Öz
Erişim denetimleri, günümüz bilgi sistemlerini güven altına almak için geliştirilmiş önemli bir araçtır. Kurumlar erişim denetimlerini özellikle çalışanlarının kim olduğunu, çalışanlarının neler yapabileceklerini, hangi kaynaklara erişebileceklerini ve hangi işlemleri gerçekleştirebileceklerini tanımlamak ve tüm bu süreci yönetmek için kullanırlar. Dağıtık veritabanı sistemlerine sahip kurumlar için ise bu süreç oldukça maliyetli bir iştir. Nitekim farklı sunucular üzerinde dağıtılan ve biri diğerine mantıksal olarak bağlı olan kaynaklara ulaşmak isteyen kullanıcıların tanımlanması, istekte bulunan kullanıcının doğrulanması ve yetkilendirilmesi her zaman etkin bir şekilde yapılandırılamadığından erişim denetimleri yeterince nitelikli bir biçimde gerçekleştirilememektedir. Çalışmamızda önerilen model ile, dağıtık veritabanı sistemlerinde tanımlı tüm kullanıcıların nesneler üzerindeki izin ve erişim düzeylerinin otomatik olarak hesaplanması, böylece kullanıcıların hangi nesneye erişim yapabileceklerine daha etkin bir şekilde karar verilmesi ve ihtiyaç duymadıkları bilgiye erişim yapmalarının ise engellenmesi amaçlanmıştır. Çalışmada önerilen geliştirilmiş model, gerçek hayattan alınmış veri kümesi üzerine uygulanmıştır. Önerilen modelin performansı, Geleneksel Erişim Denetimi modellerinin performansları ile karşılaştırılmıştır. Elde edilen sonuçlar kıyaslandığında, önerilen modelin birçok dağıtık veritabanı sistemlerine ölçeklenebilir olmasının yanında daha doğru erişim düzeyi sonuçlarını veren bir erişim kontrol modeli sunduğu test edilmiştir.
Anahtar Kelimeler
Erişim Denetimi Dağıtık Veritabanı İzin Düzeyi Erişim Düzeyi
Kaynakça
- Andress, J., 2011, The Basics of Information Security Understanding the Fundamentals of InfoSec in Theory and Practice, 2nd Elsevier Inc., USA, 17-49.
- Angin, P., Bhargava, B. and Ranchal, R. 2019. Big Data Analytics for Cyber Security. Security and Communication Networks.
- Behera, P. K. and Khilar, P. M.. 2016. A Novel Trust Based Access Control Model for Cloud Environment. Proceedings of the International Conference on Signal, Networks, Computing, and Systems, Springer, 285-295.
- Bertolissi, C. and Fernandez, M. 2014. A metamodel of access control for distributed environments: Applications and properties. Information and Computation, 238, 187-207.
- Elmagarmid, A., Rusinkiewics, M. and Sheth, A., 1999, Management of Heterogeneous and Autonomous Database Systems, 1st Morgan Kaufmann Publishers Inc., San Francisco, California, 1-41.
- Huh, J. H. 2016. Next-Generation Access Control for Distributed Control Systems. IEEE Internet Computing, 20(5), 28-33.
- Kotari, M., Chiplunkar, N. N., and Nagesh, H. R., 2016. Framework of security mechanisms for monitoring adaptive distributed systems. IOSR Journal of Computer Engineering (IOSR-JCE), 25–36.
- Kotari M. and Chiplunkar, N., 2020. Investigation of Security Issues in Distributed System Monitoring. Information Sciences, Springer, 2020, 609-634.
- Li, J., Liao, Z., Zhang, C. and Shi, Y. 2016. A 4D-Role Based Access Control Model for Multitenancy Cloud Platform. Mathematical Problems in Engineering.
- Lu, R., Rahulamathavan, Y., Zhu, H., Xu, C. and Wang, M. 2016. Security and Privacy Challenges in Vehicular Cloud Computing. Mobile Information Systems.
- Pandey, S., Dwivedi, A., Pant, J. and Lohani, M. 2016. Security enforcement using TRBAC in cloud computing. International Conference on Computing, Communication and Automation (ICCCA), IEEE, India, 1232-1238.
- Reid, J., Cheong, I., Henrickson, M. and Smith, J., 2014. A novel use of RBAC to protect privacy in distributed health care information systems. ACM Transactions on Information and System Security.
- Shin, M. S., Jeon, H. S., Ju, Y. W., Lee, B. J. and Jeong, S. P., 2015. Constructing RBAC Based Security Model in u-Healthcare Service Platform. The Scientific World Journal.
- Solomon, M. G. and Kim, D., 2016, Fundamentals of Information Systems Security, 3rd ed, Jones & Bartlett Learning, Burlington, USA, 1-50.
- Srivastava, K. and Shekokar, N. 2020. Machine Learning Based Risk-Adaptive Access Control System to Identify Genuineness of the Requester, Springer, 129-143.
- Szczypiorski, K., Wang, L., Luo, X. and Ye, D. 2018. Big Data Analytics for Information Security. Security and Communication Networks.
- Thuraisingham, B. H., 1997, Data Management Systems: Evolution and Interoperation, 1st CRC Press, Boca Raton, New York, 1-255.
