Risk-aware role-based access control

Chen, Liang and Crampton, Jason (2011) Risk-aware role-based access control. In: 7th International Workshop on Security and Trust Management, 27-28 Jun 2011, Copenhagen, Denmark.

Full text not available from this repository.


The increasing need to share information in dynamic environments has created a requirement for risk-aware access control systems. The standard RBAC model is designed to operate in a relatively stable, closed environment and does not include any support for risk. In this paper, we explore a number of ways in which the RBAC model can be extended to incorporate notions of risk. In particular, we develop three simple risk-aware RBAC models that differ in the way in which risk is represented and accounted for in making access control decisions. We also propose a risk-aware RBAC model that combines all the features of three simple models and consider some issues related to its implementation. Compared with existing work, our models have clear authorization semantics and support richer types of access control decisions.

Item Type: Conference or Workshop Item (Paper)
ISSN: 0302-9743
ISBN: 9783642299629
Identifier: 10.1007/978-3-642-29963-6_11
Page Range: pp. 140-156
Identifier: 10.1007/978-3-642-29963-6_11
Subjects: Computing
Depositing User: Liang Chen
Date Deposited: 22 Mar 2016 18:08
Last Modified: 28 Aug 2021 07:19
URI: https://repository.uwl.ac.uk/id/eprint/1835

Actions (login required)

View Item View Item