Role based access control design using triadic concept analysis

Ch. Aswani Kumar , S. Chandra Mouliswaran , Jin-hai Li , C. Chandrasekar

Journal of Central South University ›› 2017, Vol. 23 ›› Issue (12) : 3183 -3191.

PDF
Journal of Central South University ›› 2017, Vol. 23 ›› Issue (12) : 3183 -3191. DOI: 10.1007/s11771-016-3384-6
Mechanical Engineering, Control Science and Information Engineering

Role based access control design using triadic concept analysis

Author information +
History +
PDF

Abstract

Role based access control is one of the widely used access control models. There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis (FCA), description logics, and Ontology for representing access control mechanism. However, while using FCA, investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts. This transformation is mainly to derive the formal concepts, lattice structure and implications to represent role hierarchy and constraints of RBAC. In this work, we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts. Our discussion is on two lines of inquiry. We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.

Keywords

access control / concept lattice / role based access control / role hierarchy / triadic context / triadic concept analysis

Cite this article

Download citation ▾
Ch. Aswani Kumar, S. Chandra Mouliswaran, Jin-hai Li, C. Chandrasekar. Role based access control design using triadic concept analysis. Journal of Central South University, 2017, 23(12): 3183-3191 DOI:10.1007/s11771-016-3384-6

登录浏览全文

4963

注册一个新账户 忘记密码

References

Publishing order | Descend order by publishing year | Descend order by cited within
[1]

SandhuR S. Lattice-based access control models [J]. Computer, 1993, 26(11): 9-19

[2]

SandhuR, FerraioloD, KuhnR. The NIST model for role-based access control: Towards a unified standard [C]. ACM Workshop on Role-based Access Control, 2000BerlinACM Digital Library47-63

[3]

FerraioloD F, SandhuR, GavrilaS, KhunD R, ChandramouliR. Proposed NIST standard for role-based access control [J]. ACM Transactions on Information and System Security, 2001, 4(3): 224-274

[4]

BishopMIntroduction to computer security [M], 2005BostonAddison-Wesley26-64
[5]

FadhelA B, BianculliD, BriandL. A comprehensive modeling framework for role-based access control policies [J]. Journal of Systems and Software, 2015, 107: 110-126

[6]

Martínez-GarcíaC, Navarro-ArribaG, BorrellJ. Fuzzy role-based access control [J]. Information Processing Letters, 2011, 111(10): 483-487

[7]

HuangH, ShangF, LiuJ. Handling least privilege problem and role mining in RBAC [J]. Journal of Combinatorial Optimization, 2013, 30(1): 1-24
[8]

KimS, KimD K, LuL, KimS, ParkS. A feature-based approach for modeling role-based access control systems [J]. Journal of Systems and Software, 2011, 84(12): 2035-2052

[9]

ZhaoC, HeililiN, LiuS, LinZ. Representation and reasoning on rbac: A description logic approach [C]. Intel Colloquium on Theoretical Aspects of Computing, 20053722HanoiSpringer Berlin Heidelberg381-393
[10]

ChaeJ. Modeling of the role-based access control policy with constraints using description logic [C]. Intel Conference on Computational Science and its Applications, 20074705Kuala LumpurSpringer Berlin Heidelberg500-511
[11]

ZhangR, ArtaleA, GiunchigliaF, CrispoBUsing description logics in relation based access control [R], 2009ItalyUniversity of Trento
[12]

BertinoE, FerrariE, AtluriV. The specification and enforcement of authorization constraints in workflow management systems [J]. ACM Transactions on Information and System Security, 1999, 2(1): 65-104

[13]

ThionR, CoulondreS. Representation and reasoning on role-based access control policies with conceptual graphs [C]. Intel Conference on Conceptual Structures, 20064068DenmarkSpringer Berlin Heidelberg427-440
[14]

ChoiC, ChoiJ, KimP. Ontology-based access control model for security policy reasoning in cloud computing [J]. The Journal of Supercomputing, 2014, 67(3): 711-722

[15]

KnechtelMAccess restrictions to and with description logic web ontologies [D], 2011DresdenTechnische Universität Dresden
[16]

