scholarly journals Enforcing Access Control Using Risk Assessment

2007 ◽  
Author(s):  
Nguyen Diep ◽  
Le Hung ◽  
Yonil Zhung ◽  
Sungyoung Lee ◽  
Young-koo Lee ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Access Control

Dynamic FCFS ACM Model for Risk Assessment on Real Time Unix File System

2015 ◽  
pp. 551-571
Author(s):  
Prashant Kumar Patra ◽  
Padma Lochan Pradhan
Keyword(s):  
Risk Assessment ◽  
Access Control ◽  
Security Policy ◽  
Security Requirements ◽  
Management Policy ◽  
Security Model ◽  
Distributed Environment ◽  
Web Portal ◽  
Proposed Model ◽  
The Right

The access control is a mechanism that a system grants, revoke the right to access the object. The subject and object can able to integrate, synchronize, communicate and optimize through read, write and execute over a UFS. The access control mechanism is the process of mediating each and every request to system resources, application and data maintained by a operating system and determining whether the request should be approve, created, granted or denied as per top management policy. The AC mechanism, management and decision is enforced by implementing regulations established by a security policy. The management has to investigate the basic concepts behind access control design and enforcement, point out different security requirements that may need to be taken into consideration. The authors have to formulate and implement several ACM on normalizing and optimizing them step by step, that have been highlighted in proposed model for development and production purpose. This research paper contributes to the development of an optimization model that aims and objective to determine the optimal cost, time and maximize the quality of services to be invested into security model and mechanisms deciding on the measure components of UFS. This model has to apply to ACM utilities over a Web portal server on object oriented and distributed environment. This ACM will be resolve the uncertainty, un-order, un formal and unset up (U^4) problems of web portal on right time and right place of any where & any time in around the globe. It will be more measurable and accountable for performance, fault tolerance, throughput, bench marking and risk assessment on any application.

Dynamic FCFS ACM Model for Risk Assessment on Real Time Unix File System

2013 ◽  
Vol 5 (4) ◽  
pp. 41-62
Author(s):  
Prashant Kumar Patra ◽  
Padma Lochan Pradhan
Keyword(s):  
Risk Assessment ◽  
Access Control ◽  
Security Policy ◽  
Security Requirements ◽  
Management Policy ◽  
Security Model ◽  
Distributed Environment ◽  
Web Portal ◽  
Proposed Model ◽  
The Right

The access control is a mechanism that a system grants, revoke the right to access the object. The subject and object can able to integrate, synchronize, communicate and optimize through read, write and execute over a UFS. The access control mechanism is the process of mediating each and every request to system resources, application and data maintained by a operating system and determining whether the request should be approve, created, granted or denied as per top management policy. The AC mechanism, management and decision is enforced by implementing regulations established by a security policy. The management has to investigate the basic concepts behind access control design and enforcement, point out different security requirements that may need to be taken into consideration. The authors have to formulate and implement several ACM on normalizing and optimizing them step by step, that have been highlighted in proposed model for development and production purpose. This research paper contributes to the development of an optimization model that aims and objective to determine the optimal cost, time and maximize the quality of services to be invested into security model and mechanisms deciding on the measure components of UFS. This model has to apply to ACM utilities over a Web portal server on object oriented and distributed environment. This ACM will be resolve the uncertainty, un-order, un formal and unset up (U^4) problems of web portal on right time and right place of any where & any time in around the globe. It will be more measurable and accountable for performance, fault tolerance, throughput, bench marking and risk assessment on any application.

Propagation and Delegation of Rights in Access Controls and Risk Assessment Techniques

2007 ◽  
pp. 328-337
Author(s):  
Saravanan Muthaiyah
Keyword(s):  
Risk Assessment ◽  
Access Control ◽  
Web Security ◽  
Quantitative Risk Assessment ◽  
New Paradigm ◽  
Risk Levels ◽  
Qualitative Risk Assessment ◽  
Access Controls ◽  
Assessment Techniques ◽  
Access Rights

