By the same authors

Risk Based Access Control with Uncertain and Time-dependent Sensitivity

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Standard

Risk Based Access Control with Uncertain and Time-dependent Sensitivity. / Clark, John A.; Tapiador, Juan E.; McDermid, John A.; Cheng, Pau-Chen; Agrawal, Dakshi; Ivanic, Natalie; Slogget, Dave.

Proceedings of the 2010 International Conference on Security and Cryptography. ed. / Sokratis Katsikas; Pierangela Samarati. SciTePress, 2010. p. 1-9.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Clark, JA, Tapiador, JE, McDermid, JA, Cheng, P-C, Agrawal, D, Ivanic, N & Slogget, D 2010, Risk Based Access Control with Uncertain and Time-dependent Sensitivity. in S Katsikas & P Samarati (eds), Proceedings of the 2010 International Conference on Security and Cryptography. SciTePress, pp. 1-9, International Conference on Security and Cryptography (SECRYPT), Athens, Greece, 26/06/10. <http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=5741662&refinements%3D4281739935%26sortType%3Dasc_p_Sequence%26filter%3DAND%28p_IS_Number%3A5741585%29>

APA

Clark, J. A., Tapiador, J. E., McDermid, J. A., Cheng, P-C., Agrawal, D., Ivanic, N., & Slogget, D. (2010). Risk Based Access Control with Uncertain and Time-dependent Sensitivity. In S. Katsikas, & P. Samarati (Eds.), Proceedings of the 2010 International Conference on Security and Cryptography (pp. 1-9). SciTePress. http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=5741662&refinements%3D4281739935%26sortType%3Dasc_p_Sequence%26filter%3DAND%28p_IS_Number%3A5741585%29

Vancouver

Clark JA, Tapiador JE, McDermid JA, Cheng P-C, Agrawal D, Ivanic N et al. Risk Based Access Control with Uncertain and Time-dependent Sensitivity. In Katsikas S, Samarati P, editors, Proceedings of the 2010 International Conference on Security and Cryptography. SciTePress. 2010. p. 1-9

Author

Clark, John A. ; Tapiador, Juan E. ; McDermid, John A. ; Cheng, Pau-Chen ; Agrawal, Dakshi ; Ivanic, Natalie ; Slogget, Dave. / Risk Based Access Control with Uncertain and Time-dependent Sensitivity. Proceedings of the 2010 International Conference on Security and Cryptography. editor / Sokratis Katsikas ; Pierangela Samarati. SciTePress, 2010. pp. 1-9

Bibtex - Download

@inproceedings{d0f9e3434070468896ad41681d971996,
title = "Risk Based Access Control with Uncertain and Time-dependent Sensitivity",
abstract = "In traditional multi-level security (MLS) models, object labels are fixed assessments of sensitivity. In practice there will inevitably be some uncertainty about the damage that might be caused if a document falls into the wrong hands. Furthermore, unless specific management action is taken to regrade the label on an object, it does not change. This does not reflect the operational reality of many modern systems where there is clearly a temporal element to the actual sensitivity of information. Tactical information may be highly sensitive right now but comparatively irrelevant tomorrow whilst strategic secrets may need to be maintained for many years, decades, or even longer. In this paper we propose to model both security labels and clearances as probability distributions. We provide practical templates to model both uncertainty and temporally characterized dependencies, and show how these features can be naturally integrated into a recently proposed access control framework based on quantified risk.",
author = "Clark, {John A.} and Tapiador, {Juan E.} and McDermid, {John A.} and Pau-Chen Cheng and Dakshi Agrawal and Natalie Ivanic and Dave Slogget",
note = "SECRYPT is part of ICETE - The International Joint Conference on e-Business and Telecommunications; International Conference on Security and Cryptography (SECRYPT) ; Conference date: 26-06-2010 Through 28-06-2010",
year = "2010",
language = "English",
pages = "1--9",
editor = "Sokratis Katsikas and Samarati, {Pierangela }",
booktitle = "Proceedings of the 2010 International Conference on Security and Cryptography",
publisher = "SciTePress",

}

RIS (suitable for import to EndNote) - Download

TY - GEN

T1 - Risk Based Access Control with Uncertain and Time-dependent Sensitivity

AU - Clark, John A.

AU - Tapiador, Juan E.

AU - McDermid, John A.

AU - Cheng, Pau-Chen

AU - Agrawal, Dakshi

AU - Ivanic, Natalie

AU - Slogget, Dave

N1 - SECRYPT is part of ICETE - The International Joint Conference on e-Business and Telecommunications

PY - 2010

Y1 - 2010

N2 - In traditional multi-level security (MLS) models, object labels are fixed assessments of sensitivity. In practice there will inevitably be some uncertainty about the damage that might be caused if a document falls into the wrong hands. Furthermore, unless specific management action is taken to regrade the label on an object, it does not change. This does not reflect the operational reality of many modern systems where there is clearly a temporal element to the actual sensitivity of information. Tactical information may be highly sensitive right now but comparatively irrelevant tomorrow whilst strategic secrets may need to be maintained for many years, decades, or even longer. In this paper we propose to model both security labels and clearances as probability distributions. We provide practical templates to model both uncertainty and temporally characterized dependencies, and show how these features can be naturally integrated into a recently proposed access control framework based on quantified risk.

AB - In traditional multi-level security (MLS) models, object labels are fixed assessments of sensitivity. In practice there will inevitably be some uncertainty about the damage that might be caused if a document falls into the wrong hands. Furthermore, unless specific management action is taken to regrade the label on an object, it does not change. This does not reflect the operational reality of many modern systems where there is clearly a temporal element to the actual sensitivity of information. Tactical information may be highly sensitive right now but comparatively irrelevant tomorrow whilst strategic secrets may need to be maintained for many years, decades, or even longer. In this paper we propose to model both security labels and clearances as probability distributions. We provide practical templates to model both uncertainty and temporally characterized dependencies, and show how these features can be naturally integrated into a recently proposed access control framework based on quantified risk.

UR - http://www.scopus.com/inward/record.url?scp=78651440675&partnerID=8YFLogxK

M3 - Conference contribution

SP - 1

EP - 9

BT - Proceedings of the 2010 International Conference on Security and Cryptography

A2 - Katsikas, Sokratis

A2 - Samarati, Pierangela

PB - SciTePress

T2 - International Conference on Security and Cryptography (SECRYPT)

Y2 - 26 June 2010 through 28 June 2010

ER -