Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control

Cheng, Perry; Rohatgi, Pankaj; Keser, Claudia; Karger, Paul A.; Wagner, Grant M.; Reninger, Angela Schuett

doi:10.1109/sp.2007.21

Cited by 233 publications

(233 citation statements)

References 7 publications

Supporting

Mentioning

233

Contrasting

Order By: Relevance

“…To some extent, the notion of cost security policy defines a threshold characterizing the maximal/minimal cost reachable, while taking the probability of reaching this threshold into account. Such a notion of threshold is also used by Cheng et al, where accesses are associated with a level of risk, and decisions are made according to some predefined risk thresholds, without detailing how such policies can be enforced at runtime [7]. In the context of runtime enforcement, Bielova and Massacci propose to apply a distance metrics to capture the similarity between traces [2], and we could consider the cost required to obtain one trace from another as a distance metrics.…”

Section: Related Workmentioning

confidence: 99%

Probabilistic Cost Enforcement of Security Policies

Mallios

Bauer

Kaynar

et al. 2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. This paper presents a formal framework for run-time enforcement mechanisms, or monitors, based on probabilistic input/output automata [3,4], which allows for the modeling of complex and interactive systems. We associate with each trace of a monitored system (i.e., a monitor interposed between a system and an environment) a probability and a real number that represents the cost that the actions appearing on the trace incur on the monitored system. This allows us to calculate the probabilistic (expected) cost of the monitor and the monitored system, which we use to classify monitors, not only in the typical sense, e.g., as sound and transparent [17], but also at a more fine-grained level, e.g., as cost-optimal or cost-efficient. We show how a cost-optimal monitor can be built using information about cost and the probabilistic future behavior of the system and the environment, showing how deeper knowledge of a system can lead to construction of more efficient security mechanisms.

show abstract

Section: Related Workmentioning

confidence: 99%

Probabilistic Cost Enforcement of Security Policies

Mallios

Bauer

Kaynar

et al. 2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…The Computer Research Association stated it as a grand challenge to develop an accurate risk analysis for cyber-security [9], and some measures need to be defined. There have been several approaches taking advantages of such measures [8,7,6,26] or trying to calculate them using market algorithms [25].…”

Section: Utility Gain and Damagementioning

confidence: 99%

Risk-Based Auto-delegation for Probabilistic Availability

Krautsevich

Martinelli

Morisset

et al. 2012

Data Privacy Management and Autonomous Spontaneus Security

View full text Add to dashboard Cite

Abstract. Dynamic and evolving systems might require flexible access control mechanisms, in order to make sure that the unavailability of some users does not prevent the system to be functional, in particular for emergency-prone environments, such as healthcare, natural disaster response teams, or military systems. The auto-delegation mechanism, which combines the strengths of delegation systems and "break-theglass" policies, was recently introduced to handle such situations, by stating that the most qualified available user for a resource can access this resource. In this work we extend this mechanism by considering availability as a quantitative measure, such that each user is associated with a probability of availability. The decision to allow or deny an access is based on the utility of each outcome and on a risk strategy. We describe a generic framework allowing a system designer to define these different concepts. We also illustrate our framework with two specific use cases inspired from healthcare systems and resource management systems.

show abstract

“…In this paper, without loss of generality, we model our problem as in (2). Specifically, we address the problem of identifying the optimal transformations that produce the minimum risk and lower bound the utility above a given threshold.…”

Section: Problem Statementmentioning

confidence: 99%

“…A feasible node is the lattice vertex that satisfies all the given constraints that are mentioned in equations (1) and (2). Otherwise, it is called infeasible node.…”

Section: Definitionmentioning

confidence: 99%

“…Intuitively, releasing more specific information will incur a higher risk than releasing general information. Cheng et al [2] model the risk of a tuple in terms of the value of information contained in it. A privacy risk model has been proposed by Lebanon et al [6] that takes into account both the entity identification and the sensitivity of the disclosed information.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

ARUBA: A Risk-Utility-Based Algorithm for Data Disclosure

Fouad

Lebanon

Bertino

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Dealing with sensitive data has been the focus of much of recent research. On one hand data disclosure may incur some risk due to security breaches, but on the other hand data sharing has many advantages. For example, revealing customer transactions at a grocery store may be beneficial when studying purchasing patterns and market demand. However, a potential misuse of the revealed information may be harmful due to privacy violations. In this paper we study the tradeoff between data disclosure and data retention. Specifically, we address the problem of minimizing the risk of data disclosure while maintaining its utility above a certain acceptable threshold. We formulate the problem as a discrete optimization problem and leverage the special monotonicity characteristics for both risk and utility to construct an efficient algorithm to solve it. Such an algorithm determines the optimal transformations that need to be performed on the microdata before it gets released. These optimal transformations take into account both the risk associated with data disclosure and the benefit of it (referred to as utility). Through extensive experimental studies we compare the performance of our proposed algorithm with other date disclosure algorithms in the literature in terms of risk, utility, and time. We show that our proposed framework outperforms other techniques for sensitive data disclosure.

show abstract

Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control

Cited by 233 publications

References 7 publications

Probabilistic Cost Enforcement of Security Policies

Probabilistic Cost Enforcement of Security Policies

Risk-Based Auto-delegation for Probabilistic Availability

ARUBA: A Risk-Utility-Based Algorithm for Data Disclosure

Contact Info

Product

Resources

About