|
Published Articles >> Table of Contents >> Abstract
Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'06)
pp. 45-53
Toward Information Sharing: Benefit And Risk Access Control (BARAC)
Lei Zhang, George Mason University, USA
Alexander Brodsky, George Mason University, USA
Sushil Jajodia, The MITRE Corporation, USA
Full Article Text:
 
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/POLICY.2006.36
Send link to a friend
| Abstract |
|
This paper describes an access control model, called
BARAC, that is based on balancing risks of information
disclosure with benefits of information sharing. The model
configuration associates risk and benefit vectors with every
read and update transaction. An allowed transactions
graph captures allowed transactions and flow paths that
can be used to carry out the transactions. The total system is
required to be profitable, in that the total system benefit must
overweigh the total system risk; and the allowed transaction
graph is required to be optimal, in that its profit cannot be
improved by adding transactions or removing transactions.
Both the system configuration and the allowed transaction
graph can be dynamically modified, while preserving the
required properties. The dynamic modifications are done
in the scope of hierarchies of tasks and responsible parties,
that control the task structure and risk budget allocation to
tasks.
|
 Additional Information
|
Citation:
Lei Zhang, Alexander Brodsky, Sushil Jajodia,
"Toward Information Sharing: Benefit And Risk Access Control (BARAC),"
policy,
pp. 45-53,
Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'06),
2006
|
|
