Access control model based on trust, purpose, and role in materialized view for privacy protection
Data privacy is one of the fundamental needs of the people. In a computing environment, there are various issues of data privacy protection in the enterprise. To enforce automation of privacy and legal policies, access control has become a common subject that are always been applied. Despite the...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2019
|
Subjects: | |
Online Access: | http://psasir.upm.edu.my/id/eprint/84593/1/FSKTM%202019%2047%20IR.pdf http://psasir.upm.edu.my/id/eprint/84593/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Putra Malaysia |
Language: | English |
id |
my.upm.eprints.84593 |
---|---|
record_format |
eprints |
spelling |
my.upm.eprints.845932021-02-24T01:07:26Z http://psasir.upm.edu.my/id/eprint/84593/ Access control model based on trust, purpose, and role in materialized view for privacy protection Salji, Mohd Rafiz Data privacy is one of the fundamental needs of the people. In a computing environment, there are various issues of data privacy protection in the enterprise. To enforce automation of privacy and legal policies, access control has become a common subject that are always been applied. Despite the recent advances in access control models, there are still issues that impede the development of effective access control. Among them is the lack of assessments for the user to authorize access, which comprises reliance on identity, purpose, and role. This study focuses on data privacy protection in materialized view. Materialized view is a replica of a table which is created in a very large system where data are replicated from the master tables. Role-based access control model in materialized view has been proposed to protect customer's data. However, relying on role only is insufficient and inefficient to protect data especially sensitive attributes. This may lead to the risk of privacy disclosure to unauthorized and untrusted users. Previous access control models based on purpose and trust also do not consider protecting sensitive attributes. Quantification methods have been proposed to quantify certain user properties to specify user's trustworthiness. However, these quantification methods have limitation as they provide a general formula of calculation to quantify certain user properties to specify user's trustworthiness. Therefore, a new quantification method needs to be proposed which provides specific calculation of the user properties to specify user's trustworthiness. A quantification method is proposed to quantify the seniority and behaviour of the user by using the evidences and ten user behaviour categories to specify user's trustworthiness. The method is developed and tested to calculate both properties, and the result shows that the proposed method provides detail calculation of both properties to specify user's trustworthiness. The proposed method is validated by comparing the calculation of the user properties to specify user's trustworthiness with previous studies, and the result shows that the proposed method is stricter in specifying user's trustworthiness. Therefore, this work others a solution by providing a quantification method with specific calculation of the seniority and behaviour to specify user's trustworthiness. A trust, purpose, and role-based access control model in materialized view is proposed to efficiently protect data especially sensitive attributes. In the proposed model, purpose and role are applied to permit access to data, while trust is applied to control access to sensitive attributes. An algorithm is discussed to describe the access control mechanism by first, authenticating user's role, purpose, and trust, before authorizing access of authorized and trusted user. A prototype system is developed and tested, and the result shows that sensitive attributes are protected. The experiment is conducted to validate the proposed model by comparing it with the previous model. The result shows that the proposed model is efficient and improve privacy protection. Therefore, this research solves the issue of protection data especially sensitive attributes in materialized view. 2019-05 Thesis NonPeerReviewed text en http://psasir.upm.edu.my/id/eprint/84593/1/FSKTM%202019%2047%20IR.pdf Salji, Mohd Rafiz (2019) Access control model based on trust, purpose, and role in materialized view for privacy protection. Doctoral thesis, Universiti Putra Malaysia. Data protection Cloud computing |
institution |
Universiti Putra Malaysia |
building |
UPM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Putra Malaysia |
content_source |
UPM Institutional Repository |
url_provider |
http://psasir.upm.edu.my/ |
language |
English |
topic |
Data protection Cloud computing |
spellingShingle |
Data protection Cloud computing Salji, Mohd Rafiz Access control model based on trust, purpose, and role in materialized view for privacy protection |
description |
Data privacy is one of the fundamental needs of the people. In a computing
environment, there are various issues of data privacy protection in the enterprise.
To enforce automation of privacy and legal policies, access control has become
a common subject that are always been applied. Despite the recent advances in
access control models, there are still issues that impede the development of effective
access control. Among them is the lack of assessments for the user to authorize
access, which comprises reliance on identity, purpose, and role.
This study focuses on data privacy protection in materialized view. Materialized
view is a replica of a table which is created in a very large system where data are
replicated from the master tables. Role-based access control model in materialized
view has been proposed to protect customer's data. However, relying on role only
is insufficient and inefficient to protect data especially sensitive attributes. This
may lead to the risk of privacy disclosure to unauthorized and untrusted users. Previous access control models based on purpose and trust also do not consider
protecting sensitive attributes.
Quantification methods have been proposed to quantify certain user properties to
specify user's trustworthiness. However, these quantification methods have limitation
as they provide a general formula of calculation to quantify certain user properties
to specify user's trustworthiness. Therefore, a new quantification method
needs to be proposed which provides specific calculation of the user properties
to specify user's trustworthiness. A quantification method is proposed to quantify
the seniority and behaviour of the user by using the evidences and ten user
behaviour categories to specify user's trustworthiness. The method is developed
and tested to calculate both properties, and the result shows that the proposed
method provides detail calculation of both properties to specify user's trustworthiness.
The proposed method is validated by comparing the calculation of the user
properties to specify user's trustworthiness with previous studies, and the result
shows that the proposed method is stricter in specifying user's trustworthiness.
Therefore, this work others a solution by providing a quantification method with
specific calculation of the seniority and behaviour to specify user's trustworthiness.
A trust, purpose, and role-based access control model in materialized view is proposed
to efficiently protect data especially sensitive attributes. In the proposed
model, purpose and role are applied to permit access to data, while trust is applied
to control access to sensitive attributes. An algorithm is discussed to describe the
access control mechanism by first, authenticating user's role, purpose, and trust,
before authorizing access of authorized and trusted user. A prototype system is
developed and tested, and the result shows that sensitive attributes are protected.
The experiment is conducted to validate the proposed model by comparing it with the previous model. The result shows that the proposed model is efficient and
improve privacy protection. Therefore, this research solves the issue of protection
data especially sensitive attributes in materialized view. |
format |
Thesis |
author |
Salji, Mohd Rafiz |
author_facet |
Salji, Mohd Rafiz |
author_sort |
Salji, Mohd Rafiz |
title |
Access control model based on trust, purpose, and role in materialized view for privacy protection |
title_short |
Access control model based on trust, purpose, and role in materialized view for privacy protection |
title_full |
Access control model based on trust, purpose, and role in materialized view for privacy protection |
title_fullStr |
Access control model based on trust, purpose, and role in materialized view for privacy protection |
title_full_unstemmed |
Access control model based on trust, purpose, and role in materialized view for privacy protection |
title_sort |
access control model based on trust, purpose, and role in materialized view for privacy protection |
publishDate |
2019 |
url |
http://psasir.upm.edu.my/id/eprint/84593/1/FSKTM%202019%2047%20IR.pdf http://psasir.upm.edu.my/id/eprint/84593/ |
_version_ |
1692993533948985344 |