Role based access control (RBAC) is the widely accepted and used access control model. However, mappings among the set of users, roles and permissions in RBAC is a major challenging task. This leads to errors in practical applications. Incorporating human decisions on mappings of RBAC could resolve this issue. But, in real time, human decisions are fuzzy in nature. So, fuzzy techniques can be incorporated into RBAC through fuzzy role based access control (FRBAC). Fuzzy formal concept analysis (FFCA) is a mathematical model for representation of uncertain information in the form of formal context. However to the best of our knowledge, there are no works on modelling fuzzy RBAC through fuzzy FCA. The objective of this paper is to propose the model of representing FRBAC in the form of FFCA. The initial results of our experiments show that the proposed model could implement the major features of RBAC.

Chandra Mouliswaran S

Department of Smart Computing

School of Information Technology and Engineering

Vellore Campus

Aswani Kumar Cherukuri

Department of Information Technology

Chelliah C.

Vellore Institute of Technology (VIT) is a private university located in&nbsp;Tamil Nadu, India. Founded in 1984, as Vellore Engineering College, the institution offers 20 undergraduate, 34 postgraduate, four integrated and four research programs. It has campuses in Vellore, Amravati, Bhopal and Chennai.

VIT is one of the top ranked private universities in India according to NIRF, THE and QS Rankings.&nbsp;Govt. of India has recognized&nbsp;VIT, Vellore as an&nbsp;Institution of Eminence. This has allowed VIT to take independent quality initiatives and move up in world ranking.

&nbsp;

&nbsp;

VIT University

Modeling Fuzzy Role Based Access Control Using Fuzzy Formal Concept Analysis

Communications in Computer and Information Science Security in Computing and Communications

Fuzzy role-based access control (FRBAC) is essential for risk-based environments in many futuristic applications, even though role-based access control (RBAC) is the efficient and widely used access control model for enterprise applications. In FRBAC, authorization related information is vague. It brings the fuzziness in mapping among the components of FRBAC such as user, role and permission. Holding the fuzziness in FRBAC, it is challenging for the security engineer to verify the constraints and correctness of access control policy. On verifying the constraints and correctness of access control policy, knowledge representation techniques are much useful in practice. In this scenario, representing FRBAC using fuzzy ontology might be the right choice for semantic web application. The main objective of this article is to represent the access permissions of FRBAC using fuzzy ontology and verify whether the constraints of FRBAC are possible to get implemented in it or not.

International Journal of Information Technology Project Management

Fuzzy Role Based Access Control Design using Fuzzy Ontology

Role based access control (RBAC) is one of the popular access control models. On representing the policy behind RBAC, the literatures investigate the use of various knowledge representation techniques such as Descriptive logics, Formal Concept Analysis (FCA), Ontology etc. Based on the input of binary access control table, the existing knowledge representation techniques on RBAC derives two-way decisions whether to permit the access request or not. It works well when single element in the set of elements of a constituent of RBAC initiates the access request. Consider the scenario of multiple distinct elements in the set of elements of a constituent of RBAC initiate the collective access request to a set of elements in other constituent of RBAC. In many cases of this scenario, some elements possess but not all of the elements possess the permission to access all elements in other subset of a constituent of RBAC. On this situation, the collective access decision to those multiple distinct elements in the set of elements of a RBAC constituent appears in three forms such as permit, deny and non-commitment. Three-way formal concept analysis (3WCA) is an emerging knowledge representation technique which provides two types of three-way concepts and their lattices to enable three-way decisions from the binary information table. At this juncture, it is more suitable to apply 3WCA on representing the RBAC policy to enable three-way decisions instead of existing two-way decisions in classical FCA and triadic FCA. The main objective of this paper is to propose a methodology for modelling RBAC using 3WCA and attain its distinctive merits. Our discussion is on two lines of inquiry. We present on how 3WCA can provide suitable representation of RBAC policy and whether this representation follows role hierarchy and constraints of RBAC.

International Journal of Machine Learning and Cybernetics

Role based access control design using three-way formal concept analysis

Role based access control is one of the widely used access control models. There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis (FCA), description logics, and Ontology for representing access control mechanism. However, while using FCA, investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts. This transformation is mainly to derive the formal concepts, lattice structure and implications to represent role hierarchy and constraints of RBAC. In this work, we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts. Our discussion is on two lines of inquiry. We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature. © 2016, Central South University Press and Springer-Verlag Berlin Heidelberg.

Journal of Central South University

Role based access control design using triadic concept analysis

Formal concept analysis (FCA) is a mathematical framework for data analysis and processing tasks. Based on the lattice and order theory, FCA derives the conceptual hierarchies from the relational information systems. From the crisp setting, FCA has been extended to fuzzy environment. This extension is aimed at handling the uncertain and vague information represented in the form of a formal context whose entries are the degrees from the scale [0, 1]. The present study analyzes the fuzziness in a given many-valued context which is transformed into a fuzzy formal context, to provide an insight into generating the fuzzy formal concepts from the fuzzy formal context. Furthermore, considering that a major problem in FCA with fuzzy setting is to reduce the number of fuzzy formal concepts thereby simplifying the corresponding fuzzy concept lattice structure, the current paper solves the problem by linking an interval-valued fuzzy graph to the fuzzy concept lattice. For this purpose, we propose an algorithm for generating the interval-valued fuzzy formal concepts. To measure the weight of fuzzy formal concepts, an algorithm is proposed using Shannon entropy. The knowledge represented by formal concepts using interval-valued fuzzy graph is compared with entropy-based-weighted fuzzy concepts at chosen threshold. © 2015, Springer-Verlag Berlin Heidelberg.

Soft Computing

Knowledge representation using interval-valued fuzzy formal concept lattice

Chinese wall access control (CWAC) is a well known and suitable access control model for secured sharing of commercial consultancy services. It is to avoid the information flow which causes conflict of interest for every individual consultant in these services. The main objective is to model the Chinese wall access control policy using formal concept analysis which extends and restructures the lattice theory. To attain this goal, we develop a formal context in the security aspects of Chinese wall access permissions. We experiment the proposed method in a common commercial consultancy service sharing scenario. The analysis results confirms that the proposed method satisfies the constraints of Chinese wall security policy and its properties such as simple security and -property. © 2014 IEEE.

2014 International Conference on Contemporary Computing and Informatics (IC3I)

Modeling Chinese wall access control using formal concept analysis

Role-based access control (RBAC) is one of the most popular and widely deployed access control model. The objective of this paper is to design an RBAC using formal concept analysis, which is based on mathematical lattice and order theory. For this purpose, we derive a dyadic formal context from the triadic security context that represents role-based access permission and perform attribute exploration from formal concept analysis. We demonstrate the proposed method on a health care ad hoc network. The analysis indicates that the proposed method follows the RBAC constraints: static separation of duties and role hierarchy. © 2012 John Wiley &amp; Sons, Ltd.

Security and Communication Networks

Designing role-based access control using formal concept analysis

Formal Concept Analysis (FCA), in which data is represented as a formal context, offers a framework for Association Rules Mining (ARM) by handling functional dependencies in the data. However, with the size of the formal context, the number of rules grows exponentially. In this article, we apply Fuzzy K-Means clustering on the data set to reduce the formal context and FCA on the reduced data set for mining association rules. With experiments on two real-world healthcare data sets, we offer the evidence for performance of FKM-based FCA in mining association rules. Copyright © 2012 Taylor &amp; Francis Group, LLC.

Journal	Data powered by TypesetCommunications in Computer and Information Science Security in Computing and Communications
Publisher	Data powered by TypesetSpringer International Publishing
ISSN	1865-0929
Open Access	0