A ROLE MANAGEMENT MODEL FOR USER AUTHORIZATION QUERIES IN ROLE BASED ACCESS CONTROL SYSTEMS A THESIS CH.SASI DHAR RAO

Similar documents
(Cover Page) TITLE OF THE THESIS TITLE OF THE THESIS TITLE OF THE THESIS (Not more than 3 lines. CAPS Times New Roman Font size 20)

A Project Report on MULTIPLE ROUTING CONFIGURATIONS FOR FAST IP NETWORK RECOVERY

Ref: NU/REG/E1/ / Date: CIRCULAR

Enhanced Web Log Based Recommendation by Personalized Retrieval

AUTOMATED STUDENT S ATTENDANCE ENTERING SYSTEM BY ELIMINATING FORGE SIGNATURES

The adaptive serializable snapshot isolation protocol for managing database transactions

STUDY ON THE USE OF PUBLIC DATA CENTERS FOR IT INFRASTRUCTURE OUTSOURCING IN SRI LANKA

The Discovery and Retrieval of Temporal Rules in Interval Sequence Data

SCALABLE IN-MEMORY DATA MANAGEMENT MODEL FOR ENTERPRISE APPLICATIONS

A reputation system for BitTorrent peer-to-peer filesharing

STUDY ON THE EFFECT OF ORIENTATION ON PHTOTOVOLTAIC ARRAY OUTPUT IN SELECTED LOCATIONS OF SRI LANKA

DETERMINING EFFECT OF WEBSITE USABILITY AND SATISFACTION ON LOYALTY AND POSITIVE WORD-OF-MOUTH: MALAYSIA INTERNET BANKING

Real Time Multi-Sensor Data Acquisition and Processing for a Road Mapping System

ALGORITHMIC ASPECTS OF DOMINATION AND ITS VARIATIONS ARTI PANDEY

ACKNOWLEDGEMENT. my PhD Supervisor Dr. Vidhyacharan Bhaskar, Professor, Department of

Advanced Migration of Schema and Data across Multiple Databases

OpenFOAM on GPUs. Thilina Rathnayake R. Department of Computer Science & Engineering. University of Moratuwa Sri Lanka

STUDY ON MATURITY OF BUSINESS CONTINUITY MANAGEMENT AND ICT RELIANCE IN SRI LANKA MASTER OF BUSINESS ADMINISTRATION IN INFORMATION TECHNOLOGY

GEO BASED ROUTING FOR BORDER GATEWAY PROTOCOL IN ISP MULTI-HOMING ENVIRONMENT

Location Based Selling Platform for Mobile Buyers

STANDARD REST API FOR

JIIT NOIDA. FORMAT FOR SUBMISSION OF Ph.D. THESIS

Content distribution networks over shared infrastructure : a paradigm for future content network deployment

Virginia Commonwealth University School of Medicine Information Security Standard

ACCELERATED COMPLEX EVENT PROCESSING WITH GRAPHICS PROCESSING UNITS

A Frequent Max Substring Technique for. Thai Text Indexing. School of Information Technology. Todsanai Chumwatana

INFORMATION ACCESS VIA VOICE. dissertation is my own or was done in collaboration with my advisory committee. Yapin Zhong

KENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT)

Secure communication over mobile ad-hoc network

ADAPTIVE VIDEO STREAMING FOR BANDWIDTH VARIATION WITH OPTIMUM QUALITY

Tree Rule Firewall. A Thesis Submitted for the Degree of. Doctor of Philosophy. Thawatchai Chomsiri. Faculty of Engineering and Information Technology

A Developer s Guide to the Semantic Web

BINUS INTERNATIONAL UNIVERSITAS BINA NUSANTARA. BiNus MOBILE SERVICE SYSTEM WITH HIGH PERFORMANCE and STRUCTURED DATABASE DESIGN

Migrate and Transfer Schema and Data across Multiple Databases

STUDY OF OPTICAL RECORDING CHARACTERISTICS OF SbSnIn, GeSbTe AND AgInSbTe BASED PHASE CHANGE MATERIALS AND DEVICE DESIGN GIRIRAJ NYATI

Efficient Index Maintenance for Text Databases

Dedication. To the departed souls of my parents & father-in-law.

