Dynamic and risk-aware network access management

Authors:
Lawrence Teo;Gail-Joon Ahn;Yuliang Zheng
Affiliations:
University of North Carolina at Charlotte, Charlotte, NC;University of North Carolina at Charlotte, Charlotte, NC;University of North Carolina at Charlotte, Charlotte, NC
Venue:
Proceedings of the eighth ACM symposium on Access control models and technologies
Year:
2003

Citing 6
Cited 7

Role-Based Access Control Models

Computer
Towards a task-based paradigm for flexible and adaptable access control in distributed applications

NSPW '92-93 Proceedings on the 1992-1993 workshop on New security paradigms
On the increasing importance of constraints

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
How to Own the Internet in Your Spare Time

Proceedings of the 11th USENIX Security Symposium
Dynamic access control through Petri net workflows

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference

Defeating Internet Attacks Using Risk Awareness and Active Honeypots

IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Managing heterogeneous network environments using an extensible policy framework

ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Towards security and QoS optimization in real-time embedded systems

ACM SIGBED Review - Special issue: The work-in-progress (WIP) session of the RTSS 2005
Multiple access game in ad-hoc network

Proceedings of the 2nd international conference on Performance evaluation methodologies and tools
Apply measurable risk to strengthen security of a role-based delegation supporting workflow system

POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Extensible policy framework for heterogeneous network environments

International Journal of Information and Computer Security
Automatic security assessment for next generation wireless mobile networks

Mobile Information Systems - Emerging Wireless and Mobile Technologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

Traditional network security technologies such as firewalls and intrusion detection systems usually work according to a static ruleset only. We believe that a better approach to network security can be achieved if we use quantified levels of risk as an input. In this paper, we describe a dynamic access control architecture which uses risk to determine whether to allow or deny access by a source connection into the network. A simulation of our architecture shows favorable and promising results.