Adaptive Reasoning for Context-Sensitive Access Controls

Sara Sartoli, Akbar Siami Namin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

Many of the current policy-based management systems implement policies that depend on dynamic operational environment contexts. The existing formal-based approaches for enforcing security policies are mainly expressed using first-order logic. A major drawback of using first-order logic in implementing dynamic policies is that new observations cannot override previously inferred consequences. In fact, a security system whose enterprise policies are implemented using first-order logic is required to have complete access to data in advance in order to be able to perform an informed reasoning and enforce restricting policies. As a major problem, the systems designed based on these first order logic-based approaches are often static, inflexible, and hard to manage and scale. This paper introduces an approach for expressing and enforcing adaptive access control policies dynamically. The paper presents a non-monotonic formal approach based on Answer Set Programming where default policies are explicitly separated from context-dependent and exception policies that often occur in dynamic systems and in particular when the required context data are unavailable ahead of time. The results of presented case study demonstrate the flexibility of the proposed approach compared to the first order logic-based context-sensitive approaches as implemented in Organizational-Based Access Control (ORBAC) model.

Original languageEnglish
Title of host publicationProceedings - 2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016
EditorsWilliam Claycomb, Dejan Milojicic, Ling Liu, Mihhail Matskin, Zhiyong Zhang, Sorel Reisman, Hiroyuki Sato, Zhiyong Zhang, Sheikh Iqbal Ahamed
PublisherIEEE Computer Society
Pages481-486
Number of pages6
ISBN (Electronic)9781467388450
DOIs
StatePublished - Aug 24 2016
Event2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016 - Atlanta, United States
Duration: Jun 10 2016Jun 14 2016

Publication series

NameProceedings - International Computer Software and Applications Conference
Volume1
ISSN (Print)0730-3157

Conference

Conference2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016
CountryUnited States
CityAtlanta
Period06/10/1606/14/16

Keywords

  • Access Control
  • Adaptive Security Policies
  • Answer Set Programming
  • Formal Analysis
  • Management

Fingerprint Dive into the research topics of 'Adaptive Reasoning for Context-Sensitive Access Controls'. Together they form a unique fingerprint.

  • Cite this

    Sartoli, S., & Namin, A. S. (2016). Adaptive Reasoning for Context-Sensitive Access Controls. In W. Claycomb, D. Milojicic, L. Liu, M. Matskin, Z. Zhang, S. Reisman, H. Sato, Z. Zhang, & S. I. Ahamed (Eds.), Proceedings - 2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016 (pp. 481-486). [7552052] (Proceedings - International Computer Software and Applications Conference; Vol. 1). IEEE Computer Society. https://doi.org/10.1109/COMPSAC.2016.45