TU Darmstadt / ULB / TUbiblio

A calculus for the qualitative risk assessment of policy override authorization

Bartsch, Steffen (2010)
A calculus for the qualitative risk assessment of policy override authorization.
Taganrog, Rostov-on-Don, Russian Federation
doi: 10.1145/1854099.1854115
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Policy override is gaining traction in the research community to improve the efficiency and usability of authorization mechanisms. These mechanisms turn the conventional privileges into a soft boundary that may be overridden by users in exceptional situations. The challenge for the practical deployment of the policy override mechanisms often is whether policy override is adequate and, if so, to which extent. In this paper, we propose a calculus to support this decisionmaking process. The calculus is based on proven risk assessment practices and derives a qualitative result on the adequacy for specific roles and override extents. Moreover, we developed a tool to support the policy override risk assessment. The calculus and the tool are briefly evaluated in two distinct contexts. 

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2010
Autor(en): Bartsch, Steffen
Art des Eintrags: Bibliographie
Titel: A calculus for the qualitative risk assessment of policy override authorization
Sprache: Englisch
Publikationsjahr: September 2010
Verlag: ACM
Buchtitel: SIN: Proceedings of the 3rd international conference on Security of information and networks
Veranstaltungsort: Taganrog, Rostov-on-Don, Russian Federation
DOI: 10.1145/1854099.1854115
Kurzbeschreibung (Abstract):

Policy override is gaining traction in the research community to improve the efficiency and usability of authorization mechanisms. These mechanisms turn the conventional privileges into a soft boundary that may be overridden by users in exceptional situations. The challenge for the practical deployment of the policy override mechanisms often is whether policy override is adequate and, if so, to which extent. In this paper, we propose a calculus to support this decisionmaking process. The calculus is based on proven risk assessment practices and derives a qualitative result on the adequacy for specific roles and override extents. Moreover, we developed a tool to support the policy override risk assessment. The calculus and the tool are briefly evaluated in two distinct contexts. 

Freie Schlagworte: Secure Data
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > SECUSO - Security, Usability and Society
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
LOEWE
Hinterlegungsdatum: 28 Jul 2016 18:35
Letzte Änderung: 17 Mai 2018 13:02
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen