A unified attribute-based access control model covering DAC, MAC and RBAC
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Towards provenance and risk-awareness in social computing
Proceedings of the First International Workshop on Secure and Resilient Architectures and Systems
Beyond accountability: using obligations to reduce risk exposure and deter insider attacks
Proceedings of the 18th ACM symposium on Access control models and technologies
A model for trust-based access control and delegation in mobile clouds
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
| Hi-index | 0.00 |
The concept of risk-based adaptive access control (RAdAC, pronounced Raid-ack) has been recently introduced in the literature. It seeks to automatically (or semi-automatically) adjust security risk for providing access to resources accounting for operational needs, risk factors and situational factors. In order to make progress in this arena we need abstract models analogous to those that underlie the sustained and successful practice of discretionary, mandatory and role-based access control. Such models define a formal structure and components for policy specifications, while allowing for a variety of enforcement architectures and detailed implementation. In this paper we develop a novel approach to capture these characteristics of RAdAC using attribute-based access control. We further show that this RAdAC model can be expressed in the UCON usage control model with suitable extensions, and discuss how other UCON elements not used in this construction could beneficially improve the RAdAC vision.