Recommender System for Geo-Social Access Control Framework
Priyanka C Hiremath1, Raju G T2
1Priyanka C Hiremath, Research Scholar, Department of Computer Science and Engineering, RNS Institute of Technology, Bengaluru (Karnataka), India.
2G T Raju, Department of Computer Science and Engineering, RNS Institute of Technology, Bengaluru (Karnataka), India.
Manuscript received on 09 December 2019 | Revised Manuscript received on 17 December 2019 | Manuscript Published on 31 December 2019 | PP: 685-690 | Volume-9 Issue-2S December 2019 | Retrieval Number: B10131292S19/2019©BEIESP | DOI: 10.35940/ijitee.B1013.1292S19
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open-access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: A malicious attack or threat can happen within any organization, from their own employees, administrators, contractors or former employees, who pose the important resources of a company such as database, physical laboratories and financial resources. In an organization insider attacks are most common as well as most costly affair. According to United States cyber security 2018 statistics, insider threat holds the risk of 74% out of surveyed organizations. The insider threat has caused immense loss to data as well as monetary assets. Among the surveyed organization by US cyber securities, 53% of organization claimed their remediation cost was around $ 100000 and in 2018 the number raised to 66%. Higher number of organization claimed insider attackers were most costly attacks in comparison with external attacks. Some of the probable reasons, why it is difficult to stop an insider attack are, firstly insider threat may be unintentional and all of sudden. Second is distinguishing regular work by employee and malicious work is difficult. Third is most of the insider attackers are technologically sound to mask their intentional activities or easily erase the intentional activity signs from the system before anyone observes it. Lastly and the worst case is employees simply say their intentional act was by mistake and escape from scenario. To avoid such malicious insider attacks lots of research is done on access control. Access control is a method or technique to control the access of an insider to the organizations valuable resources. There are different types of access control models, having their own access control policies and criteria to grant the authority, to have an access to specific resources of an organization. In this paper we discuss the different types of technical access control models that have been developed with certain parameters and their advantages and limitations.
Keywords: Insider Attack, Context, Attributes, Roles, Resources, Geo-Social Data, Access Control.
Scope of the Article: Patterns and Frameworks