Host: Japan Society for Fuzzy Theory and Intelligent Informatics
Recently, many information systems provide the service to regular users only, and these information systems are protected by authentication system form spoofing. However, much damage by the spoofing is reported. In this paper, we explain the problem of the conventional authentication system is not only in authentication algorithm but also in an access control model using risk matrix. In this paper, we propose a multi-stage access control model for building a safer information system. The multi-stage access control model can adjust the level of the authority to access granted to a user using continual authorization. Therefore, user can control damage from the spoofing based on security policy of user self.