Istituto di Informatica e Telematica     
Krautsevich L., Martinelli F., Morisset C., Yautsiukhin A. Risk-based Auto Delegation for Probabilistic Availability. In: 4th International Workshop pn Autonomous and Spontaneous Security (Leuven, Belgium, 2011). Proceedings, pp. 206 - 220. LNCS Springer, 2011.
Dynamic and evolving systems might require flexible access control mechanisms, in order to make sure that the unavailability of some users does not prevent the system to be functional, in particular for emergency-prone environments, such as healthcare, natural disaster response teams, or military systems. The auto-delegation mechanism, which combines the strengths of delegation systems and "break-the-glass" policies, was recently introduced to handle such situations, by stating that the most qualified available user for a resource can access this resource. In this work we extend this mechanism by considering availability as a quantitative measure, such that each user is associated with a probability of availability. The decision to allow or deny an access is based on the utility of each outcome and on a risk strategy. We describe a generic framework allowing a system designer to define these different concepts. We also illustrate our framework with two specific use cases inspired from healthcare systems and resource management systems.
DOI: 10.1007/978-3-642-28879-1_14
Subject Auto-delegation
Access control
K.6.5 Security and protection

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional