Trading in risk: using markets to improve access control
Proceedings of the 2008 workshop on New security paradigms
A new schema for security in dynamic uncertain environments
SARNOFF'09 Proceedings of the 32nd international conference on Sarnoff symposium
Apply measurable risk to strengthen security of a role-based delegation supporting workflow system
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Influence of attribute freshness on decision making in usage control
STM'10 Proceedings of the 6th international conference on Security and trust management
Poster: using quantified risk and benefit to strengthen the security of information sharing
Proceedings of the 18th ACM conference on Computer and communications security
Risk-based security decisions under uncertainty
Proceedings of the second ACM conference on Data and Application Security and Privacy
Risk-Based auto-delegation for probabilistic availability
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Optimal workflow-aware authorizations
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Risk-Aware role-based access control
STM'11 Proceedings of the 7th international conference on Security and Trust Management
Insured access: an approach to ad-hoc information sharing for virtual organizations
Proceedings of the third ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
This paper describes an access control model, called BARAC, that is based on balancing risks of information disclosure with benefits of information sharing. The model configuration associates risk and benefit vectors with every read and update transaction. An allowed transactions graph captures allowed transactions and flow paths that can be used to carry out the transactions. The total system is required to be profitable, in that the total system benefit must overweigh the total system risk; and the allowed transaction graph is required to be optimal, in that its profit cannot be improved by adding transactions or removing transactions. Both the system configuration and the allowed transaction graph can be dynamically modified, while preserving the required properties. The dynamic modifications are done in the scope of hierarchies of tasks and responsible parties, that control the task structure and risk budget allocation to tasks.