Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SIN
2010
ACM
2010
ACM
A calculus for the qualitative risk assessment of policy override authorization
Policy override is gaining traction in the research community to improve the efficiency and usability of authorization mechanisms. These mechanisms turn the conventional privileges into a soft boundary that may be overridden by users in exceptional situations. The challenge for the practical deployment of the policy override mechanisms often is whether policy override is adequate and, if so, to which extent. In this paper, we propose a calculus to support this decisionmaking process. The calculus is based on proven risk assessment practices and derives a qualitative result on the adequacy for specific roles and override extents. Moreover, we developed a tool to support the policy override risk assessment. The calculus and the tool are briefly evaluated in two distinct contexts. Categories and Subject Descriptors K.6.5 [Management of Computing and Information Systems]: Security and Protection General Terms Security, Management Keywords Authorization policy, policy override, risk assess...
Real-time TrafficInformation Technology | Policy Override | Policy Override Mechanisms | Policy Override Risk | SIN 2010 |
| Added | 15 Feb 2011 |
| Updated | 15 Feb 2011 |
| Type | Journal |
| Year | 2010 |
| Where | SIN |
| Authors | Steffen Bartsch |
Comments (0)
Researcher Info
|
