Context-Based Risk-Adaptive Security Model and Conflict Management

  • Mahsa Teimourikia
  • Guido Marilli
  • Mariagrazia Fugini
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9827)


In dynamic and risk-prone environments, security rules should be flexible enough to permit the treatment of risks, and to manage privileges on resources based on the situation at hand. For this purpose, we define safety-centric contexts based on risk description that is provided by the safety management system. This paper presents a risk-adaptive access control model that adopts hierarchies of contexts and security domains to make adaptations to risks at different levels of criticality. Since various risks may arise simultaneously, two or more security domains might be applicable at the same time incorporating various security rules which might lead to conflicts. Therefore, an approach to analyze conflicts is essential. In this work, we propose a conflict analysis algorithm based on set theory and we illustrate its usage with the proposed risk-adaptive access control model.


Attribute-Based Access Control Security XACML Conflict analysis Context-awareness Safety management 


  1. 1.
    Al-Zewairi, M., Alqatawna, J., Atoum, J.: Risk adaptive hybrid RFID access control system. Secur. Commun. Netw. 8(18), 3826–3835 (2015)CrossRefGoogle Scholar
  2. 2.
    Fall, D., Okuda, T., Kadobayashi, Y., Yamaguchi, S.: Risk adaptive authorization mechanism (RAdAM) for cloud computing. J. Inf. Process. 24(2), 371–380 (2016)Google Scholar
  3. 3.
    Fugini, M., Teimourikia, M., Hadjichristofi, G.: A web-based cooperative tool for risk management with adaptive security. Future Gener. Comput. Syst. 54, 409–422 (2016)CrossRefGoogle Scholar
  4. 4.
    Gusmeroli, S., Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the internet of things. Math. Comput. Model. 58(5), 1189–1205 (2013)CrossRefGoogle Scholar
  5. 5.
    Hoyos, C.G., Zimolong, B.: Occupational Safety and Accident Prevention: Behavioral Strategies and Methods. Elsevier, Amsterdam (2014)Google Scholar
  6. 6.
    Hu, V.C., Kuhn, D.R., Ferraiolo, D.F.: Attribute-based access control. Computer 2, 85–88 (2015)CrossRefGoogle Scholar
  7. 7.
    Jebbaoui, H., Mourad, A., Otrok, H., Haraty, R.: Semantics-based approach for detecting flaws, conflicts and redundancies in XACML policies. Comput. Electr. Eng. 44, 91–103 (2015)CrossRefGoogle Scholar
  8. 8.
    Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 41–55. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  9. 9.
    Neri, M.A., Guarnieri, M., Magri, E., Mutti, S., Paraboschi, S.: Conflict detection in security policies using semantic web technology. In: 2012 IEEE First AESS European Conference on Satellite Telecommunications (ESTEL), pp. 1–6. IEEE (2012)Google Scholar
  10. 10.
    Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57(10), 2266–2279 (2013)CrossRefGoogle Scholar
  11. 11.
    Sage, A.P., Haimes, Y.Y.: Risk Modeling, Assessment, and Management. Wiley, Hoboken (2015)Google Scholar
  12. 12.
    Schefer-Wenzl, S., Bukvova, H., Strembeck, M.: A review of delegation and break-glass models for flexible access control management. In: Abramowicz, W., Kokkinaki, A. (eds.) BIS 2014 Workshops. LNBIP, vol. 183, pp. 93–104. Springer, Heidelberg (2014)Google Scholar
  13. 13.
    Shamoon, I., Rajpoot, Q., Shibli, A.: Policy conflict management using XACML. In: 2012 8th International Conference on Computing and Networking Technology (ICCNT), pp. 287–291. IEEE (2012)Google Scholar
  14. 14.
    Venkatasubramanian, K.K., Mukherjee, T., Gupta, S.K.: CAAC – an adaptive and proactive access control approach for emergencies in smart infrastructures. ACM Trans. Auton. Adapt. Syst. (TAAS) 8(4), 20 (2014)Google Scholar
  15. 15.
    Yan, D., Huang, J., Tian, Y., Zhao, Y., Yang, F.: Policy conflict detection in composite web services with RBAC. In: 2014 IEEE International Conference on Web Services (ICWS), pp. 534–541. IEEE (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Mahsa Teimourikia
    • 1
  • Guido Marilli
    • 1
  • Mariagrazia Fugini
    • 1
  1. 1.Politecnico di MilanoMilanItaly

Personalised recommendations