A Risk Awareness Approach for Monitoring the Compliance of RBAC-based Policies

被引:0
|
作者
Jaidi, Faouzi [1 ]
Ayachi, Faten Labbene [1 ]
机构
[1] Higher Sch Commun Tunis SupCom, DSRU, Tunis, Tunisia
来源
2015 12TH INTERNATIONAL JOINT CONFERENCE ON E-BUSINESS AND TELECOMMUNICATIONS (ICETE), VOL 4 | 2015年
关键词
RBAC; Databases Security; Policy Compliance; Risk Awareness; Quantified Risk;
D O I
暂无
中图分类号
F [经济];
学科分类号
02 ;
摘要
The considerable increase of the risk associated to inner threats has motivated researches in risk assessment for access control systems. Two main approaches were adapted: (i) a risk mitigation approach via features such as constraints, and (ii) a risk quantification approach that manages access based on a quantified risk. Evaluating the risk associated to the evolutions of an access control policy is an important theme that allows monitoring the conformity of the policy in terms of risk. Unfortunately, no work has been defined in this context. We propose in this paper, a quantified risk-assessment approach for monitoring the compliance of concrete RBAC-based policies. We formalize the proposal and illustrate its application via a case of study.
引用
收藏
页码:454 / 459
页数:6
相关论文
共 50 条
  • [31] Effects of awareness of user rights on compliance with copyright laws and policies in academic libraries
    Adu, Theresa L.
    van der Walt, Thomas B.
    JOURNAL OF ACADEMIC LIBRARIANSHIP, 2021, 47 (04):
  • [32] A strategic approach to managerial compliance with equal pay policies
    Julien Picault
    SN Business & Economics, 3 (8):
  • [33] An OWL-based approach for RBAC with negative authorization
    Heilili, Nuermaimaiti
    Chen, Yang
    Zhao, Chen
    Luo, Zhenxing
    Lin, Zuoquan
    KNOWLEDGE SCIENCE, ENGINEERING AND MANAGEMENT, 2006, 4092 : 164 - 175
  • [34] Application of multivariate statistics in a risk-based approach to regulatory compliance
    Lee, K. M.
    Herrman, T. J.
    Jones, B.
    FOOD CONTROL, 2009, 20 (01) : 17 - 26
  • [35] RBAC-Matrix-Based EMR Right Management System to Improve HIPAA Compliance
    Lee, Hung-Chang
    Chang, Shih-Hsin
    JOURNAL OF MEDICAL SYSTEMS, 2012, 36 (05) : 2981 - 2992
  • [36] RBAC-Matrix-Based EMR Right Management System to Improve HIPAA Compliance
    Hung-Chang Lee
    Shih-Hsin Chang
    Journal of Medical Systems, 2012, 36 : 2981 - 2992
  • [37] Cooperative Compliance: Tax Risk Management and Monitoring
    van der Hel-van Dijk, Lisette
    Sigle, Maarten
    INTERTAX, 2016, 44 (8-9): : 642 - 650
  • [38] Validation of a Noninvasive Approach for Cerebrospinal Compliance Monitoring
    Brasil, Sergio
    Ben-Hur, Igor
    Cardim, Danilo
    Czosnyka, Marek
    Paiva, Wellingson S.
    Frigieri, Gustavo
    NEUROCRITICAL CARE, 2025,
  • [39] Modelling compliance risk: a structured approach
    Esayas, Samson
    Mahler, Tobias
    ARTIFICIAL INTELLIGENCE AND LAW, 2015, 23 (03) : 271 - 300
  • [40] A Google-based approach for monitoring suicide risk
    Solano, Paola
    Ustulin, Morena
    Pizzorno, Enrico
    Vichi, Monica
    Pompili, Maurizio
    Serafini, Gianluca
    Amore, Mario
    PSYCHIATRY RESEARCH, 2016, 246 : 581 - 586
12345