Skip to main content
SpringerLink
Log in

Semantic-based role matching and dynamic inspection for smart access control

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

In this paper, we propose a scheme of semantic-based role matching and dynamic inspection for smart access control. The basic roles are established first, and then they are allocated to each user via a semantic analysis so that each user obtains the role with the most appropriate access. Our scheme explains the process of basic role establishment. In the process of role matching, our scheme applies the analytic hierarchy process to match roles. The established roles matched to users should not be fixed after the first round matching process. In practice, the type of user often varies, and the role matched to the user requires updating accordingly. Our scheme proposes that the system inspect roles dynamically and adjust or apply re-matching after matching. Re-matching roles not only further guarantees system security but also can bring about a better user experience. In addition, user requests can be refused by the system during process operation. This will yield an incomplete operation or generate incorrect data. To ensure the consistency of user operation, we introduce the concept of a transaction. The proposed scheme ensures the rationality of access control and data security based on semantic approaches and the analytic hierarchy process (AHP).

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Ahn G-J, Sandhu R (2000) Role-based authorization constraints specification. ACM Trans Inf Syst Secur 3(4):207–226

    Article  Google Scholar 

  2. Badii A, Crouch M, Lallah C (2010) A context-awareness framework for intelligent networked embedded systems. In: 2010 third international conference on advances in human-oriented and personalized mechanisms, technologies and services (CENTRIC). IEEE, pp 105–110. https://doi.org/10.1109/CENTRIC.2010.29

  3. Bertino E, Bonatti PA, Ferrari E (2001) Trbac: a temporal role-based access control model. ACM Trans Inf Syst Secur 4(3):191–233

    Article  Google Scholar 

  4. Chang DY (1996) Applications of extent analysis method on fuzzy AHP. Eur J Oper Res 95:649–655

    Article  MATH  Google Scholar 

  5. Chatterjee S (2015) A structure-based software reliability allocation using fuzzy analytic hierarchy process a structure-based software reliability allocation using fuzzy analytic hierarchy process. Int J Syst Sci 46(3):513–525

    Article  MATH  Google Scholar 

  6. Chessa S, Maestrini P (2003) Dependable and secure data storage and retrieval in mobile, wireless networks. Int'I Conf Depend Sys Net 207–16

  7. Choi C, Choi J, Kim P (2014) Ontology-based access control model for security policy reasoning in cloud computing. J Supercomput 67(3):711–722

    Article  Google Scholar 

  8. Eom J-H, Park S-H, Chung T-M (2008) A study on architecture of access control system with enforced security control for ubiquitous computing environment. J Korea Inst Inf Secur Cryptol 18(5):71–81

    Google Scholar 

  9. Foltz PW (1996) Latent semantic analysis for text-based research. Behav Res Methods Instrum Comput 28:197–202

    Article  Google Scholar 

  10. Guan H, Wang T, Chen W (2009) Exploring architecture-based software reliability allocation using a dynamic programming algorithm. In: Proceedings of the second symposium international computer science and computational technology (ISCSCT ‘09), Huangshan, P. R. China, p 106–109

  11. Guo K, Li YH, Lu YM (2017) An alternative-service recommending algorithm based on semantic similarity. China Comm 14(8):124–136

  12. Halperin D et al (2008) Security and privacy for implantable medical devices. IEEE Pervasive Comp 7(1):30–39

    Article  Google Scholar 

  13. Joshi JBD, Bertino E, Latif U, Ghafoor A (2005) A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng 17(1):4–23

    Article  Google Scholar 

  14. Kalajainen T (2007) An access control model in a semantic data structure: case process modelling of a bleaching line. Department of Computer Science and Engineering, Helsinke University of Technology Master’s Thesis

  15. Kropp T (2006) System threats and vulnerabilities (power system protection). IEEE Power Energ Mag 4(2):46–50

    Article  Google Scholar 

  16. Laham D (1997b) Latent semantic analysis approaches to categorization. In: MG Shafto & P Langley. Hillsdale: Lawrence Erlbaum Associates, Inc

  17. Lee H (1993) A structure methodology for software development effort prediction using the analytic hierarchy process. J Syst Softw 21:179–186

    Article  Google Scholar 

  18. Li N, Tripunitara MV (2006) Security analysis in role-based access control. ACM Trans Inf Syst Secur 9(4):391–420

    Article  Google Scholar 

  19. Nair R, Tambe M, Marsella S (2003) Role allocation and reallocation in multiagent teams: towards a practical analysis. In: AAMAS ‘03. ACM, New York, pp 552–559. https://doi.org/10.1145/860575.860664

  20. Richardson R (2008) CSI computer crime and security survey. Computer Security Institute, New York, pp 1–31

  21. Sidagni M (2014) Method and system for managing computer system vulnerabilities US, US8756698

  22. Tahir MN (2007) C-RBAC: contextual role-based access control model. Ubiquit Comput Commun J 2(3):67–74

    Google Scholar 

  23. Taninaka Y, Ohura N (2003) Method and system of monitoring vulnerabilities US, US20030140250

  24. Wang Q et al (2009) Dependable and secure sensor data storage with dynamic integrity assurance. Proc. IEEE INFOCOM

  25. Zoua D, Heb L, Jina H, Chenc X (2009) CRBAC: imposing multi-grained constraints on the RBAC model in the multi-application environment. J Netw Comput Appl 32(2):402–411

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported in part by the Korea government (Ministry of Science, ICT & Future Planning), Grant/Award Number: NRF-2015R1C1A1A01053301. This work was also supported in part by the Fundamental Research Funds for the Central Universities under Grant 2015B30614, and in part by the Natural Science Foundation of Jiangsu Province under Grant BK20160287.

Author information

Authors and Affiliations

  1. College of IOT Engineering, Hohai University, 200 North Jinling Road, Changzhou, 213022, China

    Xin Su, Yiming Liu, Yuanzhe Geng & Yihang Yang

  2. Division of Undeclared Majors, Chosun University, Gwangju, 61452, South Korea

    Dongmin Choi

Authors
  1. Xin Su
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yiming Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuanzhe Geng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yihang Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dongmin Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dongmin Choi.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Su, X., Liu, Y., Geng, Y. et al. Semantic-based role matching and dynamic inspection for smart access control. Multimed Tools Appl 77, 18545–18562 (2018). https://doi.org/10.1007/s11042-017-5220-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-017-5220-x

Keywords

Search

Navigation