Role performance trust-based access control for protecting sensitive attributes
Preserving privacy is a challenge and requires the management of access control, which may be based on role, purpose or trust. There are many recent advances of access control models have been developed to avoid unauthorized users access to the privacy. However, there are still issues that impede th...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
NADIA
2016
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/52915/ http://psasir.upm.edu.my/id/eprint/52915/1/Role%20performance%20trust-based%20access%20control%20for%20protecting%20sensitive%20attributes.pdf |
| _version_ | 1848852175027961856 |
|---|---|
| author | Salji, Mohd Rafiz Udzir, Nur Izura Ninggal, Mohd Izuan Hafez Mohd Sani, Nor Fazlida Ibrahim, Hamidah |
| author_facet | Salji, Mohd Rafiz Udzir, Nur Izura Ninggal, Mohd Izuan Hafez Mohd Sani, Nor Fazlida Ibrahim, Hamidah |
| author_sort | Salji, Mohd Rafiz |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | Preserving privacy is a challenge and requires the management of access control, which may be based on role, purpose or trust. There are many recent advances of access control models have been developed to avoid unauthorized users access to the privacy. However, there are still issues that impede the development of effective access control. The issue highlight in this paper is inappropriate access and use of sensitive attributes by authorized users. Therefore, it is critical to design an efficient access control model based on trust to protect sensitive attributes from untrusted user. In this paper, we propose a new access control model based on trust called role performance trust-based access control to permit trusted user access to sensitive attributes. Subsequently, we also propose a comprehensive policy to permit user access sensitive attributes based on two trust metrics namely user experience and behaviour. To evaluate the trustworthiness of authorized user, we propose a quantification method to measure those metrics. Based on the results, role performance trust-based access control may significantly permit or prohibit access to personal information, especially sensitive attributes by authorized users. This model is capable to solve the issue of authorized user without trust to access sensitive attributes. |
| first_indexed | 2025-11-15T10:33:54Z |
| format | Article |
| id | upm-52915 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T10:33:54Z |
| publishDate | 2016 |
| publisher | NADIA |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-529152022-03-18T04:15:45Z http://psasir.upm.edu.my/id/eprint/52915/ Role performance trust-based access control for protecting sensitive attributes Salji, Mohd Rafiz Udzir, Nur Izura Ninggal, Mohd Izuan Hafez Mohd Sani, Nor Fazlida Ibrahim, Hamidah Preserving privacy is a challenge and requires the management of access control, which may be based on role, purpose or trust. There are many recent advances of access control models have been developed to avoid unauthorized users access to the privacy. However, there are still issues that impede the development of effective access control. The issue highlight in this paper is inappropriate access and use of sensitive attributes by authorized users. Therefore, it is critical to design an efficient access control model based on trust to protect sensitive attributes from untrusted user. In this paper, we propose a new access control model based on trust called role performance trust-based access control to permit trusted user access to sensitive attributes. Subsequently, we also propose a comprehensive policy to permit user access sensitive attributes based on two trust metrics namely user experience and behaviour. To evaluate the trustworthiness of authorized user, we propose a quantification method to measure those metrics. Based on the results, role performance trust-based access control may significantly permit or prohibit access to personal information, especially sensitive attributes by authorized users. This model is capable to solve the issue of authorized user without trust to access sensitive attributes. NADIA 2016 Article PeerReviewed text en http://psasir.upm.edu.my/id/eprint/52915/1/Role%20performance%20trust-based%20access%20control%20for%20protecting%20sensitive%20attributes.pdf Salji, Mohd Rafiz and Udzir, Nur Izura and Ninggal, Mohd Izuan Hafez and Mohd Sani, Nor Fazlida and Ibrahim, Hamidah (2016) Role performance trust-based access control for protecting sensitive attributes. International Journal of Security and Its Applications, 10 (12). pp. 153-172. ISSN 1738-9976; ESSN: 2207-9629 http://article.nadiapub.com/IJSIA/vol10_no12/13.pdf 10.14257/ijsia.2016.10.12.13 |
| spellingShingle | Salji, Mohd Rafiz Udzir, Nur Izura Ninggal, Mohd Izuan Hafez Mohd Sani, Nor Fazlida Ibrahim, Hamidah Role performance trust-based access control for protecting sensitive attributes |
| title | Role performance trust-based access control for protecting sensitive attributes |
| title_full | Role performance trust-based access control for protecting sensitive attributes |
| title_fullStr | Role performance trust-based access control for protecting sensitive attributes |
| title_full_unstemmed | Role performance trust-based access control for protecting sensitive attributes |
| title_short | Role performance trust-based access control for protecting sensitive attributes |
| title_sort | role performance trust-based access control for protecting sensitive attributes |
| url | http://psasir.upm.edu.my/id/eprint/52915/ http://psasir.upm.edu.my/id/eprint/52915/ http://psasir.upm.edu.my/id/eprint/52915/ http://psasir.upm.edu.my/id/eprint/52915/1/Role%20performance%20trust-based%20access%20control%20for%20protecting%20sensitive%20attributes.pdf |