ArticlePDF Available

A Framework and Risk Assessment Approaches for Risk-based Access Control in the Cloud

DOI:10.1016/j.jnca.2016.08.013
Authors:
Daniel Ricardo dos Santos at Forescout Technologies
Daniel Ricardo dos Santos
  • Forescout Technologies
Roberto Marinho
Roberto Marinho
Roberto Marinho
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Gustavo Roecker Schmitt
Gustavo Roecker Schmitt
Gustavo Roecker Schmitt
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Carla Merkle Westphall at Federal University of Santa Catarina
Carla Merkle Westphall
Show all 5 authorsHide
Download full-text PDF
Read full-text
Download citation

Abstract

Cloud computing is advantageous for customers and service providers. However, it has specific security requirements that are not captured by traditional access control models, e.g., secure information sharing in dynamic and collaborative environments. Risk-based access control models try to overcome these limitations, but while there are well-known enforcement mechanisms for traditional access control, this is not the case for risk-based policies. In this paper, we motivate the use of risk-based access control in the cloud and present a framework for enforcing risk-based policies that is based on an extension of XACML. We also instantiate this framework using a new ontology-based risk assessment approach, as well as other models from related work, and present experimental results of the implementation of our work.
Content uploaded by Carlos Becker Westphall
Author content
All content in this area was uploaded by Carlos Becker Westphall on Nov 13, 2018
Content may be subject to copyright.
11/10/18, 10'54 AMA framework and risk assessment approaches for risk-based access control in the cloud - ScienceDirect
Page 1 of 2https://www.sciencedirect.com/science/article/pii/S1084804516301710
Get rights and content
Previous Next
Journal of Network and Computer Applications
Volume 74, October 2016, Pages 86-97
A framework and risk assessment approaches for risk-based
access control in the cloud
Daniel Ricardo dos Santos , Roberto Marinho, Gustavo Roecker Schmitt, Carla Merkle Westphall, Carlos
Becker Westphall
Show more
https://doi.org/10.1016/j.jnca.2016.08.013
Abstract
Cloud computing is advantageous for customers and service providers. However, it has
specific security requirements that are not captured by traditional access control models,
e.g., secure information sharing in dynamic and collaborative environments. Risk-based
access control models try to overcome these limitations, but while there are well-known
enforcement mechanisms for traditional access control, this is not the case for risk-based
policies. In this paper, we motivate the use of risk-based access control in the cloud and
present a framework for enforcing risk-based policies that is based on an extension of
XACML. We also instantiate this framework using a new ontology-based risk assessment
approach, as well as other models from related work, and present experimental results of
the implementation of our work.
Get Access
Export
11/10/18, 10'54 AMA framework and risk assessment approaches for risk-based access control in the cloud - ScienceDirect
Page 2 of 2https://www.sciencedirect.com/science/article/pii/S1084804516301710
Keywords
Access control; Cloud computing; Risk
Recommended articles
Citing articles (11)
© 2016 Elsevier Ltd. All rights reserved.
About ScienceDirect Remote access Shopping cart Contact and support
Terms and conditions Privacy policy
We use cookies to help provide and enhance our service and tailor content and ads. By
continuing you agree to the use of cookies.
Copyright © 2018 Elsevier B.V. or its licensors or contributors. ScienceDirect ® is a registered
trademark of Elsevier B.V.
... Furthermore, the outcome of the analysis can be used as feedback to fine-tune the behavior of the Cloud for governing its elasticity. A risk assessment approach is proposed in [41] for access control mechanisms in the Cloud. The objective was to show the effectiveness of role-based access control on the risk assessment of the asset. ...
