Improving the Self-adaptive Authorization Framework and solve its cold start problem using the concept of trust and I-sharing

Document Type : Persian Original Article

Authors

1 PhD student ,Faculty of Computer Engineering and Science, Shahid Beheshti University

2 Faculty of Science and Computer Eng., Shahid Beheshti University,Tehran,Iran

Abstract

Authorization systems are an important part of security systems that are responsible for protecting resources. With the increasing number of users in organizations, managing the authorization infrastructure has become increasingly time-consuming and error-prone and misconfiguration of policies has reduced the effectiveness of these systems. Researchers recommend dynamic access control methods as an effective way to issue licenses in these systems. Since the sources of decision making in these methods are the defined policies and user records, there are no special restrictions for new users and these methods face the problem of cold start. In this paper, to solve this limitation, the concepts of trust and I-sharing are used, and a new method for improving the Self-Aaptive Authorization Framework (SAAF) called ISAAF is presented. ISAAF is a framework for self-adaptive control of authorization systems using the MAPE-K autonomous reference model, which estimates the trust of new users using the trust of users with whom they have common features. I-sharing gr

Keywords

References

[1]  E. Lara, L. Aguilar, M. A. Sanchez, and J. A. García, "Adaptive security based on mape-k: A survey," in Applied Decision-Making: Springer, 2019, pp. 157-183.
[2]  A. O'Connor and R. Loomis, "Economic analysis of role-based access control," RTI International2010.
[3]  E. Yuan and J. Tong, "Attributed based access control (ABAC) for web services," in IEEE International Conference on Web Services (ICWS'05), 2005: IEEE.
[4]  R. McGraw, "Risk-adaptable access control (radac)," in Privilege (Access) Management Workshop. NIST–National Institute of Standards and Technology–Information Technology Laboratory, 2009, vol. 25, pp. 55-58.
[5]  L. Pasquale, C. Menghi, M. Salehie, L. Cavallaro, I. Omoronyia, and B. Nuseibeh, "SecuriTAS: a tool for engineering adaptive security," in Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering, 2012, pp. 1-4.
[6]  C. Bailey, D. W. Chadwick, and R. De Lemos, "Self-adaptive authorization framework for policy based RBAC/ABAC models," in 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing, 2011, pp. 37-44: IEEE.
[7]  C. M. Bailey, "Self-adaptive Authorisation Infrastructures," University of Kent, 2015.
[8]  E. C. Pinel, A. E. Long, M. J. Landau, K. Alexander, and T. Pyszczynski, "Seeing I to I: a pathway to interpersonal connectedness," Journal of personality and social psychology, vol. 90, no. 2, p. 243, 2006.
[9]  E. C. Pinel, A. E. Long, and L. A. Crimin, "I-sharing and a classic conformity paradigm," Social Cognition, vol. 28, no. 3, pp. 277-289, 2010.
[10] B. Gwak, J.-H. Cho, D. Lee, and H. Son, "Taras: Trust-aware role-based access control system in public internet-of-things," in 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2018, pp. 74-85: IEEE.
[11] H. Yang, J.-H. Cho, H. Son, and D. Lee, "Context-aware trust estimation for realtime crowdsensing services in vehicular edge networks," in 2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC), 2020, pp. 1-6: IEEE.
[12] A. Jøsang and T. Bhuiyan, "Optimal trust network analysis with subjective logic," in 2008 Second International Conference on Emerging Security Information, Systems and Technologies, 2008, pp. 179-184: IEEE.
[13] C. Bailey, D. W. Chadwick, and R. de Lemos, "Self-adaptive federated authorization infrastructures," Journal of Computer and System Sciences, vol. 80, no. 5, pp. 935-952, 2014.
[14] I. Singh and S.-W. Lee, "Self-adaptive and secure mechanism for IoT based multimedia services: a survey," Multimedia Tools and Applications, pp. 1-36, 2021.
[15] S. E. A. Rafey, A. Abdel-Hamid, and M. Abou El-Nasr, "CBSTM-IoT: Context-based social trust model for the Internet of Things," in 2016 International Conference on Selected Topics in Mobile & Wireless Networking (MoWNeT), 2016, pp. 1-8: IEEE.
[16] K. Kalkan and K. Rasmussen, "TruSD: Trust framework for service discovery among IoT devices," Computer Networks, vol. 178, p. 107318, 2020.
[17] C. Boudagdigue, A. Benslimane, A. Kobbane, and M. Elmachkour, "A distributed advanced analytical trust model for IoT," in 2018 IEEE International Conference on Communications (ICC), 2018, pp. 1-6: IEEE.
[18] S. Y. Hashemi and F. S. Aliee, "Dynamic and comprehensive trust model for IoT and its integration into RPL," The Journal of Supercomputing, vol. 75, no. 7, pp. 3555-3584, 2019.
[19] U. Jayasinghe, G. M. Lee, T.-W. Um, and Q. Shi, "Machine learning based trust computational model for IoT services," IEEE Transactions on Sustainable Computing, vol. 4, no. 1, pp. 39-52, 2018.
