State-aware access control for cyber-physical-social space: Model and policy security assurance

IF 4.3 3区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Egyptian Informatics Journal Pub Date : 2025-08-06 DOI:10.1016/j.eij.2025.100749

Yan Cao , Changbo Ke , Dajuan Fan , Yuan Ping , Quanxin Yang , MengKe Yao

{"title":"State-aware access control for cyber-physical-social space: Model and policy security assurance","authors":"Yan Cao , Changbo Ke , Dajuan Fan , Yuan Ping , Quanxin Yang , MengKe Yao","doi":"10.1016/j.eij.2025.100749","DOIUrl":null,"url":null,"abstract":"<div><div>The cyber–physical-social space provides its users with a comfortable and convenient environment for work or living, achieved through the integration of state information from the cyber world, the physical world and the social world. While this integration creates a smart environment, it also presents a significant challenge to access control methods. This paper addresses the evolving access control requirements in the cyber–physical-social space and introduces a state-aware access control model along with an access control policy security assurance mechanism. To articulate the contextual state and state transformations in the cyber, physical, and social worlds, we propose the cyber–physical-social state description method. Building upon this method, we construct a state-aware access control model to precisely define the security requirements of the cyber–physical-social space. Additionally, we introduce a liveness requirement-oriented access control policy generation method and a safety requirement verification method to analyze how changes in the state of humans, cyber data, and physical entities impact authorization. Through a case study involving an intelligent hospital, we demonstrate that the proposed model possesses rich semantics and effectively conveys the security requirements of the cyber–physical-social space. The access control policy set, generated using our proposed methods, successfully avoids issues of missing and incorrect authorizations, ensuring a robust and reliable security system.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"31 ","pages":"Article 100749"},"PeriodicalIF":4.3000,"publicationDate":"2025-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Egyptian Informatics Journal","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1110866525001422","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

The cyber–physical-social space provides its users with a comfortable and convenient environment for work or living, achieved through the integration of state information from the cyber world, the physical world and the social world. While this integration creates a smart environment, it also presents a significant challenge to access control methods. This paper addresses the evolving access control requirements in the cyber–physical-social space and introduces a state-aware access control model along with an access control policy security assurance mechanism. To articulate the contextual state and state transformations in the cyber, physical, and social worlds, we propose the cyber–physical-social state description method. Building upon this method, we construct a state-aware access control model to precisely define the security requirements of the cyber–physical-social space. Additionally, we introduce a liveness requirement-oriented access control policy generation method and a safety requirement verification method to analyze how changes in the state of humans, cyber data, and physical entities impact authorization. Through a case study involving an intelligent hospital, we demonstrate that the proposed model possesses rich semantics and effectively conveys the security requirements of the cyber–physical-social space. The access control policy set, generated using our proposed methods, successfully avoids issues of missing and incorrect authorizations, ensuring a robust and reliable security system.

查看原文本刊更多论文

网络-物理-社会空间的状态感知访问控制：模型和策略安全保障

网络-物理-社会空间通过整合来自网络世界、物理世界和社会世界的状态信息，为用户提供舒适便捷的工作或生活环境。虽然这种集成创建了一个智能环境，但它也对访问控制方法提出了重大挑战。本文针对网络-物理-社会空间中不断变化的访问控制需求，介绍了一种状态感知的访问控制模型以及访问控制策略安全保证机制。为了阐明网络、物理和社会世界中的情境状态和状态转换，我们提出了网络-物理-社会状态描述方法。在此基础上，我们构建了一个状态感知的访问控制模型来精确定义网络-物理-社会空间的安全需求。此外，我们还介绍了一种面向活动性需求的访问控制策略生成方法和一种安全需求验证方法，以分析人员、网络数据和物理实体状态的变化如何影响授权。通过一个智能医院的案例研究，我们证明了所提出的模型具有丰富的语义，并有效地传达了网络-物理-社会空间的安全需求。使用我们提出的方法生成的访问控制策略集成功地避免了丢失和不正确的授权问题，确保了健壮和可靠的安全系统。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Egyptian Informatics Journal Decision Sciences-Management Science and Operations Research

CiteScore

11.10

自引率

1.90%

发文量

审稿时长

110 days

期刊介绍： The Egyptian Informatics Journal is published by the Faculty of Computers and Artificial Intelligence, Cairo University. This Journal provides a forum for the state-of-the-art research and development in the fields of computing, including computer sciences, information technologies, information systems, operations research and decision support. Innovative and not-previously-published work in subjects covered by the Journal is encouraged to be submitted, whether from academic, research or commercial sources.