Please use this identifier to cite or link to this item:
http://hdl.handle.net/10773/18236
Title: | On the application of fuzzy set theory for access control enforcement |
Author: | Regateiro, Diogo Domingues Pereira, Óscar Mortágua Aguiar, Rui L. |
Keywords: | Access control Fuzzy set theory Database and information security |
Issue Date: | 2017 |
Publisher: | SCITEPRESS |
Abstract: | Access control is a vital part of any computer system. When it comes to access to data, deterministic access control models such as RBAC are still widely used today, but they lack the flexibility needed to support some recent scenarios. These include scenarios where users and data can be dynamically added to a system, which emerged from IoT and big data contexts. Such scenarios include data from network operators, smart cities, etc. Thus, models that are able to adapt to these dynamic environments are necessary. Non-deterministic access control models fall into this approach, as they introduce new ways of mapping users to permissions and resources, but lack the auditing capabilities of deterministic models. In this paper, the usage of these models will be defended and argued for. In particular, a solution based on fuzzy set theory is proposed as it is thought to be able to provide some flexibility benefits of non-deterministic models, while giving some assurance to security experts that the resources are not accessed by unexpected users. |
Peer review: | yes |
URI: | http://hdl.handle.net/10773/18236 |
DOI: | 10.5220/0006469305400547 |
ISBN: | 978-989-758-259-2 |
Appears in Collections: | DETI - Comunicações |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
(CP) - 2017-07-24 (SECRYPT - Madrid - Spain) On the Application of Fuzzy Set Theory for Access Control Enforcement.pdf | Documento principal | 375.76 kB | Adobe PDF |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.