Summary The security of access and information flow carries with it the risk that resources will be misused – intentionally or accidentally. Static Access Control (AC) policies based on qualitative judgements are insufficient for scenarios where roles and access requirements are subtle and change frequently. We propose using quantified risk and benefit estimates in the design and management of AC policies. The first step is to build models for estimating risk and benefit. Many factors may affect risk and benefit, and the relationship among them and their impacts are usually complex and hard to determine analytically. Therefore we decided to use machine learning techniques to learn the models from AC data. Due to the sensitive and evolving n...
Systems for allowing users to manage access to their personal data are important for a wide variety ...
Data access control is a field that has been a subject of a lot of research for many years, which ha...
Role Based Access Control (RBAC) has been introduced in an effort to facilitate authorization in dat...
Abstract—Over the years, role based access control (RBAC) has remained a dominant form of access con...
The increasing need to share information in dynamic environments has created a requirement for risk-...
We describe a framework for risk assessment specifically within the context of risk-based access con...
Context-based access control is an emerging approach for modeling adaptive solution, making access c...
This paper addresses the making of security decisions, such as access-control decisions or spam filt...
The paper presents an approach based on machine learning to refine attribute-based access control p...
Access control systems are nowadays the first line of defence of modern IT systems. However, their e...
Access control (AC) refers to mechanisms and policies that restrict access to resources, thus regula...
The increasing need to share information in dynamic environments has created a requirement for risk-...
An increasing body of work has recognized the importance of exploiting machine learning (ML) advance...
Incorporating risk consideration in access control systems has recently become a popular research to...
Success and costs of audits in identity management largely depend on the structure of the underlying...
Systems for allowing users to manage access to their personal data are important for a wide variety ...
Data access control is a field that has been a subject of a lot of research for many years, which ha...
Role Based Access Control (RBAC) has been introduced in an effort to facilitate authorization in dat...
Abstract—Over the years, role based access control (RBAC) has remained a dominant form of access con...
The increasing need to share information in dynamic environments has created a requirement for risk-...
We describe a framework for risk assessment specifically within the context of risk-based access con...
Context-based access control is an emerging approach for modeling adaptive solution, making access c...
This paper addresses the making of security decisions, such as access-control decisions or spam filt...
The paper presents an approach based on machine learning to refine attribute-based access control p...
Access control systems are nowadays the first line of defence of modern IT systems. However, their e...
Access control (AC) refers to mechanisms and policies that restrict access to resources, thus regula...
The increasing need to share information in dynamic environments has created a requirement for risk-...
An increasing body of work has recognized the importance of exploiting machine learning (ML) advance...
Incorporating risk consideration in access control systems has recently become a popular research to...
Success and costs of audits in identity management largely depend on the structure of the underlying...
Systems for allowing users to manage access to their personal data are important for a wide variety ...
Data access control is a field that has been a subject of a lot of research for many years, which ha...
Role Based Access Control (RBAC) has been introduced in an effort to facilitate authorization in dat...