This paper presents the design principles for dynamic security modeling in risk-prone environments, where elements of the environment to be protected are classified in Contexts and are monitored and geo-referenced. Based on a motivating scenario, the security model elements are introduced building on the ABAC (Attribute Based Access Control) paradigm. Dynamicity is integrated into the model to make it self-adaptable to dynamic changes in the environment conditions, including the occurrence of risks and emergencies. The model aims at dynamically authorizing subjects to access diverse data and physical objects (resources) based on adaptive activation/deactivation of security rules and changes in subject or object attributes, while still preserving the need-to-know principle.
Dynamic security modeling in risk management using environmental knowledge
FUGINI, MARIAGRAZIA;TEIMOURIKIA, MAHSA
2014-01-01
Abstract
This paper presents the design principles for dynamic security modeling in risk-prone environments, where elements of the environment to be protected are classified in Contexts and are monitored and geo-referenced. Based on a motivating scenario, the security model elements are introduced building on the ABAC (Attribute Based Access Control) paradigm. Dynamicity is integrated into the model to make it self-adaptable to dynamic changes in the environment conditions, including the occurrence of risks and emergencies. The model aims at dynamically authorizing subjects to access diverse data and physical objects (resources) based on adaptive activation/deactivation of security rules and changes in subject or object attributes, while still preserving the need-to-know principle.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
