Risk-based access control systems are a new element in access control categories, incorporating risk analysis as part of the inputs to consider when taking an authorization decision. A risk analysis over a resource leads generally to temporal allocation of the resource in a risk level (e.g. high, medium, low). Ideally, for each risk level and kind of resource, the access control system should take an authorization decision (expressed like a permit or deny) and the system administrator should also trigger specific counter-measures to protect resources according to their risk level. In a small access control system with few resources it is possible for an administrator to follow the risk level changes and react promptly with counter-measures;...
We present a refined model for Role Based Access Control policies and define a risk measure for the ...
Traditional access controls have evolved from being static and coarse-grained to being dynamic and v...
Fuzzy inference is a promising approach to implement risk-based access control systems. However, its...
In traditional multi-level security systems, trust and risk values are pre-computed. Any change in t...
Traditional security and access control systems, such as MLS/Bell-LaPadula, RBAC are rigid and do no...
Abstract—Over the years, role based access control (RBAC) has remained a dominant form of access con...
Context-based access control is an emerging approach for modeling adaptive solution, making access c...
The increasing need to share information in dynamic environments has created a requirement for risk-...
In monitored environments, where risks can be prevented via sensors and spatial data technologies, s...
We describe a framework for risk assessment specifically within the context of risk-based access con...
This paper presents adaptive access control for areas where risks require modifying authorizations d...
The increasing need to share information in dynamic environments has created a requirement for risk-...
Access control (AC) refers to mechanisms and policies that restrict access to resources, thus regula...
Qualitative security policy design methods suffer from over-reliance on expertise. This paper presen...
The enforcement of fine-grained access control policies in constrained dynamic networks can become a...
We present a refined model for Role Based Access Control policies and define a risk measure for the ...
Traditional access controls have evolved from being static and coarse-grained to being dynamic and v...
Fuzzy inference is a promising approach to implement risk-based access control systems. However, its...
In traditional multi-level security systems, trust and risk values are pre-computed. Any change in t...
Traditional security and access control systems, such as MLS/Bell-LaPadula, RBAC are rigid and do no...
Abstract—Over the years, role based access control (RBAC) has remained a dominant form of access con...
Context-based access control is an emerging approach for modeling adaptive solution, making access c...
The increasing need to share information in dynamic environments has created a requirement for risk-...
In monitored environments, where risks can be prevented via sensors and spatial data technologies, s...
We describe a framework for risk assessment specifically within the context of risk-based access con...
This paper presents adaptive access control for areas where risks require modifying authorizations d...
The increasing need to share information in dynamic environments has created a requirement for risk-...
Access control (AC) refers to mechanisms and policies that restrict access to resources, thus regula...
Qualitative security policy design methods suffer from over-reliance on expertise. This paper presen...
The enforcement of fine-grained access control policies in constrained dynamic networks can become a...
We present a refined model for Role Based Access Control policies and define a risk measure for the ...
Traditional access controls have evolved from being static and coarse-grained to being dynamic and v...
Fuzzy inference is a promising approach to implement risk-based access control systems. However, its...