Situational Awareness based Risk-adaptable Access Control in Enterprise Networks

نویسندگان

  • Brian Lee
  • Roman Vanickis
  • Franklin Rogelio
  • Paul Jacob
چکیده

As the computing landscape evolves towards distributed architectures such as Internet of Things (IoT), enterprises are moving away from traditional perimeter based security models toward so called “zero trust networking” (ZTN) models that treat both the intranet and Internet as equally untrustworthy. Such security models incorporate risk arising from dynamic and situational factors, such as device location and security risk level risk, into the access control decision. Researchers have developed a number of risk models such as RAdAC (Risk Adaptable Access Control) to handle dynamic contexts and these have been applied to medical and other scenarios. In this position paper we describe our ongoing work to apply RAdAC to ZTN. We develop a policy management framework, FURZE, to facilitate fuzzy risk evaluation that also defines how to adapt to dynamically changing contexts. We also consider how enterprise security situational awareness (SSA) which describes the potential impact to an organisations mission based on the current threats and the relative importance of the information asset under threat can be incorporated into a RAdAC

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Situational Awareness Architecture for the Smart Grid

Components of the electric power grid that were traditionally deployed in physically isolated networks, are now using IP based, interconnected networks to transmit Supervisory Control and Data Acquisition (SCADA) messages. SCADA protocols were not designed with security in mind. Therefore, in order to enhance security, access control and risk mitigation, operators need detailed and accurate inf...

متن کامل

Transferring Insights from Complex Biological Systems to the Exploitation of Netted Sensors in Command and Control Enterprises

Exploiting data from a network of sensors (netted sensors) is an Enterprise System Engineering challenge. Successfully meeting this challenge will contribute significantly to improving the agility of today's Command and Control (C 2) Enterprise by achieving its goal of decision superiority through better situational awareness. There is a pressing need to design fusion algorithms that combine da...

متن کامل

A survey on wireless sensor networks for smart grid

With the increasing concern for reliability and quality of service, power grid in many countries is undergoing revolution towards a more distribute and flexible “Smart Grid”. In the development of envisioned smart grid, situational data awareness takes a fundamental role for a number of crucial advanced operations in the areas of sensing, communication, monitoring and decision making. It is ver...

متن کامل

Integrated Technical Reference Model and Sensor Network Architecture

This paper presents a multi-layered Integrated Technical Reference Model (I-TRM). The ITRM is based on a classical closed-loop control system and combines an Information-Centric Technical Reference Model (IC-TRM), a Control Technical Reference Model (C-TRM) and a Behavioral (intelligence-based) Technical Reference Model to provide a complete system technical reference model. Having an I-TRM is ...

متن کامل

A Modeling Framework for Synchronizing Global and Local Situation Awareness

A Common Operational Picture (COP) is intended to provide timely and accurate information, enabling shared situational awareness across multiple commands [1]. Building and sustaining a COP is at the center of command and control for today’s complex endeavors. Whether in military defense, homeland security, or industrial facility maintenance, the problem of maintaining such a representation of t...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2017