Role based access control is one of the widely used access control models.There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis(FCA),description logics...Role based access control is one of the widely used access control models.There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis(FCA),description logics,and Ontology for representing access control mechanism.However,while using FCA,investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts.This transformation is mainly to derive the formal concepts,lattice structure and implications to represent role hierarchy and constraints of RBAC.In this work,we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts.Our discussion is on two lines of inquiry.We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.展开更多
Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and th...Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient.展开更多
Abstract: Two-tier heterogeneous networks (HetNets), where the current cellular networks, i.e., macrocells, are overlapped with a large number of randomly distributed femtocells, can potentially bring significant b...Abstract: Two-tier heterogeneous networks (HetNets), where the current cellular networks, i.e., macrocells, are overlapped with a large number of randomly distributed femtocells, can potentially bring significant benefits to spectral utilization and system capacity. The interference management and access control for open and closed femtocells in two-tier HetNets were focused. The contributions consist of two parts. Firstly, in order to reduce the uplink interference caused by MUEs (macrocell user equipments) at closed femtocells, an incentive mechanism to implement interference mitigation was proposed. It encourages femtoeells that work with closed-subscriber-group (CSG) to allow the interfering MUEs access in but only via uplink, which can reduce the interference significantly and also benefit the marco-tier. The interference issue was then studied in open-subscriber-group (OSG) femtocells from the perspective of handover and mobility prediction. Inbound handover provides an alternative solution for open femtocells when interference turns up, while this accompanies with PCI (physical cell identity) confusion during inbound handover. To reduce the PCI confusion, a dynamic PCI allocation scheme was proposed, by which the high handin femtocells have the dedicated PCI while the others share the reuse PCIs. A Markov chain based mobility prediction algorithm was designed to decide whether the femtoeell status is with high handover requests. Numerical analysis reveals that the UL interference is managed well for the CSG femtocell and the PCI confusion issue is mitigated greatly in OSG femtocell compared to the conventional approaches.展开更多
A novel distributed cognitive radio multichannel medium access protocol without common control channel was proposed.The protocol divided a transmission interval into two parts for exchanging control information and da...A novel distributed cognitive radio multichannel medium access protocol without common control channel was proposed.The protocol divided a transmission interval into two parts for exchanging control information and data,respectively.In addition to evaluating system saturation throughput of the proposed protocol,a three-dimensional multi channel Markov chain model to describe the sate of the cognitive users (CUs) in dynamic spectrum access was presented.The proposed analysis was applied to the packet transmission schemes employed by the basic,RTS/CTS access mechanism adopted in the normal IEEE 802.11.Analyzing the advantage of the two methods,a hybrid access mechanism was proposed to improve the system throughput.The simulation results show that the experiment results are close to the value computed by the model (less than 5%),and the proposed protocol significantly improves the performance of the system throughput by borrowing the licensed spectrum.By analyzing the dependence of throughput on system parameters,hybrid mechanism dynamically selecting access mechanism can maintain high throughput.展开更多
Call admission control (CAC) and resource reservation (RR) for mobile communication are two important factors that guarantee system efficiency and quality of service (QoS) required for different services in a very sca...Call admission control (CAC) and resource reservation (RR) for mobile communication are two important factors that guarantee system efficiency and quality of service (QoS) required for different services in a very scarce resource as the radio spectrum. A new scheme was proposed which extends the concepts of resource sharing and reservations for wideband code division multiple access (WCDMA) systems with a unique feature of soft capacity. Voice and data traffic were considered. The traffic is further classified into handoff and new requests. The reservation thresholds were dynamically adjusted according to the traffic pattern and mobility prediction in order to achieve the maximum channel utilization, while guaranteeing different QoS constraints. The performance of proposed scheme was evaluated using Markov models. New call blocking probability, handoff call dropping probability, and channel utilization were used as benchmarks for the proposed scheme.展开更多
Access G rid是计算网格的一个扩展,用于支持在网格上进行组对组的大规模视频会议,也可用于协同工作、远程教学等多个领域。基于任务和角色的访问控制是最新的访问控制模型,它对传统访问控制进行了改进和扩充,能为Access G rid提供更高...Access G rid是计算网格的一个扩展,用于支持在网格上进行组对组的大规模视频会议,也可用于协同工作、远程教学等多个领域。基于任务和角色的访问控制是最新的访问控制模型,它对传统访问控制进行了改进和扩充,能为Access G rid提供更高效的安全和管理服务。因此,Access G rid中基于任务和角色的访问控制是网格研究中的重要方向。展开更多
