The low-cost secure sessions of access control model for distributed applications by public personal smart cards

Kuo Yi Chen; Chin Yang Lin; Ting-Wei Hou

doi:10.1109/ICPADS.2011.136

The low-cost secure sessions of access control model for distributed applications by public personal smart cards

Kuo Yi Chen, Chin Yang Lin, Ting-Wei Hou

Department of Engineering Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Citations (Scopus)

Abstract

the secure requirement of modern information systems is increasing significantly nowadays, especially in cloud computing with distributed applications. Among secure mechanisms of an organization, the access control (AC) is a foundation for modern information systems. In order to reach an effective and flexible approach of access control, the Rolebased Access Control (RBAC) models are widely deployed in organizations. Comparing with traditional discretionary access control (DAC) and mandatory access control (MAC), the userrole- subject mapping of a RBAC model provides effective permissions assignments for access control of an organization. However, the RBAC sessions could be stretched over multiple distributed servers in cloud computing. The traversed sessions between servers could be modified, monitored and attacked by modern hacker techniques, and become secure leaks in RBAC models. In order to ensure secure sessions in cloud computing, various encryption approaches are used. Among these encryption approaches, the use of digital certificates by asymmetric encryption methods could be an appropriate solution to ensure the security of RBAC sessions. However, the cost of public/private keys management and issuing an appropriate certificate tokens for each member in organizations could be very expensive. The high cost might block the deployment of secure RBAC sessions, and then reduce the secure level of organizations. In order to improve this issue, a low-cost approach of secure sessions for RBAC models is proposed in this paper. The personal smart cards can be used as a certificate tokens in RBAC models to reach effective user authentications. Moreover, each session of RBAC models, including user-role-subject assignments and contentbased accesses, can be protected by digital certificates which is generated by user own smart cards. Thus the security of RBAC sessions can be improved significantly. It is worth noting that personal smart cards are issued by public departments, thus the expense of tokens issuing and key management could be minimized. Therefore, the session security of a RBAC model could be ensured with user own smart cards without additional cost.

Original language	English
Title of host publication	Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
Pages	894-899
Number of pages	6
DOIs	https://doi.org/10.1109/ICPADS.2011.136
Publication status	Published - 2011 Dec 1
Event	2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011 - Tainan, Taiwan Duration: 2011 Dec 7 → 2011 Dec 9

Publication series

Name	Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS
ISSN (Print)	1521-9097

Other

Other	2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
Country	Taiwan
City	Tainan
Period	11-12-07 → 11-12-09

Fingerprint

Smart cards

Access control

Costs

Cloud computing

Cryptography

Information systems

Servers

All Science Journal Classification (ASJC) codes

Hardware and Architecture

Cite this

Chen, K. Y., Lin, C. Y., & Hou, T-W. (2011). The low-cost secure sessions of access control model for distributed applications by public personal smart cards. In Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011 (pp. 894-899). [6121376] (Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS). https://doi.org/10.1109/ICPADS.2011.136

Chen, Kuo Yi ; Lin, Chin Yang ; Hou, Ting-Wei. / The low-cost secure sessions of access control model for distributed applications by public personal smart cards. Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011. 2011. pp. 894-899 (Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS).

@inproceedings{d96f256dab09485688e62cc40fc34dbd,

title = "The low-cost secure sessions of access control model for distributed applications by public personal smart cards",

abstract = "the secure requirement of modern information systems is increasing significantly nowadays, especially in cloud computing with distributed applications. Among secure mechanisms of an organization, the access control (AC) is a foundation for modern information systems. In order to reach an effective and flexible approach of access control, the Rolebased Access Control (RBAC) models are widely deployed in organizations. Comparing with traditional discretionary access control (DAC) and mandatory access control (MAC), the userrole- subject mapping of a RBAC model provides effective permissions assignments for access control of an organization. However, the RBAC sessions could be stretched over multiple distributed servers in cloud computing. The traversed sessions between servers could be modified, monitored and attacked by modern hacker techniques, and become secure leaks in RBAC models. In order to ensure secure sessions in cloud computing, various encryption approaches are used. Among these encryption approaches, the use of digital certificates by asymmetric encryption methods could be an appropriate solution to ensure the security of RBAC sessions. However, the cost of public/private keys management and issuing an appropriate certificate tokens for each member in organizations could be very expensive. The high cost might block the deployment of secure RBAC sessions, and then reduce the secure level of organizations. In order to improve this issue, a low-cost approach of secure sessions for RBAC models is proposed in this paper. The personal smart cards can be used as a certificate tokens in RBAC models to reach effective user authentications. Moreover, each session of RBAC models, including user-role-subject assignments and contentbased accesses, can be protected by digital certificates which is generated by user own smart cards. Thus the security of RBAC sessions can be improved significantly. It is worth noting that personal smart cards are issued by public departments, thus the expense of tokens issuing and key management could be minimized. Therefore, the session security of a RBAC model could be ensured with user own smart cards without additional cost.",

author = "Chen, {Kuo Yi} and Lin, {Chin Yang} and Ting-Wei Hou",

year = "2011",

month = "12",

day = "1",

doi = "10.1109/ICPADS.2011.136",

language = "English",

isbn = "9780769545769",

series = "Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS",

pages = "894--899",

booktitle = "Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011",

}

Chen, KY, Lin, CY & Hou, T-W 2011, The low-cost secure sessions of access control model for distributed applications by public personal smart cards. in Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011., 6121376, Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS, pp. 894-899, 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011, Tainan, Taiwan, 11-12-07. https://doi.org/10.1109/ICPADS.2011.136

