Environment Aware Deep Learning Based Access Control Model
Authors: 
Pankaj Chhetri, Smriti Bhatt, Paras Bhatt, Mohammad Nur Nobi, James Benson, and Ram KrishnanAuthors Info & Claims
Pankaj Chhetri, Smriti Bhatt, Paras Bhatt, Mohammad Nur Nobi, James Benson, and Ram KrishnanAuthors Info & ClaimsJune 2024
Pages 81 - 89
Abstract
Recently Deep Learning based Access Control (DLBAC) model has been developed to reduce the burden of access control model engineering on a human administrator, while managing accurate access control state in large, complex, and dynamic systems. DLBAC utilizes neural networks for addressing access control requirements of a system based on user and resource metadata. However, in today's rapidly evolving, dynamic, and complex world with billions of connected users and devices, there are various environmental aspects in different application domains that affect access control rights and decisions. While Attribute-Based Access Control (ABAC) have captured environmental factors through environmental attributes, DLBAC still lacks the capabilities of capturing any environmental factors and its use in access control decision making. In this paper, we propose an environment aware deep learning based access control model (DLBAC-Env) which includes environmental metadata in addition to user and resource metadata. We present an Industrial Internet of Things (IIoT) use case to demonstrate the need for DLBAC-Env and show how different types of environmental aspects in a specific domain are necessary towards making dynamic and autonomous access control decisions. We enhance the DLBAC model and dataset to incorporate environmental metadata and then implement and evaluate our DLBAC-Env model. We also present a reference implementation of DLBAC-Env in an edge cloudlet using AWS Greengrass.
References
[1]
2024. Amazon Web Services (AWS) Cloud. https://aws.amazon.com/.
[2]
2024. AWS IoT Greengrass. https://aws.amazon.com/greengrass/.
[3]
Mohammed Ali Al-Garadi, Amr Mohamed, Abdulla Khalid Al-Ali, Xiaojiang Du, Ihsan Ali, and Mohsen Guizani. 2020. A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Communications Surveys & Tutorials 22, 3 (2020), 1646--1685.
[4]
Manar Alohaly, Hassan Takabi, and Eduardo Blanco. 2018. A deep learning approach for extracting attributes of ABAC policies. In Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies. 137--148.
[5]
Manar Alohaly, Hassan Takabi, and Eduardo Blanco. 2019. Automated extraction of attributes from natural language attribute-based access control (ABAC) policies. Cybersecurity 2, 1 (2019), 2.
[6]
Safwa Ameer, James Benson, and Ravi Sandhu. 2022. An attribute-based approach toward a secured smart-home IoT access control and a comparison with a rolebased approach. Information 13, 2 (2022), 60.
[7]
Bruhadeshwar Bezawada, Kyle Haefner, and Indrakshi Ray. 2018. Securing home IoT environments with attribute-based access control. In Proceedings of the Third ACM Workshop on Attribute-Based Access Control. 43--53.
[8]
Smriti Bhatt, Thanh Kim Pham, Maanak Gupta, James Benson, Jaehong Park, and Ravi Sandhu. 2021. Attribute-based access control for AWS internet of things and secure industries of the future. IEEE Access 9 (2021), 107200--107223.
[9]
Smriti Bhatt and Ravi Sandhu. 2020. Abac-cc: Attribute-based access control and communication control for internet of things. In Proceedings of the 25th ACM Symposium on Access Control Models and Technologies. 203--212.
[10]
Yang Cao, Shao-Yu Lien, Ying-Chang Liang, and Kwang-Cheng Chen. 2021. Federated deep reinforcement learning for user access control in open radio access networks. In ICC 2021-IEEE International Conference on Communications. IEEE, 1--6.
[11]
Carlos Cotrini, Thilo Weghorn, and David Basin. 2018. Mining ABAC rules from sparse logs. In 2018 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 31--46.
[12]
Michael J Covington and Manoj R Sastry. 2006. A contextual attribute-based access control model. In OTM Confederated International Conferences" On the Move to Meaningful Internet Systems". Springer, 1996--2006.
[13]
Ni Dan, Shi Hua-Ji, Chen Yuan, and Guo Jia-Hu. 2012. Attribute based access control (ABAC)-based cross-domain access control in service-oriented architecture (SOA). In 2012 International Conference on Computer Science and Service System. IEEE, 1405--1408.
[14]
Ruijin Ding, Yadong Xu, Feifei Gao, and Xuemin Shen. 2021. Trajectory design and access control for air--ground coordinated communications system with multiagent deep reinforcement learning. IEEE Internet of Things Journal 9, 8 (2021), 5785--5798.
[15]
Sheng Ding, Jin Cao, Chen Li, Kai Fan, and Hui Li. 2019. A novel attributebased access control scheme using blockchain for IoT. IEEE Access 7 (2019), 38431--38441.