[20] A. M. Aref and T. T. Tran, "A decentralized trustworthiness estimation model for open, multiagent systems (DTMAS)," Journal of Trust Management, vol. 2, no. 1, pp. 1-20, 2015.
[21] Y. Zhang, H. Chen, and Z. Wu, "A social network-based trust model for the semantic web," in International Conference on Autonomic and Trusted Computing, 2006, pp. 183-192: Springer.
[22] S. ASHTARI and M. DANESH, "A novel user profile-based fuzzy approach for evaluating trust in semantic web," IIUM Engineering Journal, vol. 20, no. 1, pp. 158-176, 2019.
[23] X. Chen and L. Wang, "A cloud-based trust management framework for vehicular social networks," IEEE Access, vol. 5, pp. 2967-2980, 2017.
[24] W. Li and H. Song, "ART: An attack-resistant trust management scheme for securing vehicular ad hoc networks," IEEE transactions on intelligent transportation systems, vol. 17, no. 4, pp. 960-969, 2015.
[25] F. G. Mármol and G. M. Pérez, "TRIP, a trust and reputation infrastructure-based proposal for vehicular ad hoc networks," Journal of network and computer applications, vol. 35, no. 3, pp. 934-941, 2012.
[26] Y. Hou, S. Garg, L. Hui, D. N. K. Jayakody, R. Jin, and M. S. Hossain, "A data security enhanced access control mechanism in mobile edge computing," IEEE Access, vol. 8, pp. 136119-136130, 2020.
[27] L. Montrieux, R. de Lemos, and C. Bailey, "Engineering Self-adaptive Authorisation Infrastructures," arXiv preprint arXiv:1909.13708, 2019.
[28] J. Park and R. Sandhu, "The UCONABC usage control model," ACM transactions on information and system security (TISSEC), vol. 7, no. 1, pp. 128-174, 2004.
[29] H. Janicke, A. Cau, F. Siewe, and H. Zedan, "Dynamic access control policies: Specification and verification," The Computer Journal, vol. 56, no. 4, pp. 440-463, 2013.
[30] M. Serrano, S. van der Meer, J. Strassner, S. De Paoli, A. Kerr, and C. Storni, "Trust and reputation policy-based mechanisms for self-protection in autonomic communications," in International Conference on Autonomic and Trusted Computing, 2009, pp. 249-267: Springer.
[31] S. Bistarelli, F. Martinelli, and F. Santini, "A formal framework for trust policy negotiation in autonomic systems: Abduction with soft constraints," in International Conference on Autonomic and Trusted Computing, 2010, pp. 268-282: Springer.
[32] R. De Lemos et al., "Software engineering for self-adaptive systems: A second research roadmap," in Software Engineering for Self-Adaptive Systems II: Springer, 2013, pp. 1-32.
[33] J. O. Kephart and D. M. Chess, "The vision of autonomic computing," Computer, vol. 36, no. 1, pp. 41-50, 2003.
[34] J. Kramer and J. Magee, "Self-managed systems: an architectural challenge," in Future of Software Engineering (FOSE'07), 2007, pp. 259-268: IEEE.
[35] P. Oreizy et al., "An architecture-based approach to self-adaptive software," IEEE Intelligent Systems and Their Applications, vol. 14, no. 3, pp. 54-62, 1999.
[36] A. Ferreira et al., "How to securely break into RBAC: the BTG-RBAC model," in 2009 Annual Computer Security Applications Conference, 2009, pp. 23-31: IEEE.
[37] S. Adali and J. Golbeck, "Predicting personality with social behavior," in 2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, 2012, pp. 302-309: IEEE.
[38] K. G. Derpanis, "Mean shift clustering," Lecture Notes, p. 32, 2005.
[39] K. Nahiyan, S. Kaiser, K. Ferens, and R. McLeod, "A multi-agent based cognitive approach to unsupervised feature extraction and classification for network intrusion detection," in International Conference on Advances on Applied Cognitive Computing (ACC). CSREA, 2017, pp. 25-30.
[40] X. Liu, M. Abdelhakim, P. Krishnamurthy, and D. Tipper, "Identifying malicious nodes in multihop IoT networks using diversity and unsupervised learning," in 2018 IEEE International Conference on Communications (ICC), 2018, pp. 1-6: IEEE.
[41] S. Cresci, R. Di Pietro, M. Petrocchi, A. Spognardi, and M. Tesconi, "Fame for sale: Efficient detection of fake Twitter followers," Decision Support Systems, vol. 80, pp. 56-71, 2015.
[42] J. B. Schafer, D. Frankowski, J. Herlocker, and S. Sen, "Collaborative filtering recommender systems," in The adaptive web: Springer, 2007, pp. 291-324.
[43] J. L. Herlocker, J. A. Konstan, L. G. Terveen, and J. T. Riedl, "Evaluating collaborative filtering recommender systems," ACM Transactions on Information Systems (TOIS), vol. 22, no. 1, pp. 5-53, 2004.
[44] D. M. Powers, "Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation," arXiv preprint arXiv:2010.16061, 2020.
[45] M. Jamali and M. Ester, "Trustwalker: a random walk model for combining trust-based and item-based recommendation," in Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining, 2009, pp. 397-406.
[46] P. Baldi, S. Brunak, Y. Chauvin, C. A. Andersen, and H. Nielsen, "Assessing the accuracy of prediction algorithms for classification: an overview," Bioinformatics, vol. 16, no. 5, pp. 412-424, 2000.
Journal of Soft Computing and Information Technology
Volume 11, Issue 2 - Serial Number 36
Summer
September 2022
Pages 76-90

Files

Share

How to cite

Statistics