Reaction Policy Model Based on Dynamic Organizations and Threat Context
نویسندگان
چکیده
The tasks a system administrator must fulfill become more and more complex as information systems increase in complexity and connectivity. More specifically, the problem of the expression and update of security requirements is central. Formal models designed to express security policies have proved to be necessary since they provide non ambiguous semantics to analyze them. However, such models as RBAC or OrBAC are not used to express reaction requirements which specify the reaction policy to enforce when intrusions are detected. We present in this article an extension of the OrBAC model by defining dynamic organizations and threat contexts to enable the expression and enforcement of reaction requirements.
منابع مشابه
Implementation of VAT on Iran banking services in the context of dynamic stochastic general equilibrium model
In the Value Added Tax (VAT) system some goods and services, such as banking services, are exempted from taxes. Based on theoretical foundations, exempt treatment leads to several distortions and inefficiencies in the economy. In order to understand the importance of exemption on macroeconomic fluctuations as well as the fundamental role of financial intermediaries in economy shocks, this study...
متن کاملFormal specification of a reaction policy
The tasks a system administrator must fullfil become more and more complex as information systems increase in complexity and connectivity. More specifically, the problem of the expression and update of security requirements is central. Formal models designed to express security policies have proved to be necessary since they provide non ambiguous semantics to analyze them. However such models a...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملEvaluation of Monetary and Fiscal Policy Based on New Keynesian Dynamic General Equilibrium Model in Iran’s Economy
This paper examines monetary and fiscal policy through the estimation of a New-Keynesian dynamic general equilibrium model for Iran’s economy. In this New-Keynesian dynamic general equilibrium model, the consumers encounter the liquidity constraint and the firms face sticky prices, while they are changing them. In the model presented, a role is considered for both government spending and taxati...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کامل