Open Access Open Access  Restricted Access Subscription Access

Access Control Capability Assessment Method Based on Security Entropy


Affiliations
1 School of Computer Science and Technology, Xidian University, Xi'an, China
2 School of Computer Science and Technology, Northwestern Polytechnical University, Xi'an, China
3 The Information Engineering University, Zhengzhou, China
 

In this paper, we propose analysis methods based on security entropy to overcome the problem of quantitative analysis, after going through the study of access control capability assessment for computer information system. At First, we computed the uncertainty how system determine irregular access behavior using the security entropy theory. Next, we defined the security theorem of classificatory information system, and proposed the standard of access control capability. Finally, we analyzed the typical access control models using the methods, and compared security and applicability of them. It proved that the method is appropriate for security quantitative analysis of access control model and for the evaluation of access control capability in information system.

Keywords

Information Entropy, Security Entropy, Classificatory Access Control Model, Direct Unauthorized Access, Right About Access, Indirectly Unauthorized Access.
User
Notifications
Font Size

  • BELL D E,LAPADULA L J. Secure Computer Systems: Mathematical Foundations[R]. Technical Report M74-244,The MITRE Corporation, Bedford, Massachusetts, 1973.
  • David Elliott Bell, Looking Back at the Bell-La Padula Model[J]. Reston VA, 20191,December 7,2005.
  • Si Tian-Ge, Tan Zhi-Yong, and Dai Yi-Qi A Security Proof Method for Multilevel Security Models[J]. Journal of Computer Research and Development, 2008,45(10): 1711-1717 (in Chinese).
  • FU Zu-yun. Information theory - basic theory and application[M]. BEIJING: Publishing House of Electronics Industry,2007 (in Chinese).
  • Wang Guibao,Huang Hongzhong,Zhang Xiaoling. Risk Possibility Number - A New Model for Risk Evaluation JOURNAL OF COMPUTERS, VOL. 9, NO. 12, DECEMBER 2014 2807 and Prioritization Based on Maximum Entropy Theory. ACTA AERONAUTICA ET ASTRONAUTICA SINICA. 2009,30(9):1684-1690 (in Chinese).
  • Fu Yu,Wu Xiao-Ping ,Ye Qing,Peng Xi. An Approach for information Systems Security Risk Assessment on Fuzzy Set and Entropy-Weight. ACTA ELECTRONICA SINICA. 2010,38(7):1490-1494(in Chinese).
  • Zhao Dong-Mei,Ma Jian-Feng, Wang Yue-Sheng. Model of fuzzy risk assessment of the information system. Journal on Communications. 2007, 28(4):51-56(in Chinese).
  • GB/T 17859-1999. Classified criteria for security [S]. BEIJING: Standards press of china,1999 (in Chinese).
  • P. Denning, Third Generation Computer Systems[J], Computer Surveys. 1971,3(4):175-216.
  • Sandhu R S, Coyne E J, Feinstein H L. Role-based access control models[J]. IEEE Computer, 1996,29(2):38-47.
  • Haibo Gao, Wenjuan Zeng, Xiaohong Deng. The Design and Simulation of a New Dynamic Credit and Role based Access Control Strategy. Journal of Computer .2014,Vol 9,No.2 :506-510.
  • Bailing Liu. Efficient Trust Negotiation based on Trust Evaluations and Adaptive Policies. Journal of Computer.2011, Vol 9,No.1:222-227.
  • Wang Chao, CHEN Xing-yuan, LI Na. An access control mode based on information flow graph[C]// Proceedings of the International Conference on Computational Intelligence and Security. SANYA, CHINA,2011,998-1000.
  • Huawang Shi, Wanqing Li. Risk Assessment for Construction Projects Contracting Based on Unascertained Sets. Journal of computers.2011,Vol6,No.11:2446-2453.

Abstract Views: 141

PDF Views: 50




  • Access Control Capability Assessment Method Based on Security Entropy

Abstract Views: 141  |  PDF Views: 50

Authors

Tianwei Che
School of Computer Science and Technology, Xidian University, Xi'an, China
Jianfeng Ma
School of Computer Science and Technology, Xidian University, Xi'an, China
Na Li
School of Computer Science and Technology, Northwestern Polytechnical University, Xi'an, China
Chao Wang
The Information Engineering University, Zhengzhou, China

Abstract


In this paper, we propose analysis methods based on security entropy to overcome the problem of quantitative analysis, after going through the study of access control capability assessment for computer information system. At First, we computed the uncertainty how system determine irregular access behavior using the security entropy theory. Next, we defined the security theorem of classificatory information system, and proposed the standard of access control capability. Finally, we analyzed the typical access control models using the methods, and compared security and applicability of them. It proved that the method is appropriate for security quantitative analysis of access control model and for the evaluation of access control capability in information system.

Keywords


Information Entropy, Security Entropy, Classificatory Access Control Model, Direct Unauthorized Access, Right About Access, Indirectly Unauthorized Access.

References