Sage Journals: Discover world-class research

Abstract

Access control is an important mechanism to protect sensitive information and relational system resources. The traditional access control model (TACM), such as DAC, MAC, RBAC, etc., is no longer suitable for open network due to the lack of dynamic permission management. The increasing network nodes make the information storage and resource access becoming distributed. The traditional access control model has the characteristics of low adaptive ability and single deployment and application mode due to the centralized management mode. Therefore, this access control environment inevitably puts access control pressure on access control authorization. In order to overcome the shortcomings of traditional access control model, a new access control model named DMPAC (Distributed management of permission for access control model) is proposed in the paper. The authorization mechanism of the model has a distributed and dynamic management access permission, and all nodes covered by the model have the opportunity to participate in the execution of access and control. The model DMPAC provides the benefits of traditional access control models in terms of secure access and dynamic management. We also describe the framework and execution process of the model and the application of DMPAC in access control. At last, we will present some experimental results to show that while maintaining the effectiveness of distributed access control through the management of access permissions, DMPAC can achieve the performance of traditional access control models.

Keywords

Network security access control distributed model

Get full access to this article

View all access options for this article.

References

Joshi

J.B.D.

, Bertino

, Latif

, et al., A Generalized Temporal Role-Based Access Control Model[M], A generalized temporal role based access control model for developing secure systems 2003, 4–23.

Lampson

Butler W.

, Protection, ACM SIGOPS Operating Systems Review 8(1) (1974), 18–24.

Alwehaibi

and Atay

, A Rule-Based Relational XML Access Control Model in the Presence of Authorization Conflicts[M], Information Technology - New Generations 2018.

Cai

, Zhu

, He

, et al., Survey of access control models and technologies for cloud computing[J], Cluster Computing 2018(2), 1–12.

Ouaddah

, Elkalam

A.A.

and Ouahman

A.A.

, Towards a Novel Privacy-Preserving Access Control Model Based on Blockchain Technology in IoT[M], Europe and MENA Cooperation Advances in Information and Communication Technologies 2017.

Apisframeworks

and Components

M.W.

, Distributed Component Object Model[M], Encyclopedia of Database Systems 2009.

Changping

, Common object request broker architecture[J], Computer integrated manufacturing system 1998.

White

, Schmidt

D.C.

and Gokhale

, Simplifying Autonomic Enterprise Java Bean ApplicationsViaModel-Driven Development: A Case Study[C], International Conference on Model Driven Engineering Languages & Systems 2005.

Chinnici

and Sun

, Web Services Description Language (WSDL) Version 1.2[M], Encyclopedia of Social Network Analysis and Mining 2003.

10.

Becker

M.Y.

and Sewell

, Cassandra: Distributed access control policies with tunable expressiveness[M]. 2004.

11.

Deinhart

, Method and system for advanced role-based access control in distributed and centralized computer systems[J], Internatl Business Mach Corp & Lt Ibm & Gt, 1999.

12.

Nielsen

, Nord

and Bjornstad

, Distributed medium-access-control protocol for an optical-packet-switched ringnetwork supporting variable-length packets[J], Journal of Optical Networking 4(4) (2005), 213–225.

13.

Basin

and Lodderstedt

, Model driven security: From UML models to access control infrastructures[J], Acm Transactions on Software Engineering & Methodology 15 (2006), 39–91.

14.

Ruj

and Nayak

, A decentralized security framework for data aggregation and access control in smart grids[J], IEEE Transactions on Smart Grid 4 (2013), 196–205.

15.

Röscheisen

and Winograd

, A network-centric design for relationship-based security and access control[M]. 1997.