Dynamic risk-based decision methods for access control systems

Shaikh, Riaz Ahmed ORCID: https://orcid.org/0000-0001-6666-0253, Adi, Kamel and Logrippo, Luigi (2012) Dynamic risk-based decision methods for access control systems. Computers and Security, 31 (4). pp. 447-464. ISSN 0167-4048

Full text not available from this repository. (Request a copy)


In traditional multi-level security systems, trust and risk values are pre-computed. Any change in these values requires manual intervention of an administrator. In many dynamic environments, however, these values should be auto-adaptive, and auto-tunable according to the usage history of the users. Moreover, occasional exceptions on resource needs, which are common in dynamic environments like healthcare, should be allowed if the subjects show a positive record of use toward resources they acquired in the past. Conversely, access of authorized users, who have negative record, should be restricted. These requirements are not taken into consideration in existing risk-based access control systems. In order to overcome these shortcomings and to meet different sensitivity requirements of various applications, we propose two dynamic risk-based decision methods for access control systems. We provide theoretical and simulation-based analysis and evaluation of both schemes. Also, we analytically prove that the proposed methods, not only allow exceptions under certain controlled conditions, but uniquely restrict legitimate access of bad authorized users.

Item Type: Article
Additional Information: Funding Information: The work reported in this article was partially supported by the Natural Sciences and Engineering Research Council of Canada, PROMPT Quebec, and CA Technologies. We thank Hemanth Khambhammettu, and Serge Mankovski for useful discussions. We are also thankful to the anonymous referees for comments that have led to improvements in the paper.
Uncontrolled Keywords: access control,policy,risk,security,trust,computer science(all),law ,/dk/atira/pure/subjectarea/asjc/1700
Faculty \ School: Faculty of Science > School of Computing Sciences
UEA Research Groups: Faculty of Science > Research Groups > Cyber Security Privacy and Trust Laboratory
Related URLs:
Depositing User: LivePure Connector
Date Deposited: 16 Aug 2022 15:31
Last Modified: 07 May 2023 06:30
URI: https://ueaeprints.uea.ac.uk/id/eprint/87332
DOI: 10.1016/j.cose.2012.02.006

Actions (login required)

View Item View Item