Keywords

1 Introduction

Role based access control is the highly sophisticated predominantly used policy neutral access control model for online enterprise application [13]. The major relationships among the components of RBAC are mappings of role with permission, user with role and user with permission. It has extensively reduced the complexity of security administrator in terms of managing the access permissions of users. By implementing the important security principles of RBAC such as least privilege, separation of duty and data abstraction, it has further simplified the task of security administrator and made it easier. In the recent times, with the massive growth of the number of users in online enterprise applications, the mappings on user with role becomes complicated and error prone. The error in user with role mapping leads to escape the frauds and creates the conflict of interest in assigning dynamically mutually exclusive roles. It leads to the involvement of human decisions on user with role mapping become essential. But, in real time scenario, human decisions on mapping user with role are fuzzy. In this mapping, the crisp set of objects or users are assigned with fuzzy role strength while mapping with different set of roles. So that, the application of fuzzy role based access control (FRBAC) in user with role mappings become essential. Martínez-García et al. [4] have successfully introduced the FRBAC model with its complete formalism in the form of core FRBAC, hierarchical FRBAC and constrained FRBAC.

Fuzzy formal context is the mathematical representation of uncertain information in the form of formal context and it incorporates the fuzzy set theory into formal concept analysis (FCA). Fuzzy formal concept analysis (FFCA) has been successfully applied in evaluation of clustering quality [5]. In the recent time FFCA has been applied in distributed creation of model in cloud environment [6]. The literature [7] shows the various applications of FFCA in knowledge discovery in databases (KDD) such as discovery of semantic web services, user behavioural model from web usage logs etc. Concept lattices have been extensively used in implementation of access control policies [8]. Sergei et al. [9] have used an interactive technique to construct lattices for access control models with the help of attribute exploration process in FCA. Dau and Knechtel [10] have designed the triadic formal context for RBAC and further discussed the steps to derive dyadic formal context. FFCA has also been adapted in fuzzy descriptive logics [11].

Motivated by the fruitful results of Martínez-García et al. [4], Sergei et al. [9] and Dau and Knechtel [10], we propose fuzzy role based access control model using fuzzy formal concept analysis. In this paper, we have formalized a model for user with role mapping of FRBAC using one-sided threshold method of FFCA. Our intensive literature shows that this is the first attempt in formalizing FRBAC using FFCA. The initial results of our experiments show that the proposed model could implement the user with role mappings of FRBAC. The rest of the paper is organized as follows. Sections 2.1 and 2.2 provides the brief background of FRBAC and FFCA respectively. The related work is described in Sect. 2.3. We present the proposed modeling of FRBAC using FFCA in Sect. 3 and the demonstration of experimental results in Sect. 4.

2 Background

2.1 Fuzzy Role Based Access Control

FRBAC is suitable for risk based environments where the uncertain authorization related information exists. Here, the action on the data resources gets fractional meaning. Access decisions are based on the level of imprecision and get the fuzzy value in the range of zero to one. Incorporating fuzzy decisions in the mappings of user with role, role with permission and user with permission derives the FRBAC model. Some of the FRBAC system [11] defines the mapping of user with role based on the comparison of trustworthiness of user and role. A user is fixed to a role only when the trustworthiness of the user is greater than or equal to the role required trustworthiness. It gives the comparison between role and trust degree. In addition to this, permissions are assigned to trust degree rather than roles.

