Attribute-Based data Access Control for multi-authority system

Salehi Ahmad, Carsten Rudolph, Marthie Grobler

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearch

Abstract

Access control and authorization in universal basic services is one of the main security issues in distributed systems. In particular, access control in distributed systems, such as in healthcare systems, are crucial to improve facility safety and security. This can lead to the provision of better quality of life and contribute to a healthier future. In order to provide better services, it is necessary to develop a suitable and acceptable authorization system to prevent unauthorized access to data shared in these highly dynamic distributed environments. In practice, several types of service providers, institutes, and authorities generate a variety of data in a shared environment via central authority for their entities. Generally, the use of a central authority introduces several security and privacy issues due to the increased risk if the central authority is compromised. To address this issue, several traditional access control models have been developed and introduced. These models, however, have raised several critical security issues, and there is often a need to combine it with a cryptographic approach to offer and create better access control service to users in multi-domains. To achieve this, we provide an appropriate solution to this issue. In this paper, we introduce an access control policy model for the multi-authority system, which enables attribute authorities to control the security setting. We present a new access control framework for a dynamic authorization model that uses Attribute-Based Access Control (ABAC) and digital signature. We first define and present our system and then formalize the construction of the proposed system. Our system provides flexible access control and enhanced privacy in applied and distributed environments.

Original languageEnglish
Title of host publicationProceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020
EditorsGuojun Wang, Ryan Ko, Md Zakirul Alam Bhuiyan, Yi Pan
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages1834-1841
Number of pages8
ISBN (Electronic)9780738143804
ISBN (Print)9780738143811
DOIs
Publication statusPublished - 2020
EventInternational Workshop on Cyberspace Security 2020 - Virtual, Guangzhou, China
Duration: 31 Dec 20201 Jan 2021
Conference number: 4th
https://ieeexplore-ieee-org.ezproxy.lib.monash.edu.au/xpl/conhome/9342897/proceeding (Proceedings)
http://ieee-trustcom.org/IWCSS2020/ (Website)

Publication series

NameProceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020
PublisherThe Institute of Electrical and Electronics Engineers, Inc.
ISSN (Print)2324-898X
ISSN (Electronic)2324-9013

Conference

ConferenceInternational Workshop on Cyberspace Security 2020
Abbreviated titleIWCSS 2020
CountryChina
CityGuangzhou
Period31/12/201/01/21
Internet address

Keywords

  • Access control
  • Distributed systems
  • Healthcare
  • Policy
  • Security

Cite this