Title :
Authorization Policies: Using Decision Support System for Context-Aware Protection of User´s Private Data
Author :
Oglaza, Arnaud ; Laborde, Romain ; Zarate, Pascale
Author_Institution :
IRIT, Univ. of Toulouse, Toulouse, France
Abstract :
Nowadays privacy in ambient system is a real issue. Users will have to control their data more and more in the future. Current security systems don´t support a strong constraint: policy writers are non-technical users and not security experts. We propose in this paper to use Decision Support techniques and more specifically Multi-Criteria Decision Analysis in the process of authorization policy writing. This research area provides techniques to inform and assist non-technical users to write their own authorization policies following the paradigm of Attribute-Based Access Control.
Keywords :
authorisation; data privacy; decision support systems; ubiquitous computing; ambient system; attribute-based access control; authorization policy writing; context-aware protection; decision support system; multicriteria decision analysis; nontechnical users; policy writers; security experts; security systems; user private data; Authorization; Context; Databases; Decision support systems; Writing; attribute-based access control; authorization policy writing; decision support system; privacy;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on
Conference_Location :
Melbourne, VIC
DOI :
10.1109/TrustCom.2013.202
