Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things

Muhammad Umar Aftab; Zhiguang Qin; Kashif Hussain; Zakria Jamali; Ngo Tung Son; Nguyen Van Nam; Tran Van Dinh

doi:10.1109/SKG49510.2019.00036

Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things

Muhammad Umar Aftab
, Zhiguang Qin^*
, Kashif Hussain
, Zakria Jamali
, Ngo Tung Son
, Nguyen Van Nam
, Tran Van Dinh

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

7 Scopus citations

Abstract

Access control plays an important role in protecting sensitive data of an organization, by employing a mechanism that grants or revokes access to the organizational resources. It is implemented with the help of different access control models either traditional or hybrid models. In this paper, we discuss DAC, MAC, RBAC and ABAC models briefly. In addition, we propose a hybrid model that is based on reverse authorization in ABAC model. The concept of negative attributes is implemented in ABAC model that directly restricts unauthorized users. Previously, several approaches to authorized users and their authority domain in ABAC model have been implemented in literature. Though, the proposed model is unique due to a different implementation of access control in the domain of Internet of Medical Things (IoMT). This work is also discussed with respect to an example scenario. In this way, the concept of negative attributes is elaborated for implementing the negative authorization in ABAC. The comparative analysis shows that this work can perform better in some scenarios by taking advantage of negative authorization.

Original language	English
Title of host publication	Proceedings - 15th International Conference on Semantics, Knowledge and Grids
Subtitle of host publication	On Big Data, AI and Future Interconnection Environment, SKG 2019
Editors	Hai Zhuge, Xiaoping Sun
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	167-174
Number of pages	8
ISBN (Electronic)	9781728158235
DOIs	https://doi.org/10.1109/SKG49510.2019.00036
State	Published - Sep 2019
Externally published	Yes
Event	15th International Conference on Semantics, Knowledge and Grids, SKG 2019 - Guangzhou, China Duration: 17 Sep 2019 → 18 Sep 2019

Publication series

Name	Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019

Conference

Conference	15th International Conference on Semantics, Knowledge and Grids, SKG 2019
Country/Territory	China
City	Guangzhou
Period	17/09/19 → 18/09/19

Bibliographical note

Publisher Copyright:
© 2019 IEEE.

Keywords

ABAC
Hybrid Access Control
Internet of Medical Things
Negative Attributes
Negative Authorization

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Computer Science Applications
Computer Vision and Pattern Recognition
Information Systems
Information Systems and Management

Access to Document

10.1109/SKG49510.2019.00036

Cite this

Aftab, M. U., Qin, Z., Hussain, K., Jamali, Z., Son, N. T., Nam, N. V., & Dinh, T. V. (2019). Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things. In H. Zhuge, & X. Sun (Eds.), Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019 (pp. 167-174). Article 9044088 (Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SKG49510.2019.00036

Aftab, Muhammad Umar ; Qin, Zhiguang ; Hussain, Kashif et al. / Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things. Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019. editor / Hai Zhuge ; Xiaoping Sun. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 167-174 (Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019).

@inproceedings{344e76e63f7449979943d78dbec16da0,

title = "Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things",

abstract = "Access control plays an important role in protecting sensitive data of an organization, by employing a mechanism that grants or revokes access to the organizational resources. It is implemented with the help of different access control models either traditional or hybrid models. In this paper, we discuss DAC, MAC, RBAC and ABAC models briefly. In addition, we propose a hybrid model that is based on reverse authorization in ABAC model. The concept of negative attributes is implemented in ABAC model that directly restricts unauthorized users. Previously, several approaches to authorized users and their authority domain in ABAC model have been implemented in literature. Though, the proposed model is unique due to a different implementation of access control in the domain of Internet of Medical Things (IoMT). This work is also discussed with respect to an example scenario. In this way, the concept of negative attributes is elaborated for implementing the negative authorization in ABAC. The comparative analysis shows that this work can perform better in some scenarios by taking advantage of negative authorization.",

keywords = "ABAC, Hybrid Access Control, Internet of Medical Things, Negative Attributes, Negative Authorization",

author = "Aftab, \{Muhammad Umar\} and Zhiguang Qin and Kashif Hussain and Zakria Jamali and Son, \{Ngo Tung\} and Nam, \{Nguyen Van\} and Dinh, \{Tran Van\}",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 15th International Conference on Semantics, Knowledge and Grids, SKG 2019 ; Conference date: 17-09-2019 Through 18-09-2019",

