Dynamic Responsibilities Assignment in Critical Electronic Institutions - A Context-Aware Solution for in Crisis Access Right Management

Abstract

Nowadays critical IT infrastructures constitute the pillars of our economy. Being able to react quickly and in real time is a crucial challenge for the security officers in charge of maintaining those infrastructures operationally. Our state of the art in this field has highlighted that many architectures exist to dynamically support the reaction after the detection of an incident infrastructure. Those architectures are mostly elaborated based on a multi-agent system approach that offers the possibility to work in a decentralized and heterogeneous environment. However, in the meantime, we have observed that those architectures are based on a static assignment of functions to agents and that, as a consequence, isolating an agent or breaking the communication channel between two of them could create serious damage on the management of the crisis. In this paper, we propose an innovative approach for making the assignment of functions to agents in the critical architecture dynamic. Our approach exploits the concept of agent responsibility that we assign dynamically to those agents depending on the crisis type and severity. Simultaneously we explain the dynamic assignment of the access rights necessary to perform the obligation linked to these new responsibilities. This dynamic assignment of responsibilities is illustrated based on the architecture defined in the ReD project. permits to cover the entire conceptual layer from the incident detection at the very low technical layer up to the escalation of the incident to upper layer based on the decision mechanisms, our solution did not consider the normative specifications related to the responsibilities and accountability of the agents involved in it (including the technical and the human agents), and did not provide the possibility of adapting the agent responsibility during the occurrence of a crisis.