基于演化博弈的隐私风险自适应访问控制模型

doi:10.11959/j.issn.1000-436x.2019240

Abstract

Abstract:

Aiming at the problem that in the private sensitive date centralized and opening information systems,a fine-grained and self-adaptive access control model for privacy preserving is desperately needed,thus the balance between privacy preserving and data access utility should be achieved,a rational multi-player risk-adaptive based access control model for privacy preserving was proposed.Firstly,the privacy risk values of access request and requester were formulized by the private information quantity of the requested dataset,and by using Shannon information.Secondly,a risk-adaptive based access control evolutionary game model was constructed by using evolutionary game under the supposing of bounded rational players.Furthermore,dynamic strategies of participants were analyzed by using replicator dynamics equation,and the method of choosing evolutionary stable strategy was proposed.Simulation and comparison results show that,the proposed model is effective to dynamically and adaptively preserve privacy and more risk adaptive,and dynamic evolutionary access strategies of the bounded rational participants are more suitable for practical scenarios.

Key words: risk-adaptive based access control, privacy preserving, evolutionary game, privacy risk estimation, quantity of information

CLC Number:

TP309

Hongfa DING,Changgen PENG,Youliang TIAN,Shuwen XIANG. Privacy risk adaptive access control model via evolutionary game[J]. Journal on Communications, 2019, 40(12): 9-20.

Figures/Tables 9

用户U	信息资源系统S
用户U	授权	拒绝
正常访问	$u_{U} {^{N}}^{, G}, u_{S} {^{N}}^{, G}$	$u_{U} {^{N}}^{, D}, u_{S} {^{N}}^{, D}$
恶意访问	$u_{U} {^{M}}^{, G}, u_{S} {^{M}}^{, G}$	$u_{U} {^{M}}^{, D}, u_{S} {^{M}}^{, D}$

