Chen, Chen and Weili, Han and Yong, Jianming (2010) Specify and enforce the policies of quantified risk adaptive access control. In: CSCWD 2010: 14th International Conference on Computer Supported Cooperative Work in Design , 14-16 Apr 2010, Shanghai, China.
XACML and its reference implementation can not directly support quantified risk adaptive access control, because there are several special requirements to specify and enforce the policies in risk adaptive access control: the elements in these policies, such as risk, risk level, are not covered; and risk in quantified risk adaptive access control would be mutable, accumulated and required to be continuously controlled. This paper, therefore, extends XACML and its reference implementation to support quantified risk adaptive access control. This paper makes two contributions: design a risk adaptive policy language extended from XACML; and propose a framework to enforce the policies. To the best of our knowledge, this paper is the first research work to discuss this topic.
|Item Type:||Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)|
|Additional Information:||Permanent restricted access to published version due to publisher copyright policy. ©2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.|
|Uncontrolled Keywords:||quantified risk; risk adaptive access control; policy enforcement; XACML|
|Depositing User:||Dr Jianming Yong|
|Date Deposited:||08 Dec 2010 05:13|
|Last Modified:||03 Jul 2013 00:07|
Actions (login required)
|Archive Repository Staff Only|