MouliswaranS C, KumarC A, ChandrasekarC. Inter-domain role based access control using ontology [C]. IEEE Intel Conference on Advances in Computing, Communications and Informatics, 2015KochiIEEE Press2027-2032
[17]

KumarC. Designing role-based access control using formal concept analysis [J]. Security and Communication Networks, 2013, 6(3): 373-383

[18]

JiaoS, LiuY, HuH, WeiD, ZhangY. Dynamic policy access model based on formal concept analysis [C]. IEEE Intel Conference on Wireless Communications, Networking and Mobile Computing, 2008DalianIEEE Press1-5
[19]

SellamiM, GammoudiM M, HaciM S. Secure data integration: A formal concept analysis based approach [C]. Intel Conference on Database and Expert Systems Applications, 2014, 8645: 326-333
[20]

KumarC A, SinghP K. Knowledge representation using formal concept analysis: A study on concept generation [M]. Global Trends in Intelligent Computing Research and Development. IGI Global, 2013306-336
[21]

WilleR. Conceptual graphs and formal concept analysis [C]. Intel Conference on Conceptual Structures, 1997, 1257: 290-303
[22]

StummeG. Formal concept analysis [M]. Handbook on Ontologies, 2013177-179
[23]

PoelmansJ, KuznetsovS O, IgnatovD I, DedeneG. Formal concept analysis in knowledge processing: A survey on models and techniques [J]. Expert Systems with Applications, 2013, 40(16): 6601-6623

[24]

KumarC A, SrinivasS. Concept lattice reduction using fuzzy K-Means clustering [J]. Expert Systems with Applications, 2010, 37(3): 2696-2704

[25]

ObiedkovS, KourieD G, EloffJ H. Building access control models with attribute exploration [J]. Computers & Security, 2009, 28(1/2): 2-7

[26]

Sobieski, ZielińskiB. Modelling role hierarchy structure using the formal concept analysis [J]. Annales UMCS Sectio AI Informatica, 2010, 10(2): 143-159
[27]

HanD J, ZhuoH K, XiaL T, LiL. Permission and role automatic assigning of user in role-based access control [J]. Journal of Central South University, 2012, 19(4): 1049-1056

[28]

KumarC A. Modeling access permissions in role based access control using formal concept analysis [C]. Intel Conference on Information Processing, 2012, 292: 578-583
[29]

LehmannF, WilleR. A triadic approach to formal concept analysis [C]. Intel Conference on Conceptual Structures, 1995, 954: 32-43
[30]

WilleR. The basic theorem of triadic concept analysis [J]. Order, 1995, 12(2): 149-158

[31]

DauF, WilleR. On the modal understanding of triadic contexts [C]. Annual Conference on Classification and Information Processing at the Turn of the Millennium, 2000University of BielefeldSpringer Berlin Heidelberg83-94

[32]

GanterB, ObiedkovS. Implications in triadic formal contexts [C]. Intel Conference on Conceptual Structures, 2004, 3127: 186-195
[33]

IgnatovD I, GnatyshakD V, KuznetsovS O, MirkinB G. Triadic formal concept analysis and triclustering: searching for optimal patterns [J]. Machine Learning, 2015, 101(1): 1-32
[34]

KaytoueM, KuznetsovS O, MackJ, NapoliA. Biclustering meets triadic concept analysis [J]. Annals of Mathematics and Artificial Intelligence, 2014, 70(1): 55-79

[35]

GlodeanuC V. Fuzzy-valued triadic implications [C]. Intel Conference on Concept Lattices and their Applications, 2011Nancy, FranceCLA159-173
[36]

SandhuR. Role hierarchies and constraints for lattice-based access controls [C]. European Symposium on Research in Computer Security, 1996, 1146: 65-79
[37]

KugblenuF M, AsimMSeparation of duty in role based access control system: A case study [D], 2007SwedenBlekinge Institute of Technology
[38]

ChenLAnalysing and developing role-based access control models [D], 2011LondonDepartment of Mathematics Royal Holloway, University of London
[39]

KuhnD R, CoyneE J, WeilT R. Adding attributes to role-based access control [J]. Computer, 2010, 43(6): 79-81

