Internet Archive Scholar

Risk-based access control systems built on fuzzy inferences

Qun Ni, Elisa Bertino, Jorge Lobo
2010 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security - ASIACCS '10  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (637.4 kB)
https://web.archive.org/web/20190216115747/https://static.aminer.org/pdf/20170130/pdfs/ccs/d5czkpg4d98yljvqplwaqkbmtfy6wx7v.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL. The file type is application/pdf.

Fuzzy inference is a promising approach to implement risk-based access control systems. However, its application to access control raises some novel problems that have not been yet investigated. First, because there are many different fuzzy operations, one must choose the fuzzy operations that best address security requirements. Second, risk-based access control, though it improves information flow and better addresses requirements from critical organizations, may result in damages by malicious
more » ... users before mitigating steps are taken. Third, the scalability of a fuzzy inference-based access control system is questionable. The time required by a fuzzy inference engine to estimate risks may be quite high especially when there are tens of parameters and hundreds of fuzzy rules. However, an access control system may need to serve hundreds or thousands of users. In this paper, we investigate these issues and present our solutions or answers to them.
doi:10.1145/1755688.1755719 dblp:conf/ccs/NiBL10 fatcat:mdaghwcn35hbrjyjvmcldboloe
Citation

Qun Ni, Elisa Bertino, Jorge Lobo. "Risk-based access control systems built on fuzzy inferences." Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security - ASIACCS '10 (2010) 250-260