Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control
2007 | conference paper
Jump to: Cite & Linked | Documents & Media | Details | Version history
Cite this publication
Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control
Cheng, P.-C.; Rohatgi, P.; Keser, C. ; Karger, P. A.; Wagner, G. M. & Reninger, A. S. (2007)
2007 IEEE Symposium on Security and Privacy (SP '07) pp. 222-230. 2007 IEEE Symposium on Security and Privacy, Oakland, California, USA.
Piscataway, NJ: IEEE. DOI: https://doi.org/10.1109/SP.2007.21
Documents & Media
Details
- Authors
- Cheng, Pau-Chen; Rohatgi, Pankaj; Keser, Claudia ; Karger, Paul A.; Wagner, Grant M.; Reninger, Angela Schuett
- Abstract
- This paper presents a new model for, or rather a new way of thinking about adaptive, risk-based access control. Our basic premise is that there is always inherent uncertainty and risk in access control decisions that is best addressed in an explicit way. We illustrate this concept by showing how the rationale of the well-known, Bell-Lapadula model based, multi-level security (MLS) access control model could be used to develop a risk-adaptive access control model. This new model is more like a fuzzy logic control system than a traditional access control system and hence the name "fuzzy MLS". The long version of this paper is published as an IBM Research Report.
- Issue Date
- 2007
- Publisher
- IEEE
- Conference
- 2007 IEEE Symposium on Security and Privacy
- Conference Place
- Oakland, California, USA
- Event start
- 2007-05-20
- Event end
- 2007-05-23
- Language
- English
