@inproceedings{c3e19cea51f64a8cbea534e66583cfd7,
title = "Adaptive Reasoning for Context-Sensitive Access Controls",
abstract = "Many of the current policy-based management systems implement policies that depend on dynamic operational environment contexts. The existing formal-based approaches for enforcing security policies are mainly expressed using first-order logic. A major drawback of using first-order logic in implementing dynamic policies is that new observations cannot override previously inferred consequences. In fact, a security system whose enterprise policies are implemented using first-order logic is required to have complete access to data in advance in order to be able to perform an informed reasoning and enforce restricting policies. As a major problem, the systems designed based on these first order logic-based approaches are often static, inflexible, and hard to manage and scale. This paper introduces an approach for expressing and enforcing adaptive access control policies dynamically. The paper presents a non-monotonic formal approach based on Answer Set Programming where default policies are explicitly separated from context-dependent and exception policies that often occur in dynamic systems and in particular when the required context data are unavailable ahead of time. The results of presented case study demonstrate the flexibility of the proposed approach compared to the first order logic-based context-sensitive approaches as implemented in Organizational-Based Access Control (ORBAC) model.",
keywords = "Access Control, Adaptive Security Policies, Answer Set Programming, Formal Analysis, Management",
author = "Sara Sartoli and Namin, {Akbar Siami}",
note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016 ; Conference date: 10-06-2016 Through 14-06-2016",
year = "2016",
month = aug,
day = "24",
doi = "10.1109/COMPSAC.2016.45",
language = "English",
series = "Proceedings - International Computer Software and Applications Conference",
publisher = "IEEE Computer Society",
pages = "481--486",
editor = "William Claycomb and Dejan Milojicic and Ling Liu and Mihhail Matskin and Zhiyong Zhang and Sorel Reisman and Hiroyuki Sato and Zhiyong Zhang and Ahamed, {Sheikh Iqbal}",
booktitle = "Proceedings - 2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016",
}