无功访问控制系统

Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies Pub Date : 2018-06-07 DOI:10.1145/3205977.3208947

Maryam Davari, E. Bertino

{"title":"无功访问控制系统","authors":"Maryam Davari, E. Bertino","doi":"10.1145/3205977.3208947","DOIUrl":null,"url":null,"abstract":"In context-aware applications, user's access privileges rely on both user's identity and context. Access control rules are usually statically defined while contexts and the system state can change dynamically. Changes in contexts can result in service disruptions. To address this issue, this poster proposes a reactive access control system that associates contingency plans with access control rules. Risk scores are also associated with actions part of the contingency plans. Such risks are estimated by using fuzzy inference. Our approach is cast into the XACML reference architecture.","PeriodicalId":423087,"journal":{"name":"Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies","volume":"159 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Reactive Access Control Systems\",\"authors\":\"Maryam Davari, E. Bertino\",\"doi\":\"10.1145/3205977.3208947\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In context-aware applications, user's access privileges rely on both user's identity and context. Access control rules are usually statically defined while contexts and the system state can change dynamically. Changes in contexts can result in service disruptions. To address this issue, this poster proposes a reactive access control system that associates contingency plans with access control rules. Risk scores are also associated with actions part of the contingency plans. Such risks are estimated by using fuzzy inference. Our approach is cast into the XACML reference architecture.\",\"PeriodicalId\":423087,\"journal\":{\"name\":\"Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies\",\"volume\":\"159 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-06-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3205977.3208947\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3205977.3208947","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

在上下文感知的应用程序中，用户的访问权限依赖于用户的身份和上下文。访问控制规则通常是静态定义的，而上下文和系统状态可以动态更改。上下文中的更改可能导致服务中断。为了解决这个问题，本海报提出了一个反应性访问控制系统，该系统将应急计划与访问控制规则相关联。风险评分也与应急计划的行动部分相关联。利用模糊推理对这些风险进行了估计。我们的方法被转换为XACML参考体系结构。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Reactive Access Control Systems

In context-aware applications, user's access privileges rely on both user's identity and context. Access control rules are usually statically defined while contexts and the system state can change dynamically. Changes in contexts can result in service disruptions. To address this issue, this poster proposes a reactive access control system that associates contingency plans with access control rules. Risk scores are also associated with actions part of the contingency plans. Such risks are estimated by using fuzzy inference. Our approach is cast into the XACML reference architecture.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies

自引率

0.00%

发文量