By the same authors

Modelling Uncertain and Time-Dependent Security Labels in MLS Systems

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Author(s)

Department/unit(s)

Publication details

Title of host publicatione-Business and Telecommunications
DatePublished - 2012
Pages158-171
Number of pages14
PublisherSpringer
Original languageEnglish
ISBN (Electronic)978-3-642-25206-8
ISBN (Print)978-3-642-25205-1

Publication series

NameCommunications in Computer and Information Science
PublisherSpringer
Volume222
ISSN (Print)1865-0929

Abstract

Traditional multi-level security (MLS) systems associate security clearances with subjects, security classifications with objects, and provide a clear decision mechanism as to whether an access request should be granted or not. Many organisations, especially those in the national security and intelligence arena, are increasingly viewing the inflexibility of such models as a major inhibitor for missions where there is a need to rapidly process, share and disseminate large quantities of sensitive information. One reason for such inflexibility is the fact that subject and object labels are fixed assessments of sensitivity, whereas in practice there will inevitably be some uncertainty about the potential damage caused if a document falls into the wrong hands. Furthermore, the operational reality of many modern systems dictates a temporal element to the actual sensitivity of an object. In this paper we propose to model both security labels and clearances as time-varying probability distributions. We provide practical templates to model both uncertainty and temporally characterised dependencies, and show how these features can be naturally integrated into an access control framework based on quantified risk.

Discover related content

Find related publications, people, projects, datasets and more using interactive charts.

View graph of relations