Trust Value of the Role Access Control Model Based on Trust
21.2 Role Access Control Model Based on Trust
RBACB96 model consists of three parts: the users, the roles, and the permission. Every user has the role and obtains all permissions of the roles directly. When RBAC is combined with trust, add more constraints to the permission granting to increase the data safety and security [11].
21.2.1
Description of RACT Model
Definition 1 Subject users: SU¼{su1, su2, su3, sun}. The subject can be a system or an independent program. In this study for the convenience of description, the subject is a natural person.
Definition 2 Object resources: OB¼{ob1, ob2, ob3, obn}. The object can be data resources or system resources, and the subjects are assigned roles and then given operating permissions. One object can be operated by roles, so the relationship between the subject and object is 1 :N.
Definition 3 Permission: each role has different operating permissions.
P¼fðp1;at1Þ;ðp2;at2Þ;ðp3;at3Þ; ;ðpn;atnÞg,n2Nþ Xn i¼1 XiX 2 . When
the user’s trust value reaches the access threshold, the subjects can use the permissions. The mapping relationship is available between roles and permissions.
Definition 4 Role:R¼{r1,r2,r3, ,rn}. The role is the set of different permissions which are determined by different duties and levels; so the permissions of users and roles have corresponding relationship.
Definition 5 Trust value: TV¼{tvi|tvi2[1, 1],i2N+}. It is an attribute value of a subject. The trust value TV is calculated with the trust value algorithm and the session history. When the trust value is higher than trust threshold, the permis- sions are activated.
Definition 6 Operation: It is the set of subjects that can operate on the objects.
O¼ oi oi2
read, write, execute,
,i2Nþ Xn i¼1 XiX 2 . It usually con- tains reading, writing, and execution.
Definition 7 Context: The context contains the session history of subjects and the environment, etc. The server calculates the subjects’trust value by using appro- priate algorithm according to the context.
Definition 8 Session history: The database of trust value records the subjects’trust value and the previous session’s behaviors. The server calculates subjects’trust value based on the current session history.
Definition 9 Constraint: There are multiple attributes in this research model. The constraints have been established to make the connection between each attribute. The constraints of each contact are not identical and the constraint can guarantee the model normal running.
Definition 10 Session time: The session time records the time of the subject operated the object.
Definition 11 Group: The objects are divided into groups because of the high degree of similarity of functions and contents. The subjects are divided into groups because of the high degree of similarity of duties and identities.
The relationships between two or more attributes have been described in standard- ized language, as shown by the following definition:
Definition 1 SRASR¼{(s,r)|s2S^r2R}, according to the duties, the sub- jects are assigned different roles.
Definition 2 RPARP¼{(r,p)|r2R^p2P}, according to the duties of roles which are assigned with different permissions.
Definition 3 TAATVAT¼{(tv, at)|tv2TV^at2AT}, when the trust value of subject is higher than the threshold of the object, the permissions of subjects are activated.
RACT model improves the security mechanism of the traditional RBAC model and adds access activation threshold and user trust value computation process with models shown in Fig.21.1.
21.3
RACT Trust Value Algorithm
The trust value of the subject mainly comes from two aspects, the subject’s identity and the trust value which is formed during the subject interacts with the object. When there isn’t session history of the subject and the object, then the server calculates the recommended trust value according to the session history of the other objects.
Decision tree algorithm is established with the height of the tree of 4. The root node is the subject. The nodes of the second layer are the session history of the 21 Trust Value of the Role Access Control Model Based on Trust 181
subject and the object. The nodes of the third layer are the session history of the subject and the other’s objects in the group of the object, and the nodes of the fourth layer are the session history of the subject and the objects in relevant group of the object. In the decision tree algorithm, use 1 and 0 to indicate whether or not there is session history.
When there is a session history of the subject and objects of the same group, the recommended trust value of objects of the same group is more important than the relevant group. According to the above rule, the decision tree algorithm is shown in Fig.21.2.
1. The subject doesn’t have any session history.
2. The subject doesn’t have session history with the object or the others objects of the same group; it only has session history with the objects of relevant group. 3. The subject only has session history with the objects of the same group. 4. The subject only has session history with the object which is being applied. 5. The subject has session history with the object which is being applied and the
objects of the relevant group.
6. The subject has session history with the object which is being applied and the other objects of the same group.
As to the first path, in view of the subject’s duties and identity, the managers assign the lowest trust value as the default value, thereby gradually accumulate the Fig. 21.1 Sequence Diagram of RACT
Fig. 21.2 Decision tree algorithm
trust value in the later session so that they can activate the corresponding permis- sions of its role.
