Risk-Aware Usage Decision Making in Highly Dynamic Systems

Author

Krautsevich, Leanid ; Lazouski, Aliaksandr ; Martinelli, Fabio ; Yautsiukhin, Artsiom

Author_Institution

Dept. of Comput. Sci., Univ. of Pisa, Pisa, Italy

fYear

2010

fDate

9-15 May 2010

Firstpage

29

Lastpage

34

Abstract

Usage control model (UCON) is based on the idea that attributes required for decision-making can be changed over a period of usage. Since it is not always possible to get a fresh and trustworthy value of attributes, a decision has to be done with some uncertainties in mind. Moreover, modern systems become more distributed and dynamic and this evolution aggravates the problem. Such trend demands for the solutions capable of working with imprecise values. Our study concerns analysis of risks to make access decision of usage control more credible. We consider the risks associated with imperfect mechanisms collecting information about an authorization context. To cope with these risks we introduce our approach based on Markov chains, which aims to help in making a decision to allow further access or to deny it. The proposed approach could be useful for designers of the policy enforcement engines based on the UCON model.

Keywords

Markov processes; authorisation; decision making; risk management; Markov chains; UCON; highly dynamic systems; imperfect mechanisms; policy enforcement engines; risk aware usage decision making; usage control model; Authentication; Biometrics; Data privacy; Data security; Decision making; Entropy; Fingerprint recognition; Information security; Polynomials; Protection; UCON; freshness of attributes; risk assessment; security; trustworthiness of attributes; usage control;

fLanguage

English

Publisher

ieee

Conference_Titel

Internet Monitoring and Protection (ICIMP), 2010 Fifth International Conference on

Conference_Location

Barcelona

Print_ISBN

978-1-4244-6726-6

Type

conf

DOI

10.1109/ICIMP.2010.13

Filename

5476893