TRAAC: Trust and Risk Aware Access Control

Burnett, Chris, Chen, Liang, Edwards, Peter and Norman, Timothy J. (2014) TRAAC: Trust and Risk Aware Access Control. In: 2014 Twelfth Annual International Conference on Privacy, Security and Trust (PST), 23-24 Jul 2014, Toronto, Canada.

[img]
Preview
PDF
TRAAC-trust-and-risk-aware-access-control.pdf - Accepted Version

Download (1MB) | Preview

Abstract

Systems for allowing users to manage access to their personal data are important for a wide variety of applications including healthcare, where authorised individuals may need to share information in ways that the owner had not anticipated. Simply denying access in unknown cases may hamper critical decisions and affect service delivery. Rather, decisions can be made considering the risk of a given sharing request, and the trustworthiness of the requester. We propose a trust- and risk-aware access control mechanism (TRAAC) and a sparse zone-based policy model, which together allow decision-making on the basis of the requester's trustworthiness with regards to both the information to be shared, and the completion of obligations designed to mitigate risk. We formalise our approach and compare it with an existing approach that does not model trust through simulation.

Item Type: Conference or Workshop Item (Paper)
Additional Information: © 2014 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Uncontrolled Keywords: Authorization, Sensitivity, Medical services, History, Computational modeling
Subjects: Computing
Depositing User: Liang Chen
Date Deposited: 22 Mar 2016 18:22
Last Modified: 07 Jul 2017 09:04
URI: http://repository.uwl.ac.uk/id/eprint/1839

Downloads

Downloads per month over past year

Actions (login required)

View Item View Item

Menu