{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,7,14]],"date-time":"2024-07-14T02:51:44Z","timestamp":1720925504223},"reference-count":25,"publisher":"Wiley","issue":"18","license":[{"start":{"date-parts":[[2015,7,14]],"date-time":"2015-07-14T00:00:00Z","timestamp":1436832000000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/onlinelibrary.wiley.com\/termsAndConditions#vor"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security Comm Networks"],"published-print":{"date-parts":[[2015,12]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Dynamic environments pose a challenge for traditional access control models where permissions are granted or revoked merely based on predefined and static access policies making them incapable of dynamically adapting to changing conditions. Risk adaptive access control models have been gaining more attention in the research community as an alternative approach to overcome the limitations of traditional access control models. Radio Frequency Identification (RFID) is an emerging technology widely utilized in both physical and logical access control systems because of its contactless nature, low cost, high read\/write speed and long distance operation. Serverless RFID system architecture offers better availability assurance and lower implementation cost, while access rights management is easier in server\u2010based architecture. In this study, we continue to build on our previous research on the privacy and security of RFID access control systems without a backend database in order to overcome its limitations. We propose a hybrid design for a risk adaptive RFID access control system; that is, dynamically alternating between two access control modes, online (server\u2010based) and offline (serverless), to adapt to the level of risk depending on rule\u2010based risk scenarios and current risk value. The proposed design combines features of both serverless and risk adaptive access control systems. Copyright \u00a9 2015 John Wiley &amp; Sons, Ltd.<\/jats:p>","DOI":"10.1002\/sec.1303","type":"journal-article","created":{"date-parts":[[2015,7,14]],"date-time":"2015-07-14T20:42:52Z","timestamp":1436906572000},"page":"3826-3835","source":"Crossref","is-referenced-by-count":4,"title":["Risk adaptive hybrid RFID access control system"],"prefix":"10.1002","volume":"8","author":[{"given":"Malek","family":"Al\u2010Zewairi","sequence":"first","affiliation":[{"name":"King Hussein Faculty for Computing Sciences Princess Sumaya University for Technology  Amman 11941 Jordan"}]},{"given":"Ja'far","family":"Alqatawna","sequence":"additional","affiliation":[{"name":"King Abdulla II School for Information Technology The University of Jordan  Amman 11942 Jordan"}]},{"given":"Jalal","family":"Atoum","sequence":"additional","affiliation":[{"name":"King Hussein Faculty for Computing Sciences Princess Sumaya University for Technology  Amman 11941 Jordan"}]}],"member":"311","published-online":{"date-parts":[[2015,7,14]]},"reference":[{"key":"e_1_2_7_2_1","first-page":"87","article-title":"Overriding of access control in XACML. Eighth IEEE International Workshop on Policies for Distributed Systems and Networks, 2007 POLICY '07","volume":"0","author":"Alqatawna J","year":"2007","journal-title":"Institute of Electrical and Electronics Engineers"},{"key":"e_1_2_7_3_1","doi-asserted-by":"publisher","DOI":"10.1201\/b15573"},{"key":"e_1_2_7_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11235-009-9240-3"},{"key":"e_1_2_7_5_1","doi-asserted-by":"crossref","unstructured":"ShaikhRA AdiK LogrippoL MankovskiS.Risk\u2010based decision method for access control systems. 2011 Ninth Annual International Conference on Privacy Security and Trust (PST).2011.189\u201392.","DOI":"10.1109\/PST.2011.5971982"},{"key":"e_1_2_7_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.08.001"},{"key":"e_1_2_7_7_1","unstructured":"McGrawRW.Risk\u2010adaptable access control (RAdAC).2009[cited 2014 Jul 22]. Available from:http:\/\/csrc.nist.gov\/news_events\/privilege\u2010management\u2010workshop\/radac\u2010Paper0001.pdf"},{"key":"e_1_2_7_8_1","doi-asserted-by":"crossref","unstructured":"ChenC HanW YongJ.Specify and enforce the policies of quantified risk adaptive access control. 2010 14th International Conference on Computer Supported Cooperative Work in Design (CSCWD).2010.110\u2013115.","DOI":"10.1109\/CSCWD.2010.5471991"},{"key":"e_1_2_7_9_1","doi-asserted-by":"crossref","unstructured":"MaJ AdiK MejriM LogrippoL.Risk analysis in access control systems. 