A Formal Approach for Risk Evaluation and Risk Analysis in Access Control Policy Management

Pierrette Annie Evina, Faten Labbene Ayachi, Faouzi Jaidi, Adel Bouhoula

2018

Abstract

In the field of risk management for access control systems, especially in database management systems, the access control policy is not too much explored as most researchers a priori hypothesize its reliability and validity. Access control policy is exposed to many irregularities throughout its evolution. During its lifecycle, it presents anomalies related to changes in its expression compared to what was initially established at an early stage or when it was designed. Our research leads to a risk management approach, with a particular focus on non-compliance anomalies found in the access control policy during its evolution. The correlation between these anomalies is also taken into consideration in order to optimize the proposed approach. Ultimately, we intend to produce a global and comprehensive risk management system based on the principles defined by the international standard. A system that manages the correlation between non-conformity anomalies is designed upstream to provide the necessary input for our new risk management approach that, as the main contribution, will also consider and overcome the effects induced by the correlation between anomalies found in the ACP expression.

Download


Paper Citation


in Harvard Style

Evina P., Ayachi F., Jaidi F. and Bouhoula A. (2018). A Formal Approach for Risk Evaluation and Risk Analysis in Access Control Policy Management.In Doctoral Consortium - DCENASE, ISBN , pages 17-22


in Bibtex Style

@conference{dcenase18,
author={Pierrette Annie Evina and Faten Labbene Ayachi and Faouzi Jaidi and Adel Bouhoula},
title={A Formal Approach for Risk Evaluation and Risk Analysis in Access Control Policy Management},
booktitle={Doctoral Consortium - DCENASE,},
year={2018},
pages={17-22},
publisher={SciTePress},
organization={INSTICC},
doi={},
isbn={},
}


in EndNote Style

TY - CONF

JO - Doctoral Consortium - DCENASE,
TI - A Formal Approach for Risk Evaluation and Risk Analysis in Access Control Policy Management
SN -
AU - Evina P.
AU - Ayachi F.
AU - Jaidi F.
AU - Bouhoula A.
PY - 2018
SP - 17
EP - 22
DO -