Cyberspace-Oriented Access Control: A Cyberspace Characteristics-Based Model and its Policies

With wide development of various information technologies, our daily activities are becoming deeply dependent on cyberspace. People often use handheld devices (e.g., mobile phones or laptops) to publish social messages, facilitate remote e-health diagnosis, or monitor a variety of surveillance. Howe...

Full description

Saved in:
Bibliographic Details
Published inIEEE internet of things journal Vol. 6; no. 2; pp. 1471 - 1483
Main Authors Li, Fenghua, Li, Zifu, Han, Weili, Wu, Ting, Chen, Lihua, Guo, Yunchuan, Chen, Jinjun
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.04.2019
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
<italic xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Z specification
Access control
Atomic properties
Authorization
Cloud computing
Computer architecture
Cyberspace
Cyberspace-oriented access control (CoAC)
Electronic devices
Internet
Object recognition
Policies
Remote monitoring
security policy
Social network services
Online AccessGet full text

Cover

More Information
Summary:With wide development of various information technologies, our daily activities are becoming deeply dependent on cyberspace. People often use handheld devices (e.g., mobile phones or laptops) to publish social messages, facilitate remote e-health diagnosis, or monitor a variety of surveillance. However, security insurance for these activities remains as a significant challenge. Representation of security purposes and their enforcement are two main issues in security of cyberspace. To address these challenging issues, we propose a cyberspace-oriented access control model (CoAC) for cyberspace whose typical usage scenario is as follows. Users leverage devices via network of networks to access sensitive objects with temporal and spatial limitations. We generalize subjects and objects in cyberspace and propose scene-based access control. To enforce security purposes, we argue that all operations on information in cyberspace are combinations of atomic operations. If every single atomic operation is secure, then the cyberspace is secure. Taking applications in the browser-server architecture as an example, we present seven atomic operations for these applications. A number of cases demonstrate that operations in these applications are combinations of introduced atomic operations. We also design a series of security policies for each atomic operation. Finally, we demonstrate both feasibility and flexibility of our CoAC model by examples.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2018.2839065