loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: John A. Clark 1 ; Juan E. Tapiador 1 ; John McDermid 1 ; Pau-Chen Cheng 2 ; Dakshi Agrawal 2 ; Natalie Ivanic 3 and Dave Slogget 4

Affiliations: 1 University of York, United Kingdom ; 2 IBM Thomas J. Watson Research Center, United States ; 3 US Army Research Laboratory, United States ; 4 LogicaCMG, United Kingdom

ISBN: 978-989-8425-18-8

Keyword(s): Information sharing, Multi-level security, Risk-based access control.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Information and Systems Security ; Information Assurance ; Internet Technology ; Risk Assessment ; Web Information Systems and Technologies

Abstract: In traditional multi-level security (MLS) models, object labels are fixed assessments of sensitivity. In practice there will inevitably be some uncertainty about the damage that might be caused if a document falls into the wrong hands. Furthermore, unless specific management action is taken to regrade the label on an object, it does not change. This does not reflect the operational reality of many modern systems where there is clearly a temporal element to the actual sensitivity of information. Tactical information may be highly sensitive right now but comparatively irrelevant tomorrow whilst strategic secrets may need to be maintained for many years, decades, or even longer. In this paper we propose to model both security labels and clearances as probability distributions. We provide practical templates to model both uncertainty and temporally characterized dependencies, and show how these features can be naturally integrated into a recently proposed access control framework based on quantified risk. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 35.172.195.49

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
A. Clark J.; E. Tapiador J.; McDermid J.; Cheng P.; Agrawal D.; Ivanic N.; Slogget D. and (2010). RISK BASED ACCESS CONTROL WITH UNCERTAIN AND TIME-DEPENDENT SENSITIVITY.In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010) ISBN 978-989-8425-18-8, pages 5-13. DOI: 10.5220/0002935200050013

@conference{secrypt10,
author={John {A. Clark} and Juan {E. Tapiador} and John McDermid and Pau{-}Chen Cheng and Dakshi Agrawal and Natalie Ivanic and Dave Slogget},
title={RISK BASED ACCESS CONTROL WITH UNCERTAIN AND TIME-DEPENDENT SENSITIVITY},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)},
year={2010},
pages={5-13},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002935200050013},
isbn={978-989-8425-18-8},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)
TI - RISK BASED ACCESS CONTROL WITH UNCERTAIN AND TIME-DEPENDENT SENSITIVITY
SN - 978-989-8425-18-8
AU - A. Clark, J.
AU - E. Tapiador, J.
AU - McDermid, J.
AU - Cheng, P.
AU - Agrawal, D.
AU - Ivanic, N.
AU - Slogget, D.
PY - 2010
SP - 5
EP - 13
DO - 10.5220/0002935200050013

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.