Next Article in Journal
Security Perception of IoT Devices in Smart Homes
Next Article in Special Issue
The State of Ethereum Smart Contracts Security: Vulnerabilities, Countermeasures, and Tool Support
Previous Article in Journal
Security and Independence of Process Safety and Control Systems in the Petroleum Industry
Previous Article in Special Issue
Polymorphic Adversarial Cyberattacks Using WGAN
Article

HEAD Access Control Metamodel: Distinct Design, Advanced Features, and New Opportunities

1
Département de Mathématiques, Informatique et Génie, Université du Québec à Rimouski, 300 Allée des Ursulines, Rimouski, QC G5L 3A1, Canada
2
Institut Technologique de Maintenance Industrielle, 175 Rue de la Vérendrye, Sept-Îles, QC G4R 5B7, Canada
*
Author to whom correspondence should be addressed.
Academic Editor: Danda B. Rawat
J. Cybersecur. Priv. 2022, 2(1), 42-64; https://doi.org/10.3390/jcp2010004
Received: 21 December 2021 / Revised: 29 January 2022 / Accepted: 8 February 2022 / Published: 14 February 2022
Access control (AC) policies are a set of rules administering decisions in systems and they are increasingly used for implementing flexible and adaptive systems to control access in today’s internet services, networks, security systems, and others. The emergence of the current generation of networking environments, with digital transformation, such as the internet of things (IoT), fog computing, cloud computing, etc., with their different applications, bring out new trends, concepts, and challenges to integrate more advanced and intelligent systems in critical and heterogeneous structures. This fact, in addition to the COVID-19 pandemic, has prompted a greater need than ever for AC due to widespread telework and the need to access resources and data related to critical domains such as government, healthcare, industry, and others, and any successful cyber or physical attack can disrupt operations or even decline critical services to society. Moreover, various declarations have announced that the world of AC is changing fast, and the pandemic made AC feel more essential than in the past. To minimize security risks of any unauthorized access to physical and logical systems, before and during the pandemic, several AC approaches are proposed to find a common specification for security policy where AC is implemented in various dynamic and heterogeneous computing environments. Unfortunately, the proposed AC models and metamodels have limited features and are insufficient to meet the current access control requirements. In this context, we have developed a Hierarchical, Extensible, Advanced, and Dynamic (HEAD) AC metamodel with substantial features that is able to encompass the heterogeneity of AC models, overcome the existing limitations of the proposed AC metamodels, and follow the various technology progressions. In this paper, we explain the distinct design of the HEAD metamodel, starting from the metamodel development phase and reaching to the policy enforcement phase. We describe the remaining steps and how they can be employed to develop more advanced features in order to open new opportunities and answer the various challenges of technology progressions and the impact of the pandemic in the domain. As a result, we present a novel approach in five main phases: metamodel development, deriving models, generating policies, policy analysis and assessment, and policy enforcement. This approach can be employed to assist security experts and system administrators to design secure systems that comply with the organizational security policies that are related to access control. View Full-Text
Keywords: access control; metamodel; heterogeneous systems; security and privacy; IoT; industry 4.0; COVID-19; digital transformation access control; metamodel; heterogeneous systems; security and privacy; IoT; industry 4.0; COVID-19; digital transformation
Show Figures

Figure 1

MDPI and ACS Style

Kashmar, N.; Adda, M.; Ibrahim, H. HEAD Access Control Metamodel: Distinct Design, Advanced Features, and New Opportunities. J. Cybersecur. Priv. 2022, 2, 42-64. https://doi.org/10.3390/jcp2010004

AMA Style

Kashmar N, Adda M, Ibrahim H. HEAD Access Control Metamodel: Distinct Design, Advanced Features, and New Opportunities. Journal of Cybersecurity and Privacy. 2022; 2(1):42-64. https://doi.org/10.3390/jcp2010004

Chicago/Turabian Style

Kashmar, Nadine, Mehdi Adda, and Hussein Ibrahim. 2022. "HEAD Access Control Metamodel: Distinct Design, Advanced Features, and New Opportunities" Journal of Cybersecurity and Privacy 2, no. 1: 42-64. https://doi.org/10.3390/jcp2010004

Find Other Styles

Article Access Map by Country/Region

1
Back to TopTop