IPBAC: Interaction Provenance-Based Access Control for Secure and Privacy-Aware Systems

TL;DR

IPBAC introduces an interaction provenance-based access control model that enhances security, accountability, and adaptability by recording detailed system interactions for better traceability and compliance.

Contribution

This paper presents a novel access control framework integrating interaction provenance to address limitations of traditional models like RBAC.

Findings

Improves security against unauthorized access

Enhances traceability for auditing

Supports adaptive security policies

Abstract

Traditional access control systems, including RBAC, face significant limitations such as inflexible role definitions, difficulty handling dynamic scenarios, and lack of detailed accountability and traceability. To this end, we introduce the Interaction Provenance-based Access Control (IPBAC) model. In this paper, we explore the integration of interaction provenance with access control to overcome these limitations. Interaction provenance refers to the detailed recording of actions and interactions within a system, capturing comprehensive metadata such as the identity of the actor, the time of an action, and the context. IPBAC ensures stronger protection against unauthorized access, enhances traceability for auditing and compliance, and supports adaptive security policies. This provenance-based access control not only strengthens security, but also provides a robust framework for auditing and compliance.