Access control methods have been improvised over time, but one area that remains quite grey is the concept of assessing risk levels before any type of access rights are granted. This is relatively a new paradigm in the research of semantic Web security, and new methodologies for this effort are being studied. In this chapter, we will see how qualitative risk assessment (Nissanke & Khayat, 2004) and quantitative risk assessment are carried out. The purpose is to have different methods of assessment for better grant of access control rights and permissions. New examples based on the model described (Nissanke & Khayat, 2004) are used to illustrate the concept. A new quantities technique is also added to complement the qualitative techniques.

scholarly journals Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps

2020 ◽  
Vol 2020 ◽  
pp. 1-14
Author(s):  
Pedro Moura ◽  
Paulo Fazendeiro ◽  
Pedro R. M. Inácio ◽  
Pedro Vieira-Marques ◽  
Ana Ferreira
Keyword(s):  
Risk Factors ◽  
Risk Assessment ◽  
Access Control ◽  
Delphi Study ◽  
Mobile Apps ◽  
Real Life ◽  
Health Data ◽  
Security And Privacy ◽  
Risk Level ◽  
Healthcare Data

Background. Smartphones can tackle healthcare stakeholders’ diverse needs. Nonetheless, the risk of data disclosure/breach can be higher when using such devices, due to the lack of adequate security and the fact that a medical record has a significant higher financial value when compared with other records. Means to assess those risks are required for every mHealth application interaction, dependent and independent of its goals/content. Objective. To present a risk assessment feature integration into the SoTRAACE (Socio-Technical Risk-Adaptable Access Control) model, as well as the operationalization of the related mobile health decision policies. Methods. Since there is still a lack of a definition for health data security categorization, a Delphi study with security experts was performed for this purpose, to reflect the knowledge of security experts and to be closer to real-life situations and their associated risks. Results. The Delphi study allowed a consensus to be reached on eleven risk factors of information security related to mobile applications that can easily be adapted into the described SoTRAACE prototype. Within those risk factors, the most significant five, as assessed by the experts, and in descending order of risk level, are as follows: (1) security in the communication (e.g., used security protocols), (2) behavioural differences (e.g., different or outlier patterns of behaviour detected for a user), (3) type of wireless connection and respective encryption, (4) resource sensitivity, and (5) device threat level (e.g., known vulnerabilities associated to a device or its operating system). Conclusions. Building adaptable, risk-aware resilient access control models into the most generalized technology used nowadays (e.g., smartphones) is crucial to fulfil both the goals of users as well as security and privacy requirements for healthcare data.

Key based Access Control Policies to Solve Security in Cloud Data Sharing

2018 ◽  
Vol 6 (12) ◽  
pp. 45
Author(s):  
G. Arunajyothi
Keyword(s):  
Risk Assessment ◽  
Distributed Computing ◽  
Access Control ◽  
Data Sharing ◽  
Data Transmission ◽  
Information Assurance ◽  
Cutting Edge ◽  
Cloud Data ◽  
Access Control Policies ◽  
Transmission Estimation

Cloud achieves not just diverse levels of accommodation and proficiency issues albeit persistently advancing in such manner, additionally extraordinary difficulties in the field of information assurance. SaaS based distributed computing stockpiling suppliers, for example, google, send space have been there for calm at some point with the security viewpoint continually being disregarded. So we propose a cloud construction modeling that addresses the security perspective as for encryption, access control and with respect to risk assessment, key controls, and monitoring and reporting execution sign. We additionally broaden it with data transmission estimation plan which is another key execution pointer of mists. Contrasted with before methodologies this plan has a lesser calculation overhead and is considered cutting edge because of usage of every conceivable execution parameter of cloud area.

A framework for risk assessment in access control systems

2013 ◽  
Vol 39 ◽  
pp. 86-103 ◽  
Author(s):  
Hemanth Khambhammettu ◽  
Sofiene Boulares ◽  
Kamel Adi ◽  
Luigi Logrippo
Keyword(s):  
Risk Assessment ◽  
Access Control ◽  
Control Systems

A framework and risk assessment approaches for risk-based access control in the cloud

2016 ◽  
Vol 74 ◽  
pp. 86-97 ◽  
Author(s):  
Daniel Ricardo dos Santos ◽  
Roberto Marinho ◽  
Gustavo Roecker Schmitt ◽  
Carla Merkle Westphall ◽  
Carlos Becker Westphall
Keyword(s):  
Risk Assessment ◽  
Access Control
Sign in / Sign up

Export Citation Format

Share Document