loading
Papers

Research.Publish.Connect.

Paper

Authors: Brian Lee ; Roman Vanickis ; Franklin Rogelio and Paul Jacob

Affiliation: Athlone Institute of Technology, Ireland

ISBN: 978-989-758-245-5

Keyword(s): Risk based Access Control, RAdAC, Zero-trust Networking, Security Situational Awareness,

Abstract: As the computing landscape evolves towards distributed architectures such as Internet of Things (IoT), enterprises are moving away from traditional perimeter based security models toward so called “zero trust networking” (ZTN) models that treat both the intranet and Internet as equally untrustworthy. Such security models incorporate risk arising from dynamic and situational factors, such as device location and security risk level risk, into the access control decision. Researchers have developed a number of risk models such as RAdAC (Risk Adaptable Access Control) to handle dynamic contexts and these have been applied to medical and other scenarios. In this position paper we describe our ongoing work to apply RAdAC to ZTN. We develop a policy management framework, FURZE, to facilitate fuzzy risk evaluation that also defines how to adapt to dynamically changing contexts. We also consider how enterprise security situational awareness (SSA) - which describes the potential impact to an or ganisations mission based on the current threats and the relative importance of the information asset under threat - can be incorporated into a RAdAC scheme. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.207.137.4

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Lee, B.; Vanickis, R.; Rogelio, F. and Jacob, P. (2017). Situational Awareness based Risk-adaptable Access Control in Enterprise Networks.In Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-245-5, pages 400-405. DOI: 10.5220/0006363404000405

@conference{iotbds17,
author={Brian Lee. and Roman Vanickis. and Franklin Rogelio. and Paul Jacob.},
title={Situational Awareness based Risk-adaptable Access Control in Enterprise Networks},
booktitle={Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2017},
pages={400-405},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006363404000405},
isbn={978-989-758-245-5},
}

TY - CONF

JO - Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - Situational Awareness based Risk-adaptable Access Control in Enterprise Networks
SN - 978-989-758-245-5
AU - Lee, B.
AU - Vanickis, R.
AU - Rogelio, F.
AU - Jacob, P.
PY - 2017
SP - 400
EP - 405
DO - 10.5220/0006363404000405

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.