Enforcing Access Control Using Risk Assessment

Authors:
Nguyen Ngoc Diep;Le Xuan Hung;Yonil Zhung;Sungyoung Lee;Young-Koo Lee;Heejo Lee
Affiliations:
Kyung Hee University, Korea;Kyung Hee University, Korea;Kyung Hee University, Korea;Kyung Hee University, Korea;Kyung Hee University, Korea;Korea University, Korea
Venue:
ECUMN '07 Proceedings of the Fourth European Conference on Universal Multiservice Networks
Year:
2007

Citing 0
Cited 9

A calculus for the qualitative risk assessment of policy override authorization

Proceedings of the 3rd international conference on Security of information and networks
Usage control, risk and trust

TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
A risk-based evaluation of group access control approaches in a healthcare setting

ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Influence of attribute freshness on decision making in usage control

STM'10 Proceedings of the 6th international conference on Security and trust management
Quantitative access control with partially-observable Markov decision processes

Proceedings of the second ACM conference on Data and Application Security and Privacy
Graceful privilege reduction in RFID security

Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Risk-Based auto-delegation for probabilistic availability

DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Visualization control for event-based public display systems used in a hospital setting

NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Implementing graceful RFID privilege reduction

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Quantified Score

Hi-index	0.00

Visualization

Abstract

Context-based access control is an emerging approach for modeling adaptive solution, making access control management more flexible and powerful. But in the ubiquitous environment, this approach is not enough for many emerging security vulnerabilities. Thus, improving current access control mechanisms is still necessary. Risk is an effective tool used for decision-making in economics. In this paper, we design a new model for risk assessment in ubiquitous environment and use risk as a key component in decision-making process in our access control model. This solution makes access control management more dynamic and precise.