Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
Trust and Risk based Access Control and Access Control Constraints
- Authors
- Nurmamat Heli; Kim, Mu Cheol; Sangyong Han
- Issue Date
- Nov-2011
- Publisher
- 한국인터넷정보학회
- Keywords
- Trust; risk; role-based access control; constraints
- Citation
- KSII Transactions on Internet and Information Systems, v.5, no.11, pp 2254 - 2271
- Pages
- 18
- Journal Title
- KSII Transactions on Internet and Information Systems
- Volume
- 5
- Number
- 11
- Start Page
- 2254
- End Page
- 2271
- ISSN
- 1976-7277
1976-7277
- Abstract
- Access control in dynamic environments needs the ability to provide more access opportunities of information to users, while also ensuring protection information from malicious users. Trust and risk are essential factors and can be combined together in access control decision-making to meet the above requirement. In this paper, we propose the combination of the trust and risk in access control to balance information accessibility and protection. Access control decision is made on the basis of trustworthiness of users and risk value of permissions. We use potential relations between users and relations between permissions in access control. Our approach not only provides more access opportunities for trustworthy users in accessing permissions, but also enforces traditional access control constraints such as Chinese Wall policy and Separation of Duty (SoD) of Role-Based Access Control (RBAC) model in an effective way.
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.