Context Dependent Threat-Based Access Control System
Abstract
As technology advances, protecting network resources against unauthorized access and misuse of privileges became more necessary and the present access control system seems not efficient enough to solve the problems. This work presents a Context Dependent Threat-Based Access Control (CDTAC) system for correcting these problems. The CDTAC is an adaptive access control system that combines both static and dynamic information (contextual parameters) of users to adjust access control decisions based on environmental threat factors for efficient decision making. The design adopts relative probability in the estimation of the threat level of the contextual parameters. An improved Multifactor Evaluation Method was also used to estimate the associated risk attached to the contextual parameters in accordance with the information security objectives. The weighted arithmetic mean was then employed to evaluate the associated risk attached with users’ requests based on the impact of the threat. In making final access decisions, the risk threshold values (i.e. 0 = f1 < f2 = 1) were set in relation to the level of sensitivity of the resources. The evaluation result showed an acceptable security index of 0.18 and 99.1% compliance level of CDTAC.
Full Text: PDF DOI: 10.15640/jcsit.v2n3-4a5
Abstract
As technology advances, protecting network resources against unauthorized access and misuse of privileges became more necessary and the present access control system seems not efficient enough to solve the problems. This work presents a Context Dependent Threat-Based Access Control (CDTAC) system for correcting these problems. The CDTAC is an adaptive access control system that combines both static and dynamic information (contextual parameters) of users to adjust access control decisions based on environmental threat factors for efficient decision making. The design adopts relative probability in the estimation of the threat level of the contextual parameters. An improved Multifactor Evaluation Method was also used to estimate the associated risk attached to the contextual parameters in accordance with the information security objectives. The weighted arithmetic mean was then employed to evaluate the associated risk attached with users’ requests based on the impact of the threat. In making final access decisions, the risk threshold values (i.e. 0 = f1 < f2 = 1) were set in relation to the level of sensitivity of the resources. The evaluation result showed an acceptable security index of 0.18 and 99.1% compliance level of CDTAC.
Full Text: PDF DOI: 10.15640/jcsit.v2n3-4a5
Browse Journals
Journal Policies
Information
Useful Links
- Call for Papers
- Submit Your Paper
- Publish in Your Native Language
- Subscribe the Journal
- Frequently Asked Questions
- Contact the Executive Editor
- Recommend this Journal to Librarian
- View the Current Issue
- View the Previous Issues
- Recommend this Journal to Friends
- Recommend a Special Issue
- Comment on the Journal
- Publish the Conference Proceedings
Latest Activities
Resources
Visiting Status
Today | 258 |
Yesterday | 122 |
This Month | 3869 |
Last Month | 6586 |
All Days | 1470582 |
Online | 38 |