Cyberspace-Oriented Access Control: A Cyberspace Characteristics-Based Model and its Policies

With wide development of various information technologies, our daily activities are becoming deeply dependent on cyberspace. People often use handheld devices (e.g., mobile phones or laptops) to publish social messages, facilitate remote e-health diagnosis, or monitor a variety of surveillance. Howe...

Full description

Saved in:
Bibliographic Details
Published inIEEE internet of things journal Vol. 6; no. 2; pp. 1471 - 1483
Main Authors Li, Fenghua, Li, Zifu, Han, Weili, Wu, Ting, Chen, Lihua, Guo, Yunchuan, Chen, Jinjun
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.04.2019
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
<italic xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Z specification
Access control
Atomic properties
Authorization
Cloud computing
Computer architecture
Cyberspace
Cyberspace-oriented access control (CoAC)
Electronic devices
Internet
Object recognition
Policies
Remote monitoring
security policy
Social network services
Online AccessGet full text

Cover

Abstract With wide development of various information technologies, our daily activities are becoming deeply dependent on cyberspace. People often use handheld devices (e.g., mobile phones or laptops) to publish social messages, facilitate remote e-health diagnosis, or monitor a variety of surveillance. However, security insurance for these activities remains as a significant challenge. Representation of security purposes and their enforcement are two main issues in security of cyberspace. To address these challenging issues, we propose a cyberspace-oriented access control model (CoAC) for cyberspace whose typical usage scenario is as follows. Users leverage devices via network of networks to access sensitive objects with temporal and spatial limitations. We generalize subjects and objects in cyberspace and propose scene-based access control. To enforce security purposes, we argue that all operations on information in cyberspace are combinations of atomic operations. If every single atomic operation is secure, then the cyberspace is secure. Taking applications in the browser-server architecture as an example, we present seven atomic operations for these applications. A number of cases demonstrate that operations in these applications are combinations of introduced atomic operations. We also design a series of security policies for each atomic operation. Finally, we demonstrate both feasibility and flexibility of our CoAC model by examples.
AbstractList With wide development of various information technologies, our daily activities are becoming deeply dependent on cyberspace. People often use handheld devices (e.g., mobile phones or laptops) to publish social messages, facilitate remote e-health diagnosis, or monitor a variety of surveillance. However, security insurance for these activities remains as a significant challenge. Representation of security purposes and their enforcement are two main issues in security of cyberspace. To address these challenging issues, we propose a cyberspace-oriented access control model (CoAC) for cyberspace whose typical usage scenario is as follows. Users leverage devices via network of networks to access sensitive objects with temporal and spatial limitations. We generalize subjects and objects in cyberspace and propose scene-based access control. To enforce security purposes, we argue that all operations on information in cyberspace are combinations of atomic operations. If every single atomic operation is secure, then the cyberspace is secure. Taking applications in the browser-server architecture as an example, we present seven atomic operations for these applications. A number of cases demonstrate that operations in these applications are combinations of introduced atomic operations. We also design a series of security policies for each atomic operation. Finally, we demonstrate both feasibility and flexibility of our CoAC model by examples.
Author Li, Fenghua
Han, Weili
Chen, Jinjun
Li, Zifu
Guo, Yunchuan
Chen, Lihua
Wu, Ting
Author_xml – sequence: 1
  givenname: Fenghua
  surname: Li
  fullname: Li, Fenghua
  email: lfh@iie.ac.cn
  organization: State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China
