Redesign and Feasibility Verification of Access Control System Based on Correlation Among Files

Kodaka, Yuki; Hasegawa, Hirokazu; Takakura, Hiroki

Home // International Journal On Advances in Security, volume 17, numbers 1 and 2, 2024 // View article

Redesign and Feasibility Verification of Access Control System Based on Correlation Among Files

Authors:
Yuki Kodaka
Hirokazu Hasegawa
Hiroki Takakura

Keywords: File Access Control, Graph Theory, Bell-LaPadula Model

Abstract:
File access control is an effective method for protecting information from unauthorized access both inside and outside an organization. However, conventional methods based on organizational structure have some limitations. Modern business requires flexible access control that reflects the dynamic changes in workflow. Still, it is difficult to achieve the requirement at the same time the prevention of information leakage and destruction due to cyberattacks. Therefore, this paper proposes an access control system based on the correlation among files. The correlation is inferred from users' access histories within the same group, and access privilege is determined based on the strength of the correlation. This system adapts to changing access needs and prevents unauthorized access by automatically denying access with low file-to-file correlation in a series of accesses. The initial implementation of the system was carried out in a simplified environment, which raised issues about whether the system could be feasible and efficient in real-world, more complex scenarios. This work extends the findings of our previous paper by addressing identified issues with the proposed system through targeted modifications. To further validate the system's performance and feasibility in real-world scenarios, we conducted subsequent implementation and verification experiments under conditions that were not only more practical but also involved higher loads. These efforts aimed to rigorously test the system's scalability and efficiency in environments that closely mimic actual operational conditions. As a result of these modifications and experiments, the system demonstrated the capability to handle high-load conditions efficiently. This outcome suggests that the potential impact on file system processing due to the introduction of new features via the proposed system is not serious. Therefore, our extended research confirms the proposed system's robustness and suitability for real-world application, highlighting its ability to maintain efficiency even under significant stress. To ensure the feasibility of the proposed system, future work should address the effectiveness issue.

Pages: 99 to 114

Publication date: June 30, 2024

Published in: journal

ISSN: 1942-2636