TY - JOUR
T1 - Application of access control model for confidential data
AU - Shan, Lumin
AU - Zhou, Huan
AU - Hong, Daocheng
AU - Dong, Qiwen
AU - Wang, Ye
AU - Song, Shubing
N1 - Publisher Copyright:
© 2021 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0) Peer-review under responsibility of the scientific committee of KES International.
PY - 2021
Y1 - 2021
N2 - In any field, the security of data is extremely important, and it is even related to national security and personal privacy. Within a mature system framework, the design of data security is the most basic and challenging task, and access control is one of the main strategies for Network security prevention. Log as an indispensable part of a secure system can help us to complete traceability after a data breach and to monitor the operation of the application at any time. However, in the existing confidential data management systems, the existing access control methods are not friendly to confidential data, and there are problems of excessive administrator privileges and no confidentiality restrictions. Considering of the fact that the authority and log Module is not well implemented in most confidential data management system, we propose to design a general access control model application. We propose an access control model based on roles and object domains, combined with a security level. Through this model, we can implement three-layer filtering when users access data, thereby ensuring data security and avoiding data leakage problems. At the same time, by implementing the log module, some deficiencies in the log analysis and monitoring of existing confidential data management system can be solved.
AB - In any field, the security of data is extremely important, and it is even related to national security and personal privacy. Within a mature system framework, the design of data security is the most basic and challenging task, and access control is one of the main strategies for Network security prevention. Log as an indispensable part of a secure system can help us to complete traceability after a data breach and to monitor the operation of the application at any time. However, in the existing confidential data management systems, the existing access control methods are not friendly to confidential data, and there are problems of excessive administrator privileges and no confidentiality restrictions. Considering of the fact that the authority and log Module is not well implemented in most confidential data management system, we propose to design a general access control model application. We propose an access control model based on roles and object domains, combined with a security level. Through this model, we can implement three-layer filtering when users access data, thereby ensuring data security and avoiding data leakage problems. At the same time, by implementing the log module, some deficiencies in the log analysis and monitoring of existing confidential data management system can be solved.
KW - Access control model
KW - Confidential data management
KW - Information security
UR - https://www.scopus.com/pages/publications/85116875281
U2 - 10.1016/j.procs.2021.09.161
DO - 10.1016/j.procs.2021.09.161
M3 - 会议文章
AN - SCOPUS:85116875281
SN - 1877-0509
VL - 192
SP - 3865
EP - 3874
JO - Procedia Computer Science
JF - Procedia Computer Science
T2 - 25th KES International Conference on Knowledge-Based and Intelligent Information and Engineering Systems, KES 2021
Y2 - 8 September 2021 through 10 September 2021
ER -