HACK: A Health-Based Access Control Mechanism for Dynamic Enterprise Environments

Current access control schemes focus on the user and their rights and privileges relating to the access to both initiating functionality and accessing information. This approach, while appropriate with respect to access control for the user, misses a very important aspect-the software itself. In this paper, we propose HACK, a health-based, adaptive access control scheme, that provides for both the machine and its software to act on behalf of the users during access. Paramount is that the software itself is included as part of the access control determination.The health of software can be determined when the user attempts to create a new process executing that software. HACK checks its own information about the software to determine its health and can also ask neighboring machines on the network running the same software to provide a health status. Lastly, HACK adapts the access control based on the behavior of the software in response to certain events.