Access Control Model for the Inference Attacks with Access Histories
| Autor: | Morizumi Tetsuya, Kinoshita Hirotsugu |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Computer science
business.industry media_common.quotation_subject Covert channel Inference 020206 networking & telecommunications Access control 0102 computer and information sciences 02 engineering and technology Computer security computer.software_genre Inference attack 01 natural sciences 010201 computation theory & mathematics Reading (process) 0202 electrical engineering electronic engineering information engineering business Rule of inference computer Personally identifiable information media_common Block (data storage) |
| Zdroj: | COMPSAC (2) |
| DOI: | 10.1109/compsac.2017.41 |
| Popis: | Various pieces of personal information are correlated to the My Number program, which establishes national identification numbers that are unique to each citizen and resident of Japan. Hence, its protection is paramount. However, whereas the aim of current security measures is to prevent leaks directly, we must consider the possibility of non-secret information being used to indirectly leak secret information by inference. We studied a hypergraph-based model that is used to prevent the possibility of information leaks by inference. Only reading operations are considered in our previous works. However, writing operations have to be considered. We propose covert channel analysis models with inference rules and reading and writing operations. In addition, management mechanisms for the history of accesses to objects by users are required to analysis the satisfaction of the inference rules. If the history of accesses are altered, the information leakages by the inference attack are occurred. In our research, a block chain is used to manage the access log to solve problems mentioned above. Furthermore, we propose a dynamic access control model with access log managed by the blockchain and the inference path detection model. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|