurate in specifying user’s trustworthiness as compared to the previous works. Therefore, based on the result, this study resolves the issue of specifying the user’s trustworthiness. This study also indicates that the issue of protecting sensitive attributes has been resolved.

Development of trust based access control models using fuzzy logic in cloud computing

Cloud computing is the technology that provides different types of services as a useful resource on the Internet. Resource trust value will help the cloud users to select the services of a cloud provider for processing and storing their essential information. Also, service providers can give access to users based on trust value to secure cloud resources from malicious users. In this paper, trust models are proposed, which comes under the subjective trust model based on the behavior of user and service provider to calculate the trust values. The trust is fuzzy, which motivated us to apply fuzzy logic for calculating the trust values of the cloud users and service providers in the cloud environment. We use a Mamdani fuzzy method with gauss membership function for fuzzification and triangular membership function for defuzzification. Parameters such as performance and elasticity are taken for trust evaluation of the resource. The attributes for calculating performance are workload and response time. And for calculating elasticity, we have taken scalability, availability, security, and usability. The fuzzy C-means clustering is applied to parameters for evaluating the trust value of users such as bad requests, bogus requests, unauthorized requests, and total requests.

ITrust: identity and trust based access control model for healthcare system security

The patient and healthcare professionals use the Electronic Healthcare System (EHS) for accessing medical records from the remote locations via the Internet. The emerging healthcare system has several advantages such as better management of the healthcare data, streamlined collaboration, improvement of medical care, insurance purpose, medical data backup, etc. Regardless of its advantages, the sensitivity and openness nature of the healthcare system arises different type of attacks and threats such as insider attack, service hijacking, abuse use of healthcare data, and impersonation attack. In the EHS, without knowing the prior information of the requester, data sharing is another considerable issue. Hence, a dynamic Access Control Model (ACM) is needed to overcome the above-discussed issues. In the EHS, the addition of trust into the access control solutions can provide dynamic access to the resources. To achieve such a model, in this paper, we have added user trust into the Identity Based Access Control (IBAC) model. For the computation of user trust, we have used beta reputation approach. An access control rule set has been proposed based on the trust degree and identity of the user to provide access in a controlled manner. This hybrid ACM and rule set not only protect the data from unauthorized access but also dynamically control the access view of the healthcare data. The experimental result of the proposed model shows that it is more accurate and reliable as compared to other trust models.

An adaptive mutual trust based access control model for electronic healthcare system

With the increasing growth of the Electronic healthcare system (EHS), the security of the EHS is an essential requirement because different types of users (patient, doctor, nurse, etc.) are accessing these systems for various purposes like treatment, research, drug analysis, etc. In the EHS, two major security challenges arise. First one is the selection of an access control mechanism without any prior information about the healthcare users. The second one is how much amount of data will be shared by the healthcare services and practitioner. Hence, a suitable access control technique is essential which not only provides the static access but also dynamically control the views of the requested data, so that the information will be shared in a controlled manner. In the healthcare system, trust can be viewed as an important judgment parameter for controlling the access of different stakeholders as it is an open system with different types of users. The main aim of the work is to control the access view so that only authorized user can access the information in a controlled manner. It also improves adaptivity of the access control model by integration of dynamic trust degree of communicating parties. To fulfill the above-discussed security requirements, in this paper, we have proposed an access control model, which is based on the trust degree of the healthcare user and service, named as mutual trust. The assessment of user and service trust degree is based on the beta distribution technique. A rule set has been developed based on this mutual trust degree to control the data access view, which is dynamically changed with the communicating parties trust level. The detail implementation of the proposed model shows that the accuracy and efficiency of the model are better as compared to other models.

Research on Trust-Role Access Control Model in Cloud Computing

Abstract In order to ensure the security of data in cloud computing, a trust-role-based hybrid cloud computing access control model is proposed based on the combination of role-based and trust-based access control models. The model introduces the calculation of trust based on the role-based access control, that is, the user needs to verify the trust value in order to obtain the permission to access the data. Through the application in the local business system, it shows that the model can effectively solve the user’s legitimate access to the data in the cloud, that is, to protect the security of the data in the cloud. The trust-based access control model has good advantages in terms of system throughput and storage space. As the number of user requests increases, both access control methods increase significantly in terms of throughput, but when the number of user requests reaches 10, the system throughput of both access control methods decreases, but based on trust - The role’s access control method is always larger than the role-based access control method in terms of throughput, which roughly increases the total amount by about ten percent.

Trust based access control model for securing electronic healthcare system

An important issue in the Cloud-Based Electronic Healthcare System (CBEHS) is to protect the sensitive data and resources from the untrusted user. Enforcing the protection in the CBEHS, the access control model plays an important role. Access control is a security mechanism that checks every request of the data to identify the legitimate user. The access request will be granted or denied with the help of preconfigured access control policies. Although, in the previous years, many access control methods, techniques, and models have been proposed, but due to changing user’s behavior and security requirements in the CBEHS, the models suffer from several attacks and threats like Sybil attacks, collusion attack, insider attack, service hijacking, misuse of health data, and impersonation attack, etc. Due to this type of attack, the healthcare data and resources become more vulnerable. In this paper, we have proposed an access control model which is based on the trustworthiness of the requested user. This Trust-Based Access Control Model for Healthcare System (TBACMHS) framework composed of the trust mechanism, trust model, and access control policies which enhance the accuracy and efficiency of the system. This access control framework will ensure the only trusted and authorized user can access the data and resources. The detail design and presentation of the model show that the accuracy and efficiency of the CBEHS are more as compared to other trust models.