- Özsu, M. T. and Valduriez, P. 2011. Principles Of Distributed Database Systems. Springer Science Business Media LLC., USA.
- Whitman, M. E. and Mattord, H. J., 2021, Principles Of Information Security, 7th Course Technology, Cengage Learning, USA, 1-527.
Öz
Access controls are an important tool developed to secure today's information systems. Organizations especially use access controls to define who their employees are, what their employees can do, which resources they can access and which operations they can perform, and to manage the entire process. For organizations with distributed database systems, this process is a costly task. As a matter of fact, since the conditions for identifying users who want to access resources distributed on different servers and logically connected to one another, authentication and authorization of the requesting user and monitoring the actions of the user cannot always be effectively configured. With the proposed model in our study, it is aimed to automatically calculate the permission and access levels of all users defined in distributed database systems, so that users can decide which object they can access more effectively and prevent them from accessing the information they do not need. The developed model proposed in the study was applied on a real-life data set. The performance of the proposed model has been compared with the performances of Traditional Access Control models. When the obtained results are compared, it has been tested that the proposed model offers an access control model that provides more accurate access level results besides being scalable to many distributed database systems.
Anahtar Kelimeler
Access Control Distributed Database Permission Level Access Level
Kaynakça
- Andress, J., 2011, The Basics of Information Security Understanding the Fundamentals of InfoSec in Theory and Practice, 2nd Elsevier Inc., USA, 17-49.
- Angin, P., Bhargava, B. and Ranchal, R. 2019. Big Data Analytics for Cyber Security. Security and Communication Networks.
- Behera, P. K. and Khilar, P. M.. 2016. A Novel Trust Based Access Control Model for Cloud Environment. Proceedings of the International Conference on Signal, Networks, Computing, and Systems, Springer, 285-295.
- Bertolissi, C. and Fernandez, M. 2014. A metamodel of access control for distributed environments: Applications and properties. Information and Computation, 238, 187-207.
- Elmagarmid, A., Rusinkiewics, M. and Sheth, A., 1999, Management of Heterogeneous and Autonomous Database Systems, 1st Morgan Kaufmann Publishers Inc., San Francisco, California, 1-41.
- Huh, J. H. 2016. Next-Generation Access Control for Distributed Control Systems. IEEE Internet Computing, 20(5), 28-33.
- Kotari, M., Chiplunkar, N. N., and Nagesh, H. R., 2016. Framework of security mechanisms for monitoring adaptive distributed systems. IOSR Journal of Computer Engineering (IOSR-JCE), 25–36.
- Kotari M. and Chiplunkar, N., 2020. Investigation of Security Issues in Distributed System Monitoring. Information Sciences, Springer, 2020, 609-634.
- Li, J., Liao, Z., Zhang, C. and Shi, Y. 2016. A 4D-Role Based Access Control Model for Multitenancy Cloud Platform. Mathematical Problems in Engineering.
- Lu, R., Rahulamathavan, Y., Zhu, H., Xu, C. and Wang, M. 2016. Security and Privacy Challenges in Vehicular Cloud Computing. Mobile Information Systems.
- Pandey, S., Dwivedi, A., Pant, J. and Lohani, M. 2016. Security enforcement using TRBAC in cloud computing. International Conference on Computing, Communication and Automation (ICCCA), IEEE, India, 1232-1238.
- Reid, J., Cheong, I., Henrickson, M. and Smith, J., 2014. A novel use of RBAC to protect privacy in distributed health care information systems. ACM Transactions on Information and System Security.
- Shin, M. S., Jeon, H. S., Ju, Y. W., Lee, B. J. and Jeong, S. P., 2015. Constructing RBAC Based Security Model in u-Healthcare Service Platform. The Scientific World Journal.
- Solomon, M. G. and Kim, D., 2016, Fundamentals of Information Systems Security, 3rd ed, Jones & Bartlett Learning, Burlington, USA, 1-50.
- Srivastava, K. and Shekokar, N. 2020. Machine Learning Based Risk-Adaptive Access Control System to Identify Genuineness of the Requester, Springer, 129-143.
- Szczypiorski, K., Wang, L., Luo, X. and Ye, D. 2018. Big Data Analytics for Information Security. Security and Communication Networks.
- Thuraisingham, B. H., 1997, Data Management Systems: Evolution and Interoperation, 1st CRC Press, Boca Raton, New York, 1-255.
- Özsu, M. T. and Valduriez, P. 2011. Principles Of Distributed Database Systems. Springer Science Business Media LLC., USA.
- Whitman, M. E. and Mattord, H. J., 2021, Principles Of Information Security, 7th Course Technology, Cengage Learning, USA, 1-527.
Ayrıntılar
| Birincil Dil | Türkçe |
|---|---|
| Konular | Bilgisayar Yazılımı |
| Bölüm | Makaleler |
| Yazarlar | |
| Yayımlanma Tarihi | 28 Şubat 2022 |
| Gönderilme Tarihi | 4 Mayıs 2021 |
| Yayımlandığı Sayı | Yıl 2022 Cilt: 22 Sayı: 1 |