ThreatPro: Multi-Layer Threat Analysis in the Cloud
Preprint
Full-text available
  • Sep 2022
Many effective Threat Analysis (TA) techniques exist that focus on analyzing threats to targeted assets (e.g., components, services). These techniques consider static interconnections among the assets. However, in dynamic environments, such as the Cloud, resources can instantiate, migrate across physical hosts, or decommission to provide rapid resource elasticity to the users. It is evident that existing TA techniques cannot address all these requirements. In addition, there is an increasing number of complex multi-layer/multi-asset attacks on Cloud systems, such as the Equifax data breach. Hence, there is a need for threat analysis approaches that are designed to analyze threats in complex, dynamic, and multi-layer Cloud environments. In this paper, we propose ThreatPro that addresses the analysis of multi-layer attacks and supports dynamic interconnections in the Cloud. ThreatPro facilitates threat analysis by developing a technology-agnostic information flow model, which represents the Cloud's functionality through a set of conditional transitions. The model establishes the basis to capture the multi-layer and dynamic interconnections during the life-cycle of a Virtual Machine (VM). Specifically, ThreatPro contributes in (a) enabling the exploration of a threat's behavior and its propagation across the Cloud, and (b) assessing the security of the Cloud by analyzing the impact of multiple threats across various operational layers/assets. Using public information on threats from the National Vulnerability Database (NVD), we validate ThreatPro's capabilities, i.e., (a) identify and trace actual Cloud attacks and (b) speculatively postulate alternate potential attack paths.
... Fourth is the new development stage of financial internal control. In 21st century, the United States credibility problem caused exposure of more than a dozen companies such as Enron, WorldCom's company financial fraud [31,32]. It is seriously influenced the whole bidding market for a long time and the economic recovery of U.S. ese series of events showed that enterprise financial internal control institution running failure will bring serious consequences, but it will promote the development of the company's financial internal control mechanism and perfect. ...
Multiobjective Optimization Algorithm for EFRM Strategy
Article
Full-text available
  • Jun 2022
With the rapid development of the global economy in recent years, market competition has become more and more intense. Therefore, the market competitiveness of the enterprises is becoming higher and higher. Among them, the enterprise financial risk management (EFRM) is one of the key factors that decide the enterprise market competition. It also shows that enhancing the enterprise market competition needs to strengthen the enterprise’s financial control and management, with the method of reasonable controlling of enterprise financial risk (EFR). The current research and development status of EFRM is combed, the theory of financial internal control and its significance are expounded, the related concepts of the company’s financial internal control are studied, and the definition, classification, basic features, and causes of financial risk are analyzed in this paper. Finally, a company is taken as research object, the characteristics and status quo of the company’s financial risk system are studied, and its existing problems are analyzed, a mathematical model for the company’s FRM is built, and the multiobjective optimization algorithm is used to optimize the model, to improve the level of a company’s FRM performance and market competitiveness and to guard against the company’s financial risk.
... Aluvalu et al. proposed a dynamic attribute-based risk-aware access control model, which could be hybridized with static access control models with various attribute encryptions, such as KP-ABE, CP-ABE, and HASBE [42]. Based on an extension of XACML, Dos Santos et al. proposed a framework for enforcing risk-based policies [43]. Aiming at grid virtual organizations, Nogoorani et al. proposed a TIRIAC framework, which was a trust-driven riskaware access control framework that used obligations to seamlessly monitor users and mitigate risks [44]. ...
RTBAC: A Risk-Aware Topic-Based Access Control Model for Text Data with Paragraph-Level Authorization
Article
Full-text available
  • May 2022
Granting users precise access rights is one of the purposes of access control technologies. With the increasing requirements of fine-grained authorization, too strict or too loose access control models may cause many problems. In this paper, aiming at insufficient authorizations in text databases, we propose a risk-aware topic-based access control (RTBAC) model, which uses topics to represent the content relationships between users and data. The RTBAC model also uses risk technologies to grant users corresponding access rights based on their historical behaviours and their access requests. The RTBAC model is a fine-grained access control model, and the authorization of RTBAC can reach the paragraph level. Experimental results show that RTBAC is an efficient access control model and the access control granularity of the RTBAC model is more than 3 times that of the existing content-based access control models.
... The access control, service of architecture [Bellandi et al. 2015], service level contracts [dos Santos et al. 2016], legacy system support, migration, allied service support, cross functionalities, virtualization [4], up-gradation of firewall firmware, migration [Luna et al. 2015] and virtualization [Gonzales et al. 2017] are the environments where attackers target to intrude into system. The basic assumptions [Turpe et al. 2017] on legacy migrations hits the risk evaluation systems, in cloud virtualization the applications, data, storage, and services all are virtualized and hence the UTM security policies must be different as per the specific or overall client requirement otherwise it leads to breach of security. ...
