Access Control Capability Assessment Method Based on Security Entropy

被引:0
|
作者
Che, Tianwei [1 ]
Ma, Jianfeng [1 ]
Li, Na [2 ]
Wang, Chao [3 ]
机构
[1] Xidian Univ, Sch Comp Sci & Technol, Xian, Shaanxi, Peoples R China
[2] Northwestern Polytech Univ, Sch Comp Sci & Technol, Xian, Shaanxi, Peoples R China
[3] Informat Engn Univ, Zhengzhou, Henan, Peoples R China
来源
JOURNAL OF COMPUTERS | 2014年 / 9卷 / 12期
基金
中国国家自然科学基金;
关键词
Information entropy; Security entropy; Classificatory access control model; Direct unauthorized access; Right about access; Indirectly unauthorized access;
D O I
10.4304/jcp.9.12.2804-2808
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
In this paper, we propose analysis methods based on security entropy to overcome the problem of quantitative analysis, after going through the study of access control capability assessment for computer information system. At First, we computed the uncertainty how system determine irregular access behavior using the security entropy theory. Next, we defined the security theorem of classificatory information system, and proposed the standard of access control capability. Finally, we analyzed the typical access control models using the methods, and compared security and applicability of them. It proved that the method is appropriate for security quantitative analysis of access control model and for the evaluation of access control capability in information system.
引用
收藏
页码:2804 / 2808
页数:5
相关论文
共 50 条
  • [21] A Method of Entropy Weight Quantitative Risk Assessment for the Safety and Security Integration of a Typical Industrial Control System
    Mi, Junpeng
    Huang, Wenjun
    Chen, Mengchi
    Zhang, Wei
    IEEE ACCESS, 2021, 9 : 90919 - 90932
  • [22] A Security Risk Assessment Method of Website Based on Threat Analysis Combined with AHP and Entropy Weight
    Lai, Zhiquan
    Shen, Yongjun
    Zhang, Guidong
    PROCEEDINGS OF 2016 IEEE 7TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS 2016), 2016, : 481 - 484
  • [23] Research on Privacy Security Risk Assessment Method of Mobile Commerce Based on Information Entropy and Markov
    Zhang, Tao
    Zhao, Kun
    Yang, Ming
    Gao, Tilei
    Xie, Wanyu
    WIRELESS COMMUNICATIONS & MOBILE COMPUTING, 2020, 2020
  • [24] Capability-based egress network access control for transferring access rights
    Suzuki, S
    Shinjo, Y
    Hirotsu, T
    Itano, K
    Kato, K
    Third International Conference on Information Technology and Applications, Vol 2, Proceedings, 2005, : 488 - 495
  • [25] Access control method of network security authentication information based on fuzzy reasoning algorithm
    Zhang, Ruihong
    Hu, Zhihua
    MEASUREMENT, 2021, 185
  • [26] Study on substation control interlocking combined with PKI/PMI based access security method
    Duan, Bin
    Liu, Nian
    Huang, Shenglong
    2006 INTERNATIONAL CONFERENCE ON POWER SYSTEMS TECHNOLOGY: POWERCON, VOLS 1- 6, 2006, : 1140 - +
  • [27] Reasoning about security: A logic and a decision method for role-based access control
    Massacci, F
    QUALITATIVE AND QUANTITATIVE PRACTICAL REASONING, 1997, 1244 : 421 - 435
  • [28] OMASES - Open market access and security assessment system: An approach to preventive dynamic security assessment and control
    Massucco, S
    Pavella, M
    2002 IEEE POWER ENGINEERING SOCIETY SUMMER MEETING, VOLS 1-3, CONFERENCE PROCEEDINGS, 2002, : 1407 - 1409
  • [29] Contego: Capability-Based Access Control for Web Browsers
    Luo, Tongbo
    Du, Wenliang
    TRUST AND TRUSTWORTHY COMPUTING, TRUST 2011, 2011, 6740 : 231 - 238
  • [30] Capability based secure access control to networked storage devices
    Factor, Michael
    Naor, Dalit
    Rom, Eran
    Satran, Julian
    Tal, Sivan
    24TH IEEE CONFERENCE ON MASS STORAGE SYSTEMS AND TECHNOLOGIES, PROCEEDINGS, 2007, : 114 - 125
12345