To describe the RBAC model, we use the notation and model definition given by Martínez-García et al. in [4]. FRBAC has been divided into three parts namely core FRBAC, hierarchical FRBAC and constrained FRBAC. The basic functionalities are dealt in Core FRBAC. Hierarchical FRBAC is the extension of the core FRBAC with hierarchies of roles. Constrained FRBAC incorporates the separation of duty constraints. The main functionality of core FRBAC is the assignment of user with role and role with permission fixed through the fuzzy relation of the form UA: U x R → [0, 1] and PA: R x P → [0, 1]. Here, UA represents the mappings of user (U) with role(R) and PA represents the mappings of roles (R) with permissions (P). The user with role mapping represents how the individual user (u) associated with the individual role (r) with the mapping function (µUA) which represents the strength of user with role. Similarly, the role with permission mapping represents how the individual role (r) associated with different permission (p) with the mapping function (µPA) which represents the strength of role with permission. The readers are suggested to refer [4] to find the study on active assignment relation, user with permission mapping and access function. Hierarchical FRBAC defines the hierarchical relation between roles. Here, the permissions of high priority role are derived from the low priority role and the users of high priority role are the users of the low priority role. Here, the high priority role represents the senior role in role hierarchy and low priority role represents the junior role in role hierarchy. Constrained FRBAC describes the constraints on static separation of duty and dynamic separation of duty in FRBAC. The detailed study on hierarchical FRBAC and constrained FRBAC is available in [4]. To understand the real time application scenarios of FRBAC, consider the example described in [4] that the database of a hospital is accessed by an external party in order to perform the epidemical research. Here, the external party user is allowed to get a role with a relational strength to access the hospital database based on the trustworthiness. This is an example of user with role mapping in FRBAC.

2.2 Fuzzy Formal Concept Analysis

Formal concept analysis (FCA) is a mathematical theory which makes the knowledge in terms of formal concepts. The formal concept is an ordered pair with extents and intents. The extents are the subset of all objects in the context. The intents are the subset of all attributes in the context. The partial ordering among the set of all formal concepts with super-sub relationship is known as concept lattice.

Fuzzy formal concept analysis (FFCA) is a mathematical model to represent the uncertain information in the precise formalism of FCA. It works on uncertain values. It integrates the fuzzy set theory and formal concept analysis. It is a fuzzy valued relation in which an object can have the attribute in a certain conceptual scaling. We can define the fuzzy relationship (R) between objects (OBJ) and attributes (ATT) as R: OBJ x ATT → [0,1]. FFCA has the membership value in the range of zero and one. Fuzzy formal concept is a pair < A, B > where A is a set of objects with crisp values and B is a set of attributes with fuzzy values such that A = B and B = A.

$$ {\text{A}}^{ \uparrow } = \left\{ {{{{\text{a}}\;} \mathord{\left/ {\vphantom {{{\text{a}}\;} {\;\upmu_{\text{A}} ( {\text{a)}}\;|\;\upmu_{\text{A}} ( {\text{a)}}}}} \right. \kern-0pt} {\;\upmu_{\text{A}} ( {\text{a)}}\;|\;\upmu_{\text{A}} ( {\text{a)}}}} = { \hbox{min} }_{{{\text{b}} \in {\text{B}}}} \left( {\upmu_{\text{R}} ( {\text{a,b)}}} \right)} \right\} $$
(1)
$$ {\text{B}}^{ \downarrow } = \left\{ {{\text{b}} \in {\text{B}}\;|\;\forall {\text{a}} \in {\text{A}}:\upmu_{\text{R}} ( {\text{a,b)}} \ge\upmu_{\text{A}} ( {\text{a)}}} \right\} $$
(2)

In the above Eqs. (1) and (2), the operators (↑) and (↓) represents the concept forming operators. Similarly, fuzzy formal concept can be defined with fuzzy set of objects and crisp set of attributes. The alpha cut is a common approach to fuzzification of FCA. It is to reduce the fuzzy value into crisp calculation. There are two methods to represent the fuzzy formal concepts. They are one-sided threshold and fuzzy closure operator based on residuated implication. The one sided threshold holds either intents or extents as fuzzy and not the both. The other method is the fuzzy closure operation based on residuated implication holds both intents and extents as fuzzy. In real time scenario, there are practical applications for one sided threshold as like user with role mapping in FRBAC. It is difficult to represent the practical applications for the FFCA method based on residuated implications. The method based on alpha-cut becomes crisp, once the particular choice of threshold is met. The literature [7] shows the various applications of FFCA in KDD such as discovery of semantic web services, user behavioural model from web usage logs etc.

