loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Nimal Nissanke and Etienne J. Khayat

Affiliation: Centre for Applied Formal Methods, London South Bank University, United Kingdom

Abstract: Because of its vulnerability to errors and, hence, unauthorised access, assignment of access rights is a critically important aspect of RBAC. Despite major advances in addressing this clearly using formal models, there is still a need for a more robust formulation, especially incorporating strict guidelines on assignment of access rights and how to perform such tasks as delegation of access rights. In this respect, this paper proposes a precise mathematical framework, capable of considering important factors such as the relative security risks posed by different access operations when performed by different users. This is based on a novel concept of a security risk ordering relation on such tasks, to be established by a detailed independent risk assessment process. In the case of lack of information on security risks, the approach makes conservative assumptions, thus forcing the security analyst to re-assess such situations if he disagrees with this default interpretation. The risk ordering relation is central to a security-orientated definition of role hierarchies and a security-risk minimising strategy to role delegation. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.149.213.209

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Nissanke, N. and J. Khayat, E. (2004). Risk Based Security Analysis of Permissions in RBAC. In Proceedings of the 2nd International Workshop on Security in Information Systems (ICEIS 2004) - WOSIS; ISBN 972-8865-07-4, SciTePress, pages 331-340. DOI: 10.5220/0002687403310340

@conference{wosis04,
author={Nimal Nissanke. and Etienne {J. Khayat}.},
title={Risk Based Security Analysis of Permissions in RBAC},
booktitle={Proceedings of the 2nd International Workshop on Security in Information Systems (ICEIS 2004) - WOSIS},
year={2004},
pages={331-340},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002687403310340},
isbn={972-8865-07-4},
}

TY - CONF

JO - Proceedings of the 2nd International Workshop on Security in Information Systems (ICEIS 2004) - WOSIS
TI - Risk Based Security Analysis of Permissions in RBAC
SN - 972-8865-07-4
AU - Nissanke, N.
AU - J. Khayat, E.
PY - 2004
SP - 331
EP - 340
DO - 10.5220/0002687403310340
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic