Multilevel Fuzzy Inference System for Risk Adaptive Hybrid RFID Access Control System

Traditional access control systems lack the ability to cope with dynamic environments where several factors can affect the decision-making process. On the contrary, Risk-based access control systems offer a preeminent alternative where multiple risk factors sway the access control decision. Nonetheless, risk is often measured qualitatively, and is subject to uncertainty, thus, making it susceptible to underestimating or overestimating its value. Conversely, Fuzzy Inference System has been proven effective in solving problems where uncertainty has a dominant influence over the outcomes, making it an excellent candidate to solve the aforementioned issue. This study improves on the authors' previous work in which risk adaptive hybrid RFID access control system is proposed. In this study, a multilevel fuzzy inference system is designed as a supplementary risk assessment model where risk is estimated using fuzzy logic controller. The results showed that the proposed design has significantly improved the overall risk calculation process.

[1]  Jorge Lobo,et al.  Risk-based access control systems built on fuzzy inferences , 2010, ASIACCS '10.

[2]  E. H. Mamdani,et al.  An Experiment in Linguistic Synthesis with a Fuzzy Logic Controller , 1999, Int. J. Man Mach. Stud..

[3]  Yan Bai,et al.  A Fuzzy Modeling Approach for Risk-Based Access Control in eHealth Cloud , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[4]  Bernard Eydt,et al.  Guidelines for Securing Radio Frequency Identification (RFID) Systems | NIST , 2007 .

[5]  Damith C. Ranasinghe,et al.  Networked RFID Systems and Lightweight Cryptography , 2008 .

[6]  Kamel Adi,et al.  Risk-based decision method for access control systems , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[7]  Damith C. Ranasinghe,et al.  Networked RFID Systems and Lightweight Cryptography: Raising Barriers to Product Counterfeiting , 2010 .

[8]  Adnan Shaout,et al.  Fuzzy logic modeling for performance appraisal systems a framework for empirical evaluation , 1998 .

[9]  Malek Al-Zewairi,et al.  Risk adaptive hybrid RFID access control system , 2015, Secur. Commun. Networks.

[10]  Mustapha Djeddou,et al.  Security enhancement of the authenticated RFID security mechanism based on chaotic maps , 2014, Secur. Commun. Networks.

[11]  Hany Sallam Cyber Security Risk Assessment Using Multi Fuzzy Inference System , 2015 .

[12]  Mostafa Ghobaei Arani,et al.  ACCFLA: Access Control in Cloud Federation using Learning Automata , 2014 .

[13]  Radek Doskočil An Evaluation of Total Project Risk Based on Fuzzy Logic , 2015 .

[14]  Malek Al-Zewairi,et al.  Privacy and security for RFID Access Control Systems: RFID Access Control Systems without back-end database , 2011, 2011 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT).

[15]  Ning Zhang,et al.  Towards the realisation of context-risk-aware access control in pervasive computing , 2010, Telecommun. Syst..

[16]  Babak Sadighi Firozabadi,et al.  Overriding of Access Control in XACML , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).

[17]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[18]  Claudia Keser,et al.  Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).