References 33

[1]	SANDHU R S , SAMARATI P . Access control:principle and practice[J]. IEEE Communications Magazine, 1994,32(9): 40-48.
[2]	李昊, 张敏, 冯登国 ,等. 大数据访问控制研究[J]. 计算机学报, 2017,40(1): 72-91.
	LI H , ZHANG M , FENG D G ,et al. Research on access control of big data[J]. Journal of Computer, 2017,40(1): 72-91.
[3]	MCCUNE J M , JAEGER T , BERGER S ,et al. Shamon:a system for distributed mandatory access control[C]// 2006 22nd Annual Computer Security Applications Conference. ACM, 2006: 23-32.
[4]	DOWNS D D , RUB J R , KUNG K C ,et al. Issues in discretionary access control[C]// IEEE Symposium on Security and Privacy. IEEE, 1985: 208-208.
[5]	SANDHU R S , COYNE E J , FEINSTEIN H L ,et al. Role-based access control models[J]. Computer, 1996,29(2): 38-47.
[6]	WANG G , LIU Q , WU J . Hierarchical attribute-based encryption for fine-grained access control in cloud storage services[C]// The 17th ACM Conference on Computer and Communications Security. ACM, 2010: 735-737.
[7]	SERVOS D , OSBORN S L . Current research and open problems in attribute-based access control[J]. ACM Computing Surveys, 2017,49(4): 65:1-65:45.
[8]	DIMMOCK N , BELOKOSZTOLSZKI A , EYERS D ,et al. Using trust and risk in role-based access control policies[C]// The Ninth ACM Symposium on Access Control Models and Technologies. ACM, 2004: 156-162.
[9]	KANDALA S , SANDHU R , BHAMIDIPATI V . An attribute based framework for risk-adaptive access control models[C]// The Sixth International Conference on Availability,Reliability and Security. EuAsia, 2011: 236-241.
[10]	KRAUTSEVICH L , LAZOUSKI A , MARTINELLI F ,et al. Towards attribute-based access control policy engineering using risk[C]// BAUER T,GROSSMANN J,SEEHUSEN F,et al.Risk Assessment and Risk-Driven Testing. Cham:Springer International Publishing, 2014: 80-90.
[11]	CHENG P C , ROHATGI P , KESER C ,et al. Fuzzy multi-level security:an experiment on quantified risk-adaptive access control[C]// 2007 IEEE Symposium on Security and Privacy. IEEE, 2007: 222-230.
[12]	NI Q , BERTINO E , LOBO J . Risk-based access control systems built on fuzzy inferences[C]// The 5th ACM Symposium on Information,Computer and Communications Security. ACM, 2010: 250-260.
[13]	BOULARES S , ADI K , LOGRIPPO L . Insider threat likelihood assessment for access control systems:quantitative approach[C]// 9th International Symposium on Foundations and Practice of Security. ACM, 2017: 135-142.
[14]	OWEN G . Game theory:3rd edition[M]. San Diego: Academic PressPress, 2001.
[15]	HELIL N , HALIK A , RAHMAN K . Non-zero-sum cooperative access control game model with user trust and permission risk[J]. Applied Mathematics and Computation, 2017,307: 299-310.
[16]	GAO L , YAN Z , YANG L T . Game theoretical analysis on acceptance of a cloud data access control system based on reputation[J]. IEEE Transactions on Cloud Computing, 2018:1.
[17]	WANG Y , TIAN L , CHEN Z . Game analysis of access control based on user behavior trust[J]. Information, 2019,10(4):132.
[18]	MCGRAW R . Risk-adaptable access control (RAdAC)[R].,(2009)[2019-09-04]. NIST Privilege (Access) Management Workshop, (2009),[2019-09-04].
[19]	SHAIKH R A , ADI K , LOGRIPPO L . Dynamic risk-based decision methods for access control systems[J]. Computer Security, 2012,31(4): 447-464.
[20]	ARMANDO A , BEZZI M , CERBO F ,et al. Balancing trust and risk in access control[C]// OTM Confederated International Conferences. 2015: 660-676.
[21]	DIAZ-LOPEZ D , DOLERA-TORMO G , GOMEZ-MARMOL F ,et al. Dynamic counter-measures for risk-based access control systems[J]. Future Generation Computer Systems, 2016,55(C): 321-335.
[22]	SANTOS D R D , MARINHO R , SCHMITT G R ,et al. A framework and risk assessment approaches for risk-based access control in the cloud[J]. Journal of Network and Computer Applications, 2016,74(C): 86-97.
[23]	DING H , PENG C , TIAN Y ,et al. A risk adaptive access control model based on markov for big data in the cloud[J]. International Journal of High Performance Computing and Networking, 2019,13(4): 464-475.
[24]	WANG Q , JIN H . Quantified risk-adaptive access control for patient privacy protection in health information systems[C]// The 6th ACM Symposium on Information,Computer and Communications Security. ACM, 2011: 406-410.
[25]	惠榛, 李昊, 张敏 ,等. 面向医疗大数据的风险自适应的访问控制模型[J]. 通信学报, 2015,36(12): 190-199.
	HUI Z , LI H , ZHANG M ,et al. Risk-adaptive access control model for big data in healthcare[J]. Journal on Communications, 2015,36(12): 190-199.
[26]	ZHANG W , LI H , ZHANG M ,et al. Privacy-aware risk-adaptive access control in health information systems using topic models[C]// The 23Nd ACM on Symposium on Access Control Models and Technologies. ACM, 2018: 61-67.
[27]	ARMANDO A , BEZZI M , METOUI N ,et al. Risk-based privacy-aware information disclosure[J]. International Journal of Secure Software Engineering, 2015,6(2): 70-89.
[28]	HU H , AHN G J , ZHAO Z ,et al. Game theoretic analysis of multiparty access control in online social networks[C]// The 19th ACM Symposium on Access Control Models and Technologies. ACM, 2014: 93-102.
[29]	LIU C , XING S , SHEN L . Dynamic hybrid-access control in multi-user and multi-femtocell networks via stackelberg game competition[J]. IET Communications, 2016,10(7): 862-872.
[30]	SHANNON C E . A mathematical theory of communication[J]. Bell System Technical Journal, 1948,27: 379-423.
[31]	CSISZáR I , SHIELDS P C . Information theory and statistics:a tutorial[J]. Communications and Information Theory, 2004,1(4): 417-528.
[32]	NEWTON J . Evolutionary game theory:a renaissance[J]. Games, 2018,9(2):31.
[33]	王元卓, 于建业, 邱雯 ,等. 网络群体行为的演化博弈模型与分析方法[J]. 计算机学报, 2015,38(2): 282-300.
	WANG Y Z , YU J Y , QIOU W ,et al. Evolutionary game model and analysis methods for network group behavior[J]. Journal of Computer, 2015,38(2): 282-300.