[16]
David Ferraiolo, Janet Cugini, D Richard Kuhn, et al. 1995. Role-based access control (RBAC): Features and motivations. In Proceedings of 11th annual computer security application conference. 241--48.
[17]
Maanak Gupta, Feras M Awaysheh, James Benson, Mamoun Alazab, Farhan Patwa, and Ravi Sandhu. 2020. An attribute-based access control for cloud enabled industrial smart vehicles. IEEE Transactions on Industrial Informatics 17, 6 (2020), 4288--4297.
[18]
Vincent C Hu, David Ferraiolo, Rick Kuhn, Arthur R Friedman, Alan J Lang, Margaret M Cogdell, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone, et al. 2013. Guide to attribute based access control (abac) definition and considerations (draft). NIST special publication 800, 162 (2013), 1--54.
[19]
Xin Jin, Ram Krishnan, and Ravi Sandhu. 2012. A unified attribute-based access control model covering DAC, MAC and RBAC. In Data and Applications Security and Privacy XXVI: 26th Annual IFIP WG 11.3 Conference, DBSec 2012, Paris, France, July 11--13, 2012. Proceedings 26. Springer, 41--55.
[20]
Aodi Liu, Xuehui Du, and Na Wang. 2021. Efficient access control permission decision engine based on machine learning. Security and Communication Networks 2021 (2021), 1--11.
[21]
Qian Mao, Fei Hu, and Qi Hao. 2018. Deep learning for intelligent wireless networks: A comprehensive survey. IEEE Communications Surveys & Tutorials 20, 4 (2018), 2595--2621.
[22]
Decebal Mocanu, Fatih Turkmen, Antonio Liotta, et al. 2015. Towards ABAC policy mining from logs with deep learning. In Proceedings of the 18th International Multiconference, ser. Intelligent Systems.
[23]
Mohammad Nur Nobi, Ram Krishnan, Yufei Huang, Mehrnoosh Shakarami, and Ravi Sandhu. 2022. Toward deep learning based access control. In Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy. 143--154.
[24]
Diego Pacheco-Paramo, Luis Tello-Oquendo, Vicent Pla, and Jorge Martinez- Bauset. 2019. Deep reinforcement learning mechanism for dynamic access control in wireless networks handling mMTC. Ad Hoc Networks 94 (2019), 101939.
[25]
Qasim Mahmood Rajpoot, Christian Damsgaard Jensen, and Ram Krishnan. 2015. Attributes enhanced role-based access control model. In Trust, Privacy and Security in Digital Business: 12th International Conference, TrustBus 2015, Valencia, Spain, September 1--2, 2015, Proceedings 12. Springer, 3--17.
[26]
Ravi S Sandhu. 1998. Role-based access control. In Advances in computers. Vol. 46. Elsevier, 237--286.
[27]
Ahmed Sedik, Mohamed Hammad, Ahmed A Abd El-Latif, Ghada M El-Banby, Ashraf AM Khalaf, Fathi E Abd El-Samie, Abdullah M Iliyasu, et al. 2021. Deep learning modalities for biometric alteration detection in 5G networks-based secure smart cities. IEEE Access 9 (2021), 94780--94788.
[28]
Daniel Servos and Sylvia L Osborn. 2017. Current research and open problems in attribute-based access control. ACM Computing Surveys (CSUR) 49, 4 (2017), 1--45.
[29]
Hai-bo Shen and Fan Hong. 2006. An attribute-based access control model for web services. In 2006 Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT'06). IEEE, 74--79.
[30]
Zhongyuan Xu and Scott D Stoller. 2014. Mining attribute-based access control policies. IEEE Transactions on Dependable and Secure Computing 12, 5 (2014), 533--545.
[31]
Eric Yuan and Jin Tong. 2005. Attributed based access control (ABAC) for web services. In IEEE International Conference on Web Services (ICWS'05). IEEE.
[32]
Yizhe Zhao, Jie Hu, Kun Yang, and Shuguang Cui. 2020. Deep reinforcement learning aided intelligent access control in energy harvesting based WLAN. IEEE Transactions on Vehicular Technology 69, 11 (2020), 14078--14082.
Index Terms
- Environment Aware Deep Learning Based Access Control Model
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Role-Based Access Control Models
Since the 1970s, computer systems have featured multiple applications and served multiple users, leading to heightened awareness of data security issues. System administrators and software developers focused on different kinds of access control to ...
Comments
Information & Contributors
Information
Published In
June 2024
97 pages
ISBN:9798400705557
DOI:10.1145/3643650
- Program Chairs:
- Maanak Gupta,
- Mahmoud Abdelsalam,
- Mir Pritom,
- Feras Awaysheh
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 19 June 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
Conference
CODASPY '24
Sponsor:
CODASPY '24: Fourteenth ACM Conference on Data and Application Security and Privacy
June 21, 2024
Porto, Portugal
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 12Total Downloads
- Downloads (Last 12 months)12
- Downloads (Last 6 weeks)12
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in