Title :
An Attribute Based Framework for Risk-Adaptive Access Control Models
Author :
Kandala, Savith ; Sandhu, Ravi ; Bhamidipati, Venkata
Abstract :
The concept of risk-based adaptive access control (RAdAC, pronounced Raid-ack) has been recently introduced in the literature. It seeks to automatically (or semi-automatically) adjust security risk for providing access to resources accounting for operational needs, risk factors and situational factors. In order to make progress in this arena we need abstract models analogous to those that underlie the sustained and successful practice of discretionary, mandatory and role-based access control. Such models define a formal structure and components for policy specifications, while allowing for a variety of enforcement architectures and detailed implementation. In this paper we develop a novel approach to capture these characteristics of RAdAC using attribute-based access control. We further show that this RAdAC model can be expressed in the UCON usage control model with suitable extensions, and discuss how other UCON elements not used in this construction could beneficially improve the RAdAC vision.
Keywords :
authorisation; formal specification; risk management; RAdAC; UCON usage control model; abstract model; attribute-based access control; enforcement architecture; formal structure; policy specification; resources accounting; risk factors; risk-adaptive access control model; role-based access control; security risk; situational factors; Adaptation models; Authorization; Business; Electronic mail; History; Access control; RAdAC; Risk-Adaptive Access Control; Risk-Based access control; UCON; Usage Control;
Conference_Titel :
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location :
Vienna
Print_ISBN :
978-1-4577-0979-1
Electronic_ISBN :
978-0-7695-4485-4
DOI :
10.1109/ARES.2011.41
