z-logo
open-access-imgOpen Access
Active access control (AAC) with fine‐granularity and scalability
Author(s) -
Park Joon S.,
An Gaeil,
Liu Ivy Y.
Publication year - 2011
Publication title -
security and communication networks
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.446
H-Index - 43
eISSN - 1939-0122
pISSN - 1939-0114
DOI - 10.1002/sec.236
Subject(s) - computer science , granularity , scalability , access control , control (management) , role based access control , distributed computing , computer access control , focus (optics) , scale (ratio) , computer security , artificial intelligence , database , physics , quantum mechanics , optics , operating system
Abstract Strong access control mechanisms become most critical when we need security services in large‐scale computing environments of sensitive organizations. Furthermore, if users join or leave such computing environment frequently, requiring different access control decisions based on their current job responsibilities and contexts, the need for advanced access control is pressing. Although the currently available access control approaches have a great potential for providing reliable service, there are still critical obstacles to be solved, especially in large‐scale, dynamic computing environments. In this paper we introduce an advanced access control mechanism, Active Access Control (AAC), which accounts for the ability to make dynamic access control decisions based not only on pre‐defined privileges, but also on the current situation of the user. The framework of the proposed AAC approach provides fine‐grained access control, by considering a variety of attributes about the user and the current computing environment, especially, when the users contexts are frequently changed. Although the outputs of the AAC approach can be integrated with any other existing access control mechanisms and improve the overall fine‐granularity, as a full demonstration of our approach for fine‐granularity as well as scalability, in this particular paper we focus on large‐scale computing environments and integrate the AAC results with the role‐based approach. Finally, in order to prove the feasibility of our proposed idea we implement the AAC approach with roles and discuss the evaluation results with existing approaches. Copyright © 2010 John Wiley & Sons, Ltd.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.
Having issues? You can contact us here