OTM Confederated International Conferences "On the Move to Meaningful Internet Systems"

On the Move to Meaningful Internet Systems: OTM 2015 Conferences pp 660-676 | Cite as

Balancing Trust and Risk in Access Control

  • Alessandro Armando
  • Michele Bezzi
  • Francesco Di Cerbo
  • Nadia Metoui
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9415)


The increasing availability of large and diverse datasets (big data) calls for increased flexibility in access control so to improve the exploitation of the data. Risk-aware access control systems offer a natural approach to the problem. We propose a novel access control framework that combines trust with risk and supports access control in dynamic contexts through trust enhancement mechanisms and risk mitigation strategies. This allows to strike a balance between the risk associated with a data request and the trustworthiness of the requester. If the risk is too large compared to the trust level, then the framework can identify adaptive strategies leading to a decrease of the risk (e.g., by removing/obfuscation part of the data through anonymization) or to increase the trust level (e.g., by asking for additional obligations to the requester). We outline a modular architecture to realize our model, and we describe how these strategies can be actually realized in a realistic use case.


Trust Privacy Risk 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Trabelsi, S., Ecuyer, A., Alvarez, P.C.Y., Di Cerbo, F.: Optimizing access control performance for the cloud. In: Helfert, M., Desprez, F., Ferguson, D., Leymann, F., Muñoz, V.M. (eds.): CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science, Barcelona, Spain, April 3–5, 2014, 551–558. SciTePress (2014)Google Scholar
  2. 2.
    Chen, L., Crampton, J.: Risk-aware role-based access control. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 140–156. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  3. 3.
    Baracaldo, N., Joshi, J.: An adaptive risk management and access control framework to mitigate insider threats. Computers and Security 39, 237–254 (2013)CrossRefGoogle Scholar
  4. 4.
    Josang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decision Support Systems 43(2), 618–644 (2007). Emerging Issues in Collaborative CommerceCrossRefGoogle Scholar
  5. 5.
    Mcknight, D.H., Chervany, N.L.: The meanings of trust. Technical report (1996)Google Scholar
  6. 6.
    Gambetta, D.: Can we trust trust? In: Trust: Making and Breaking Cooperative Relations 213–237. Basil Blackwell (1988)Google Scholar
  7. 7.
    Celikel, E., Kantarcioglu, M., Thuraisingham, B., Bertino, E.: A risk management approach to RBAC. Risk Decis. Anal. 1(1), 21–33 (2009)Google Scholar
  8. 8.
    ISO: Iec 27005: 2011 (en) information technology-security techniques-information security risk management switzerland. ISO/IEC (2011)Google Scholar
  9. 9.
    Cheng, P.C., Rohatgi, P., Keser, C., Karger, P.A., Wagner, G.M., Reninger, A.S.: Fuzzy multi-level security: An experiment on quantified risk-adaptive access control. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy, SP 2007, pp. 222–230 (2007)Google Scholar
  10. 10.
    Houmb, S.H., Franqueira, V.N.L., Engum, E.A.: Quantifying security risk level from cvss estimates of frequency and impact. J. Syst. Softw. 83(9), 1622–1634 (2010)CrossRefGoogle Scholar
  11. 11.
    Moses, T., et al.: extensible access control markup language (xacml) version 2.0. Oasis Standard 200502 (2005)Google Scholar
  12. 12.
    Council of Europe: Handbook on european data protection law. Technical report (2014)Google Scholar
  13. 13.
    Scholl, M.A., Stine, K.M., Hash, J., Bowen, P., Johnson, L.A., Smith, C.D., Steinberg, D.I.: Sp 800–66 rev. 1. an introductory resource guide for implementing the health insurance portability and accountability act (HIPAA) security rule. Technical report (2008)Google Scholar
  14. 14.
    Clifton, C., Tassa, T.: On syntactic anonymity and differential privacy. Trans. Data Privacy 6(2), 161–183 (2013)MathSciNetGoogle Scholar
  15. 15.
    Dalenius, T.: Finding a needle in a haystack-or identifying anonymous census record. Journal of official statistics 2(3) (1986)Google Scholar
  16. 16.
    Bezzi, M.: An information theoretic approach for privacy metrics. Transactions on Data Privacy 3(3), 199–215 (2010)MathSciNetGoogle Scholar
  17. 17.
    Samarati, P.: Protecting respondents’ identities in microdata release. IEEE Trans. Knowl. Data Eng. 13(6), 1010–1027 (2001)CrossRefGoogle Scholar
  18. 18.
    Fung, B.C.M., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: A survey of recent developments. ACM Comput. Surv. 42(4), 1–53 (2010)CrossRefGoogle Scholar
  19. 19.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Theory of privacy and anonymity. In: Atallah, M., Blanton, M. (eds.) Algorithms and Theory of Computation Handbook (2nd edn). CRC Press (2009)Google Scholar
  20. 20.
