Asmidar Abu Bakar

A review on extended role based access control (E-RBAC) model in pervasive computing environment

Pervasive computing environments (PCE) derive the emergence of new pervasive application ranging from home to healthcare domain. These applications can be accessed from any place; at any time from anyone as in PCE users are mobile and may use mobile devices in accessing the resources and services. Thus controlling access to resource/services is a concern security question in PCE. Researchers have constructed many methods in order to restrict access in this environment such as Context Based Access Control (CBAC), Trust Based Access Control (TBAC) and recently many researchers have focused on enhance the Role Based Access Control (RBAC) model with other parameter/areas such as context information, business rule management, credential, neural network, trust and risk in order to come out with a new access control model that able to fit in PCE. This paper is to review the existing models that have extended RBAC model with those above mentioned areas.

Forming Trust in Mobile Ad Hoc Network

Mobile ad-hoc network which is constructed via mobile nodes without the pre-registration of nodes have created problem in resource sharing. As nodes can join/leave the network randomly therefore nodes may not aware to which nodes is it connected with and this make resources been shared among anonymous nodes which can be trusted/not trusted. This has created unfavorable situation for private transaction. Hence a mechanism to formalize trustworthiness among these anonymous nodes is needed to make sure resources are shared among trusted nodes only. In this paper, we proposed a schema that can compute trust value among anonymous nodes. The schema is formed via direct and indirect approach. Parameters such as recommendation, reputation, knowledge, observation and context were used to evaluate the trust value. The result obtained from the calculation is then mapped with the access privileges to determine the action required.

Trust Formation Based on Subjective Logic and PGP Web-of-Trust for Information Sharing in Mobile Ad Hoc Networks

Trust play important roles in Mobile ad hoc networks since nodes may randomly joined and leave the network at their own pace. In catastrophe like massive accident or earthquake, groups of rescue personnel form a temporary network structure at the rescue site using their portable devices for coordinating the rescue relief. These groups of user from different agency need to use the temporary network for communication and also for sharing the information. Trust plays important roles in these groups since sharing of information must be among trusted and authorized nodes only. In this paper we form trust model adopting the PGP web-of-trust concept with subjective logic. The PGP web-of-trust is suitable method to adopt in mobile ad hoc networks since nodes are communicating based on peer to peer, hence peer recommendation can be use to create trust between peers. The use of subjective logic operators for calculating trust in the proposed trust model is appropriate since there is an element such as uncertainty as part of calculation. Uncertainty is important in this dynamic network since we do not have full information when decision is make. The trust value later is mapped with the access control policy to determine user access privileges.

Group based access control scheme (GBAC): Keeping information sharing secure in mobile Ad- hoc environment

Mobile ad-hoc network is a network that can dynamically setup on the fly by mobile nodes. Due to its unique characteristics, it is becoming an attractive choice for commercial and also military application and among the used is to support information sharing among mobile nodes. However due to its borderless infrastructure, this network is highly susceptible to adversaries nodes, that illegally able to access information shared in the network. Hence to overcome this problem we proposed a Group Based Access Control scheme, a step by step process or protocol that able to make an access to share information in the network secure. We use emergency rescue mission scenario to illustrate the use of the scheme. The protocol created meets the security properties such as data confidentiality, integrity and also non-repudiation.

Access control and privacy in MANET emergency environment

Mobile ad hoc networks (MANETs) cultivate a new research trend in todays computing. With some unique features such as scalability, fault tolerant and autonomous system enable a network to be setup with or without any trusted authority. This makes MANET suitable for the emergency and rescue operations. During an emergency situation, there is a need for the data to be shared with the rescuers. However, there are some of the personal data cannot be shared to all rescuers. Thus, the privacy and security of data becomes a main concern here. This paper addresses these issues with a combination of access control mechanism and privacy policy to ensure that the privacy and security of personal data is protected accordingly.

Group based access control scheme: proof of method for secure access control architecture in mobile ad-hoc networks

In disaster area, where the infrastructures is partially or fully destroyed, a form of communication to allow information been shared among rescue team is needed. Since Mobile ad-hoc network is easy to setup and required less infrastructure therefore it is a suitable candidate to work in disaster area. Despite of its uniqueness, this network is highly vulnerable to malicious node and also to threats. In rescue mission scenario, information needs to be shared among trusted and legal nodes only hence a mechanism to restrict an access to information in this network is extremely important. In this paper, we outline the access control requirement for this network and proposed the secure access control architecture based on the requirements. Based on the proposed architecture, we derive a Group Based access control scheme, to show how an access to information in mobile ad-hoc environment at emergency rescue mission is working.

Formulating Heterogeneous Access Control model for MANET Emergency Services

Mobile ad hoc networks (MANETs) foster a new research trend in today’s computing. MANET unique features such as scalability, fault tolerant and autonomous system enable a network to be setup with or without any trusted authority makes it suitable for the emergency and rescue operations. During an emergency situation, there is a need for the information sharing among the group of rescuers. However, there is data collected during emergency which cannot be shared to all groups or within members in the same group. Thus, the privacy of data becomes a main concern here. We proposed a heterogeneous access control model which assigned an access to information during emergency based on information sensitivity and member-role in the group created at the emergency area. We formulate a complete HACM model with authentication and authorization. A privacy policy access policy is created and simple analysis with proving technique is used to evaluate it

Android Mobile Application for Privacy Data Access in MANET Emergency Services

During an emergency, rescuers need data to to the resulting work. Accessing data during an emergency requires privacy since its contains private information about the victims or on the emergency itself. Rescuers construct a mobile ad-hoc network (MANET) at emergency to allow data access within groups. In this paper, we describe our Android mobile application that integrates privacy access model known as HACM. We describe the components in HACM and its implementation using Android OS devices. The Android OS is chosen due to its flexibility, open–source and well-documented API.

An authentication mechanism for heterogeneous access control model in MANET emergency rescue mission

With the huge advancements of mobile computing due to the enormous increase in portable wireless devices, Mobile Ad hoc Networks (MANETs) became an important aspect in the world of wireless network communications. With some unique features such as scalability, fault tolerant and autonomous systems enable a network to be setup with or without any trusted authority. This makes MANET suitable for the emergency and rescue operations. During an emergency situation, there is a need for the data to be shared with the rescuers. Prior accessing the information in emergency services, nodes in MANET need to be authenticated. However due to wireless nature that MANET inherit, nodes are susceptible to attacks hence a secure authentication mechanism is required as authentication is the first defend mechanism. This paper review the authentication models in MANET and proposed the suitable model to work under our proposed access control model called Heterogeneous Access Control Model (HACM). HACM is an expanded proposed model from our Group Based Access Control Model (GBAC) where access to information is classified into general and sensitive based on the Group Role (GR) and User Role (UR) of rescue members during emergency services. The HACM model introduces Heterogeneous Access Level (HLA) where access to information is based on level of information sensitivity, which is mapped with user-role in the group, created at the emergency area. The level of information sensitivity depends on how disastrous or the severity of the emergency situation.

A review of factors that influenced online trust in social commerce

The recent advancements in social media and electronic commerce have produced a new business model called social commerce. This new business model has facilitated online business transactions via social media. Despite the advancement of technology, the issue of online trust has increased in social commerce. The purpose of this paper is to identify the factors that influence online trust in social commerce. Seven models related to online trust in electronic commerce, electronic business, and social commerce were reviewed and analyzed. This has resulted in identifying six factors, which are usefulness, ease of use, security, privacy, website design, and electronic word of mouth; as the most influential factors that influence online trust in social commerce. Discussion and direction of future work are pointed out in this paper.