Role based access control design using three-way formal concept analysis

Role based access control (RBAC) is one of the popular access control models. On representing the policy behind RBAC, the literatures investigate the use of various knowledge representation techniques such as Descriptive logics, Formal Concept Analysis (FCA), Ontology etc. Based on the input of binary access control table, the existing knowledge representation techniques on RBAC derives two-way decisions whether to permit the access request or not. It works well when single element in the set of elements of a constituent of RBAC initiates the access request. Consider the scenario of multiple distinct elements in the set of elements of a constituent of RBAC initiate the collective access request to a set of elements in other constituent of RBAC. In many cases of this scenario, some elements possess but not all of the elements possess the permission to access all elements in other subset of a constituent of RBAC. On this situation, the collective access decision to those multiple distinct elements in the set of elements of a RBAC constituent appears in three forms such as permit, deny and non-commitment. Three-way formal concept analysis (3WCA) is an emerging knowledge representation technique which provides two types of three-way concepts and their lattices to enable three-way decisions from the binary information table. At this juncture, it is more suitable to apply 3WCA on representing the RBAC policy to enable three-way decisions instead of existing two-way decisions in classical FCA and triadic FCA. The main objective of this paper is to propose a methodology for modelling RBAC using 3WCA and attain its distinctive merits. Our discussion is on two lines of inquiry. We present on how 3WCA can provide suitable representation of RBAC policy and whether this representation follows role hierarchy and constraints of RBAC.

[1]  Ch. Aswani Kumar,et al.  Knowledge Representation Using Formal Concept Analysis: A study on Concept Generation , 2014 .

[2]  Wei-Zhi Wu,et al.  Three-way concept learning based on cognitive operators: An information fusion viewpoint , 2017, Int. J. Approx. Reason..

[3]  Cherukuri Aswani Kumar,et al.  Designing role-based access control using formal concept analysis , 2013, Secur. Commun. Networks.

[4]  Yiyu Yao,et al.  Advances in three-way decisions and granular computing , 2016, Knowl. Based Syst..

[5]  Fausto Giunchiglia,et al.  Using Description Logics in Relation Based Access Control , 2009, Description Logics.

[6]  Cherukuri Aswani Kumar,et al.  Three-way conceptual approach for cognitive memory functionalities , 2017, Int. J. Mach. Learn. Cybern..

[7]  Steffen Staab,et al.  International Handbooks on Information Systems , 2013 .

[8]  Cherukuri Aswani Kumar,et al.  Modeling Fuzzy Role Based Access Control Using Fuzzy Formal Concept Analysis , 2015, SSCC.

[9]  Gang Liu,et al.  Ts-RBAC: A RBAC model with transformation , 2016, Comput. Secur..

[10]  Ling Wei,et al.  The connections between three-way and classical concept lattices , 2016, Knowl. Based Syst..

[11]  David W. Chadwick,et al.  How to Securely Break into RBAC: The BTG-RBAC Model , 2009, 2009 Annual Computer Security Applications Conference.

[12]  Jonas Poelmans,et al.  Formal Concept Analysis in knowledge processing: A survey on models and techniques , 2013, Expert Syst. Appl..

[13]  Jinhai Li,et al.  Role based access control design using triadic concept analysis , 2016 .

[14]  C. Chandrasekar,et al.  Representation of multiple domain role based access control using FCA , 2015, 2015 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT).

[15]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[16]  Bartosz Zieliński,et al.  Modelling role hierarchy structure using the Formal Concept Analysis , 2010, Ann. UMCS Informatica.

[17]  Xizhao Wang,et al.  Comparison of reduction in formal decision contexts , 2017, Int. J. Approx. Reason..

[18]  Yiyu Yao,et al.  Three-Way Formal Concept Analysis , 2014, RSKT.

[19]  Mohand-Said Hacid,et al.  Secure Data Integration: A Formal Concept Analysis Based Approach , 2014, DEXA.

[20]  Stéphane Coulondre,et al.  Representation and Reasoning on Role-Based Access Control Policies with Conceptual Graphs , 2006, ICCS.

