• DocumentCode
    2465497
  • Title

    Specify and enforce the policies of quantified risk adaptive access control

  • Author

    Chen, Chen ; Han, Weili ; Yong, Jianming

  • Author_Institution
    Laboratory of Cryptography and Information Security, Software School, Fudan University, 825 Zhangheng Road, Shanghai China
  • fYear
    2010
  • fDate
    14-16 April 2010
  • Firstpage
    110
  • Lastpage
    115
  • Abstract
    XACML and its reference implementation can not directly support quantified risk adaptive access control, because there are several special requirements to specify and enforce the policies in risk adaptive access control: the elements in these policies, such as risk, risk level, are not covered; and risk in quantified risk adaptive access control would be mutable, accumulated and required to be continuously controlled. This paper, therefore, extends XACML and its reference implementation to support quantified risk adaptive access control. This paper makes two contributions: design a risk adaptive policy language extended from XACML; and propose a framework to enforce the policies. To the best of our knowledge, this paper is the first research work to discuss this topic.
  • Keywords
    Access control; Adaptive control; Australia; Collaborative work; Cryptography; Information security; Information systems; Laboratories; Programmable control; Risk analysis; Policy Enforcement; Quantified Risk; Risk Adaptive Access Control; XACML;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Supported Cooperative Work in Design (CSCWD), 2010 14th International Conference on
  • Conference_Location
    Shanghai, China
  • Print_ISBN
    978-1-4244-6763-1
  • Type

    conf

  • DOI
    10.1109/CSCWD.2010.5471991
  • Filename
    5471991
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2465497