Beckerle, Matthias and Martucci, Leonardo and Mühlhäuser, Max and Ries, Sebastian
Beklen, A. and Ejarque, J. and Gentzsch, W. and Kanstren, T. and Koschel, A. and Lee, Y. W. and Li, L. and Zemlicka, M. (eds.) (2011):
Interactive Access Rule Learning for Access Control: Concepts and Design.
In: International Journal On Advances in Intelligent Systems, 4, [Conference or Workshop Item]
Abstract
Nowadays the majority of users are unable to properly configure security mechanisms mostly because they are not usable for them. To reach the goal of having usable security mechanisms, the best solution is to minimize the amount of user interactions and simplify configuration tasks. Automation is a proper solution for minimizing the amount of user interaction. Fully automated security systems are possible for most security objectives, with the exception of the access control policy generation. Fully automated access control policy generation is currently not possible because individual preferences must be taken into account and, thus, requires user interaction. To address this problem we propose a mechanism that assists users to generate proper access control rule sets that reflect their individual preferences. We name this mechanism Interactive Rule Learning for Access Control (IRL). IRL is designed to generate concise rule sets for Attribute-Based Access Control (ABAC). The resulting approach leads to adaptive access control rule sets that can be used for so called smart products. Therefore, we first describe the requirements and metrics for usable access control rule sets for smart products. Moreover, we present the design of a security component which implements, among other security functionalities, our proposed IRL on ABAC. This design is currently being implemented as part of the ICT 7th Framework Programme SmartProducts of the European Commission.
| Item Type: | Conference or Workshop Item |
|---|---|
| Erschienen: | 2011 |
| Editors: | Beklen, A. and Ejarque, J. and Gentzsch, W. and Kanstren, T. and Koschel, A. and Lee, Y. W. and Li, L. and Zemlicka, M. |
| Creators: | Beckerle, Matthias and Martucci, Leonardo and Mühlhäuser, Max and Ries, Sebastian |
| Title: | Interactive Access Rule Learning for Access Control: Concepts and Design |
| Language: | ["languages_typename_1" not defined] |
| Abstract: | Nowadays the majority of users are unable to properly configure security mechanisms mostly because they are not usable for them. To reach the goal of having usable security mechanisms, the best solution is to minimize the amount of user interactions and simplify configuration tasks. Automation is a proper solution for minimizing the amount of user interaction. Fully automated security systems are possible for most security objectives, with the exception of the access control policy generation. Fully automated access control policy generation is currently not possible because individual preferences must be taken into account and, thus, requires user interaction. To address this problem we propose a mechanism that assists users to generate proper access control rule sets that reflect their individual preferences. We name this mechanism Interactive Rule Learning for Access Control (IRL). IRL is designed to generate concise rule sets for Attribute-Based Access Control (ABAC). The resulting approach leads to adaptive access control rule sets that can be used for so called smart products. Therefore, we first describe the requirements and metrics for usable access control rule sets for smart products. Moreover, we present the design of a security component which implements, among other security functionalities, our proposed IRL on ABAC. This design is currently being implemented as part of the ICT 7th Framework Programme SmartProducts of the European Commission. |
| Title of Book: | International Journal On Advances in Intelligent Systems |
| Volume: | 4 |
| Number: | 3 and 4 |
| Uncontrolled Keywords: | - SST - Area Smart Security and Trust;adaptivity, usability, access control, rule learning |
| Divisions: | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Department of Computer Science > Telecooperation LOEWE > LOEWE-Zentren 20 Department of Computer Science LOEWE |
| Date Deposited: | 31 Dec 2016 12:59 |
| Identification Number: | TUD-CS-2011-2894 |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
Optionen (nur für Redakteure)
 |
View Item |
Drucken
Impressum