Conviviality-Driven Access Control Policy
ثبت نشده
چکیده
Nowadays many organizations experience security incidents due to unauthorized access to information. To reduce the risk of such incidents, security policies are often employed to regulate access to information. Such policies, however, are often too restrictive, and users do not have the rights necessary to perform assigned duties. As a consequence, access control mechanisms are perceived by users as a barrier and thus bypassed, making the system insecure. In this paper we draw a bridge between the social concept of conviviality and access control. Conviviality has been introduced as a social science concept for ambient intelligence and multi-agent systems to highlight soft qualitative requirements like user-friendliness of systems. To bridge the gap between conviviality and security, we propose a methodological framework for updating and adapting access control policies based on conviviality recommendations. Our methodology integrates and extends existing techniques to assist system designers in the derivation of access control policies from socio-technical requirements of the system, while taking into account the conviviality of the system. We illustrate our framework using the Ambient Assisted Living (AAL) use case from the HotCity of Luxembourg.
منابع مشابه
Integrating Policy-Driven Role Based Access Control with the Common Data Security Architecture
This paper shows how Policy-Driven Role-Based Access Control (PDRBAC) techniques can be used to extend the Common Data Security Architecture (CDSA). The extensions provide constraint-based access control and are implemented using a flexible policy description language and a new trust policy enforcement mechanism. The expressiveness of the policy description language is demonstrated by examples ...
متن کاملPolicy-Driven Role-Based Database Access Control
In this paper, firstly, we point out that access control mechanisms are not suitable in existing commercial Relational Data Base Management Systems (RDBMS). Secondly, the idea of Policy-Driven Role-Based Database Access Control (PDRBDAC) is proposed. Thirdly, the issue of multiple inheritance in a role hierarchy is discussed. Finally, a PROLOG interpreting algorithm for dealing with it is descr...
متن کاملIdentifying and Ranking Development Drivers of Knowledge-based Technology-Driven Companies (Case study: Fars Province Science and Technology Park)
The purpose of this Study study is to identify and rank the development drivers of knowledge-based, technology-driven businesses. This work is conducted as a case study in Fars Province Science and Technology Park. It is a descriptive survey in terms of purpose since a part of its data is collected through questionnaires and is of surveying type because it describes the existing conditions. The...
متن کاملConvivial Ambient Technologies: Requirements, Ontology and Design
In this paper we discuss the use of the social concept ‘conviviality’ for computer science in general, and for the development of ambient technologies in particular. First, we give a survey of the use of the concept ‘conviviality’ in the social sciences. Conviviality is usually considered a positive concept related to sociability. However, further analysis reveals a negative side related to lac...
متن کاملAccess and Mobility Policy Control at the Network Edge
The fifth generation (5G) system architecture is defined as service-based and the core network functions are described as sets of services accessible through application programming interfaces (API). One of the components of 5G is Multi-access Edge Computing (MEC) which provides the open access to radio network functions through API. Using the mobile edge API third party analytics applications ...
متن کامل