University of Isfahan & Iranian Society of Cryptology Journal of Computing and Security 2322-4460 10 2 2023 07 01 New Attribute Relation-Based Access Control System via Hybrid Logic 1 12 27678 10.22108/jcs.2023.136750.1120 EN Fatemeh Nazerian Department of Computer Engineering, Qaemshahr Branch, Islamic Azad University, Qaemshahr, Iran. Homayun Motameni Department of Computer Engineering, Sari Branch, Islamic Azad University, Sari, Iran. 0000-0003-2150-2811 Journal Article 2023 02 08 In recent years, Online Social Network (OSN) has been rapidly evolving and attracted many users. In OSN, users share sensitive information; therefore, effective access control models are needed to protect information from unauthorized users. Currently, Relational Based Access Control (ReBAC) is used to protect user’s private information. The authorization policy in ReBAC is based on the relationship type and depth among users; however, it is not sufficient to protect private information such as location, time, and age. In this paper, attributes are added to the social graph to establish an efficient access control in OSN, then a policy model is proposed for the new Attribute Relation Based Access Control model (A-ReBAC), and unambiguous Hybrid Logic (HL) policy language is used to formulate the access control policy model. To evaluate the proposed policy model two path-checking algorithms (depth-first search (DFS) and breadth-first search (BFS)) are applied to real datasets, and the time spent on access requests is calculated in the social graph of these datasets. The results showed DFS takes less time than BFS to do the task defined. https://jcomsec.ui.ac.ir/article_27678_50b1d3e029808f95b15eaab2190e9e51.pdf