MICRO-SEQUENCER BASED CONTROL UNIT DESIGN FOR A CENTRAL PROCESSING UNIT TAN CHANG HAI

IMAGE SEGMENTATION USING THRESHOLDING. Submitted By- Raya Dutta Registration no

INTELLIGENT NON-DESTRUCTIVE CLASSIFICATION OF JOSAPINE PINEAPPLE MATURITY USING ARTIFICIAL NEURAL NETWORK

Face Detection using Color based method with lighting compensation scheme

TOMRAS: A Task Oriented Mobile Remote Access System for Desktop Applications

An agent-based peer-to-peer grid computing architecture

Asymmetric Digital Subscriber Line As Internet Superhighway for Sri Lanka

FINGER VEIN RECOGNITION USING LOCAL MEAN BASED K-NEAREST CENTROID NEIGHBOR AS CLASSIFIER

RVS College of Arts and Science (Autonomous) School of Computer Studies (UG)

Supporting Quality of Service for Internet Applications A thesis presented for the degree of Master of Science Research

UNIVERSITI MALAYSIA PAHANG

Social Networks: Service Selection and Recommendation

Design and Analysis Methods for Cluster Randomized Trials with Pair-Matching on Baseline Outcome: Reduction of Treatment Effect Variance

code pattern analysis of object-oriented programming languages

Remote Security Camera Monitoring System

Particle Swarm Optimization Methods for Pattern. Recognition and Image Processing

An Ontological Framework for Contextualising Information in Hypermedia Systems.

Quick-Start Tutorial. Airavata Reference Gateway

On-board Communications for the Pioneer 3-AT Robot

A GENERIC FRAMEWORK FOR DISTRIBUTED COMPUTATION

SEMINAR REPORT SEMINAR TITLE. Name of the student

PROGRAM EXECUTION DYNAMICS. Samuel Dellette Patton. A thesis submitted in partial fulfillment of the requirements for the degree.

Homework 2 Implementing the University Application Due: November 7, 2004 (Sunday midnight)

A COMPARATIVE STUDY OF INTERPERSONAL MEANING ON SOLICITED AND UNSOLICITED ENGLISH APPLICATION LETTERS. (Systemic Functional Linguistics Approach)

ONLINE CONSUMER CHARACTERISTICS AND BEHAVIOR: INDONESIA TOURIST IN USING INTERNET FOR SEARCHING ONLINE ROOM RESERVATIONS

Privacy Preserving Data Sharing in Data Mining Environment

Dynamic Phasor Estimation in Electrical Power Systems Based on IEC61850 Process-Bus

"Charting the Course... MOC C: Administering an SQL Database Infrastructure. Course Summary

Processor : Intel Pentium D3.0 GigaHtz

An Adaptive Algorithm for Range Queries in Differential Privacy

Facilities Manager Local Device Tracking

Co-Channel Interference in Bluetooth Piconets

Matrix Code Decoder and Encoder for Mobile Content Distribution

ISEB Practitioner Certificate in IT Service Management: Specialising in Release and Control

Gassan Abu Jumra Alsyad

COMPUTATIONAL CHALLENGES IN HIGH-RESOLUTION CRYO-ELECTRON MICROSCOPY. Thesis by. Peter Anthony Leong. In Partial Fulfillment of the Requirements

ONLINE BILLBOARD VIKRAM KUMAR KONDAPANENI B.TECH, ACHARYA NAGARJUNA UNIVERSITY, 2007 A REPORT

Enabling Component-Based Model Transformations with QVT. Li Dan

Universiti Teknologi MARA. An Analysis on The Uses of Data Modeling in Database Application Development

PMSA CONTINUOUS PROFESSIONAL DEVELOPMENT FRAMEWORK

The Impact of Relational Model Bases on Organizational Decision Making: Cases in E- Commerce and Ecological Economics

VACANCY ANNOUNCEMENT

SOFTRONIICS Call:

Module 4: Access Control

defectx.com the internet defect tracking system defectx is more than just a way of tracking internet software bugs.

