On the potential of intent-based access control (IBAC) in preventing insider threats

Almehmadi, Abdulaziz

dc.contributor.advisor	El-Khatib, Khalil
dc.contributor.author	Almehmadi, Abdulaziz
dc.date.accessioned	2015-12-22T21:10:27Z
dc.date.accessioned	2022-03-29T19:06:42Z
dc.date.available	2015-12-22T21:10:27Z
dc.date.available	2022-03-29T19:06:42Z
dc.date.issued	2015-11-01
dc.identifier.uri	https://hdl.handle.net/10155/608
dc.description.abstract	Existing access control mechanisms are based on the concepts of identity enrollment and recognition, and assume that recognized identity is synonymous with ethical actions. However, statistics over the years show that the most severe security breaches have been the results of trusted, authorized, and identified users who turned into malicious insiders. Therefore, demand exists for designing prevention mechanisms. A non-identity-based authentication measure that is based on the intent of the access request might serve that demand. In this thesis, we test the possibility of detecting intention of access using involuntary electroencephalogram (EEG) reactions to visual stimuli. This method takes advantage of the robustness of the Concealed Information Test to detect intentions. Next, we test the possibility of detecting motivation of access, as motivation level corresponds directly to the likelihood of intent execution level. Subsequently, we propose and design Intent-based Access Control (IBAC), a non-identity-based access control system that assesses the risk associated with the detected intentions and motivation levels. We then study the potential of IBAC in denying access to authorized individuals who have malicious plans to commit maleficent acts. Based on the access risk and the accepted threshold established by the asset owners, the system decides whether to grant or deny access requests. We assessed the intent detection component of the IBAC system using experiments on 30 participants and achieved accuracy of 100% using Nearest Neighbor and SVM classifiers. Further, we assessed the motivation detection component of the IBAC system. Results show different levels of motivation between hesitation-based vs. motivation-based intentions. Finally, the potential of IBAC in preventing insider threats by calculating the risk of access using intentions and motivation levels as per the experiments shows access risk that is different between unmotivated and motivated groups. These results demonstrate the potential of IBAC in detecting and preventing malicious insiders.	en
dc.description.sponsorship	University of Ontario Institute of Technology	en
dc.language.iso	en	en
dc.subject	Access control	en
dc.subject	Insider threats	en
dc.subject	Intent detection	en
dc.subject	Motivation detection	en
dc.subject	IBAC	en
dc.title	On the potential of intent-based access control (IBAC) in preventing insider threats	en
dc.type	Dissertation	en
dc.degree.level	Doctor of Philosophy (PhD)	en
dc.degree.discipline	Computer Science	en

Files in this item

Name:: Almehmadi_Abdulaziz.pdf
Size:: 4.390Mb
Format:: PDF

View/Open

This item appears in the following Collection(s)

Doctoral Dissertations [71]
Doctoral Dissertations (FSCI)
Electronic Theses and Dissertations [1478]
Electronic Theses and Dissertations

Show simple item record