Abstract:
This thesis proposes a novel security model for trust based access control for an entelp se by using
statistical process control approach. The proposed model provides secuity via authenticating the
users / services, deflning authorization rules and policies for available resources' confidentiality and
message integrity. The proposed model provides privacy framework for instant knowledge system
to avoid the risk of unauthorized use ofthe usel's personally identifiable iDformation by analyzing
the global privacy regulations, specifically made in UK and EU Detailed threat model using
STRIDE approach is developed for personal distributed environment Based on the threat model'
misuse cases are created to cater for the ways the system could be attacked'
The proposed model incoryorates the use ofdigital certificates; synmetdc and asymmetric ciphers;
trusted third parly for providing authentication, authorization and attribute assertions by using
secu ty assertion markup language. Statistical process cofltlol monito ng concepts are applied to
monitor and adjust users' trust values between upper control limit and lower contol limit of a
paticular authorized trust category. Shewhart and exponentially weighted moving avemge control
charts have been used to analyze the performance on simulated data. Simulation results have been
obtained by extracting the sample trust values ofindividual users, group ofusers in a pafiicular hust
category and sample average values acloss different trust categories. The proposed model once
compared with existing solutions proves that the model is highly adaptable, provides dynamic
access to resources and enhances security. 'fhe critical analysis of results shows that by adjusting
trust values based oil mean and standard deviation, 9570 of users' average trust values lie within
waming limits and 99.8olo ofusers' average fust values lie within action limits.
