Conference Papers

Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/123456789/28506

Browse

Filters

2018 - 20192

Settings

Has files: NoSubject: search.filters.subject.access control

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    A Fine Grain Attribute Enabled Access Control
    (Institute of Electrical and Electronics Engineers Inc., 2018) Bhusare, S.S.; Pais, A.R.
    Attribute-Based Access Control model has attracted many researchers to come up with better techniques that can improve the current performance and policy modeling. The XACML policy language standard used by the attribute based access model uses rules and policy set to govern the access mechanism. The policy sets are complex rules consisting of several combinations of attribute and attribute values. Different techniques including policy compression are proposed to date to improve the performance compared with the standard ABAC implementation. However, no research is done to model the policy store based on attributes. This paper makes the first attempt on the design of an attribute enabled access control mechanism that takes benefit of the attribute store residing along with the policy. The proposed model can also accommodate the policies defined in currently used enterprise model, ABAC. This work also presents a policy conversion method from ABAC to the proposed model design. A performance analysis is given using real-life and synthetic dataset, that shows its applicability to the real world scenarios and the characterized policy set it intends to satisfy. The comparison between the decision evaluation over the proposed model with the other model shows its correctness. This paper also suggests more research on modeling of attributes store and policy sets for access decision computation. © 2018 IEEE.
  • No Thumbnail Available
    Item
    Blockchain based Data Access Control using Smart Contracts
    (Institute of Electrical and Electronics Engineers Inc., 2019) Kiran, A.; Dharanikota, S.; Annappa, A.
    The keystone of information security has been access control. Very often, User data is misused and users are oblivious to the use of their data by unauthorized parties. Current strategies to provide storage for confidential data and subsequent authentication involve relying on a trusted third party for the same, which could be victims of Denial of Service (DoS) attacks or technical failures. This paper examines a strategy where the underlying framework for providing Access Control is the blockchain, hence decentralizing the mechanism of providing access control. Further in this paper, we demonstrate and model the User Data access on the Ethereum framework. Personal Information of the user by a website or an application is retrieved on a need-to-know basis from the off-blockchain, as determined by the user, the true owner of the data. Personal data is highly protected and the different permissions to different websites or applications are determined by the Smart Contract. © 2019 IEEE.