Towards a Fine-Grained Access Control Mechanism for Privacy Protection and Policy Conflict Resolution
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2019, Vol 10, Issue 2
Abstract
Access control is a security technique that specifies access rights to resources in a computing environment. As information systems nowadays become more complex, it plays an important role in authenticating and authorizing users and preventing an attacker from targeting sensitive information. However, no proper consideration has been fully investigated so far in privacy protection. While many studies have acknowledged this issue, recent studies have not provided a fine-grained access control system for data privacy protection. As the data set becomes larger, we have to confront more privacy challenges. For example, the access control mechanism must be able to guarantee fine-grained access control, privacy protection, conflicts and redundancies between rules of the same policy or between different policies. In this paper, we propose a comprehensive framework for enforcing attribute-based security policies stored in the JSON document together with the feature of data privacy protection and incorporates a policy structure based on the prioritization of functions to resolve conflicts at a fine-grained level called “Privacy aware access control model for policy conflict resolution”. We also use Polish notation for modeling condi-tional expressions which are the combination of subject, action, resource, and environment attributes so that privacy policies are flexible, dynamic and fine-grained. Experiments are carried out to two aspects (i) illustrate the relationship between the processing time for access decision and the complexity of policies;(ii) illustrate the relationship between the processing time for the traditional approach (single policy, multi-policy without priority) and our approach (multi-policy with priority). Experimental results show that the evaluation performance satisfies the privacy requirements defined by the user.
Authors and Affiliations
Ha Xuan Son, En Chen
Keywords
Related Articles
- EP ID EP468660
- DOI 10.14569/IJACSA.2019.0100265
- Views 97
- Downloads 0
ETEEM- Extended Traffic Aware Energy Efficient MAC Scheme for WSNs
Idle listening issue arises when a sensor node listens to medium despite the absence of data which results in consumption of energy. ETEEM is a variant of Traffic Aware Energy Efficient MAC protocol (TEEM) which focuses...
Robust R Peak and QRS detection in Electrocardiogram using Wavelet Transform
In this paper a robust R Peak and QRS detection using Wavelet Transform has been developed. Wavelet Transform provides efficient localization in both time and frequency. Discrete Wavelet Transform (DWT) has been used to...
An Algorithm that Prevents SPAM Attacks using Blockchain
There are many systems and methods for prevent-ing spam attacks. However, at present there is no specific tried-and-true method for preventing such attacks. In this paper, we propose an algorithm, “SAGA BC” to prevent sp...
Comparison of Machine Learning Algorithms to Classify Web Pages
The ‘World Wide Web’, or simply the web, represents one of the largest sources of information in the world. We can say that any topic we think about is probably finding it's on the web. Web information comes in different...
Physiological Responese Measrement to Identify Online Visual Representation Designs
This research involved the identification and validation of text-related visual display design principles from the literature. Representations were designed and developed that illustrated the intent of each visual displa...