Multi-Factor Synthesis Decision-Making for Trust-Based Access Control on Cloud

Providing a creditable basis for access control decision-making is not an easy task for the resource pooling, dynamic, and multi-tenant cloud environment. The trust notation can provide this creditable basis, based on multiple factors that can accurately compute the user’s trust for the granting access entity. In this paper, the formal trust model has been introduced, which presents a novel method to provide the basis for granting access. It is based on three factors and their semantic relations, which investigate important measures for the cloud environment. Also, a new Trust-Based Access Control (TB-AC) model has been proposed. The proposed model supports dynamically changing the user’s assigned permissions based on its trust level. In addition, TB-AC ensures secure resource sharing among potential untrusted tenants. TB-AC has been deployed on a separated VM in our private cloud environment, which is built using OpenStack. The experimental results indicated that TB-AC can evaluate access requests within reasonable and acceptable processing times, which is based on the final trust level calculation and the communication between TB-AC and some of the intended OpenStack services. By considering very rough conditions and huge traffic overhead, the final trust level can be calculated in an average time of 200[Formula: see text]ms. Furthermore, the communication overhead between TB-AC and each of Keystone, Nova, and Neutron is very light. Finally, TB-AC has been tested under different scenarios and is provable, usable and scalable.

System security model based on trusted access control under cloud computing environment

It has become a hot spot of cloud security to provide good service for legal user, and prevent access from illegal user or illegal access from legal user. Therefore, it is urgent to design a reasonable access control security model under cloud computing. This paper discusses trust definition and computation in cloud computing environment and uses scientific methods to compute comprehensive trust degree. Then based on RBAC model the conception of trust is introduced to form a trust-based access control model. The security model satisfies the design for access control mechanism in opened system, by establishing indirect user-role distribution relation and context constrain which reflecting context information. The formal definition and access control policies of the model are explained. The scheme can dynamically determine the authorisation according to the user's trust value, so it can detect the user's abnormal behaviour at any time and respond in a timely manner. The simulations shows this model can effectively help users in cloud service to make choices on security and reliability, and it also shows better dynamic property to prevent abnormal behaviours of the users.

A trust-based cloud computing access control model

The paper introduces the current status of the research on the trust-based access control model. On the based of the traditional TRBAC model, the paper presents a new trust model where the concepts are introduced, e.g. authentication, trust threshold value and secondary verification, etc. In this p aper, the trust value is ranked and a detailed computing method is disclosed for credibility value. When the trust grade is at certain level, the service provider would perform permission granting. The experiment shows that the new model has relatively strong competence to resist malicious attacks.

Interaction Modelling using Trust and Recommendation in Cloud Computing Environment

To ensure a secure computing in a cloud environment, recommendation and trust-based access control model is proposed. The proposed model allows calculation of direct trust and indirect trust based on recommendations. It handles cases where the requesting entity may have a past interaction experience or fresh entity without any past experience with the service. It includes the capability to cause human reasoning performance and can change by behavioral pattern modifications. Positive and negative threshold limits are used to handle malicious recommendation. The results of security mechanism so integrated with the proposed model against attacks such as bad mouthing attack, Sybil attack, and on-off behavior attack are verified. General Terms Cloud, Security, Algorithm.

Trust-based Access Control Model in Multi-domain Environment

Access control is a process which control users to execute some operations of access some network resource according to the users identify of attribution. This paper analyzes current access control model, and extends the RBAC (role based access control) model, and based on which we propose a trust based access control model in Multi-domain environment (MDTRBAC). Design a heap-based trust management mechanism for MD-TRBAC Model, which is used to control the cross-domain access resource among different domains. The MDTRBAC model can provide more security, flexible and dynamic access control mechanism, and therefore improve both the security and the reliable of authorization mechanism.

A Lightweight Trust-based Access Control Model in Cloud-Assisted Wireless Body Area Networks

The integration of Wireless Body Area Networks (WBANs) with cloud computing will enable users (including physicians and nurses) to globally access the electronic healthcare data at competitive costs. However, some new issues on data access control are associated with the integration of WBANs and cloud computing. In order to address these issues, we propose a lightweight trust-based access control model, where the users can acquire their access control privileges for the electronic healthcare data according to the user role and trust value in the trust certificates. Simulation results show that our method can better alleviate the communication overhead and energy consumption problem.

MTBAC: A mutual trust based access control model in Cloud computing

As a new computing mode, cloud computing can provide users with virtualized and scalable web services, which faced with serious security challenges, however. Access control is one of the most important measures to ensure the security of cloud computing. But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing. In cloud computing environment, only when the security and reliability of both interaction parties are ensured, data security can be effectively guaranteed during interactions between users and the Cloud. Therefore, building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment. Combining with Trust Management(TM), a mutual trust based access control (MTBAC) model is proposed in this paper. MTBAC model take both user's behavior trust and cloud services node's credibility into consideration. Trust relationships between users and cloud service nodes are established by mutual trust mechanism. Security problems of access control are solved by implementing MTBAC model into cloud computing environment. Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.

Trust-based access control model from sociological approach in dynamic online social network environment.

There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

A mechanism for detecting dishonest recommendation in indirect trust computation

Abstract Indirect trust computation based on recommendations form an important component in trust-based access control models for pervasive environment. It can provide the service provider the confidence to interact with unknown service requesters. However, recommendation-based indirect trust computation is vulnerable to various types of attacks. This paper proposes a defense mechanism for filtering out dishonest recommendations based on a measure of dissimilarity function between the two subsets. A subset of recommendations with the highest measure of dissimilarity is considered as a set of dishonest recommendations. To analyze the effectiveness of the proposed approach, we have simulated three inherent attack scenarios for recommendation models (bad mouthing, ballot stuffing, and random opinion attack). The simulation results show that the proposed approach can effectively filter out the dishonest recommendations based on the majority rule. A comparison between the exiting schemes and our proposed approach is also given.