[40]

CoyneE, WeilT R. ABAC and RBAC: Scalable, flexible, and auditable access management [J]. IT Professional, 2013, 15(3): 14-16

[41]

UnalD, ÇaglayanM U. A formal role-based access control model for security policies in multi-domain mobile networks [J]. Computer Networks, 2013, 57(1): 330-350

[42]

JaschkeR, HothoA, SchmitzC, GanterB, StummeG. TRIAS−An algorithm for mining iceberg tri-lattices [C]. IEEE Intel Conference on Data Mining, 2006Hong KongICDM907-911
[43]

KonecnyJ, OsickaP. General approach to triadic concept analysis [J]. Society for Industrial and Applied Mathematics Review, 2009, 51(3): 455-500
[44]

StummeG. A finite state model for on-line analytical processing in triadic contexts [C]. Intel Conference on Formal Concept Analysis, 2005, 3403: 315-328
[45]

MouliswaranS C, KumarC A, ChandrasekarC. Modeling Chinese wall access control using formal concept analysis [C]. IEEE Intel Conference on Contemporary Computing and Informatics, 2014MysoreIEEE Press811-816
[46]

MouliswaranS C, KumarC A, ChandrasekarC. Representation of multiple domain role based access control using FCA [C]. IEEE Intel Conference on Electrical, Computer and Communication Technologies, 2015, 2: 797-799
[47]

SubramanianC, CherukuriA K, ChelliahC. Modeling fuzzy role based access control using fuzzy formal concept analysis [C]. Intel Symposium on Security in Computing and Communications, 2015, 536: 176-185

[48]

TangY-q, FanM, LiJ-hai. An information fusion technology for triadic decision contexts [J]. Intel Journal of Machine Learning and Cybernetics, 2016, 7(1): 13-24

[49]

PoelmansJ, IgnatovD I, KuznetsovS O, DedeneG. Formal concept analysis in knowledge processing: A survey on applications [J]. Expert systems with applications, 2013, 40(16): 6538-6560

[50]

ChA K, DiasS M, VieiraN J. Knowledge reduction in formal contexts using non-negative matrix factorization [J]. Mathematics and Computers in Simulation, 2015, 109: 46-63

[51]

KumarC A, IshwaryaM S, LooC K. Formal concept analysis approach to cognitive functionalities of bidirectional associative memory [J]. Biologically Inspired Cognitive Architectures, 2015, 12: 20-33

[52]

KumarC A. Fuzzy clustering-based formal concept analysis for association rules mining [J]. Applied Artificial Intelligence, 2012, 26(3): 274-301

[53]

BelohlavekR, OsickaP. Triadic concept lattices of data with graded attributes [J]. International Journal of General Systems, 2012, 41(2): 93-108

[54]

BelohlavekR, OsickaP. Triadic concept analysis of data with fuzzy attributes [C]. IEEE Intel Conference on Granular Computing (GrC), 2010San JoseIEEE Press661-665
[55]

BelohlavekR, OsickaP. Triadic fuzzy Galois connections as ordinary connections [J]. Fuzzy Sets and Systems, 2014, 249: 83-99

[56]

ZhukR, IgnatovD I, KonstantinovaN. Concept learning from triadic data [C]. Intel Conference on Information Technology and Quantitative Management, 2014, 31: 928-938
[57]

VoutsadakisG. Polyadic concept analysis [J]. Order, 2002, 19(3): 295-304

[58]

TangY-q, FanM, LiJ-hai. Cognitive system model and approach to transformation of information granules under triadic formal concept analysis [J]. Journal of Shandong University (Natural Science), 2014, 49(8): 102-106
[59]

GAJDOŠ P, RADECKÝ M. MAS development and its analysis based on FCA [R]. Ostrava-Poruba: Technical University of Ostrava.
[60]

ShivhareR, CherukuriA K. Three-way conceptual approach for congnitive memory functionalities [J]. International Journal of Machine Learning and Cybernetics, 20161-14
AI Summary AI Mindmap
PDF

133

Accesses

0

Citation

Detail
Sections
Recommended

AI思维导图

/