Title :
Risk-Aware Usage Decision Making in Highly Dynamic Systems
Author :
Krautsevich, Leanid ; Lazouski, Aliaksandr ; Martinelli, Fabio ; Yautsiukhin, Artsiom
Author_Institution :
Dept. of Comput. Sci., Univ. of Pisa, Pisa, Italy
Abstract :
Usage control model (UCON) is based on the idea that attributes required for decision-making can be changed over a period of usage. Since it is not always possible to get a fresh and trustworthy value of attributes, a decision has to be done with some uncertainties in mind. Moreover, modern systems become more distributed and dynamic and this evolution aggravates the problem. Such trend demands for the solutions capable of working with imprecise values. Our study concerns analysis of risks to make access decision of usage control more credible. We consider the risks associated with imperfect mechanisms collecting information about an authorization context. To cope with these risks we introduce our approach based on Markov chains, which aims to help in making a decision to allow further access or to deny it. The proposed approach could be useful for designers of the policy enforcement engines based on the UCON model.
Keywords :
Markov processes; authorisation; decision making; risk management; Markov chains; UCON; highly dynamic systems; imperfect mechanisms; policy enforcement engines; risk aware usage decision making; usage control model; Authentication; Biometrics; Data privacy; Data security; Decision making; Entropy; Fingerprint recognition; Information security; Polynomials; Protection; UCON; freshness of attributes; risk assessment; security; trustworthiness of attributes; usage control;
Conference_Titel :
Internet Monitoring and Protection (ICIMP), 2010 Fifth International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-1-4244-6726-6
DOI :
10.1109/ICIMP.2010.13
