Sciweavers

ISI
2006
Springer

Cost-Sensitive Access Control for Illegitimate Confidential Access by Insiders

13 years 11 months ago
Cost-Sensitive Access Control for Illegitimate Confidential Access by Insiders
Abstract. In many organizations, it is common to control access to confidential information based on the need-to-know principle; The requests for access are authorized only if the content of the requested information is relevant to the requester's current information analysis project. We formulate such content-based authorization, i.e. whether to accept or reject access requests as a binary classification problem. In contrast to the conventional error-minimizing classification, we handle this problem in a cost-sensitive learning framework in which the cost caused by incorrect decision is different according to the relative importance of the requested information. In particular, the cost (i.e., damaging effect) for a false positive (i.e., accepting an illegitimate request) is more expensive than that of false negative (i.e., rejecting a valid request). The former is a serious security problem because confidential information, which should not be revealed, can be accessed. From the ...
Young-Woo Seo, Katia P. Sycara
Added 13 Dec 2010
Updated 13 Dec 2010
Type Journal
Year 2006
Where ISI
Authors Young-Woo Seo, Katia P. Sycara
Comments (0)