Date of Graduation

8-2017

Document Type

Dissertation

Degree Name

Doctor of Philosophy in Computer Science (PhD)

Degree Level

Graduate

Department

Computer Science & Computer Engineering

Advisor/Mentor

Brajendra Panda

Committee Member

Wing-Ning Li

Second Committee Member

Dale Thompson

Third Committee Member

Paul Cronan

Keywords

Access Control Methods, Cybersecurity, Social Network

Abstract

Nowadays, information security in online communication has become an indisputable topic. People prefer pursuing their connection and public relations due to the greater flexibility and affordability of online communication. Recently, organizations have established online networking sites concerned with sharing assets among their employees. As more people engage in social network, requirements for protecting information and resources becomes vital. Over the years, many access control methods have been proposed. Although these methods cover various information security aspects, they have not provided an appropriate approach for securing information within distributed online networking sites. Moreover, none of the previous research provides an access control method in case an existing resource encompassing various parts and each part has its own accessing control policy.

In this research, we investigate the access control requirements in order to conserve data and encompassed resources, which are shared in the social network, from users with unapproved access. Under the proposed method, users are able to define policies easily to protect their individual information and resources from unauthorized users. In addition, requestors are able to generate inquiries in easy and efficient way. We define an appropriate format to present rules and queries, which are converted from policies and inquiries respectively. The proposed approach defines a method in case a user would like to access a resource belonging to another user where both users are members of different online networking sites. In order to add more flexibility, this method controls access to data and resources by evaluating requestor’s attributes, object’s attributes, action or operation taken by requestor, environmental condition, and policies which are created by users or a super user of social network to protect the users’ resources. This approach is called Policy-Based Attribute Access Control (PBAAC). The policies defined to secure a resource may conflict with other policies. The proposed method offers an appropriate solution to resolve this issue. Due to achievement of better performance with regards to efficiency, this research analyzes the method to compromise simple rules, complex rules, or rules including several attributes. The results prove that simple rules provide better performance.

Share

COinS