The low-cost secure sessions of access control model for distributed applications by public personal smart cards. / Chen, Kuo Yi; Lin, Chin Yang; Hou, Ting-Wei.

Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011. 2011. p. 894-899 6121376 (Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - The low-cost secure sessions of access control model for distributed applications by public personal smart cards

AU - Chen, Kuo Yi

AU - Lin, Chin Yang

AU - Hou, Ting-Wei

PY - 2011/12/1

Y1 - 2011/12/1

N2 - the secure requirement of modern information systems is increasing significantly nowadays, especially in cloud computing with distributed applications. Among secure mechanisms of an organization, the access control (AC) is a foundation for modern information systems. In order to reach an effective and flexible approach of access control, the Rolebased Access Control (RBAC) models are widely deployed in organizations. Comparing with traditional discretionary access control (DAC) and mandatory access control (MAC), the userrole- subject mapping of a RBAC model provides effective permissions assignments for access control of an organization. However, the RBAC sessions could be stretched over multiple distributed servers in cloud computing. The traversed sessions between servers could be modified, monitored and attacked by modern hacker techniques, and become secure leaks in RBAC models. In order to ensure secure sessions in cloud computing, various encryption approaches are used. Among these encryption approaches, the use of digital certificates by asymmetric encryption methods could be an appropriate solution to ensure the security of RBAC sessions. However, the cost of public/private keys management and issuing an appropriate certificate tokens for each member in organizations could be very expensive. The high cost might block the deployment of secure RBAC sessions, and then reduce the secure level of organizations. In order to improve this issue, a low-cost approach of secure sessions for RBAC models is proposed in this paper. The personal smart cards can be used as a certificate tokens in RBAC models to reach effective user authentications. Moreover, each session of RBAC models, including user-role-subject assignments and contentbased accesses, can be protected by digital certificates which is generated by user own smart cards. Thus the security of RBAC sessions can be improved significantly. It is worth noting that personal smart cards are issued by public departments, thus the expense of tokens issuing and key management could be minimized. Therefore, the session security of a RBAC model could be ensured with user own smart cards without additional cost.

AB - the secure requirement of modern information systems is increasing significantly nowadays, especially in cloud computing with distributed applications. Among secure mechanisms of an organization, the access control (AC) is a foundation for modern information systems. In order to reach an effective and flexible approach of access control, the Rolebased Access Control (RBAC) models are widely deployed in organizations. Comparing with traditional discretionary access control (DAC) and mandatory access control (MAC), the userrole- subject mapping of a RBAC model provides effective permissions assignments for access control of an organization. However, the RBAC sessions could be stretched over multiple distributed servers in cloud computing. The traversed sessions between servers could be modified, monitored and attacked by modern hacker techniques, and become secure leaks in RBAC models. In order to ensure secure sessions in cloud computing, various encryption approaches are used. Among these encryption approaches, the use of digital certificates by asymmetric encryption methods could be an appropriate solution to ensure the security of RBAC sessions. However, the cost of public/private keys management and issuing an appropriate certificate tokens for each member in organizations could be very expensive. The high cost might block the deployment of secure RBAC sessions, and then reduce the secure level of organizations. In order to improve this issue, a low-cost approach of secure sessions for RBAC models is proposed in this paper. The personal smart cards can be used as a certificate tokens in RBAC models to reach effective user authentications. Moreover, each session of RBAC models, including user-role-subject assignments and contentbased accesses, can be protected by digital certificates which is generated by user own smart cards. Thus the security of RBAC sessions can be improved significantly. It is worth noting that personal smart cards are issued by public departments, thus the expense of tokens issuing and key management could be minimized. Therefore, the session security of a RBAC model could be ensured with user own smart cards without additional cost.

UR - http://www.scopus.com/inward/record.url?scp=84863062492&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84863062492&partnerID=8YFLogxK

U2 - 10.1109/ICPADS.2011.136

DO - 10.1109/ICPADS.2011.136

M3 - Conference contribution

AN - SCOPUS:84863062492

SN - 9780769545769

T3 - Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS

SP - 894

EP - 899

BT - Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011

ER -

Chen KY, Lin CY, Hou T-W. The low-cost secure sessions of access control model for distributed applications by public personal smart cards. In Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011. 2011. p. 894-899. 6121376. (Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS). https://doi.org/10.1109/ICPADS.2011.136

Access to Document

10.1109/ICPADS.2011.136