Enhancing role-based access control model through fuzzy relations

Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security

Volumn , Issue , 2007, Pages 131-136

  Takabi, Hassan ^a   Amini, Morteza ^a   Jalili, Rasool ^a  

^a SHARIF UNIVERSITY OF TECHNOLOGY   (Iran)

Author keywords

[No Author keywords available]

Indexed keywords

DECISION MAKING; FUZZY CONTROL; FUZZY LOGIC; FUZZY SETS; INTERNET; MILITARY DATA PROCESSING; PROBLEM SOLVING; SECURITY SYSTEMS; SET THEORY;

ACCESS CONTROL POLICIES; BUILDING BLOCKS; CASE STUDIES; ERROR PRONE; EXTENDED MODEL; FUZZY APPROACH; FUZZY RELATIONS; FUZZY SET THEORY (FST); HUMAN DECISION-MAKING; IN ORDER; INFORMATION ASSURANCE AND SECURITY (IAS); ON-LINE SERVICES; PRACTICAL SOLUTIONS; REAL WORLD; ROLE ASSIGNMENT; ROLE-BASED ACCESS CONTROL (RBAC) MODELS; SECURITY POLICIES;

ACCESS CONTROL;

EID: 46749123518     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IAS.2007.69     Document Type: Conference Paper

References (18)

1. Kandel, Fuzzy Statistics and Policy Analysis, Fuzzy Sets: Theory and Applications to Policy Analysis and Information Systems, ed. By P. Wang and S. Chang, Plenum Press, New York, 1980.
2. ANSI. American National Standard for Information Technology- Role Based Access Control, ANSI IN-CUS 359-2004, February 2004.
3. R. Alo, A. Berrached, A. De Korvin, and M. Beheshti, Using Fuzzy Relation Equations for Adaptive Access Control in Distributed Systems, In proceedings of the International Conference In Advances In Infrastructure For e-Business And Education On The Internet. L'Aquila, Rome, Italy, pp. 176-184, 2000.
4. A. Berrached, M. Beheshti, A. De Korvin, and R. Alo, An Access Control Model Based On Fuzzy Set Theory, In proceedings of the 8th International Conference on Information Processing and Management Of Uncertainty In Knowledge Based Systems. Madrid, Spain, pp. 890-895, 2000.
5. A. Berrached, M. Beheshti, A. De Korvin, and R. Alo, Applying Fuzzy Relation Equations to Threat Analysis, In proceedings of the 35th Annual Hawaii International Conference on System Sciences, pp. 684-688, 2002.
6. A. Berrached and A. De Korvin, "Reinforcing Access Control Using Fuzzy Relation Equations," In proceedings of The 2006 International Conference on Security and Management, 2006.
7. H. Hosmer, Security is fuzzy!: applying the fuzzy logic paradigm to the multipolicy paradigm, In proceedings of the New Security Paradigms Workshop, pp. 175-184, 1993.
8. H. Hosmer, Using Fuzzy Logic to Represent Security Policies in the Multipolicy Paradigm, ACM Special Interest Group on Security, Audit, and Control (SIGSAC) Review,Vol. 10, No. 4, pp. 12-21, 1992.
9. S. Ovchinnikov, Fuzzy Sets and Secure Computer Systems, In proceedings of the New Security Paradigms Workshop, Little Compton, Rhode Island, United States, pp. 54-62, 1994.
10. S. Ovchinnikov, Modeling security systems in a fuzzy environment, In proceedings of the IPMU Information Processing and Management Of Uncertainty In Knowledge Based Systems, Granada, Spain, pp. 617-622, 1996.
11. R. Sandhu, E. Coyne, H. Feinstein, and C. Youman, Role Based Access Control Models, IEEE Computer, Vol. 29, No. 2, pp. 38-47, 1996.
12. D. F. Ferraiolo, R. Sandhu, S.Gavrila, D.R. Kuhn, and R. Chandramouli, Proposed NIST Standard for role based access control, ACM Transactions on Information and system securiy, Vol. 4, No. 3, pp. 224-274, 2001.
13. E. Bertino, P. A. Bonatti, and E. Ferrari, TRBAC: A Temporal Role-based Access Control Model, ACM Transactions on Information and System Security, Vol. 4, No. 3, pp. 191-233, 2001.
14. M. J. Moyer, and M. Ahamad, Generalized Role-Based Access Control, In proceedings of the 21st International Conference on Distributed Computing Systems, Mesa, USA, pp. 391-398, 2001.
15. M. A. Al-Kahtani, and R. Sandhu, Rule-Based RBAC with Negative Authorization, In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04), pp. 405-415, 2004.
16. J. B. D. Joshi, E. Bertino, U. Latif, and A. Ghafoor, A Generalized Temporal Role-Based Access Control Model, IEEE Transactions on Knowledge and Data Engineering, Vol. 17, No. 1, pp. 4-23, 2005
17. E. J. Chang, F. K. Hussain, and T. S. Dillon, Fuzzy Nature of Trust and Dynamic Trust Modelling in Service Oriented Environments, In Proceedings of the 2005 workshop on Secure web services, pp. 75-83, 2005.
18. H. Takabi, M. Amini, and R. Jalili, Trust-Based User-Role Assignment in Role-Based Access Control, In Proceedings of the ACS/IEEE International Conference on Computer Systems and Applications (AICCSA 2007), 2007.