2.3 Related Work

The basic RBAC policy, model, components and their interactions are available in [1]. Sandhu et al. have introduced the unified model for RBAC called NIST RBAC model [2] and [3]. Temporal-RBAC (TRBAC) [12] was introduced as the extension of the RBAC to meet the interest of individuals in terms activating and disabling the roles periodically. Distributed RBAC (dRBAC) [13] mechanism was evolved to meet the requirements of multiple domain environments. Based on the concept of classification of tasks, Task-role based access control (T-RBAC) [14] was introduced to suit the requirements of enterprises and industrial applications. Unal and Cagalyan [15] modeled the FPM-RBAC to solve major issues of multiple domains RBAC such as location and mobility constraints, inter domain services and separation of duty. Baracaldo et al. [16] have recommended a RBAC framework to support the temporal and separation of duty constraints for the secure inter operation among multiple domains. Kumar and Newman [17] introduced a new approach called STRBAC to deal with spatio-temporal aspects of RBAC. Zhou et al. [18] have introduced the cryptographic RBAC system for the storage system in cloud environment. Lee et al. [19] have introduced the XACML based RBAC model for substation automation system in smart grid environment. Ni et al. [20] have introduced framework for privacy aware RBAC. Martino et al. [21] have introduced the Multi-domain and privacy aware RBAC in eHealth. Takabi et al. [22] have proposed a model to introduce separation of duty policies in RBAC using fuzzy set theory. Nawarathna and Kodithuwakku [23] have presented a new FRBAC model for database security with Fuzzy policy evaluator. Wang and Liu [24] have proposed a user-role assignment model based on user trustworthiness in the system. Knechtel [25] have formalized the access control matrix of RBAC as a triadic context with the support of descriptive logic. Aswani Kumar [26] has used the formal concept analysis to model the access permission of RBAC. Further, Aswani Kumar [27] has used fuzzy K-means clustering to reduce the formal context and used the FCA for association rule mining. Chinese wall security policy has been modeled using formal concept analysis [28]. Singh et al. [29] have proposed an algorithm for fuzzy formal concepts generation based on the interval values. Based on our thorough literature survey, this is the first attempt to achieve FRABC using fuzzy FCA.

3 Fuzzy Role Based Access Control Using Fuzzy FCA

In the access control matrix of FRBAC, rows represent subjects, columns represent the objects and the entries in this matrix are the fuzzy values ranges from zero to one. So, it is called as fuzzy access control matrix. Generally, these fuzzy access control matrix represents the three different mappings in FRBAC. Those mappings are user with role, role with permission and user with permission. In this proposed model, we present the fuzzy access control matrix which represents the mappings of the user with role only. In this matrix, rows are the crisp set of users and the columns are the fuzzy set of roles and the entries are the fuzzy values which represents the relational strength of crisp users on different fuzzy roles. Based on the application dependent and authorization-related information such as the trustworthiness of the user, seniority level of the user and the purpose of need to know by user, the fuzzy relational strength values is assigned in user-role assignment. The user-role relation strength also represents the risk associated to the fact that a user belongs to a role. The value of relational strength is derived from user trustworthiness. To derive the user and role matrix as the context, the set of users are identified as the formal objects and the set of roles as the formal attributes.

The steps given below describe the procedure to derive the user with role mappings of fuzzy role based access control using fuzzy formal concept analysis.

  1. 1.

    Identify the set of users (U), the set of roles (R) and the relational strength (I) of individual users on different roles. Here, the relational strengths are the fuzzy values.

  2. 2.

    Derive the matrix (MUxR) of identified users (U) and roles (R) by assigning the fuzzy relational strength value between users and roles.

  3. 3.

    Transform the matrix (MUxR) derived in step 2 as the fuzzy formal context KU,R = K (U, R, IU,R) as the mappings the users with roles in FRBAC.

  4. 4.

    Obtain the different fuzzy concepts from the fuzzy formal context (KU,R) derived in step 3.

  5. 5.

    Construct the fuzzy concept lattice from the fuzzy formal concepts obtained in step 4. Here, the formal objects or users are organized in various levels of the lattice depends upon how the various users are associated with the different formal attributes or roles.

In the next section, we demonstrate the proposed modeling of FRBAC using FFCA with a practical example.