    Armando, A., Bezzi, M., Metoui, N., Sabetta, A.: Risk-aware information disclosure. In: Garcia-Alfaro, J., Herrera-Joancomartí, J., Lupu, E., Posegga, J., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/SETOP/QASA 2014. LNCS, vol. 8872, pp. 266–276. Springer, Heidelberg (2015) Google Scholar
  21. 21.
    Committee on Strategies for Responsible Sharing of Clinical Trial Data: Sharing Clinical Trial Data: Maximizing Benefits, Minimizing Risk. National Academies Press (US), Washington (DC) (2015)Google Scholar
  22. 22.
    Mont, M.C., Beato, F.: On parametric obligation policies: enabling privacy-aware information lifecycle management in enterprises. In: Eighth IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY 2007, pp. 51–55. IEEE (2007)Google Scholar
  23. 23.
    Ali, M., Bussard, L., Pinsdorf, U.: Obligation language for access control and privacy policies (2010)Google Scholar
  24. 24.
    Sandhu, R., Park, J.: Usage control: a vision for next generation access control. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 17–31. Springer, Heidelberg (2003) CrossRefGoogle Scholar
  25. 25.
    Ardagna, C.A., Cremonini, M., Capitani di Vimercati, S., Samarati, P.: A privacy-aware access control system. Journal of Computer Security 16(4), 369–397 (2008)Google Scholar
  26. 26.
    Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Communications of the ACM 49(9), 39–44 (2006)CrossRefGoogle Scholar
  27. 27.
    Di Cerbo, F., Doliere, F., Gomez, L., Trabelsi, S.: Ppl v2.0: uniform data access and usage control on cloud and mobile. In: Proceedings of the 1st International Workshop on TEchnical and LEgal aspects of data pRIvacy and SEcurity, IEEE (2015)Google Scholar
  28. 28.
    Trabelsi, S., Sendor, J., Reinicke, S.: Ppl: primelife privacy policy engine. In: 2011 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 184–185, June 2011Google Scholar
  29. 29.
    Bertino, E., Bonatti, P.A., Ferrari, E.: Trbac: A temporal role-based access control model. ACM Trans. Inf. Syst. Secur. 4(3), 191–233 (2001)CrossRefGoogle Scholar
  30. 30.
    Bonatti, P., Galdi, C., Torres, D.: Erbac: event-driven rbac. In: Proceedings of the 18th ACM Symposium on Access Control Models and Technologies. SACMAT 2013. ACM NY (2013)Google Scholar
  31. 31.
    Ahmed, A., Zhang, N.: A context-risk-aware access control model for ubiquitous environments. In: IMCSIT. IEEE (2008)Google Scholar
  32. 32.
    Chen, L., Crampton, J., Kollingbaum, M.J., Norman, T.J.: Obligations in risk-aware access control. In: Cuppens-Boulahia, N., Fong, P., García-Alfaro, J., Marsh, S., Steghöfer, J. (eds.) PST, pp. 145–152. IEEE (2012)Google Scholar
  33. 33.
    Cheng, P.C., Rohatgi, P., Keser, C., Karger, P.A., Wagner, G.M., Reninger, A.S.: Fuzzy multi-level security: an experiment on quantified risk-adaptive access control. In: IEEE Symposium on Security and Privacy, pp. 222–230. IEEE Computer Society (2007)Google Scholar
  34. 34.
    Dickens, L., Russo, A., Cheng, P.C., Lobo, J.: Towards learning risk estimation functions for access control. In: In Snowbird Learning Workshop (2010)Google Scholar
  35. 35.
    Shaikh, R.A., Adi, K., Logrippo, L.: Dynamic risk-based decision methods for access control systems 31, 447–464 (2012)Google Scholar
  36. 36.
    Armando, A., Bezzi, M., Metoui, N., Sabetta, A.: Risk-based privacy-aware information disclosure. International Journal of Secure Software Engineering (IJSSE) 6(2), 70–89 (2015)CrossRefGoogle Scholar
  37. 37.
    Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Provisions and obligations in policy management and security applications. In: Proceedings of the 28th International Conference on Very Large Data Bases. VLDB 2002, pp. 502–513. VLDB Endowment (2002)Google Scholar
  38. 38.
    Baracaldo, N., Joshi, J.: Beyond accountability: Using obligations to reduce risk exposure and deter insider attacks. In: Proceedings of the 18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013, pp. 213–224. ACM, New York (2013)Google Scholar
  39. 39.
    Dimmock, N., Belokosztolszki, A., Eyers, D., Bacon, J., Moody, K.: Using trust and risk in role-based access control policies. In: Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies. SACMAT 2004, pp. 156–162. ACM, New York (2004)Google Scholar
  40. 40.
    Shah, A., Dahake, S., J., S.H.H.: Valuing data security and privacy using cyber insurance. SIGCAS Comput. Soc. 45(1), 38–41 (2015)Google Scholar
  41. 41.
    Kelley, P., Komanduri, S., Mazurek, M., Shay, R., Vidas, T., Bauer, L., Christin, N., Cranor, L., Lopez, J.: Guess again (and again and again): measuring password strength by simulating password-cracking algorithms. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 523–537 (2012)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Alessandro Armando
    • 1
    • 2
  • Michele Bezzi
    • 3
  • Francesco Di Cerbo
    • 3
  • Nadia Metoui
    • 1
    • 4
  1. 1.Security & Trust UnitFBK-IrstTrentoItaly
  2. 2.DIBRISUniversity of GenovaGenoaItaly
  3. 3.SAP Product Security ResearchSophia AntipolisFrance
  4. 4.DISIUniversity of TrentoTrentoItaly

Personalised recommendations