year = "2019",

month = sep,

doi = "10.1109/SKG49510.2019.00036",

language = "English",

series = "Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "167--174",

editor = "Hai Zhuge and Xiaoping Sun",

booktitle = "Proceedings - 15th International Conference on Semantics, Knowledge and Grids",

address = "United States",

}

Aftab, MU, Qin, Z, Hussain, K, Jamali, Z, Son, NT, Nam, NV & Dinh, TV 2019, Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things. in H Zhuge & X Sun (eds), Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019., 9044088, Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019, Institute of Electrical and Electronics Engineers Inc., pp. 167-174, 15th International Conference on Semantics, Knowledge and Grids, SKG 2019, Guangzhou, China, 17/09/19. https://doi.org/10.1109/SKG49510.2019.00036

Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things. / Aftab, Muhammad Umar; Qin, Zhiguang; Hussain, Kashif et al.
Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019. ed. / Hai Zhuge; Xiaoping Sun. Institute of Electrical and Electronics Engineers Inc., 2019. p. 167-174 9044088 (Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things

AU - Aftab, Muhammad Umar

AU - Qin, Zhiguang

AU - Hussain, Kashif

AU - Jamali, Zakria

AU - Son, Ngo Tung

AU - Nam, Nguyen Van

AU - Dinh, Tran Van

PY - 2019/9

Y1 - 2019/9

N2 - Access control plays an important role in protecting sensitive data of an organization, by employing a mechanism that grants or revokes access to the organizational resources. It is implemented with the help of different access control models either traditional or hybrid models. In this paper, we discuss DAC, MAC, RBAC and ABAC models briefly. In addition, we propose a hybrid model that is based on reverse authorization in ABAC model. The concept of negative attributes is implemented in ABAC model that directly restricts unauthorized users. Previously, several approaches to authorized users and their authority domain in ABAC model have been implemented in literature. Though, the proposed model is unique due to a different implementation of access control in the domain of Internet of Medical Things (IoMT). This work is also discussed with respect to an example scenario. In this way, the concept of negative attributes is elaborated for implementing the negative authorization in ABAC. The comparative analysis shows that this work can perform better in some scenarios by taking advantage of negative authorization.

AB - Access control plays an important role in protecting sensitive data of an organization, by employing a mechanism that grants or revokes access to the organizational resources. It is implemented with the help of different access control models either traditional or hybrid models. In this paper, we discuss DAC, MAC, RBAC and ABAC models briefly. In addition, we propose a hybrid model that is based on reverse authorization in ABAC model. The concept of negative attributes is implemented in ABAC model that directly restricts unauthorized users. Previously, several approaches to authorized users and their authority domain in ABAC model have been implemented in literature. Though, the proposed model is unique due to a different implementation of access control in the domain of Internet of Medical Things (IoMT). This work is also discussed with respect to an example scenario. In this way, the concept of negative attributes is elaborated for implementing the negative authorization in ABAC. The comparative analysis shows that this work can perform better in some scenarios by taking advantage of negative authorization.

KW - ABAC

KW - Hybrid Access Control

KW - Internet of Medical Things

KW - Negative Attributes

KW - Negative Authorization

UR - https://www.scopus.com/pages/publications/85083245547

U2 - 10.1109/SKG49510.2019.00036

DO - 10.1109/SKG49510.2019.00036

M3 - Conference contribution

AN - SCOPUS:85083245547

T3 - Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019

SP - 167

EP - 174

BT - Proceedings - 15th International Conference on Semantics, Knowledge and Grids

A2 - Zhuge, Hai

A2 - Sun, Xiaoping

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 15th International Conference on Semantics, Knowledge and Grids, SKG 2019

Y2 - 17 September 2019 through 18 September 2019

ER -

Aftab MU, Qin Z, Hussain K, Jamali Z, Son NT, Nam NV et al. Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things. In Zhuge H, Sun X, editors, Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 167-174. 9044088. (Proceedings - 15th International Conference on Semantics, Knowledge and Grids: On Big Data, AI and Future Interconnection Environment, SKG 2019). doi: 10.1109/SKG49510.2019.00036

Negative authorization by implementing negative attributes in attribute-based access control model for internet of medical things

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this