Quantitative analysis method of EXRBAC model with N-dimensional security entropy

On how to evaluate the performance of access control models, a method of N-dimensional security entropy is described in this paper. According to the definition and description of the information entropy in information theory, the definition of the One-dimensional Security Entropy is introduced and the one-dimensional security entropy in Discretionary-access Control model is discussed firstly. Then the N-dimensional security entropy is extended based on the unauthorized access, and by means of the N-dimensional security entropy, the quantitative security performance is measured in RBAC model. In order to measure the security of management information system with complex role level, an extension of RBAC access control (EXRBAC) model is presented in this paper, which could get quantitative analysis with N-dimensional security entropy methods. Through analyzing and comparing the security performance of these three access control models, it is shown that the EXRBAC model performance is improved in multiclass and multi-level roles condition.