Context Dependent Threat-Based Access Control System
Adejimi Alaba Olusesi, Sodiya Adesina Simeon

As technology advances, protecting network resources against unauthorized access and misuse of privileges became more necessary and the present access control system seems not efficient enough to solve the problems. This work presents a Context Dependent Threat-Based Access Control (CDTAC) system for correcting these problems. The CDTAC is an adaptive access control system that combines both static and dynamic information (contextual parameters) of users to adjust access control decisions based on environmental threat factors for efficient decision making. The design adopts relative probability in the estimation of the threat level of the contextual parameters. An improved Multifactor Evaluation Method was also used to estimate the associated risk attached to the contextual parameters in accordance with the information security objectives. The weighted arithmetic mean was then employed to evaluate the associated risk attached with users’ requests based on the impact of the threat. In making final access decisions, the risk threshold values (i.e. 0 = f1 < f2 = 1) were set in relation to the level of sensitivity of the resources. The evaluation result showed an acceptable security index of 0.18 and 99.1% compliance level of CDTAC.

Full Text: PDF     DOI: 10.15640/jcsit.v2n3-4a5