COURSE OUTLINE. IST 253 Database Concept 3 Course Number Course Title Credits

Copyright is owned by the Author of the thesis. Permission is given for a copy to be downloaded by an individual for the purpose of research and

ENHANCEMENT OF UML-BASED WEB ENGINEERING FOR METAMODELS: HOMEPAGE DEVELOPMENT CASESTUDY KARZAN WAKIL SAID

Meta-Content framework for back index generation

POSTGRADUATE CERTIFICATE IN LEARNING & TEACHING - REGULATIONS

How to Guide. Create a Data Set. Version: Release 3.0

KENYA UNIVERSITIES AND COLLEGES CENTRAL PLACEMENT SERVICE Tel: , P.O. Box , NAIROBI

"Charting the Course B Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Course Summary

NOVEL TECHNIQUES AND ARCHITECTURES FOR ADAPTIVE BEAMFORMING

ISO/IEC INTERNATIONAL STANDARD. Information technology Code of practice for information security management

UNIVERSITI TEKNOLOGI MARA A PROCEDURAL FRAMEWORK FOR EXTENSION OF TIME (EOT) CLAIM SETTLEMENT IN THE MALAYSIAN CONSTRUCTION INDUSTRY

DEVELOPING ACHUSI SYSTEM AS A BUSINESS SYSTEM SOLUTION FOR C.V. X: HUMAN RESOURCE, COST, BONUS, AND UTILITY SUBSYSTEM

SAULT COLLEGE OF APPLIED ARTS AND TECHNOLOGY SAULT STE. MARIE, ONTARIO. Sault College COURSE OUTLINE DATABASE DESIGN AND IMPLEMENTATION I

ACCESS CONTROL IN A SOCIAL NETWORKING ENVIRONMENT

DEPARTMENT OF COMPUTER SCIENCE

Design and Implementation of Client Server Network Management System for Ethernet LAN

Knowledge libraries and information space

Mapping the Progression of Non-Carious Cervical Lesions

Transcription:

A ROLE MANAGEMENT MODEL FOR USER AUTHORIZATION QUERIES IN ROLE BASED ACCESS CONTROL SYSTEMS A THESIS Submitted by CH.SASI DHAR RAO in partial fulfillment for the award of the degree of MASTER OF PHILOSOPHY DEPARTMENT OF COMPUTER APPLICATIONS SCHOOL OF COMPUTER AND INFORMATION SCIENCES B.S ABDUR RAHMAN UNIVERSITY B.S. ABDUR RAHMAN INSTITUTE OF SCIENCE & TECHNOLOGY (Estd u/s 3 of the UGC Act 1956) VANDALUR, CHENNAI 600 048 JUNE 2010 i

ii

iii

B.S. ABDUR RAHMAN UNIVERSITY, B.S. Abdur Rahman Institute of Science and Technology (Estd. u/s 3 of the UGC Act 1956) BONAFIDE CERTIFICATE Certified that this thesis titled, A ROLE MANAGEMENT MODEL FOR USER AUTHORIZATION QUERIES IN ROLE BASED ACCESS CONTROL is the bonafide work of Mr. CH.SASI DHAR RAO (RRN. 0945203) who carried out the research under my supervision. Certified further, that to the best of my knowledge the work reported herein does not form part of any other thesis or dissertation, on the basis of which a degree or award was conferred on an earlier occasion on this or any other scholar. Dr. P.Sheik Abdul Khader SUPERVISOR Professor & HOD Department of computer Applications iv

ACKNOWLEDGEMENT In the first place I thank the Almighty for showering his blessings upon me in completing the project. I submit this project with a deep sense of attitude and reverence for my beloved parents for their moral support and encouragement I express my deep sense of gratitude to Dr. V.M. Periasamy, Registrar, BS Abdur Rahman University who provided an excellent infrastructure and facilities to undergo my project work. I owe my most sincere gratitude to Dr.P.Sheik Abdul Khader, Professor and Head, Department of computer Applications for providing strong oversight of vision, strategic direction, encouragement and suggestion in completing my project work. I thank him for guiding me to the path of success as my project guide. I express my gratitude to project coordinator Mrs.A.Jaya, Assistant Professor (Senior Grade), for her support and encouragement to complete the project. I extend my sincere thanks to all my committee members for their valuable suggestions, timely advice and support to complete this project. SASI DHAR RAO C.H v