This paper addresses the problem of fault detection(FD) for networked systems with access constraints and packet dropouts.Two independent Markov chains are used to describe the sequences of channels which are availa...This paper addresses the problem of fault detection(FD) for networked systems with access constraints and packet dropouts.Two independent Markov chains are used to describe the sequences of channels which are available for communication at an instant and the packet dropout process,respectively.Performance indexes H∞ and H_ are introduced to describe the robustness of residual against external disturbances and sensitivity of residual to faults,respectively.By using a mode-dependent fault detection filter(FDF) as residual generator,the addressed FD problem is converted into an auxiliary filter design problem with the above index constraints.A sufficient condition for the existence of the FDF is derived in terms of certain linear matrix inequalities(LMIs).When these LMIs are feasible,the explicit expression of the desired FDF can also be characterized.A numerical example is exploited to show the usefulness of the proposed results.展开更多
The large carrier frequency shift caused by the high-speed movement of satellite (Doppler effects) and the propagation delay on the up-down link are very critical issues in an LEO satellite communication system, which...The large carrier frequency shift caused by the high-speed movement of satellite (Doppler effects) and the propagation delay on the up-down link are very critical issues in an LEO satellite communication system, which affects both the selection and the implementation of a suitable access method. A Doppler based multiple access technique is used here to control the flow and an MPRMA-HS protocol is proposed for the application in LEO satellite communication systems. The extended simulation trials prove that the proposed scheme seems to be a very promising access method.展开更多
基金the financial support from Department of Science and Technology,Government of India under the grant:SR/CSRI/118/2014
文摘Role based access control is one of the widely used access control models.There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis(FCA),description logics,and Ontology for representing access control mechanism.However,while using FCA,investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts.This transformation is mainly to derive the formal concepts,lattice structure and implications to represent role hierarchy and constraints of RBAC.In this work,we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts.Our discussion is on two lines of inquiry.We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.
基金Project(61003140) supported by the National Natural Science Foundation of ChinaProject(013/2010/A) supported by Macao Science and Technology Development FundProject(10YJC630236) supported by Social Science Foundation for the Youth Scholars of Ministry of Education of China
文摘Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient.
基金Project(2012AA01A301-01)supported by the National High-Tech Research and Development Plan of ChinaProjects(61301148,61272061)supported by the National Natural Science Foundation of China+3 种基金Projects(20120161120019,2013016111002)supported by the Research Fund for the Doctoral Program of Higher Education of ChinaProjects(14JJ7023,10JJ5069)supported by the Natural Science Foundation of Hunan Province,ChinaProject(ISN12-05)supported by State Key Laboratory of Integrated Services Networks Open Foundation,ChinaProject(531107040276)supported by the Fundamental Research Funds for the Central Universities,China
文摘Abstract: Two-tier heterogeneous networks (HetNets), where the current cellular networks, i.e., macrocells, are overlapped with a large number of randomly distributed femtocells, can potentially bring significant benefits to spectral utilization and system capacity. The interference management and access control for open and closed femtocells in two-tier HetNets were focused. The contributions consist of two parts. Firstly, in order to reduce the uplink interference caused by MUEs (macrocell user equipments) at closed femtocells, an incentive mechanism to implement interference mitigation was proposed. It encourages femtoeells that work with closed-subscriber-group (CSG) to allow the interfering MUEs access in but only via uplink, which can reduce the interference significantly and also benefit the marco-tier. The interference issue was then studied in open-subscriber-group (OSG) femtocells from the perspective of handover and mobility prediction. Inbound handover provides an alternative solution for open femtocells when interference turns up, while this accompanies with PCI (physical cell identity) confusion during inbound handover. To reduce the PCI confusion, a dynamic PCI allocation scheme was proposed, by which the high handin femtocells have the dedicated PCI while the others share the reuse PCIs. A Markov chain based mobility prediction algorithm was designed to decide whether the femtoeell status is with high handover requests. Numerical analysis reveals that the UL interference is managed well for the CSG femtocell and the PCI confusion issue is mitigated greatly in OSG femtocell compared to the conventional approaches.
