Please use this identifier to cite or link to this item:
Title: On the application of fuzzy set theory for access control enforcement
Author: Regateiro, Diogo Domingues
Pereira, Óscar Mortágua
Aguiar, Rui L.
Keywords: Access control
Fuzzy set theory
Database and information security
Issue Date: 2017
Abstract: Access control is a vital part of any computer system. When it comes to access to data, deterministic access control models such as RBAC are still widely used today, but they lack the flexibility needed to support some recent scenarios. These include scenarios where users and data can be dynamically added to a system, which emerged from IoT and big data contexts. Such scenarios include data from network operators, smart cities, etc. Thus, models that are able to adapt to these dynamic environments are necessary. Non-deterministic access control models fall into this approach, as they introduce new ways of mapping users to permissions and resources, but lack the auditing capabilities of deterministic models. In this paper, the usage of these models will be defended and argued for. In particular, a solution based on fuzzy set theory is proposed as it is thought to be able to provide some flexibility benefits of non-deterministic models, while giving some assurance to security experts that the resources are not accessed by unexpected users.
Peer review: yes
DOI: 10.5220/0006469305400547
ISBN: 978-989-758-259-2
Appears in Collections:DETI - Comunicações

Files in This Item:
File Description SizeFormat 
(CP) - 2017-07-24 (SECRYPT - Madrid - Spain) On the Application of Fuzzy Set Theory for Access Control Enforcement.pdfDocumento principal375.76 kBAdobe PDFrestrictedAccess

Formato BibTex MendeleyEndnote Degois 

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.