ABSTRACT In any distributed environment, large amount of systems and its resources are managed by the system administrator to provide the access control security to the users in an organization. The administrator should grant a set of permissions called as roles to avail Role Based Access Control security which restricts the access of systems based on the privileges given to the user by the organization. The system administrator finds it difficult to allocate roles when more than one user, requests to assign the roles simultaneously. So there is a need for role management application that helps the administrator to analyze the privileges and the existing roles allocated to the user. While allocating new roles to the users, the administrator should concentrate on assigning and activating the best role suitable for the particular user and it should not affect the existing permissions given to the user. In both cases, the administrator should quickly analyze the existing role, to check as quick as to suitable for the particular possible whether the newly requested permissions are already given to the user or not. Hence there is a need for an effective role management application which helps the administrator to analyze the existing roles which are already allocated to the user. vi

The proposed system helps the administrator to analyze the set of permissions defined in the existing roles and in the roles that is already allocated to the user. This Role Management Model uses Boyer-Moore-Horspool (BMH) algorithm to search the existing roles by matching each permission defined in the role. An automatic role creation model is implemented using Adaline neural network model to train the network creating a role based on the permissions requested by the user. The implementation of Boyer-Moore-Horspool (BMH) algorithm for role analyzation and Adaline neural network model for role creation is done using java as application language and sql server 2000 as the backend. vii

TABLE OF CONTENTS CHAPTER NO TITLE PAGE NO ABSTRACT LIST OF TABLES LIST OF FIGURES 1. INTRODUCTION 01 1.1 GENERAL 01 1.2 EXISTING SYSTEM 02 1.3 PROPOSED SYSTEM 03 1.3.1 Advantages of Proposed system 04 1.4 ORGANIZATION OF CHAPTERS 05 2 LITERATURE SURVEY 06 3 ROLE BASED ACCESS CONTROL 3.1 INTRODUCTION 3.1.1 User Authorization Query in RBAC 10 3.2 ROLE-BASED RELATIONSHIP 12 3.2.1 User Role Relations 13 3.3 ADAPTIVE LINEAR NEURON 15 3.3.1 Adaline Architecture 16 3.3.2 Learning Algorithm for Adaline 17 3.4 BOYER-MOORE-HORSPOOL (BMH) ALGORITHM 18 3.5 IMPLEMENTATION OF BMH ALGORITHM IN ROLE MANAGEMENT APPLICATION 20 iv viii ix viii

4 DEVELOPMENT PROCESS 4.1 INTRODUCTION 23 4.2 ARCHITECTURAL DESIGN 24 4.3 DETAILED DESIGN 26 4.4 DATABASE DESIGN 30 4.5 IMPLEMENTATION OF ROLE MANAGEMENT IN RBAC 31 5 SIMULATION RESULTS AND PERFORMANCE ANALYSIS 5.1 SIMULATION ENVIRONMENT 42 5.2 PERFORMANCE METRICS 48 5.3 PERFORMANCE RESULTS 49 6 CONCLUSION AND FUTURE ENHANCEMENT 54 REFERENCES ix

LIST OF TABLES TABLE NO TITLE PAGE NO 4.1 User details in role management Application 30 4.2 Role creation in role management Application 31 x

LIST OF FIGURES FIGURE NO TITLE PAGE NO 3.1 Assignment of Roles 11 3.2 Single role relationship diagram 12 3.3 Multiple role relationship diagram 14 3.4 User relationship diagram 15 3.5 Adaline architecture 17 4.1 Hierarchical diagram of the role management application in RBAC system 23 4.2 Architectural diagram of entire role management system 24 4.3 Dataflow diagram for identification of requested role from already allocated roles to the user. 27 4.4 Dataflow diagram for identification of requested role from already existing roles in RBAC system. 28 4.5 Dataflow diagram for creation of new role in RBAC system. 29 4.6 Working architecture of role creation using Adaline 38 5.1 Validating user for role assignment. 42 5.2 Viewing user information. 43 5.3 Viewing privileges defined to each role. 43 xi

FIGURE NO TITLE PAGE NO 5.4 Role identification of the requested permission. 44 5.5 Role management applications 45 5.6 Learning new privileges to requested role 46 5.7 Creating new role based on user request. 46 5.8 Analyzing existing role in RBAC system 47 5.9 Viewing active roles in RBAC system. 47 5.10 Viewing role weights to each role 48 5.11 Role identification from the roles already Allocated to the user 50 5.12 Role identification from the roles already present in the RBAC system. 51 5.13 Role creations using neural network. 53 xii

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback