A Dynamic Access Control System based on Situations of Users

Hirokazu Hasegawa; Hiroki Takakura

doi:10.5220/0010327406530660

A Dynamic Access Control System based on Situations of Users

Hirokazu Hasegawa, Hiroki Takakura

2021

Abstract

Recently, cyber attacks have been sophisticated and cause serious damages. As one of the solutions for mitigating the damages, the network separation and fine granularity of access controls are effective against attacks. However, the COVID-19 changes human work style, and telecommuting comes to be generally. It may give many chances to attackers for invading the organization’s internal network by infecting user’s vulnerable home terminals, which are out of control by the organization. To ensure the security of organizations, we propose a dynamic access control system based on the situations of users. The system evaluates communications based on the user’s risk and the importance of resources in destination terminals. When a user connects to the organization network from the outside, the system dynamically changes the access controls according to the evaluation results. The such situation requires stricter access controls than usual ones. For example, the communication by the high-risk user and the communication to servers storing important resources are restricted. By applying such dynamic access controls, the system enables us to ensure our network security with maintaining the convenience of users telecommuting.

Download

Paper Citation

in Harvard Style

Hasegawa H. and Takakura H. (2021). A Dynamic Access Control System based on Situations of Users.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-491-6, pages 653-660. DOI: 10.5220/0010327406530660

in Bibtex Style

@conference{icissp21,
author={Hirokazu Hasegawa and Hiroki Takakura},
title={A Dynamic Access Control System based on Situations of Users},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2021},
pages={653-660},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010327406530660},
isbn={978-989-758-491-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - A Dynamic Access Control System based on Situations of Users
SN - 978-989-758-491-6
AU - Hasegawa H.
AU - Takakura H.
PY - 2021
SP - 653
EP - 660
DO - 10.5220/0010327406530660