– sequence: 2
  givenname: Zifu
  orcidid: 0000-0002-2879-9980
  surname: Li
  fullname: Li, Zifu
  email: lizifu@iie.ac.cn
  organization: State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China
– sequence: 3
  givenname: Weili
  orcidid: 0000-0001-8663-436X
  surname: Han
  fullname: Han, Weili
  email: wlhan@fudan.edu.cn
  organization: School of Computer Science, Fudan University, Shanghai, China
– sequence: 4
  givenname: Ting
  surname: Wu
  fullname: Wu, Ting
  email: wuting@hdu.edu.cn
  organization: School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China
– sequence: 5
  givenname: Lihua
  surname: Chen
  fullname: Chen, Lihua
  email: chenlihua29@163.com
  organization: Department of Information Security, Beijing Electronic Science and Technology Institute, Beijing, China
– sequence: 6
  givenname: Yunchuan
  orcidid: 0000-0002-9611-5368
  surname: Guo
  fullname: Guo, Yunchuan
  email: guoyunchuan@iie.ac.cn
  organization: State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China
– sequence: 7
  givenname: Jinjun
  surname: Chen
  fullname: Chen, Jinjun
  email: jchen@swin.edu.au
  organization: School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia
BookMark eNp9kD1PwzAQhi1UJAr0ByAWS8wp_siHw1YiPoqKylBGFDn2WbgKcbHdof-eRK0AMXDL3fA-d7rnFI061wFCF5RMKSXl9dN8uZoyQsWUCV6SPDtCY8ZZkaR5zka_5hM0CWFNCOmxjJb5GL1VuwZ82EgFydJb6CJoPFMKQsCV66J37Q2e4Z8Urt6llyqCtyFaFZJbGXrk2Wlosew0tjHgF9daZSGco2Mj2wCTQz9Dr_d3q-oxWSwf5tVskShW8pg0JOXapESD0aLggpQcSsmZyDQwATyTVDaNSZnJtKHKpHmZF4aJRilDCkj5Gbra791497mFEOu12_quP1mzoQgnNOtTdJ9S3oXgwdQbbz-k39WU1IPIehBZDyLrg8ieKf4wykYZ7aBG2vZf8nJPWgD4viR4TtP-vy_gG4KK
CODEN IITJAU
CitedBy_id crossref_primary_10_3390_s21206832
crossref_primary_10_1109_JIOT_2020_3016961
crossref_primary_10_1080_19393555_2023_2284761
crossref_primary_10_1109_ACCESS_2020_2969715
crossref_primary_10_1016_j_eng_2019_09_002
crossref_primary_10_1177_1550147719875653
crossref_primary_10_1109_TDSC_2022_3208934
crossref_primary_10_1109_JIOT_2021_3110142
Cites_doi 10.1145/1952982.1952991
10.1016/j.cose.2013.08.012
10.1145/1128817.1128850
10.1109/TIFS.2015.2493983
10.1145/2613087.2613098
10.1109/TCC.2015.2469662
10.1007/s00607-013-0340-2
10.1049/iet-ifs.2016.0258
10.1109/TDSC.2015.2406705
10.1016/j.jnca.2016.11.016
10.1016/j.cose.2017.07.005
10.1145/2133601.2133616
10.1145/2752952.2752973
10.1145/1210263.1210265
10.1007/978-3-642-22365-5_18
10.1016/j.cose.2010.08.003
10.1145/2799979.2800034
10.1109/DSC.2017.100
10.1145/1533057.1533097
10.1145/2752952.2752962
10.1109/TC.2014.2366741
10.1145/2875491.2875495
10.1007/978-3-642-35743-5_13
10.1109/TDSC.2017.2786247
10.1016/j.cose.2015.04.013
10.1109/ICDCS.2002.1022279
10.1016/j.cose.2013.03.010
10.1109/CIS.2009.206
10.1007/978-3-319-26961-0_6
10.1155/2014/232708
10.1111/jcc4.12162
ContentType Journal Article
Copyright Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2019
Copyright_xml – notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2019
DBID 97E
RIA
RIE
AAYXX
CITATION
7SC
8FD
JQ2
L7M
L~C
L~D
DOI 10.1109/JIOT.2018.2839065
DatabaseName IEEE All-Society Periodicals Package (ASPP) 2005–Present
IEEE All-Society Periodicals Package (ASPP) 1998–Present
IEEE/IET Electronic Library
CrossRef
Computer and Information Systems Abstracts
Technology Research Database
ProQuest Computer Science Collection
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
DatabaseTitle CrossRef
Computer and Information Systems Abstracts
Technology Research Database
Computer and Information Systems Abstracts – Academic
Advanced Technologies Database with Aerospace
ProQuest Computer Science Collection
Computer and Information Systems Abstracts Professional
DatabaseTitleList Computer and Information Systems Abstracts
Database_xml – sequence: 1
  dbid: RIE
  name: IEEE/IET Electronic Library
  url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/
  sourceTypes: Publisher
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 2327-4662
EndPage 1483
ExternalDocumentID 10_1109_JIOT_2018_2839065
8361409
Genre orig-research
GrantInformation_xml – fundername: National Natural Science Foundation of China
  grantid: 61672515
  funderid: 10.13039/501100001809
– fundername: National Basic Research Program of China (973 Program); National Key Research and Development Program of China
  grantid: 2016YFB0800303
