An Efficient Access Control Model Utilized the Attribute Certificate Structuring - Computer Network Security - page 470

Information Technology Reference

In-Depth Information

are not grouped (ungrouped-pm.dat), the other is when roles are grouped(grouped-

pm.dat). For the first case, the E [ F ( l )] results in higher value than the other. When p is

0.1, E [ F ( l )] is reduced by 50% and when p=0.16, by 40%.

Fig. 3 shows the plot of the expected packet transmission E [ M ( l )] for packet loss p

and the degree difference ( h-l ). Fig. 3 shows the great increase in E [ M ( l )] when the

roles are not grouped (ungrouped-pl.dat) and shows small increase in E [ M ( l )]when

the roles are grouped (grouped-pl.dat). If we take a specific sample case, ( h-l )=5,

when p=0.02, there is 40% reduction of packet transmission, when p=0.1, 30% reduc-

tion, and when p=0.18, 26% reduction. When the quality of network is more inferior

(so p is greater), the performance obtained through role grouping improves.

Fig. 3. A comparison of the expected packet transmission as a function of p and h - l

5 Conclusion

For optimized access control, the use of the established characteristics and trust rela-

tion is efficient and natural. Thus, we adopt the characteristics of highly distributed

computing environments and the useful trust model. As an efficient access control

using attribute certificate, we use the technique of structuring role specification cer-

tificates. It can reduce the management cost and overhead incurred when changing the

specification of the role. Especially, highly distributed computing environments such

as ubiquitous computing which cannot have global or broad control need another

attribute certificate management technique. Even though, the role specification cer-

tificate itself reduces management cost, the structuring of role specification is needed

in order to get better performance. We grouped roles, made the role group relation

tree, and showed the model description. It provides the secure and efficient role up-

dating and the distribution. For scalable role specification certificate distribution, we

used multicasting packets. The performance enhancements are quantified with taking

into account the packet loss, too. Also, we showed that our scalable access control

technique outperformed the existing access control techniques.

Next Page

Computer Network Security

Search WWH ::

Custom Search

Home