Research on risk property of access control policy

Author

Tang, Zhuo ; Li, Bo ; Li, Renfa ; Li, Kenli

Author_Institution

Sch. of Comput. & Commun., Hunan Univ., Changsha, China

fYear

2010

fDate

2-5 June 2010

Firstpage

1253

Lastpage

1258

Abstract

There are leaks in the permission distribution and delegation for the traditional access control based on roles. By introducing the concept of risk, this study establishes an integrated theoretic framework. This paper represents access control policy and the ordering relation among roles based on risk. The concept of risk distance is proposed, which made the security of access control polices can be compared according their various risk bands. We also illuminate the basic relationship between roles. The properties and principle are proposed for the policies´ delegation and reassignment based on risk. Through these properties and principle, this article proposed a method to optimize users´ access control polices. It ensures the executions of policies are under the minimum risk. The risk-based method can limit the highly risky authorization and delegation. And it can improve the security of the system.

Keywords

authorisation; risk analysis; access control policy; integrated theoretic framework; policies delegation; risk distance; risk property; risk-based method; Access control; Authorization; Data security; Distributed computing; Grid computing; Information security; Mobile agents; Optimization methods; Permission; Protection; Access control; Delegation; Risk; Role;

fLanguage

English

Publisher

ieee

Conference_Titel

Management of Innovation and Technology (ICMIT), 2010 IEEE International Conference on

Conference_Location

Singapore

Print_ISBN

978-1-4244-6565-1

Electronic_ISBN

978-1-4244-6566-8

Type

conf

DOI

10.1109/ICMIT.2010.5492820

Filename

5492820