Specify and enforce the policies of quantified risk adaptive access control
Paper
Paper/Presentation Title | Specify and enforce the policies of quantified risk adaptive access control |
---|---|
Presentation Type | Paper |
Authors | Chen, Chen (Author), Han, Weili (Author) and Yong, Jianming (Author) |
Editors | Shen, Weiming, Gu, Ning, Lu, Tun, Barthes, Jean-Paul and Luo, Junzhou |
Journal or Proceedings Title | Proceedings of the 14th International Conference on Computer Supported Cooperative Work in Design (CSCWD 2010) |
Number of Pages | 6 |
Year | 2010 |
Place of Publication | United States |
ISBN | 9781424467631 |
Web Address (URL) of Paper | http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=05472019 |
Conference/Event | CSCWD 2010: 14th International Conference on Computer Supported Cooperative Work in Design |
Event Details | CSCWD 2010: 14th International Conference on Computer Supported Cooperative Work in Design Event Date 14 to end of 16 Apr 2010 Event Location Shanghai, China |
Abstract | XACML and its reference implementation can not directly support quantified risk adaptive access control, because there are several special requirements to specify and enforce the policies in risk adaptive access control: the elements in these policies, such as risk, risk level, are not covered; and risk in quantified risk adaptive access control would be mutable, accumulated and required to be continuously controlled. This paper, therefore, extends XACML and its reference implementation to support quantified risk adaptive access control. This paper makes two contributions: design a risk adaptive policy language extended from XACML; and propose a framework to enforce the policies. To the best of our knowledge, this paper is the first research work to discuss this topic. |
Keywords | quantified risk; risk adaptive access control; policy enforcement; XACML |
ANZSRC Field of Research 2020 | 460999. Information systems not elsewhere classified |
460499. Cybersecurity and privacy not elsewhere classified | |
401005. Risk engineering | |
Public Notes | © 2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |
Byline Affiliations | Fudan University, China |
School of Information Systems |
https://research.usq.edu.au/item/q0273/specify-and-enforce-the-policies-of-quantified-risk-adaptive-access-control
Download files
1918
total views2190
total downloads1
views this month5
downloads this month