Author
Listed:
- Binyong Li
(School of Cybersecurity, Xin Gu Industrial College, Chengdu University of Information Technology, Chengdu 610225, China
Zhejiang Geely Holding Group, Hangzhou 310051, China
Advanced Cryptography and System Security Key Laboratory of Sichuan Province, Chengdu 610225, China
SUGON Industrial Control and Security Center, Chengdu 610225, China)
- Fan Yang
(School of Cybersecurity, Xin Gu Industrial College, Chengdu University of Information Technology, Chengdu 610225, China)
- Shaowei Zhang
(School of Cybersecurity, Xin Gu Industrial College, Chengdu University of Information Technology, Chengdu 610225, China)
Abstract
Traditional access control systems exhibit limitations in providing flexible authorization and fine-grained access in the face of increasingly complex and dynamic access scenarios. This paper proposes a context-aware risk access control model to address these challenges. By developing a multi-level contextual risk indicator system, the model comprehensively considers real-time contextual information associated with access requests, dynamically evaluates the risk level of these requests, and compares the outcomes with predefined risk policies to facilitate access decisions. This approach enhances the dynamism and flexibility of access control. To improve the accuracy and reliability of risk assessments, we propose a combination weighting method grounded in game theory. This method reconciles subjective biases and the limitations of objective data by integrating both subjective and objective weighting techniques, thus optimizing the determination process for risk factor weights. Furthermore, smart contracts are introduced to monitor user behavior during access sessions, thereby preventing malicious attacks and the leakage of sensitive information. Finally, the model’s performance and authorization granularity are assessed through empirical experiments. The results indicate that the model effectively addresses the requirements of dynamic and fine-grained access scenarios, improving the system’s adaptability to risk fluctuations while safeguarding sensitive information.
Suggested Citation
Binyong Li & Fan Yang & Shaowei Zhang, 2024.
"Context-Aware Risk Attribute Access Control,"
Mathematics, MDPI, vol. 12(16), pages 1-22, August.
Handle:
RePEc:gam:jmathe:v:12:y:2024:i:16:p:2541-:d:1458269
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:12:y:2024:i:16:p:2541-:d:1458269. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/gam/jmathe/v12y2024i16p2541-d1458269.html
My bibliography
Save this article