4 Experimental Results

To demonstrate our proposed work, we consider the scenario of FRBAC on mapping user with role. To bring the clarity in our discussion, we consider only the four users and four roles. The four users are identified as U1, U2, U3 and U4 and the four roles are identified as R1, R2, R3 and R4. The mapping of these users with roles is the fuzzy values from zero to one. Here, the users are considered as the crisp objects and the roles are considered as the fuzzy attributes. The association of individual users U1, U2, U3 and U4 with fuzzy roles R1, R2, R3 and R4 are described as UA1, UA2, UA3 and UA4 respectively and they are mentioned below.

$$ \begin{aligned} & {\text{UA1 }} = \, \left\{ {{ 1}, \, 0. 7, \, 0, \, 0 \, } \right\}{\text{ UA2 }} = \, \left\{ { \, 0,{ 1},{ 1}, \, 0. 6 { }} \right\} \\ & {\text{UA3 }} = \, \left\{ { \, 0. 4, \, 0,{ 1}, \, 0. 8 { }} \right\}{\text{ UA4 }} = \, \left\{ { \, 0. 8, \, 0, \, 0. 4,{ 1 }} \right\} \\ \end{aligned} $$

By merging the UA1, UA2, UA3 and UA4, we can derive the matrix (MUxR) of user with role mapping in FRBAC. Then, extract the fuzzy values from the above mentioned associations and formalize the fuzzy formal context as described below in the Table 1.

Table 1. A fuzzy formal context of FRBAC.
Full size table

Next, derive the various fuzzy concepts from the fuzzy formal context of users with roles mapping of FRBAC described in Table 1. Here, we use fuzzy concept generation algorithm described in [30].

The generated fuzzy formal concepts under the fuzzy formal context described in Table 1 are shown in Table 2. From the Table 2, we can understand the fuzzy concepts as follows. The concept C2 represents the users U1, U3 and U4 and they are related to the role R1 with the role strength of 0.4. The concept C3 represents the users U2, U3 and U4 and they are related to the roles R3 and R4 with the role strength of 0.4 and 0.6 respectively. Similarly, the concept C4 represents the users U1 and U2 and they are related to R2 with the role strength of 0.7. In this way, we can understand all the concepts listed in Table 2, by the way in which the set of user at individual concepts are associated with the set of roles along with their role strength.

Table 2. Fuzzy concepts of the FRBAC fuzzy formal context given in Table 1.
Full size table

Totally, we have achieved twelve different concepts. This formal analysis on user-role assignment helps to classify the various concepts and helps to understand how the individual user is associated with different roles and more than one user are associated with different common roles with their relational strength.

Then, we construct the fuzzy concept lattice structure as shown in Fig. 1 from the fuzzy formal concepts listed in Table 2. In this lattice structure, the nodes are representing the concepts and the concepts are representing the association of set of users along with the set of roles with their role strength. The addition and deletion of users into the fuzzy formal context or the updates into the role strength will bring the necessary updates into the resultant concept lattice as per the concept forming operator function. In this lattice structure, we can visualize that concepts containing all of the four users U1, U2, U3 and U4 at the top level or level 1 and the concepts associated with three users U1, U2 and U3 are at the level 2. Similarly, the concepts associated with two users, single user and none of the users are at the level 3, level 4 and level 5 respectively. This represents that least privilege and user hierarchy is achieved in mapping of users with role in FRBAC. It represents the user hierarchy with their least privilege based on the relational strength on different roles. In addition to this, user-role assignment lattice help to visualize how many roles with which every individual user is associated. This lattice structure is required to be experimented further to test whether it satisfies the other security features such as static and dynamic separation of duty. Similarly, the experimentation on other mappings of FRBAC such as role with permission and user with permission in fuzzy formal context is left for the future work.

Fig. 1.
figure 1

Fuzzy lattice structure of FRBAC fuzzy concepts in Table 2.

Full size image

5 Conclusion

In this paper, we have modeled FRBAC using fuzzy FCA. To demonstrate this, we have formalized the set of users as the crisp objects and the set of roles as fuzzy attributes in FRBAC. The entries into this fuzzy formal context represent the relational strength of the set of users with different roles in FRBAC based fuzzy formal context. This fuzzy formal context exactly represents the mapping of user with role in FRBAC. Then, we generate the list of fuzzy concepts for the FRBAC based fuzzy formal context. Next, we construct the model of FRBAC based fuzzy concept lattice from the fuzzy concepts generated. The resultant FRBAC based fuzzy concept lattice satisfies the two main security features of FRBAC such as least privilege and user hierarchy.