Access Control Schemes - Explore the Science & Experts | ideXlab

Scan Science and Technology

Contact Leading Edge Experts & Companies

Access Control Schemes

The Experts below are selected from a list of 16476 Experts worldwide ranked by ideXlab platform

Access Control Schemes – Free Register to Access Experts & Abstracts

Igor Kotenko – One of the best experts on this subject based on the ideXlab platform.

  • Generation of AccessControl Schemes in computer networks based on genetic algorithms
    Nature-Inspired Cyber Security and Resiliency: Fundamentals Techniques and Applications, 2019
    Co-Authors: Igor Kotenko, Igor Saenko
    Abstract:

    The nature-inspired approaches and methods are widely used now for the solution of problems in cases when classical mathematical ones fail. Fully it concerns also the problems solved in the field of computer security. One of such types of problems is the optimization of AccessControl Schemes in computer networks. A common example of such problem is the formation of AccessControl Schemes in databases, which use a role-based AccessControl (RBAC) model. This problem was singled out in a separate direction in data mining and received the name “role mining problem” (RMP).Another example is to generate a scheme of the virtual local computer network (VLAN) where network hosts must be distributed among the minimum quantity of virtual subnets. Both problems are NP-complete. A set of different approaches was offered to solve these problems. However, none of them can be considered as universal one. At the same time, genetic algorithms, which are one of the most characteristic representatives of nature-inspired approaches and methods, can be considered as a basis for such universal solutions. The chapter outlines the mathematical foundations for generation of AccessControl Schemes in computer networks, and examples of generating the RBAC and VLAN Schemes are considered. The chapter demonstrates that these optimization problems belong to the class of Boolean matrix factorization (BMF) problems. Besides, it shows how to use genetic algorithms for their solving. Some enhancements in these algorithms which allow increasing the speed of their operation and accuracy of decisions are considered.

  • improved genetic algorithms for solving the optimisation tasks for design of Access Control Schemes in computer networks
    International Journal of Bio-inspired Computation, 2015
    Co-Authors: Igor Kotenko, Igor Saenko
    Abstract:

    Access Control scheme design is the most important task in the field of computer network security, which has to be solved by security administrators and developers. The Access Control quality strongly affects such important security properties, as information privacy and Accessibility. One of the solutions to this problem is to reduce it to a form of the optimisation task and its subsequent solving by mathematical methods. However, due to the large complexity of this task, applying traditional mathematical methods is very difficult. At the same time, genetic algorithms represent a new and very interesting way to solve this class of problems. This paper suggests an approach for designing Access Control Schemes based on genetic algorithms. To enhance the implementation of genetic operations it proposes a number of significant improvements, which include the multi-chromosomal representation of individuals in populations, the usage of complex data types to represent genes in chromosomes and the use of special Control chromosomes. The experimental evaluation of the approach is discussed. It is demonstrated that the proposed improved genetic algorithms are quite efficient means for Access Control Schemes optimisation in computer networks.

  • MMM-ACNS – Genetic optimization of Access Control Schemes in virtual local area networks
    Lecture Notes in Computer Science, 2010
    Co-Authors: Igor Saenko, Igor Kotenko
    Abstract:

    The paper presents the formulation of the problem of Access Control to information resources located in virtual local area networks. We define the initial data, the objective function and constraints of the problem. To solve the proposed problem we suggest the method of genetic optimization of Access Control scheme based on the poly-chromosomal representation of intermediate points. The results of computer simulation and evaluation of the proposed method are discussed.

Zygmunt J Haas – One of the best experts on this subject based on the ideXlab platform.

  • analyzing multi channel medium Access Control Schemes with aloha reservation
    IEEE Transactions on Wireless Communications, 2006
    Co-Authors: Jing Deng, Zygmunt J Haas
    Abstract:

    In order to improve the throughput performance of medium Access Control (MAC) Schemes in wireless communication networks, some researchers proposed to divide a single shared channel into several sub-channels: one as Control sub-channel and the others as data sub-channels. In this paper, we analyze and evaluate the maximum achievable throughput of a class of generic multi-channel MAC Schemes that are based on the RTS/CTS (ready-to-send/clear-to-send) dialogue and on ALOHA contention resolution. We study these multi-channel MAC Schemes under two split-channel scenarios: the fixed-total-bandwidth scenario and the fixed-channel-bandwidth scenario. In the fixed-total-bandwidth scenario, we show that the throughput of the multi-channel MAC Schemes is inferior to that of the corresponding single-channel MAC scheme, which sends the RTS/CTS packets and DATA packets on a single shared channel. For the fixed-channel-bandwidth scenario, where CDMA or similar techniques can be applied, we derive the optimal number of the data sub-channels that maximizes the throughput. The analytical framework that we derive in this paper can also be used to evaluate other contention resolution technique, when the average contention period is known

  • analyzing split channel medium Access Control Schemes
    IEEE Transactions on Wireless Communications, 2006
    Co-Authors: Jing Deng, Zygmunt J Haas
    Abstract:

    In this work, we analyze and evaluate the maximum achievable throughput of split-channel MAC Schemes that are based on the RTS/CTS (ready-to-send/clear-to-send) dialogue and that rely on pure ALOHA or on p-persistent carrier sensing multiple Access (CSMA) contention resolution techniques. Our results show that, when radio propagation delays are negligible and when the pure ALOHA mechanism is used, then for a network with relatively large number of nodes, the maximum achievable throughput of the split-channel MAC Schemes is lower than that of the corresponding single-channel MAC Schemes. When the split-channel MAC Schemes employ the p-persistent CSMA mechanism, then they out-perform the corresponding single-channel Schemes when the maximum end-to-end propagation delays are at least 25% of the transmission time of the Control packets on the single shared channel.

