ePubs
The open archive for STFC research publications
Home
About ePubs
Content Policies
News
Help
Privacy/Cookies
Contact ePubs
Full Record Details
Persistent URL
http://purl.org/net/epubs/work/41569
Record Status
Checked
Record Id
41569
Title
Reconfiguring Role Based Access Control Policies Using Risk Semantics
Contributors
B Aziz (Imperial College London)
,
S Foley (University College Cork)
,
J Herbert (University College Cork)
,
G Swart (IBM)
Abstract
We present a refined model for Role Based Access Control policies and define a risk measure for the model, which expresses elements of the operational, combinatorial and conflict of interest risks present in a particular policy instance. The model includes risk-reducing mechanisms corresponding to practical mechanisms like firewalls, stack checking, redundancy, and event tracking that are frequently used to reduce risks in real systems. We also define policy transformation operators that produce new policies that allow the behaviours of the old policy while potentially reducing the risk measure. Sequences of these operators can be used to find policies that are less risky but still implement the initial policy. An example is give for Grid computing.
Organisation
CCLRC
Keywords
Engineering
,
RBAC Policies
,
Risk Semantics
,
Configuration Analysis
Funding Information
Related Research Object(s):
Licence Information:
Language
English (EN)
Type
Details
URI(s)
Local file(s)
Year
Journal Article
Journal of High Speed Networks 15, no. 3 (2006): 261-273.
jhsnpaper.pdf
2006
Showing record 1 of 1
Recent Additions
Browse Organisations
Browse Journals/Series
Login to add & manage publications and access information for OA publishing
Username:
Password:
Useful Links
Chadwick & RAL Libraries
SHERPA FACT
SHERPA RoMEO
SHERPA JULIET
Journal Checker Tool
Google Scholar