Context-Based Risk-Adaptive Security Model and Conflict Management

  • Mahsa Teimourikia
  • Guido Marilli
  • Mariagrazia Fugini
Conference paper

DOI: 10.1007/978-3-319-44403-1_8

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9827)
Cite this paper as:
Teimourikia M., Marilli G., Fugini M. (2016) Context-Based Risk-Adaptive Security Model and Conflict Management. In: Hartmann S., Ma H. (eds) Database and Expert Systems Applications. DEXA 2016. Lecture Notes in Computer Science, vol 9827. Springer, Cham

Abstract

In dynamic and risk-prone environments, security rules should be flexible enough to permit the treatment of risks, and to manage privileges on resources based on the situation at hand. For this purpose, we define safety-centric contexts based on risk description that is provided by the safety management system. This paper presents a risk-adaptive access control model that adopts hierarchies of contexts and security domains to make adaptations to risks at different levels of criticality. Since various risks may arise simultaneously, two or more security domains might be applicable at the same time incorporating various security rules which might lead to conflicts. Therefore, an approach to analyze conflicts is essential. In this work, we propose a conflict analysis algorithm based on set theory and we illustrate its usage with the proposed risk-adaptive access control model.

Keywords

Attribute-Based Access Control Security XACML Conflict analysis Context-awareness Safety management 

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Mahsa Teimourikia
    • 1
  • Guido Marilli
    • 1
  • Mariagrazia Fugini
    • 1
  1. 1.Politecnico di MilanoMilanItaly

Personalised recommendations