By Topic

Bayesian networks for modeling failure dependency in access control models

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Alaboodi, S.S. ; Electr. & Comput. Eng. Dept., Univ. of Waterloo, Waterloo, ON, Canada ; Agnew, G.B.

Access controls are indispensable mechanisms for protecting access to resources of computing and communication systems. Currently, the design of access control models is centered on the access interaction between system subjects and objects. However, access authentication, control, auditing and administration services in today's systems do not enjoy full operational independence while interacting with systems assets. That is, in a way or another they interact across different platforms, programs, processes or users, leading to build certain dependency while in operation. The identification and evaluation of this dependency is crucial to meeting security goals of access control models. To tackle this issue, we introduce a modeling technique that captures probabilistically the interaction between system assets and controls into a graph theoretic paradigm. We use Bayesian Networks (BN) in particular to model and analyze this dependency. We briefly show the proposed abstraction, modeling formalism and associated notation, along with a demonstration example of various useful inferences and some suggested research directions.

Published in:

Internet Security (WorldCIS), 2012 World Congress on

Date of Conference:

10-12 June 2012