As to the second path and the fifth path, the NICE trust model is used. The core idea is to assign objects’cookie values according to the session. The positive trust value is credible and the negative trust value is not credibly.
As to the third path and the sixth path, the EigenTrust trust model is used with the subjectuifirst to find the objects obkwhich has the session history with the subject obj; in the same group with the object, calculate the trust value tvkaccording to the recommend trust value of the group, Normalize the recommended values of trust
vu ob¼
max tvð k;0Þ X
umax tvð k;0Þ
and build the trust based on the normalized data matrixVu_ob, superposition integrated computation recommendation trust valuetij¼
X
k
vikvkj.
As to the fourth path, the regret trust mode is used. It empathizes the occurrence time. When the subject only has session history with the object, add the importance of time to enhance the reliability of trust value.TDp!rð Þϕ is the trust degree of the
typeϕof the subject’ssuiaction, ODB
p;r
ϕ is the set result of operation, trust decay with time, p(t,ti) is the decay degree with time, t is the current time, ti is the occurrence time of events, IMPðoi;ϕÞn1is the assessment of the event,L(oi,ϕ) is the weight function of loyalty in the eventi, and the function of trust value is
TDp!rð Þ ¼ϕ X
oi2ODBpϕ,r
ρðt;tiÞ IMPðOi;ϕÞ L Oð i;ϕÞ
21.4
Validation of RACT Security
RACT has been established with JAVA in the Windows operation system. It was integrated with eclipse and SQL Server database. In RACT model, 20 subjects were created; 20 subjects are divided into 4 groups, respectively, high, middle, low, and guest, and each role has different permissions. 20 objects were created and are divided into 4 groups. The names of group are A, B, C, and D, and the name of objects are A1, A2, A3, A4, etc.
Every subject applies the same objects with RACT and a trust access model algorithm. After the subject has obtained permissions, the object operates mali- ciously. The successful rate of application of every application is shown in Fig.21.3.
In Fig.21.3, the square line is the result of single trust value algorithm and the circle line is the result of RACT. After every malicious operation, the rate of successful application of RACT decreases faster than the single trust value algo- rithm. Until the twentieth malicious operation, the successful rate of the single trust value algorithm is 40 %. The high rate indicates that the algorithm can’t calculate trust value accurately.
Conclusion
RACT uses multiple trust value algorithms. It is closely combined with the subjects’context and session history to realize dynamic access control. As proved by experiments, RACT trust value is calculated according to the session history. It highlights credibility and high degree of safety.
Acknowledgments As the research of the thesis is sponsored by National Natural Science Foundation of China (No: 61262075) and major scientific research project of Guangxi Higher Education (No: 201201ZD012), we would like to extend our sincere gratitude to them.
References
1. Bleckmann DM, Starnes WW, Andersen BD. Method to control access between network endpoints based on trust scores calculated from information system component analysis: U.S. Patent 8,429,412. 2013-4-23.
2. Li Q, Zhang X, Xu M, et al. Towards secure dynamic collaborations with group-based RBAC model. Comput Security. 2009;28(5):260–75.
3. Duan J, Gao D, Foh CH, et al. TC-BAC: a trust and centrality degree based access control model in wireless sensor networks. Ad Hoc Netw. 2013;11(8):2675–92.
4. Le XH, Doll T, Barbosu M, et al. An enhancement of the role-based access control model to facilitate information access management in context of team collaboration and workflow. J Biomed Inform. 2012;45(6):1084–107.
5. Ma X, Li R, Lu Z, et al. Mining constraints in role-based access control. Math Comput Model. 2012;55(1):87–96.
6. Zhong R, Sumalee A, Maruyama T. Dynamic marginal cost, access control, and pollution charge: a comparison of bottleneck and whole link models. J Adv Transp. 2012;46 (3):191–221.
Fig. 21.3 Successful rate of application
7. Joshi JB, Bertino E, Latif U, et al. A generalized temporal role-based access control model. Knowl Eng IEEE Trans. 2005;17(1):4–23.
8. Goyal V, Pandey O, Sahai A et al. Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of the 13th ACM conference on Computer and communications security. ACM, 2006: 89–98.
9. Roesner F, Kohno T, Moshchuk A et al. User-driven access control: rethinking permission granting in modern operating systems. Security and Privacy (SP), 2012 I.E. Symposium on. IEEE, 2012: 224–238.
10. Park J, Sandhu R, Cheng Y. A user-activity-centric framework for access control in online social networks. Internet Comput IEEE. 2011;15(5):62–5.
11. Ferraiolo DF, Sandhu R, Gavrila S, et al. Proposed NIST standard for role-based access control. ACM Trans Inform Syst Security (TISSEC). 2001;4(3):224–74.