Access control model based on trust, purpose, and role in materialized view for privacy protection
Data privacy is one of the fundamental needs of the people. In a computing environment, there are various issues of data privacy protection in the enterprise. To enforce automation of privacy and legal policies, access control has become a common subject that are always been applied. Despite the...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2019
|
Subjects: | |
Online Access: | http://psasir.upm.edu.my/id/eprint/84593/1/FSKTM%202019%2047%20IR.pdf http://psasir.upm.edu.my/id/eprint/84593/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Putra Malaysia |
Language: | English |
Summary: | Data privacy is one of the fundamental needs of the people. In a computing
environment, there are various issues of data privacy protection in the enterprise.
To enforce automation of privacy and legal policies, access control has become
a common subject that are always been applied. Despite the recent advances in
access control models, there are still issues that impede the development of effective
access control. Among them is the lack of assessments for the user to authorize
access, which comprises reliance on identity, purpose, and role.
This study focuses on data privacy protection in materialized view. Materialized
view is a replica of a table which is created in a very large system where data are
replicated from the master tables. Role-based access control model in materialized
view has been proposed to protect customer's data. However, relying on role only
is insufficient and inefficient to protect data especially sensitive attributes. This
may lead to the risk of privacy disclosure to unauthorized and untrusted users. Previous access control models based on purpose and trust also do not consider
protecting sensitive attributes.
Quantification methods have been proposed to quantify certain user properties to
specify user's trustworthiness. However, these quantification methods have limitation
as they provide a general formula of calculation to quantify certain user properties
to specify user's trustworthiness. Therefore, a new quantification method
needs to be proposed which provides specific calculation of the user properties
to specify user's trustworthiness. A quantification method is proposed to quantify
the seniority and behaviour of the user by using the evidences and ten user
behaviour categories to specify user's trustworthiness. The method is developed
and tested to calculate both properties, and the result shows that the proposed
method provides detail calculation of both properties to specify user's trustworthiness.
The proposed method is validated by comparing the calculation of the user
properties to specify user's trustworthiness with previous studies, and the result
shows that the proposed method is stricter in specifying user's trustworthiness.
Therefore, this work others a solution by providing a quantification method with
specific calculation of the seniority and behaviour to specify user's trustworthiness.
A trust, purpose, and role-based access control model in materialized view is proposed
to efficiently protect data especially sensitive attributes. In the proposed
model, purpose and role are applied to permit access to data, while trust is applied
to control access to sensitive attributes. An algorithm is discussed to describe the
access control mechanism by first, authenticating user's role, purpose, and trust,
before authorizing access of authorized and trusted user. A prototype system is
developed and tested, and the result shows that sensitive attributes are protected.
The experiment is conducted to validate the proposed model by comparing it with the previous model. The result shows that the proposed model is efficient and
improve privacy protection. Therefore, this research solves the issue of protection
data especially sensitive attributes in materialized view. |
---|