Resource Specific Security Implementation in Network and Cloud System
Article
Full-text available
  • Nov 2021
The current Unified Threat Management (UTM) systems are limited to standard and specific security practices in cloud and network sub system risk evaluations. In this paper, we recommend dynamic security evaluation to counter live threats by analyzing history of attacks and vulnerability score. Our approach introduces Smart Threat Alert admin (STA) into UTM/firewall engine which scans at regular intervals to discover type, target and implications of attacks at all levels. This technique is an enhanced approach of (QUIRC) structure that captures exact threats experienced in the system but fails to discuss the effects of threats surrounded. This limitation is analyzed using cyber security modeling language (CuSeMOL) on features like vulnerability, probability, type and impact of dynamic attacks. This approach is different from threat specific and static asset risk evaluation system conversely, the proposed novel technique STA analyses internet ports, internet protocol addresses, hostnames and other auxiliary port services to countermeasure the security aspects cloud assets. The proposed setup was implemented at university data center firewall with suitable experiments and received satisfying results.
In-Depth Analysis and Systematic Literature Review on Risk Based Access Control in Cloud
Article
  • Oct 2022
Security in Cloud is one of the most foremost and critical feature, which can ensure the confidence of the Scientific community on Cloud environment. With the dynamic and ever changing nature of the Cloud computing environment, static access control models become obsolete. Hence, dynamic access control models are required, which is still an emergent and underdeveloped domain in Cloud security. These models utilize not only access policies but also contextual and real-time information to determine the access decision. Out of these dynamic models the Risk-based Access control model, estimates the security risk value related to the access request dynamically to determine the access decision. The exclusive working pattern of this access control model makes it an excellent choice for dynamically changing environment that rules the cloud’s environment. This paper provides a systematic literature appraisal and evaluation of risk-based access control models to provide a detailed understanding of the topic. The contributions of selected articles have been summarized. The security risks in cloud environment have been reviewed, taking in the account of both Cloud Service Provider and Cloud Customer perspectives. Additionally, risk factors used to build the risk-based access control model were extracted and analyzed. Finally, the risk estimation techniques used to evaluate the risks of access control operations have also been identified.
Risk Assessment of Electric Energy Metering Automation System Based on Bayesian Network
Chapter
  • Jul 2022
In the ubiquitous network environment, the security threats facing the metering automation system are also increasing. The risk assessment of electric energy measurement automation system is an important goal of power grid security, but it faces difficulties such as single hidden danger identification means and lack of dynamic assessment models. To improve the accuracy and rationality of the system risk assessment, this paper realizes the dynamic risk assessment of the electric energy metering automation system. First, a risk assessment index system is established from the three aspects of technology, management, and regulations. Secondly, based on analytic hierarchy process, we analyzed the weight of the risk assessment indicator to obtain the subjective weight of the risk assessment indicator. Then, the Bayes grid method is improved by the method of probability distribution, which quantitatively describe the relationship between parent nodes and child nodes. Through the improved Bayesian grid method, the objective weight of the risk assessment indicator is obtained, and the comprehensive weight of the assessment indicator is calculated through combination weighting, which realizes the comprehensive risk assessment of the measurement automation system. Finally, the simulation experiment analysis and the sensitivity analysis of the proposed model are carried out. The result shows that the safety guarantee goal of the electric energy metering automation system depends to a large extent on the technical reliability.