基金Project(61071104) supported by the National Natural Science Foundation of China
文摘A novel distributed cognitive radio multichannel medium access protocol without common control channel was proposed.The protocol divided a transmission interval into two parts for exchanging control information and data,respectively.In addition to evaluating system saturation throughput of the proposed protocol,a three-dimensional multi channel Markov chain model to describe the sate of the cognitive users (CUs) in dynamic spectrum access was presented.The proposed analysis was applied to the packet transmission schemes employed by the basic,RTS/CTS access mechanism adopted in the normal IEEE 802.11.Analyzing the advantage of the two methods,a hybrid access mechanism was proposed to improve the system throughput.The simulation results show that the experiment results are close to the value computed by the model (less than 5%),and the proposed protocol significantly improves the performance of the system throughput by borrowing the licensed spectrum.By analyzing the dependence of throughput on system parameters,hybrid mechanism dynamically selecting access mechanism can maintain high throughput.
文摘Call admission control (CAC) and resource reservation (RR) for mobile communication are two important factors that guarantee system efficiency and quality of service (QoS) required for different services in a very scarce resource as the radio spectrum. A new scheme was proposed which extends the concepts of resource sharing and reservations for wideband code division multiple access (WCDMA) systems with a unique feature of soft capacity. Voice and data traffic were considered. The traffic is further classified into handoff and new requests. The reservation thresholds were dynamically adjusted according to the traffic pattern and mobility prediction in order to achieve the maximum channel utilization, while guaranteeing different QoS constraints. The performance of proposed scheme was evaluated using Markov models. New call blocking probability, handoff call dropping probability, and channel utilization were used as benchmarks for the proposed scheme.
文摘Access G rid是计算网格的一个扩展,用于支持在网格上进行组对组的大规模视频会议,也可用于协同工作、远程教学等多个领域。基于任务和角色的访问控制是最新的访问控制模型,它对传统访问控制进行了改进和扩充,能为Access G rid提供更高效的安全和管理服务。因此,Access G rid中基于任务和角色的访问控制是网格研究中的重要方向。
基金supported by the National Natural Science Foundation of China (6057408860874053)
文摘This paper addresses the problem of fault detection(FD) for networked systems with access constraints and packet dropouts.Two independent Markov chains are used to describe the sequences of channels which are available for communication at an instant and the packet dropout process,respectively.Performance indexes H∞ and H_ are introduced to describe the robustness of residual against external disturbances and sensitivity of residual to faults,respectively.By using a mode-dependent fault detection filter(FDF) as residual generator,the addressed FD problem is converted into an auxiliary filter design problem with the above index constraints.A sufficient condition for the existence of the FDF is derived in terms of certain linear matrix inequalities(LMIs).When these LMIs are feasible,the explicit expression of the desired FDF can also be characterized.A numerical example is exploited to show the usefulness of the proposed results.
基金This project was supported by National "863" High Technology Research and Development Program of China (863-2-5-2.1).
文摘The large carrier frequency shift caused by the high-speed movement of satellite (Doppler effects) and the propagation delay on the up-down link are very critical issues in an LEO satellite communication system, which affects both the selection and the implementation of a suitable access method. A Doppler based multiple access technique is used here to control the flow and an MPRMA-HS protocol is proposed for the application in LEO satellite communication systems. The extended simulation trials prove that the proposed scheme seems to be a very promising access method.
