Lico: A Lightweight Access Control Model for Inter-Networking Linkages

Lico: A Lightweight Access Control Model for Inter-Networking Linkages

Processes in operating systems are assigned different privileges to access different resources. A process may invoke other processes whose privileges are different; thus, its privileges are expanded (or escalated) due to such improper “inheritance.”Inter-networking can also occ...

Full description

Bibliographic Details
Main Authors: Simin Li, Wei Ren, Tianqing Zhu, Kim-Kwang Raymond Choo
Format: Article
Language:English
Published: IEEE 2018-01-01
Series:IEEE Access
Subjects:
Access control
privilege management
privilege transitivity
graph theory
process management
Online Access:https://ieeexplore.ieee.org/document/8466580/
id doaj-5e882847def647ec96f721232ba33dbd
record_format Article
spelling doaj-5e882847def647ec96f721232ba33dbd2021-03-29T20:58:17ZengIEEEIEEE Access2169-35362018-01-016517485175510.1109/ACCESS.2018.28701488466580Lico: A Lightweight Access Control Model for Inter-Networking LinkagesSimin Li0https://orcid.org/0000-0001-9403-9309Wei Ren1Tianqing Zhu2https://orcid.org/0000-0003-3411-7947Kim-Kwang Raymond Choo3https://orcid.org/0000-0001-9208-5336School of Computer Science, China University of Geosciences, Wuhan, ChinaSchool of Computer Science, China University of Geosciences, Wuhan, ChinaSchool of Software, University of Technology Sydney, Ultimo, NSW, AustraliaSchool of Computer Science, China University of Geosciences, Wuhan, ChinaProcesses in operating systems are assigned different privileges to access different resources. A process may invoke other processes whose privileges are different; thus, its privileges are expanded (or escalated) due to such improper “inheritance.”Inter-networking can also occur between processes, either transitively or iteratively. This complicates the monitoring of inappropriate privilege assignment/escalation, which can result in information leakage. Such information leakage occurs due to privilege transitivity and inheritance and can be defined as a general access control problem for inter-networking linkages. This is also a topic that is generally less studied in existing access control models. Specifically, in this paper, we propose a lightweight directed graph-based model, LiCo, which is designed to facilitate the authorization of privileges among inter-networking processes. To the best of our knowledge, this is the first general access control model for inter-invoking processes and general inter-networking linkages.https://ieeexplore.ieee.org/document/8466580/Access controlprivilege managementprivilege transitivitygraph theoryprocess management
collection DOAJ
language English
format Article
sources DOAJ
author Simin Li
Wei Ren
Tianqing Zhu
Kim-Kwang Raymond Choo
spellingShingle Simin Li
Wei Ren
Tianqing Zhu
Kim-Kwang Raymond Choo
Lico: A Lightweight Access Control Model for Inter-Networking Linkages
IEEE Access
Access control
privilege management
privilege transitivity
graph theory
process management
author_facet Simin Li
Wei Ren
Tianqing Zhu
Kim-Kwang Raymond Choo
author_sort Simin Li
title Lico: A Lightweight Access Control Model for Inter-Networking Linkages
title_short Lico: A Lightweight Access Control Model for Inter-Networking Linkages
title_full Lico: A Lightweight Access Control Model for Inter-Networking Linkages
title_fullStr Lico: A Lightweight Access Control Model for Inter-Networking Linkages
title_full_unstemmed Lico: A Lightweight Access Control Model for Inter-Networking Linkages
title_sort lico: a lightweight access control model for inter-networking linkages
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2018-01-01
description Processes in operating systems are assigned different privileges to access different resources. A process may invoke other processes whose privileges are different; thus, its privileges are expanded (or escalated) due to such improper “inheritance.”Inter-networking can also occur between processes, either transitively or iteratively. This complicates the monitoring of inappropriate privilege assignment/escalation, which can result in information leakage. Such information leakage occurs due to privilege transitivity and inheritance and can be defined as a general access control problem for inter-networking linkages. This is also a topic that is generally less studied in existing access control models. Specifically, in this paper, we propose a lightweight directed graph-based model, LiCo, which is designed to facilitate the authorization of privileges among inter-networking processes. To the best of our knowledge, this is the first general access control model for inter-invoking processes and general inter-networking linkages.
topic Access control
privilege management
privilege transitivity
graph theory
process management
url https://ieeexplore.ieee.org/document/8466580/
work_keys_str_mv AT siminli licoalightweightaccesscontrolmodelforinternetworkinglinkages
AT weiren licoalightweightaccesscontrolmodelforinternetworkinglinkages
AT tianqingzhu licoalightweightaccesscontrolmodelforinternetworkinglinkages
AT kimkwangraymondchoo licoalightweightaccesscontrolmodelforinternetworkinglinkages
_version_ 1724193725960159232

Similar Items