Advertisement

Intelligent Access Control: A Self-Adaptable Trust-Based Access Control (SATBAC) Framework Using Game Theory Strategy

  • G. S. ThejasEmail author
  • T. C. Pramod
  • S. S. Iyengar
  • N. R. Sunitha
Conference paper

Abstract

Access control mechanisms are widely used to secure the computer and network resources from attacks like leakage of sensitive information and denial of services. It differentiates the honest and dishonest users by limiting their access to the information and resources. Traditional access control models are not efficient in the open network environment where adaptability is required due to the dynamic nature of user, network, and the service provider. In this paper, we propose a modified dynamic framework which is the self-adaptable trust-based access control (SATBAC) with the help of several access request evaluating techniques like opinion and reputation, behavior and history, and credential and location. We then analyze the trust values obtained from the integrated access control evaluation techniques using game theory-based reward-punishment strategy to decide whether to grant access or not. Comparison and implementation of the proposed access control mechanism for e-commerce service are done to highlight the effectiveness of the proposed framework.

Keywords

Adaptive access control Behavior and history Game theory-based reward-punishment strategy Opinion and reputation Security Trust management 

References

  1. 1.
    Access Control.: Wikipedia, https://en.wikipedia.org/wiki/Access_control (2014). Accessed 03 Jan 2017
  2. 2.
    Ausanka-Crues, R.: Methods for access control: advances and limitations. Harvey Mudd College (2001)Google Scholar
  3. 3.
    Bernabe, J.B., Hernandez Ramos, J.L., Skarmeta Gomez, A.F.: TACIoT: multidimensional trust-aware access control system for the Internet of Things. Soft Comput. 20(5), 1763–1779 (2015)Google Scholar
  4. 4.
    Bernasco, W., Elffers, H., van Gelder, J.-L., Rauhut, H.: The Oxford Handbook on Offender Decision Making. University of Zurich, Institute of Sociology, Switzerland (2015)Google Scholar
  5. 5.
    Chen, W., Jiang, W.: Analysis and design of an adaptive automated trust negotiation system. In: Proceedings of International Conference on Mechatronic Science, Electric Engineering and Computer, pp. 2320–2325. IEEE, Jilin (2011)Google Scholar
  6. 6.
    De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Recent advances in access control. In: Gertz M., Jajodia S. (eds.). Handbook of Database Security, pp. 1–26. Springer, Berlin (2008)Google Scholar
  7. 7.
    Dimmock, N., Bacon, J., Ingram, D., Moody, K.: Risk models for trust-based access control (TBAC). In: Herrmann P., Issarny V., Shiu S. (eds.) Trust Management. iTrust 2005. Lecture Notes in Computer Science, vol 3477, pp. 364–371. Springer, Berlin (2005)Google Scholar
  8. 8.
    Esfandi, A., Sabbari, M.: Study of access control issue in web services. Int. J. Comput. Appl. 49, 11–17 (2012)CrossRefGoogle Scholar
  9. 9.
    Game Theory, Wikipedia. https://en.wikipedia.org/wiki/Game_theory. Accessed 03 Jan 2017
  10. 10.
    Gintis, H.: Game Theory Evolving: A Problem-Centered Introduction to Modeling Strategic Behavior. Princeton University Press, Princeton (2000)Google Scholar
  11. 11.
    Gintis, H.: A framework for the unification of the behavioral sciences. Behav. Brain Sci. 30(1), 1–61 (2007)Google Scholar
  12. 12.
    Jingsha, H., Shunan, M., Bin, Z.: Analysis of trust-based access control using game theory. Int. J. Multimed. Ubiquit. Eng. 8(4), 15–24 (2013)Google Scholar
  13. 13.
    Lampson, B. W.: Protection. In: Proceedings of Fifth Princeton Symposium of Information Science and System, Princeton University, pp. 437–443 (1971). Reprinted in Operating system review, 8, 1, January 1974, pp. 18–24Google Scholar
  14. 14.
    Li, X., Du, J.: Adaptive and attribute-based trust model for service level agreement guarantee in cloud computing. IET Inf. Secur. 7(1), 39–50 (2013)CrossRefGoogle Scholar
  15. 15.
    Liu, B., Lu, H., Zhao, Y.: An efficient automated trust negotiation framework supporting adaptive policies. In: Proceedings of Second International Workshop on Education Technology and Computer Science (ETCS), pp. 96–99. IEEE, Wuhan (2010)Google Scholar
  16. 16.
    Ryutov, T., Zhou, L., Neuman, C., Travis, L., Seamons, K.E.: Adaptive trust negotiation and access control. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies (SACMAT ’05), pp. 139–146. ACM, New York (2005)Google Scholar
  17. 17.
    Servos, D., Osborn, S.L.: Current research and open problems in attribute-based access control. ACM Comput. Surv. 49(4) Article 65, 45 pp. (2017)CrossRefGoogle Scholar
  18. 18.
    Tran, H., Hitchens, M., Varadharajan, V., Watters, P.: A trust based access control framework for P2P file-sharing systems. In: Proceedings of the 38th Annual Hawaii International Conference on System Sciences. IEEE, New York (2005)Google Scholar
  19. 19.
    Wang, S., Liu, Q.: Trust-based access control in virtual learning community. In: Wang W., Li Y., Duan Z., Yan L., Li H., Yang X. (eds.) Integration and Innovation Orient to E-Society Volume 2. IFIP International Federation for Information Processing, vol. 252, pp. 514–520. Springer, Boston (2007)Google Scholar
  20. 20.
    Wang, Y., Cai, Z., Yin, G., Gao, Y., Tong, X., Han, Q.: A game theory-based trust measurement model for social networks. In: Computational Social Networks. Springer International Publishing, Cham (2016)Google Scholar
  21. 21.
    Winslett, M.: An introduction to trust negotiation. In: Nixon P., Terzis S. (eds.) Trust Management. iTrust 2003. Lecture Notes in Computer Science, vol 2692, pp. 275–289. Springer, Berlin (2003)Google Scholar
  22. 22.
    Zhang, Y., He, J., Zhao, B., Huang, Z., Liu, R.: Towards more pro-active access control in computer systems and networks. Comput. Secur. 49, 132–146 (2015)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • G. S. Thejas
    • 1
    Email author
  • T. C. Pramod
    • 2
  • S. S. Iyengar
    • 1
  • N. R. Sunitha
    • 2
  1. 1.School of Computing and Information ScienceFlorida International UniversityMiamiUSA
  2. 2.Department of Computer ScienceSiddaganga Institute of TechnologyTumkurIndia

Personalised recommendations