Protection Against SIM Swap Attacks on OTP System
Chapter
  • Jan 2022
One-time password-based authentication stands out to be the most effective in the cluster of password-less authentication systems. It is possible to use it as an authentication factor for login rather than an account recovery mechanism. Recent studies show that attacks like SIM swap and device theft raise a significant threat for the system. In this paper, a new security system is proposed to prevent attacks like SIM swap on OTP systems, the system contains a risk engine made up of supervised and unsupervised machine learning model blocks trained using genuine user data space, and the final decision of the system is subject to a decision block that works on the principles of voting and logic of an AND gate. The proposed system performed well in detecting fraud users, proving the system’s significance in solving the problems faced by an OTP system.KeywordsPassword-less authenticationAuthenticationSecurityOTPBiometricsKeystroke dynamicsPasswordMachine learning modelsSupervised learningUnsupervised learning
Specification and Adaptive Verification of Access Control Policy for Cyber-Physical-Social Spaces
Article
Cyber-Physical-Social Space (CPSS) is a promising paradigm to provide people with an intelligent environment by emphasizing the deep fusion of cyberspace, physical space, and social space. The interdependence of these spaces makes that CPSS is more likely to be attacked. The attack consequences may directly affect the state of the physical world and even endanger the people’s life. Thus, the most challenging issue for CPSS is to ensure the space security. However, existing security analysis methods focus on the static analysis at the design phase. They do not consider the open and dynamic characteristics which are the core features of CPSS. In this paper, we propose an adaptive security analysis framework for CPSS to prevent the unauthorized flow of information. Firstly, the access control model of CPSS is proposed. It controls the access behaviors by considering the space information covering the social, cyber, and physical spaces. Secondly, Labelled Transition System (LTS) is established to describe the future evolutions of CPSS. The space states in the LTS which violate the security requirements are reasoned by the model checking technology. Thirdly, a policy adjustment method is proposed to prevent the system from entering the violated states or mitigate the bad results caused by the violations. In the end, the effectiveness of our approach is evaluated by a smart building case, and the necessity of our approach is analyzed by the performance evaluation.
Risk model of financial supply chain of Internet of Things enterprises: A research based on convolutional neural network
Article
The emergence of the financial supply chain provides assistance for small, medium and micro enterprises in the supply chain through a secured credit model based on real trade. Moreover, in the multi-level structure of the financial supply chain of the Internet of Things enterprise, there are information barriers and information islands. Besides, data is often not transmitted smoothly, and the intermediate offline process is complicated. What is worse, the efficiency is low, and the verification cost is high. Therefore, based on supply chain finance, an evolutionary risk model is constructed in this paper. Firstly, the income matrix of the regulatory risk model is established, and the convolutional neural network used will pool the training data to the maximum and set the local corresponding normalization layer. With the help of the evolutionary risk theory, the dynamic equation of the financial supply chain is obtained, forming the dynamic path and abnormal model of strategy selection. Then, a compact pattern tree is added to the knowledge granularity method to mine data anomalies. Finally, an experimental platform is built to verify the effectiveness of the method proposed in this paper, and experiments are performed on the accuracy of model evolution conditions, abnormal data identification, and abnormal numerical examples. The experimental results prove that the algorithm in this paper is consistent with the set parameters, and the effect is significantly higher than other comparison methods. The experimental mining time and the comparison method are shortened by 6∼13S. The research results obtained from this paper solve the problem that the decision-making of supply chain finance and the supervision and review of supply chain enterprise are complex, which improves the characteristics identification of supply chain platform, and provides reference suggestions for financial institutions and supply chain platforms.
A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems
Article
Full-text available
  • May 2015
Since the access control environment has changed and the threat of insider information leakage has come to the fore, studies on risk-based access control models that decide access permissions dynamically have been conducted vigorously. Medical information systems should protect sensitive data such as medical information from insider threat and enable dynamic access control depending on the context such as life-threatening emergencies. In this paper, we suggest an approach and framework for context sensitive risk-based access control suitable for medical information systems. This approach categorizes context information, estimating and applying risk through context- and treatment-based permission profiling and specifications by expanding the eXtensible Access Control Markup Language (XACML) to apply risk. The proposed framework supports quick responses to medical situations and prevents unnecessary insider data access through dynamic access authorization decisions in accordance with the severity of the context and treatment.
Attribute-Based Access Control
Article
Full-text available
Attribute-based access control (ABAC) is a flexible approach that can implement AC policies limited only by the computational language and the richness of the available attributes, making it ideal for many distributed or rapidly changing environments.
Toward Quantified Risk-Adaptive Access Control for Multi-tenant Cloud Computing
Article
Full-text available
Cloud computing is the new trend in information science that is capable to change drastically the way we were using Internet. Despite all its advantages, users are always reluctant to host their data in the cloud because they are doubtful about its security, particularly the security related to the multi-tenant environment. Traditional access controls were implemented in the cloud in order to make the multi-tenant environment secure. But the issue is those access controls are static while the cloud is dynamic, leading to legitimate doubts on the ability of those to fulfill the security needs of the cloud. We propose to use Risk-Adaptive Access Control, which is a flexible real-time access control model that can naturally support the dynamism of cloud environments. We identified four security risks we will quantify by using tools available in statistical machine learning.
