Reactive Access Control Systems

Abstract In context-aware applications, users access privileges rely on both users identity and context. Access control rules are usually statically defined while contexts and the system state can change dynamically. Changes in contexts can result in service disruptions. To address this issue, this poster proposes a reactive access control system that associates contingency plans with access control rules. Risk scores are also associated with actions part of the contingency plans. Such risks are estimated by using fuzzy inference. Our approach is cast into the XACML reference architecture.
  • Maryam Davari (Purdue)
  • Elisa Bertino (Purdue)
Date Jun-2019
Venue Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies (SACTMAT)