• DocumentCode
    1800007
  • Title

    TRAAC: Trust and risk aware access control

  • Author

    Burnett, Chris ; Liang Chen ; Edwards, Philip ; Norman, Timothy J.

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Aberdeen, Aberdeen, UK
  • fYear
    2014
  • fDate
    23-24 July 2014
  • Firstpage
    371
  • Lastpage
    378
  • Abstract
    Systems for allowing users to manage access to their personal data are important for a wide variety of applications including healthcare, where authorised individuals may need to share information in ways that the owner had not anticipated. Simply denying access in unknown cases may hamper critical decisions and affect service delivery. Rather, decisions can be made considering the risk of a given sharing request, and the trustworthiness of the requester. We propose a trust- and risk-aware access control mechanism (TRAAC) and a sparse zone-based policy model, which together allow decision-making on the basis of the requester´s trustworthiness with regards to both the information to be shared, and the completion of obligations designed to mitigate risk. We formalise our approach and compare it with an existing approach that does not model trust through simulation.
  • Keywords
    authorisation; decision making; risk analysis; trusted computing; TRAAC; decision making; sparse zone-based policy model; trust and risk aware access control; Authorization; Computational modeling; History; Medical services; Sensitivity;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on
  • Conference_Location
    Toronto, ON
  • Print_ISBN
    978-1-4799-3502-4
  • Type

    conf

  • DOI
    10.1109/PST.2014.6890962
  • Filename
    6890962
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1800007