Abstract
Access control mechanisms are widely used to secure the computer and network resources from attacks like leakage of sensitive information and denial of services. It differentiates the honest and dishonest users by limiting their access to the information and resources. Traditional access control models are not efficient in the open network environment where adaptability is required due to the dynamic nature of user, network, and the service provider. In this paper, we propose a modified dynamic framework which is the self-adaptable trust-based access control (SATBAC) with the help of several access request evaluating techniques like opinion and reputation, behavior and history, and credential and location. We then analyze the trust values obtained from the integrated access control evaluation techniques using game theory-based reward-punishment strategy to decide whether to grant access or not. Comparison and implementation of the proposed access control mechanism for e-commerce service are done to highlight the effectiveness of the proposed framework.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Access Control.: Wikipedia, https://en.wikipedia.org/wiki/Access_control (2014). Accessed 03 Jan 2017
Ausanka-Crues, R.: Methods for access control: advances and limitations. Harvey Mudd College (2001)
Bernabe, J.B., Hernandez Ramos, J.L., Skarmeta Gomez, A.F.: TACIoT: multidimensional trust-aware access control system for the Internet of Things. Soft Comput. 20(5), 1763–1779 (2015)
Bernasco, W., Elffers, H., van Gelder, J.-L., Rauhut, H.: The Oxford Handbook on Offender Decision Making. University of Zurich, Institute of Sociology, Switzerland (2015)
Chen, W., Jiang, W.: Analysis and design of an adaptive automated trust negotiation system. In: Proceedings of International Conference on Mechatronic Science, Electric Engineering and Computer, pp. 2320–2325. IEEE, Jilin (2011)
De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Recent advances in access control. In: Gertz M., Jajodia S. (eds.). Handbook of Database Security, pp. 1–26. Springer, Berlin (2008)
Dimmock, N., Bacon, J., Ingram, D., Moody, K.: Risk models for trust-based access control (TBAC). In: Herrmann P., Issarny V., Shiu S. (eds.) Trust Management. iTrust 2005. Lecture Notes in Computer Science, vol 3477, pp. 364–371. Springer, Berlin (2005)
Esfandi, A., Sabbari, M.: Study of access control issue in web services. Int. J. Comput. Appl. 49, 11–17 (2012)
Game Theory, Wikipedia. https://en.wikipedia.org/wiki/Game_theory. Accessed 03 Jan 2017
Gintis, H.: Game Theory Evolving: A Problem-Centered Introduction to Modeling Strategic Behavior. Princeton University Press, Princeton (2000)
Gintis, H.: A framework for the unification of the behavioral sciences. Behav. Brain Sci. 30(1), 1–61 (2007)
Jingsha, H., Shunan, M., Bin, Z.: Analysis of trust-based access control using game theory. Int. J. Multimed. Ubiquit. Eng. 8(4), 15–24 (2013)
Lampson, B. W.: Protection. In: Proceedings of Fifth Princeton Symposium of Information Science and System, Princeton University, pp. 437–443 (1971). Reprinted in Operating system review, 8, 1, January 1974, pp. 18–24
Li, X., Du, J.: Adaptive and attribute-based trust model for service level agreement guarantee in cloud computing. IET Inf. Secur. 7(1), 39–50 (2013)
Liu, B., Lu, H., Zhao, Y.: An efficient automated trust negotiation framework supporting adaptive policies. In: Proceedings of Second International Workshop on Education Technology and Computer Science (ETCS), pp. 96–99. IEEE, Wuhan (2010)
Ryutov, T., Zhou, L., Neuman, C., Travis, L., Seamons, K.E.: Adaptive trust negotiation and access control. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies (SACMAT ’05), pp. 139–146. ACM, New York (2005)
Servos, D., Osborn, S.L.: Current research and open problems in attribute-based access control. ACM Comput. Surv. 49(4) Article 65, 45 pp. (2017)
Tran, H., Hitchens, M., Varadharajan, V., Watters, P.: A trust based access control framework for P2P file-sharing systems. In: Proceedings of the 38th Annual Hawaii International Conference on System Sciences. IEEE, New York (2005)
Wang, S., Liu, Q.: Trust-based access control in virtual learning community. In: Wang W., Li Y., Duan Z., Yan L., Li H., Yang X. (eds.) Integration and Innovation Orient to E-Society Volume 2. IFIP International Federation for Information Processing, vol. 252, pp. 514–520. Springer, Boston (2007)
Wang, Y., Cai, Z., Yin, G., Gao, Y., Tong, X., Han, Q.: A game theory-based trust measurement model for social networks. In: Computational Social Networks. Springer International Publishing, Cham (2016)
Winslett, M.: An introduction to trust negotiation. In: Nixon P., Terzis S. (eds.) Trust Management. iTrust 2003. Lecture Notes in Computer Science, vol 2692, pp. 275–289. Springer, Berlin (2003)
Zhang, Y., He, J., Zhao, B., Huang, Z., Liu, R.: Towards more pro-active access control in computer systems and networks. Comput. Secur. 49, 132–146 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Thejas, G.S., Pramod, T.C., Iyengar, S.S., Sunitha, N.R. (2018). Intelligent Access Control: A Self-Adaptable Trust-Based Access Control (SATBAC) Framework Using Game Theory Strategy. In: Rao, N., Brooks, R., Wu, C. (eds) Proceedings of International Symposium on Sensor Networks, Systems and Security. ISSNSS 2017. Springer, Cham. https://doi.org/10.1007/978-3-319-75683-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-75683-7_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-75682-0
Online ISBN: 978-3-319-75683-7
eBook Packages: EngineeringEngineering (R0)