A dynamic risk-based access control architecture for cloud computing
Conference Paper
Full-text available
  • May 2014
Cloud computing is a distributed computing model that still faces problems. New ideas emerge to take advantage of its features and among the research challenges found in the cloud, we can highlight Identity and Access Management. The main problems of the application of access control in the cloud are the necessary flexibility and scalability to support a large number of users and resources in a dynamic and heterogeneous environment, with collaboration and information sharing needs. This paper proposes the use of risk-based dynamic access control for cloud computing. The proposal is presented as an access control model based on an extension of the XACML standard with three new components: the Risk Engine, the Risk Quantification Web Services and the Risk Policies. The risk policies present a method to describe risk metrics and their quantification, using local or remote functions. The risk policies allow users and cloud service providers to define how to handle risk-based access control for their resources, using different quantification and aggregation methods. The model reaches the access decision based on a combination of XACML decisions and risk analysis. A prototype of the model is implemented, showing it has enough expressivity to describe the models of related work. In the experimental results, the prototype takes between 2 and 6 milliseconds to reach access decisions using a risk policy. A discussion on the security aspects of the model is also presented.
Dynamic risk-based decision methods for access control systems
Article
In traditional multi-level security systems, trust and risk values are pre-computed. Any change in these values requires manual intervention of an administrator. In many dynamic environments, however, these values should be auto-adaptive, and auto-tunable according to the usage history of the users. Moreover, occasional exceptions on resource needs, which are common in dynamic environments like healthcare, should be allowed if the subjects show a positive record of use toward resources they acquired in the past. Conversely, access of authorized users, who have negative record, should be restricted. These requirements are not taken into consideration in existing risk-based access control systems. In order to overcome these shortcomings and to meet different sensitivity requirements of various applications, we propose two dynamic risk-based decision methods for access control systems. We provide theoretical and simulation-based analysis and evaluation of both schemes. Also, we analytically prove that the proposed methods, not only allow exceptions under certain controlled conditions, but uniquely restrict legitimate access of bad authorized users.
Decision Diagrams for XACML Policy Evaluation and Management
Article
One of the primary challenges to apply the XACML access control policy language in applications is the performance problem of policy evaluation engines, particularly when they experience a great number of policies. Some existing works attempted to solve this problem, but only for some particular use-cases: either supporting simple policies with equality comparisons or predefined attribute values. Due to the lack of carefully checking the XACML model, they did not have original policy evaluation semantics. Therefore, they cannot handle errors containing indeterminate decisions, or ignore the critical attribute setting that leads to potential missing attribute attacks. In this paper, we build up the XACML logical model and propose a decision diagram approach using the data interval partition aggregation. It can parse and transform complex logical expressions in policies into decision tree structures, which efficiently improve the policy evaluation performance. Our approach can also be applied to solve other policy management problems such as policy redundancy detection, policy testings and comparisons, or authorization reverse queries.
Access control systems. Security, identity management and trust models
Article
  • Jan 2006
Access Control Systems: Security, Identity Management and Trust Models provides a thorough introduction to the foundations of programming systems security, delving into identity management, trust models, and the theory behind access control models. The book details access control mechanisms that are emerging with the latest Internet programming technologies, and explores all models employed and how they work. The latest role-based access control (RBAC) standard is also highlighted. This unique technical reference is designed for security software developers and other security professionals as a resource for setting scopes of implementations with respect to the formal models of access control systems. The book is also suitable for advanced-level students in security programming and system design. © 2006 Springer Science+Business Media, Inc., All rights reserved.
Using Risk in Access Control for Cloud-Assisted eHealth
Conference Paper
  • Jun 2012
Cloud computing is a cutting edge technology. eHealth is one promising application of this technology. In this paper, we describe a prototype implementation of an HL7-based eHealth application on the cloud. The system is secured with a risk-aware task-based access control. We demonstrate that our access control technique is more effective for preventing unauthorized access of medical information when compared to context-aware access controls, with a small access delay of approximately one second.