  funderid: 10.13039/501100012166
GroupedDBID 0R~
4.4
6IK
97E
AAJGR
AARMG
AASAJ
AAWTH
ABAZT
ABJNI
ABQJQ
ABVLG
AGQYO
AGSQL
AHBIQ
AKJIK
AKQYR
ALMA_UNASSIGNED_HOLDINGS
ATWAV
BEFXN
BFFAM
BGNUA
BKEBE
BPEOZ
EBS
EJD
IFIPE
IPLJI
JAVBF
M43
OCL
PQQKQ
RIA
RIE
AAYXX
CITATION
RIG
7SC
8FD
JQ2
L7M
L~C
L~D
ID FETCH-LOGICAL-c293t-b043df40defd8738093e9a3285de28e35a1abbf42f5df1cf46967f28bccf07e43
IEDL.DBID RIE
ISSN 2327-4662
IngestDate Sun Jun 29 12:53:44 EDT 2025
Tue Jul 01 04:07:55 EDT 2025
Thu Apr 24 23:07:19 EDT 2025
Wed Aug 27 06:30:01 EDT 2025
IsPeerReviewed false
IsScholarly true
Issue 2
Language English
License https://ieeexplore.ieee.org/Xplorehelp/downloads/license-information/IEEE.html
https://doi.org/10.15223/policy-029
https://doi.org/10.15223/policy-037
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c293t-b043df40defd8738093e9a3285de28e35a1abbf42f5df1cf46967f28bccf07e43
Notes ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ORCID 0000-0002-2879-9980
0000-0002-9611-5368
0000-0001-8663-436X
PQID 2222203015
PQPubID 2040421
PageCount 13
ParticipantIDs crossref_primary_10_1109_JIOT_2018_2839065
crossref_citationtrail_10_1109_JIOT_2018_2839065
proquest_journals_2222203015
ieee_primary_8361409
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate 2019-04-01
PublicationDateYYYYMMDD 2019-04-01
PublicationDate_xml – month: 04
  year: 2019
  text: 2019-04-01
  day: 01
PublicationDecade 2010
PublicationPlace Piscataway
PublicationPlace_xml – name: Piscataway
PublicationTitle IEEE internet of things journal
PublicationTitleAbbrev JIoT
PublicationYear 2019
Publisher IEEE
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher_xml – name: IEEE
– name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
References ref13
ref34
ref12
ref15
ref36
ref14
ref31
ref30
aktoudianakis (ref18) 2015
ref33
ref11
ref10
ref2
ref17
ref16
ref19
li (ref28) 2016; 37
ref24
ref23
ref26
ref25
ref20
ref22
ref21
ref27
karjoth (ref32) 2002
ref29
ref8
ref7
li (ref1) 2015
bishop (ref35) 2003
ref9
ref4
ref3
ref6
ref5
References_xml – start-page: 69
  year: 2002
  ident: ref32
  article-title: Platform for enterprise privacy practices: Privacy-enabled management of customer data
  publication-title: Proc Privacy Enhancing Technol Workshop
– year: 2015
  ident: ref1
  publication-title: Access Control Technologies for Complex Network Envirnment
– ident: ref29
  doi: 10.1145/1952982.1952991
– ident: ref2
  doi: 10.1016/j.cose.2013.08.012
– ident: ref10
  doi: 10.1145/1128817.1128850
– ident: ref11
  doi: 10.1109/TIFS.2015.2493983
– ident: ref14
  doi: 10.1145/2613087.2613098
– ident: ref20
  doi: 10.1109/TCC.2015.2469662
– ident: ref4
  doi: 10.1007/s00607-013-0340-2
– ident: ref19
  doi: 10.1049/iet-ifs.2016.0258
– ident: ref26
  doi: 10.1109/TDSC.2015.2406705
– ident: ref22
  doi: 10.1016/j.jnca.2016.11.016
– ident: ref34
  doi: 10.1016/j.cose.2017.07.005
– ident: ref25
  doi: 10.1145/2133601.2133616
– ident: ref15
  doi: 10.1145/2752952.2752973
– ident: ref9
  doi: 10.1145/1210263.1210265
– ident: ref33
  doi: 10.1007/978-3-642-22365-5_18
– year: 2003
  ident: ref35
  publication-title: Computer Security Art and Science
– volume: 37
  start-page: 9
  year: 2016
  ident: ref28
  article-title: Novel cyberspace-oriented access control model
  publication-title: J Commun
– ident: ref27
  doi: 10.1016/j.cose.2010.08.003
– ident: ref3
  doi: 10.1145/2799979.2800034
– ident: ref6
  doi: 10.1109/DSC.2017.100
– ident: ref31
  doi: 10.1145/1533057.1533097
– ident: ref17
  doi: 10.1145/2752952.2752962
– ident: ref12
  doi: 10.1109/TC.2014.2366741
– ident: ref13
  doi: 10.1145/2875491.2875495
– ident: ref30
  doi: 10.1007/978-3-642-35743-5_13
– ident: ref21
  doi: 10.1109/TDSC.2017.2786247
– ident: ref23
  doi: 10.1016/j.cose.2015.04.013
– ident: ref7
  doi: 10.1109/ICDCS.2002.1022279
– ident: ref36
  doi: 10.1016/j.cose.2013.03.010
– ident: ref8
  doi: 10.1109/CIS.2009.206
– year: 2015
  ident: ref18
  article-title: Relationship based access control
– ident: ref16
  doi: 10.1007/978-3-319-26961-0_6
– ident: ref5
  doi: 10.1155/2014/232708
– ident: ref24
  doi: 10.1111/jcc4.12162
SSID ssj0001105196
Score 2.187571
Snippet With wide development of various information technologies, our daily activities are becoming deeply dependent on cyberspace. People often use handheld devices...
