Context-aware Adaptation of Access Control Policies for Crisis Management

Get BibTex-formatted data

Download

PDF

Author

Arjmand Samuel, Arif Ghafoor, Elisa Bertino

Tech report number

CERIAS TR 2007-27

Entry type

techreport

Abstract

Today, most public service delivery mechanisms, such as hospitals, police and fire departments, rely exclusively on digital generation, storage and analysis of vital information. To protect critical digital resources access control mechanisms are employed. The aim is to define rules under which authorized users can access resources required to perform organizational tasks. These rules or policies define constraints of time and space on digital resources. Natural or man-made disasters pose a unique challenge, whereby, previously defined constraints may debilitate the ability of the organization to act to its fullest capability. In this paper we propose to employ contextual parameters; specifically, activity context in the form of emergency warnings, to adapt access control policies according to a priori configuration which allows maximum access to critical resources. We also propose an architecture for the detection of crises in the form of activity context and incorporate it in the policy adaptation framework.

Download

PDF

Institution

Purdue University

Key alpha

Security

School

ECE and CS

Affiliation

ECE and CERIAS

Publication Date

2001-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ Security,
	title = "Context-aware Adaptation of Access Control Policies for Crisis Management",
	author = "Arjmand Samuel, Arif Ghafoor, Elisa Bertino",
	institution = "Purdue University",
	school = "ECE and CS",
	abstract = "Today, most public service delivery mechanisms, such as hospitals, police and fire departments, rely exclusively on digital generation, storage and analysis of vital information. To protect critical digital resources access control mechanisms are employed. The aim is to define rules under which authorized users can access resources required to perform organizational tasks. These rules or policies define constraints of time and space on digital resources. Natural or man-made disasters pose a unique challenge, whereby, previously defined constraints may debilitate the ability of the organization to act to its fullest capability. In this paper we propose to employ contextual parameters; specifically, activity context in the form of emergency warnings, to adapt access control policies according to a priori configuration which allows maximum access to critical resources. We also propose an architecture for the detection of crises in the form of activity context and incorporate it in the policy adaptation framework.
",
	affiliation = "ECE and CERIAS",
}