[21]  Ch. Aswanikumar,et al.  Concept lattice reduction using fuzzy K-Means clustering , 2010, Expert Syst. Appl..

[22]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[23]  C. Chandrasekar,et al.  Inter-domain role based access control using ontology , 2015, 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[24]  Ling Wei,et al.  The attribute reductions of three-way concept lattices , 2016, Knowledge-Based Systems.

[25]  Abdullah Gani,et al.  A comprehensive survey on formal concept analysis, its research trends and applications , 2016, Int. J. Appl. Math. Comput. Sci..

[26]  Sabrina De Capitani di Vimercati,et al.  Access Control: Policies, Models, and Mechanisms , 2000, FOSAD.

[27]  Junghwa Chae Modeling of the Role-Based Access Control Policy with Constraints Using Description Logic , 2007, ICCSA.

[28]  D. Richard Kuhn,et al.  Adding Attributes to Role-Based Access Control , 2010, Computer.

[29]  Yiyu Yao,et al.  Granular Computing and Sequential Three-Way Decisions , 2013, RSKT.

[30]  Jason Crampton,et al.  Inter-domain role mapping and least privilege , 2007, SACMAT '07.

[31]  Sooyong Park,et al.  A feature-based approach for modeling role-based access control systems , 2011, J. Syst. Softw..

[32]  Guillermo Navarro-Arribas,et al.  Fuzzy Role-Based Access Control , 2011, Inf. Process. Lett..

[33]  Bernhard Ganter,et al.  Formal Concept Analysis: Mathematical Foundations , 1998 .

[34]  M. Ufuk Çaglayan,et al.  A formal role-based access control model for security policies in multi-domain mobile networks , 2013, Comput. Networks.

[35]  Guoyin Wang,et al.  Approximate concept construction with three-way decisions and attribute reduction in incomplete contexts , 2016, Knowl. Based Syst..

[36]  Sérgio M. Dias,et al.  Knowledge reduction in formal contexts using non-negative matrix factorization , 2015, Math. Comput. Simul..

[37]  Jan H. P. Eloff,et al.  Building access control models with attribute exploration , 2009, Comput. Secur..

[38]  Rudolf Wille,et al.  A Triadic Approach to Formal Concept Analysis , 1995, ICCS.

[39]  Yuhua Qian,et al.  Three-way cognitive concept learning via multi-granularity , 2017, Inf. Sci..

[40]  Junho Choi,et al.  Ontology-based access control model for security policy reasoning in cloud computing , 2013, The Journal of Supercomputing.

[41]  Edward J. Coyne,et al.  ABAC and RBAC: Scalable, Flexible, and Auditable Access Management , 2013, IT Professional.

[42]  Lionel C. Briand,et al.  A comprehensive modeling framework for role-based access control policies , 2015, J. Syst. Softw..

[43]  C. Chandrasekar,et al.  Modeling Chinese wall access control using formal concept analysis , 2014, 2014 International Conference on Contemporary Computing and Informatics (IC3I).

[44]  Jinhai Li,et al.  Incomplete decision contexts: Approximate concept construction, rule acquisition and knowledge reduction , 2013, Int. J. Approx. Reason..

[45]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[46]  J. D. Ultra,et al.  A simple model of separation of duty for access control models , 2017, Comput. Secur..

[47]  Chen Zhao,et al.  Representation and Reasoning on RBAC: A Description Logic Approach , 2005, ICTAC.

[48]  Ch. Aswani Kumar Modeling Access Permissions in Role Based Access Control Using Formal Concept Analysis , 2012 .

[49]  Cherukuri Aswani Kumar,et al.  FUZZY CLUSTERING-BASED FORMAL CONCEPT ANALYSIS FOR ASSOCIATION RULES MINING , 2012, Appl. Artif. Intell..

[50]  Yiyu Yao,et al.  Interval sets and three-way concept analysis in incomplete contexts , 2016, International Journal of Machine Learning and Cybernetics.

[51]  Frithjof Dau,et al.  Access Policy Design Supported by FCA Methods , 2009, ICCS.