On the Prospect of using Cognitive Systems to Enforce Data Access Control

Fernando Fradique Duarte, Diogo Domingues Regateiro, Óscar Mortágua Pereira, Rui L. Aguiar

Abstract

Data access control is a field that has been a subject of a lot of research for many years, which has resulted in many models being designed. Many of these models are deterministic in nature, following set rules to allow or deny access to a given user. These are sufficient in fairly static environments, but they fall short in dynamic and collaborative settings where permission needs may change or user attributes may be missing. Risk-based and probabilistic models were designed to mitigate some of these issues. These take a user profile to determine the risk associated with a particular transaction or fill in any missing attributes. However, they need to be maintained as new security threats emerge. It is argued in this paper that cognitive systems, as part of a more general Cognitive Driven Access Control approach, can close this gap by learning security threats on their own and enhancing the security of data in these environments. The benefits and considerations to be made when deploying cognitive systems are also discussed.

References

  1. Chen, A. et al., 2016. A Dynamic Risk-Based Access Control Model for Cloud Computing. In 2016 IEEE International Conferences on Big Data and Cloud Computing (BDCloud), Social Computing and Networking (SocialCom), Sustainable Computing and Communications (SustainCom) (BDCloud-SocialComSustainCom). IEEE, pp. 579-584.
  2. Chen, Y., Argentinis, E. and Weber, G., 2016. IBM Watson: How Cognitive Computing Can Be Applied to Big Data Challenges in Life Sciences Research. Clinical Therapeutics, 38(4), pp.688-701.
  3. Chen Gu et al., 2009. Cognitive access control in cognitive heterogeneous networks. In 2009 IEEE International Conference on Communications Technology and Applications. IEEE, pp. 707-711.
  4. Cheng, P. et al., 2007. Fuzzy Multi - Level Security?: An Experiment on Quantified Risk - Adaptive Access Control. In 2007 IEEE Symposium on Security and Privacy(SP'07). pp. 222-227.
  5. Congress, 104th United States, 1996. Health Insurance Portability and Accountability Act of 1996.
  6. Crampton, J., Morisset, C. and Zannone, N., 2015. On Missing Attributes in Access Control. In Proceedings of the 20th ACM Symposium on Access Control Models and Technologies - SACMAT 7815. New York, New York, USA: ACM Press, pp. 99-109.
  7. Ferraiolo, D.F. et al., 2016. A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications. NIST Special Publication 800- 178.
  8. High, R., 2012. The Era of Cognitive Systems: An Inside Look at IBM Watson and How it Works. International Business Machines Corporation, 1(1), pp.1-14.
  9. Hurwitz, J.S., Kaufman, M. and Bowles, A., 2015. Cognitive Computing and Big Data Analytics, John Wiley and Sons, Inc.
  10. IBM, 2016. Cognitive Security White Paper. Available at: http://cognitivesecuritywhitepaper.mybluemix.net/ [Accessed January 11, 2017].
  11. Martínez-García, C., Navarro-Arribas, G. and Borrell, J., 2011. Fuzzy Role-Based Access Control. Information Processing Letters, 111(10), pp.483-487.
  12. Matzner, T., 2016. The model gap: cognitive systems in security applications and their ethical implications. AI and SOCIETY, 31(1), pp.95-102. Available at: http://dx.doi.org/10.1007/s00146-013-0525-4.
  13. McGraw, R., 2009. Risk-Adaptable Access Control ( RAdAC ). in:Privilege (Access) Management Workshop. NIST-National Institute of Standards and Technology-Information Technology Laboratory.
  14. Pereira, O.M., Regateiro, D.D. and Aguiar, R.L., 2014. Extending RBAC model to control sequences of CRUD expressions. In Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE. pp. 463-469.
  15. Samarati, P. and de Vimercati, S.C., 2001. Access Control: Policies, Models, and Mechanisms. In Foundations of Security Analysis and Design. pp. 137-196.
  16. Sandhu, R., Ferraiolo, D. and Kuhn, R., 2000. Standard, The NIST Model for Role-Based Access Control: Towards a Unified. In Proceedings of the Fifth ACM Workshop on Role-Based Access Control. pp. 47-63.
  17. dos Santos, D.R. et al., 2016. A framework and risk assessment approaches for risk-based access control in the cloud. Journal of Network and Computer Applications, 74, pp.86-97.
  18. Zheng, Y. et al., 2016. Cognitive security: securing the burgeoning landscape of mobile networks. IEEE Network, 30(4), pp.66-71.
  19. Zikopoulos, P. et al., 2015. Big Data Beyond the Hype A Guide to Conversations for Today's Data Center, Mc Graw Hill Education.
Download


Paper Citation


in Harvard Style

Fradique Duarte F., Domingues Regateiro D., Mortágua Pereira Ó. and Aguiar R. (2017). On the Prospect of using Cognitive Systems to Enforce Data Access Control . In Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-245-5, pages 412-418. DOI: 10.5220/0006370504120418


in Bibtex Style

@conference{iotbds17,
author={Fernando Fradique Duarte and Diogo Domingues Regateiro and Óscar Mortágua Pereira and Rui L. Aguiar},
title={On the Prospect of using Cognitive Systems to Enforce Data Access Control},
booktitle={Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2017},
pages={412-418},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006370504120418},
isbn={978-989-758-245-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - On the Prospect of using Cognitive Systems to Enforce Data Access Control
SN - 978-989-758-245-5
AU - Fradique Duarte F.
AU - Domingues Regateiro D.
AU - Mortágua Pereira Ó.
AU - Aguiar R.
PY - 2017
SP - 412
EP - 418
DO - 10.5220/0006370504120418