Context-Based Risk-Adaptive Security Model and Conflict Management
- Cite this paper as:
- Teimourikia M., Marilli G., Fugini M. (2016) Context-Based Risk-Adaptive Security Model and Conflict Management. In: Hartmann S., Ma H. (eds) Database and Expert Systems Applications. DEXA 2016. Lecture Notes in Computer Science, vol 9827. Springer, Cham
In dynamic and risk-prone environments, security rules should be flexible enough to permit the treatment of risks, and to manage privileges on resources based on the situation at hand. For this purpose, we define safety-centric contexts based on risk description that is provided by the safety management system. This paper presents a risk-adaptive access control model that adopts hierarchies of contexts and security domains to make adaptations to risks at different levels of criticality. Since various risks may arise simultaneously, two or more security domains might be applicable at the same time incorporating various security rules which might lead to conflicts. Therefore, an approach to analyze conflicts is essential. In this work, we propose a conflict analysis algorithm based on set theory and we illustrate its usage with the proposed risk-adaptive access control model.