SourceID proquest
crossref
ieee
SourceType Aggregation Database
Enrichment Source
Index Database
Publisher
StartPage 1471
SubjectTerms <italic xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Z specification
Access control
Atomic properties
Authorization
Cloud computing
Computer architecture
Cyberspace
Cyberspace-oriented access control (CoAC)
Electronic devices
Internet
Object recognition
Policies
Remote monitoring
security policy
Social network services
Title Cyberspace-Oriented Access Control: A Cyberspace Characteristics-Based Model and its Policies
URI https://ieeexplore.ieee.org/document/8361409
https://www.proquest.com/docview/2222203015
Volume 6
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV09T8MwED2VTiwUKIhCQR6YEClObCcOW6mooFLp0kosKPKnhEAtoukAvx47SVu-hMiU4RxZenbenX33DuBUYm6oZDQIuZIuQCE4SJnkgUiYozcSKxz5eufhXXwzoYN7dl-D81UtjDGmSD4zHf9a3OXrmVr4o7ILTmKvz7QBGy5wK2u11ucpoXdG4uriMsTpxeB2NPa5W7zjKDTFnj4-UU_RS-XHD7hglX4Dhsv5lMkkT51FLjvq_ZtU438nvA1blXuJuuV62IGame5CY9m6AVU7uQkPvTfpyyyFMsHISx07xxN1i-aJqFdmr1-iLlpbod5XZefgytGfRr6V2jMSU40e8zkqRIZd6L0Hk_71uHcTVJ0WAuXoPg8kpkRbirWxmieE45SYVJCIM20ibggToZDS0sgybUNlXUwdJzbiUimLE0PJPtSns6k5ABSnobAsERExhLKECi0Zd1QZUy10yGQL8BKETFUy5L4bxnNWhCM4zTxumcctq3BrwdlqyEupwfGXcdPjsDKsIGhBe4l0Vu3SeRb5x8eE7PD3UUew6b6dlpk6bajnrwtz7JyQXJ4Uq-8DXMDZcg
linkProvider IEEE
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07T8MwED7xGGChQEEUCnhgQqQ4sZ04bKUClUfbpZVYUOSnhEAFQTrAr8dO0vIUIlOGs2Lps_Pd2XffARxIzA2VjAYhV9IFKAQHKZM8EAlz9EZihSNf79zrx90RvbxhN3NwNKuFMcYUyWem5V-Lu3z9qCb-qOyYk9jrM83DouN9FpbVWh8nKqF3R-Lq6jLE6fHlxWDos7d4y5Foij2BfCKfopvKj19wwSvnNehNZ1Smk9y3JrlsqbdvYo3_nfIqrFQOJmqXK2IN5sx4HWrT5g2o2st1uO28Sl9oKZQJBl7s2LmeqF20T0SdMn_9BLXRhxXqfNV2Dk4dAWrkm6k9IDHW6C5_QYXMsAu-N2B0fjbsdIOq10KgHOHngcSUaEuxNlbzhHCcEpMKEnGmTcQNYSIUUloaWaZtqKyLquPERlwqZXFiKNmEhfHj2GwBitNQWJaIiBhCWUKFlow7soypFjpksgF4CkKmKiFy3w_jISsCEpxmHrfM45ZVuDXgcDbkqVTh-Mu47nGYGVYQNKA5RTqr9ulLFvnHR4Vs-_dR-7DUHfaus-uL_tUOLLvvpGXeThMW8ueJ2XUuSS73ipX4DtuB3Ls
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Cyberspace-Oriented+Access+Control%3A+A+Cyberspace+Characteristics-Based+Model+and+its+Policies&rft.jtitle=IEEE+internet+of+things+journal&rft.au=Li%2C+Fenghua&rft.au=Li%2C+Zifu&rft.au=Han%2C+Weili&rft.au=Wu%2C+Ting&rft.date=2019-04-01&rft.issn=2327-4662&rft.eissn=2327-4662&rft.volume=6&rft.issue=2&rft.spage=1471&rft.epage=1483&rft_id=info:doi/10.1109%2FJIOT.2018.2839065&rft.externalDBID=n%2Fa&rft.externalDocID=10_1109_JIOT_2018_2839065
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2327-4662&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2327-4662&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2327-4662&client=summon