2010 Eighth Annual International Conference on Privacy Security and Trust (PST).2010.160\u2013166.","DOI":"10.1109\/PST.2010.5593248"},{"key":"e_1_2_7_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2011.41"},{"key":"e_1_2_7_11_1","unstructured":"BenssalahM DjeddouM DrouicheK.Security enhancement of the authenticated RFID security mechanism based on chaotic maps. Security Comm Networks [Internet].2014Jan 1 [cited 2014 Nov 1]; Available from:http:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/sec.946\/abstract"},{"key":"e_1_2_7_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-71641-9"},{"key":"e_1_2_7_13_1","unstructured":"RobertiM.The history of RFID technology\u2014RFID Journal [Internet]. RFID Journal2005[cited 2013 Oct 28]. Available from:http:\/\/www.rfidjournal.com\/articles\/view?1338"},{"key":"e_1_2_7_14_1","volume-title":"RFID Security Issues\u2014An Overview (Invited Paper). Proceedings of International Conference on Innovation in Electronics and Communication Engineering","author":"Sundaresan S","year":"2012"},{"key":"e_1_2_7_15_1","first-page":"20","article-title":"Guidelines for securing radio freque-ncy identification (RFID) systems","volume":"154","author":"Karygiannis T","year":"2007","journal-title":"NIST SP"},{"key":"e_1_2_7_16_1","volume-title":"Protecting Privacy and Ensuring Security of RFID Systems Using Private Authentication Protocols [Master of Science (MS)]","author":"Hoque E","year":"2010"},{"key":"e_1_2_7_17_1","first-page":"272","volume-title":"Privacy and Security for RFID Access Control Systems: RFID Access Control Systems without Back\u2010end Database","author":"Al\u2010Zewairi M","year":"2011"},{"key":"e_1_2_7_18_1","first-page":"3","article-title":"Severless search and authentication protocols for RFID","author":"Tan CC","year":"2007","journal-title":"Institute of Electrical and Electronics Engineers"},{"issue":"11","key":"e_1_2_7_19_1","first-page":"390","article-title":"Security analysis on anonymous mutual authentication protocol for RFID tag without back\u2010end database and its improvement","volume":"3","author":"Kim S","year":"2009","journal-title":"World Academy of Science, Engineering and Technology"},{"key":"e_1_2_7_20_1","first-page":"278","article-title":"Untraceable and Serverless RFID Authentication and Search Protocols. 2011 Ninth IEEE International Symposium on Parallel and Distributed Processing with Applications Workshops (ISPAW)","volume":"1","author":"Kim Z","year":"2011","journal-title":"Institute of Electrical and Electronics Engineers"},{"key":"e_1_2_7_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-77024-4_57"},{"key":"e_1_2_7_22_1","first-page":"393","article-title":"LP0: a RFID authentication protocol for low\u2010cost tags without back\u2010end database. 2012 International Conference on Computer Distributed Control and Intelligent Environmental Monitoring (CDCIEM)","author":"Yin X","year":"2012","journal-title":"Institute of Electrical and Electronics Engineers"},{"key":"e_1_2_7_23_1","first-page":"1","article-title":"Preserving privacy of mobile reader holders in server\u2010less RFID authentication and searching protocols","volume":"1301","author":"X W","year":"2013","journal-title":"CoRR"},{"issue":"2","key":"e_1_2_7_24_1","first-page":"131","article-title":"Secure and private protocols for server\u2010less RFID systems","volume":"7","author":"Jialiang H","year":"2014","journal-title":"International Journal of Computer Application"},{"key":"e_1_2_7_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-29963-6_11"},{"key":"e_1_2_7_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2013.6682761"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.1303","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.1303","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/sec.1303","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,2]],"date-time":"2023-09-02T21:29:30Z","timestamp":1693690170000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/sec.1303"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,7,14]]},"references-count":25,"journal-issue":{"issue":"18","published-print":{"date-parts":[[2015,12]]}},"alternative-id":["10.1002\/sec.1303"],"URL":"https:\/\/doi.org\/10.1002\/sec.1303","archive":["Portico"],"relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"value":"1939-0114","type":"print"},{"value":"1939-0122","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015,7,14]]}}}