Metrics

Recommended 0

No Suggested Reading articles found!

模型	访问控制目的	风险量化	博弈参与者	博弈方法
文献[12]模型	安全保护	静态安全风险量化	—	—
文献[19]模型	安全保护	风险和信任动态量化	—	—
文献[22]模型	云安全保护	多因子聚合风险量化	—	—
文献[24]模型	医疗信息隐私保护	静态隐私风险量化	—	—
文献[26]模型	医疗信息隐私保护	动态隐私风险量化	—	—
文献[16]模型	云安全保护	—	二参与者	重复博弈
文献[29]模型	蜂窝网络接入安全	—	多参与者	Stackelberg博弈
文献[15]模型	数据安全	动态安全风险量化	二参与者	非零和合作博弈
文献[28]模型	社交网络隐私保护	静态隐私风险量化	多参与者	多方控制博弈
本文所提模型	敏感数据隐私保护	隐私风险自适应量化	多参与者	演化博弈

Privacy risk adaptive access control model via evolutionary game

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 9

References 33

Related Articles 15

Metrics

Recommended 0

[1]	Lichuan MA, Jiayi PENG, Qingqi PEI, Haojin ZHU. Efficient privacy-preserving decision tree classification protocol [J]. Journal on Communications, 2021, 42(8): 80-89.
[2]	Yong ZENG,Lingjie ZHOU,Zhongyuan JIANG,Zhihong LIU,Jianfeng MA. Security analysis of weighted network anonymity based on singular value decomposition [J]. Journal on Communications, 2018, 39(5): 23-33.
[3]	Hui LIN,Mengyang YU,Youliang TIAN,Yijie HUANG. Dynamic game and reliable recommendation based transferring reputation mechanism for mobile cloud computing [J]. Journal on Communications, 2018, 39(5): 85-93.
[4]	Lingbo WEI,Xiaobing FENG,Chi ZHANG,Hualong SHENG,Nenghai YU. Network function outsourcing system based on prefix-preserving encryption [J]. Journal on Communications, 2018, 39(4): 159-166.
[5]	Yihan YU,Yu FU,Xiaoping WU. Stochastic gradient descent algorithm preserving differential privacy in MapReduce framework [J]. Journal on Communications, 2018, 39(1): 70-77.
[6]	Zhi-qiang WU,Ken-li LI,Hui ZHENG. Efficient and scalable architecture for searchable symmetric encryption [J]. Journal on Communications, 2017, 38(8): 79-93.
[7]	Hao WANG,Zheng-quan XU,Li-zhi XIONG,Tao WANG. CLM:differential privacy protection method for trajectory publishing [J]. Journal on Communications, 2017, 38(6): 85-96.
[8]	Wen-jun XIONG,Zheng-quan XU,Hao WANG. Privacy level evaluation of differential privacy for time series based on filtering theory [J]. Journal on Communications, 2017, 38(5): 172-181.
[9]	Jian-ming HUANG,Heng-wei ZHANG,Jin-dong WANG,Shi-rui HUANG. Defense strategies selection based on attack-defense evolutionary game model [J]. Journal on Communications, 2017, 38(1): 168-176.
[10]	Hong-cheng LI,Xiao-ping WU,Yan CHEN. k-means clustering method preserving differential privacy in MapReduce framework [J]. Journal on Communications, 2016, 37(2): 125-131.
[11]	Li-bing WU,Yong XIE,Yu-bo ZHANG. Efficient and secure message authentication scheme for VANET [J]. Journal on Communications, 2016, 37(11): 1-10.
[12]	Yong-hao GU,Jiu-chuan LIN,Da GUO. Clustering-based dynamic privacy preserving method for social networks [J]. Journal on Communications, 2015, 36(Z1): 126-130.
[13]	Wei-ni ZENG,Ya-ping LIN,Ye-qing YI,Shi-ming HE,Peng CHEN. Data processing based on the privacy-preserving vector for wireless sensor networks [J]. Journal on Communications, 2015, 36(9): 34-46.
[14]	Li-hui LAN,Shi-guang JU. Privacy preserving based on differential privacy for weighted social networks [J]. Journal on Communications, 2015, 36(9): 145-159.
[15]	Chao WANG,Jing YANG,Jian-pei ZHANG,Gang LV. Algorithm for k-anonymity based on projection area density partition [J]. Journal on Communications, 2015, 36(8): 125-134.