loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Faouzi Jaidi and Faten Labbene Ayachi

Affiliation: Digital Security Research Unit (DSRU) and Higher School of Communication of Tunis (Sup'Com), Tunisia

ISBN: 978-989-758-117-5

Keyword(s): RBAC, Databases Security, Policy Compliance, Risk Awareness, Quantified Risk.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Database Security and Privacy ; Databases and Data Security ; Formal Methods for Security ; Information and Systems Security ; Information Assurance ; Internet Technology ; Risk Assessment ; Security in Information Systems ; Web Information Systems and Technologies

Abstract: The considerable increase of the risk associated to inner threats has motivated researches in risk assessment for access control systems. Two main approaches were adapted: (i) a risk mitigation approach via features such as constraints, and (ii) a risk quantification approach that manages access based on a quantified risk. Evaluating the risk associated to the evolutions of an access control policy is an important theme that allows monitoring the conformity of the policy in terms of risk. Unfortunately, no work has been defined in this context. We propose in this paper, a quantified risk-assessment approach for monitoring the compliance of concrete RBAC-based policies. We formalize the proposal and illustrate its application via a case of study.

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.234.227.202

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Jaidi, F. and Labbene Ayachi, F. (2015). A Risk Awareness Approach for Monitoring the Compliance of RBAC-based Policies.In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 454-459. DOI: 10.5220/0005577304540459

@conference{secrypt15,
author={Faouzi Jaidi. and Faten Labbene Ayachi.},
title={A Risk Awareness Approach for Monitoring the Compliance of RBAC-based Policies},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={454-459},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005577304540459},
isbn={978-989-758-117-5},
}

TY - CONF

JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - A Risk Awareness Approach for Monitoring the Compliance of RBAC-based Policies
SN - 978-989-758-117-5
AU - Jaidi, F.
AU - Labbene Ayachi, F.
PY - 2015
SP - 454
EP - 459
DO - 10.5220/0005577304540459

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.