  • analyzing split channel medium Access Control Schemes with aloha reservation
    Ad Hoc Networks, 2003
    Co-Authors: Jing Deng, Zygmunt J Haas
    Abstract:

    In order to improve the throughput performance of Medium Access Control (MAC) Schemes in wireless communication networks, some researchers proposed to split the single shared channel into two subchannels: a Control subchannel and a data subchannel. The Control subchannel is used for Access reservation to the data subchannel over which the data packets are transmitted, and such reservation can be done through the use of the dialogues such as RTS/CTS (Ready-To-Send/Clear-To-Send) dialogue. In this paper, we evaluate the maximum achievable throughput of split-channel MAC Schemes that are based on RTS/CTS dialogues with pure ALOHA contention resolution mechanism. We derive and calculate numerically the probability density function (pdf) of the contention resolution periods on the Control subchannel. We then apply these results to calculate the throughput of the split-channel MAC Schemes, which we then compare with the performance of the corresponding single-channel MAC Schemes. Our results show that, when radio propagation delays are negligible, the maximum achievable throughput of the split-channel MAC Schemes is lower than that of the corresponding single-channel MAC Schemes in the scenarios that we have studied. Consequently, our results suggest that splitting the single shared channel of the MAC scheme in a wireless network should be avoided. Simulation results are presented to support our analytical results.

Igor Saenko – One of the best experts on this subject based on the ideXlab platform.

  • Generation of AccessControl Schemes in computer networks based on genetic algorithms
    Nature-Inspired Cyber Security and Resiliency: Fundamentals Techniques and Applications, 2019
    Co-Authors: Igor Kotenko, Igor Saenko
    Abstract:

    The nature-inspired approaches and methods are widely used now for the solution of problems in cases when classical mathematical ones fail. Fully it concerns also the problems solved in the field of computer security. One of such types of problems is the optimization of AccessControl Schemes in computer networks. A common example of such problem is the formation of AccessControl Schemes in databases, which use a role-based AccessControl (RBAC) model. This problem was singled out in a separate direction in data mining and received the name “role mining problem” (RMP).Another example is to generate a scheme of the virtual local computer network (VLAN) where network hosts must be distributed among the minimum quantity of virtual subnets. Both problems are NP-complete. A set of different approaches was offered to solve these problems. However, none of them can be considered as universal one. At the same time, genetic algorithms, which are one of the most characteristic representatives of nature-inspired approaches and methods, can be considered as a basis for such universal solutions. The chapter outlines the mathematical foundations for generation of AccessControl Schemes in computer networks, and examples of generating the RBAC and VLAN Schemes are considered. The chapter demonstrates that these optimization problems belong to the class of Boolean matrix factorization (BMF) problems. Besides, it shows how to use genetic algorithms for their solving. Some enhancements in these algorithms which allow increasing the speed of their operation and accuracy of decisions are considered.

  • improved genetic algorithms for solving the optimisation tasks for design of Access Control Schemes in computer networks
    International Journal of Bio-inspired Computation, 2015
    Co-Authors: Igor Kotenko, Igor Saenko
    Abstract:

    Access Control scheme design is the most important task in the field of computer network security, which has to be solved by security administrators and developers. The Access Control quality strongly affects such important security properties, as information privacy and Accessibility. One of the solutions to this problem is to reduce it to a form of the optimisation task and its subsequent solving by mathematical methods. However, due to the large complexity of this task, applying traditional mathematical methods is very difficult. At the same time, genetic algorithms represent a new and very interesting way to solve this class of problems. This paper suggests an approach for designing Access Control Schemes based on genetic algorithms. To enhance the implementation of genetic operations it proposes a number of significant improvements, which include the multi-chromosomal representation of individuals in populations, the usage of complex data types to represent genes in chromosomes and the use of special Control chromosomes. The experimental evaluation of the approach is discussed. It is demonstrated that the proposed improved genetic algorithms are quite efficient means for Access Control Schemes optimisation in computer networks.

  • MMM-ACNS – Genetic optimization of Access Control Schemes in virtual local area networks
    Lecture Notes in Computer Science, 2010
    Co-Authors: Igor Saenko, Igor Kotenko
    Abstract:

    The paper presents the formulation of the problem of Access Control to information resources located in virtual local area networks. We define the initial data, the objective function and constraints of the problem. To solve the proposed problem we suggest the method of genetic optimization of Access Control scheme based on the poly-chromosomal representation of intermediate points. The results of computer simulation and evaluation of the proposed method are discussed.