DocumentCode :
2571594
Title :
Risk-based decision method for access control systems
Author :
Shaikh, Riaz Ahmed ; Adi, Kamel ; Logrippo, Luigi ; Mankovski, Serge
Author_Institution :
Dept. of Comput. Sci. & Eng., Univ. du Quebec en Outaouais, Outaouais, QC, Canada
fYear :
2011
fDate :
19-21 July 2011
Firstpage :
189
Lastpage :
192
Abstract :
Traditional security and access control systems, such as MLS/Bell-LaPadula, RBAC are rigid and do not contain automatic mechanisms through which a system can increase or decrease users´ access to classified information. Therefore, in this paper, we propose a risk-based decision method for an access control system. Firstly, we dynamically calculate the trust and risk values for each subject-object pair. Both values are adaptive, reflecting the past behavior of the users with particular objects. The past behavior is evaluated based on the history of reward and penalty points. These are assigned by the system after the completion of every transaction. Secondly, based on the trust and risk values, an access decision is made.
Keywords :
authorisation; access control systems; penalty points; reward history; risk values; risk-based decision method; trust values; Access control; Conferences; Equations; History; Mathematical model; Sensitivity;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Privacy, Security and Trust (PST), 2011 Ninth Annual International Conference on
Conference_Location :
Montreal, QC
Print_ISBN :
978-1-4577-0582-3
Type :
conf
DOI :
10.1109/PST.2011.5971982
Filename :
5971982
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2571594
بازگشت