• DocumentCode
    123759
  • Title

    Dynamic Security Modeling in Risk Management Using Environmental Knowledge

  • Author

    Fugini, Mariagrazia ; Hadjichristofi, G. ; Teimourikia, Mahsa

  • Author_Institution
    Dept. of Electron., Inf. & Bioeng., Politec. di Milano, Milan, Italy
  • fYear
    2014
  • fDate
    23-25 June 2014
  • Firstpage
    429
  • Lastpage
    434
  • Abstract
    This paper presents the design principles for dynamic security modeling in risk-prone environments, where elements of the environment to be protected are classified in Contexts and are monitored and geo-referenced. Based on a motivating scenario, the security model elements are introduced building on the ABAC (Attribute Based Access Control) paradigm. Dynamicity is integrated into the model to make it self-adaptable to dynamic changes in the environment conditions, including the occurrence of risks and emergencies. The model aims at dynamically authorizing subjects to access diverse data and physical objects (resources) based on adaptive activation/deactivation of security rules and changes in subject or object attributes, while still preserving the need-to-know principle.
  • Keywords
    authorisation; risk management; ABAC paradigm; attribute based access control; dynamic security modeling; environmental knowledge; motivating scenario; object attributes; risk management; risk-prone environment; security rules activation; security rules deactivation; subject attributes; Access control; Adaptation models; Airports; Context; Context modeling; Monitoring; adaptive security; context; dynamic access rules; environment; risk;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    WETICE Conference (WETICE), 2014 IEEE 23rd International
  • Conference_Location
    Parma
  • Type

    conf

  • DOI
    10.1109/WETICE.2014.42
  • Filename
    6927096