A Formal Model for Soft Enforcement: Influencing the Decision-Maker

  • Charles Morisset
  • Iryna Yevseyeva
  • Thomas Groß
  • Aad van Moorsel
Conference paper

DOI: 10.1007/978-3-319-11851-2_8

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8743)
Cite this paper as:
Morisset C., Yevseyeva I., Groß T., van Moorsel A. (2014) A Formal Model for Soft Enforcement: Influencing the Decision-Maker. In: Mauw S., Jensen C.D. (eds) Security and Trust Management. STM 2014. Lecture Notes in Computer Science, vol 8743. Springer, Cham

Abstract

We propose in this paper a formal model for soft enforcement, where a decision-maker is influenced towards a decision, rather than forced to select that decision. This novel type of enforcement is particularly useful when the policy enforcer cannot fully control the environment of the decision-maker, as we illustrate in the context of attribute-based access control, by limiting the control over attributes. We also show that soft enforcement can improve the security of the system when the influencer is uncertain about the environment, and when neither forcing the decision-maker nor leaving them make their own selection is optimal. We define the general notion of optimal influencing policy, that takes into account both the control of the influencer and the uncertainty in the system.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Charles Morisset
    • 1
  • Iryna Yevseyeva
    • 1
  • Thomas Groß
    • 1
  • Aad van Moorsel
    • 1
  1. 1.Centre for Cybercrime and Computer Security, School of Computing ScienceNewcastle UniversityNewcastle upon TyneUK

Personalised recommendations