Towards more pro-active access control in computer systems and networks

Access control is a core security technology which has been widely used in computer systems and networks to protect sensitive information and critical resources and to counter malicious attacks. Although many access control models have been developed in the past, such as discretionary access control (DAC), mandatory access control (MAC) and role-based access control (RBAC), these models are designed primarily as a defensive measure in that they are used for examining access requests and making authorization decisions based on established access control policies. As the result, even after a malicious access is identified, the requester can still keep issuing more malicious access requests without much fear of punitive consequences from the access control system in subsequent accesses. Such access control may be acceptable in closed systems and networks but is not adequate in open systems and networks where the real identities and other critical information about requesters may not be known to the systems and networks. In this paper, we propose to design pro-active access control so that access control systems can respond to malicious access pro-actively to suit the needs of open systems and networks. We will first apply some established principles in the Game Theory to analyze current access control models to identify the limitations that make them inadequate in open systems and networks. To design pro-active access control (PAC), we incorporate a constraint mechanism that includes feedback and evaluation components and show based on the Game Theory how to make such access control respond to malicious access in a pro-active manner. We also present a framework design of PAC and demonstrate through the implementation of trust-based access control the feasibility of design, implementation and application of pro-active access control. Such kind of models and mechanisms can serve as the foundation for the design of access control systems that will be made more effective in deterring malicious attacks in open systems and networks.