Article

Toward Information Sharing: Benefit And Risk Access Control (BARAC)

Authors:

Lei Zhang,

Alexander Brodsky,

Sushil JajodiaAuthors Info & Claims

POLICY '06: Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks

Pages 45 - 53

https://doi.org/10.1109/POLICY.2006.36

Published: 05 June 2006 Publication History

Publisher Site

Abstract

This paper describes an access control model, called BARAC, that is based on balancing risks of information disclosure with benefits of information sharing. The model configuration associates risk and benefit vectors with every read and update transaction. An allowed transactions graph captures allowed transactions and flow paths that can be used to carry out the transactions. The total system is required to be profitable, in that the total system benefit must overweigh the total system risk; and the allowed transaction graph is required to be optimal, in that its profit cannot be improved by adding transactions or removing transactions. Both the system configuration and the allowed transaction graph can be dynamically modified, while preserving the required properties. The dynamic modifications are done in the scope of hierarchies of tasks and responsible parties, that control the task structure and risk budget allocation to tasks.

Cited By

View all

Jiang RXin YCheng HWu W(2021)T-RBAC Model Based on Two-Dimensional Dynamic Trust Evaluation under Medical Big DataWireless Communications & Mobile Computing10.1155/2021/99572142021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/9957214
Martinelli FMichailidou CMori PSaracino AGollmann DZhou J(2018)Too Long, did not EnforceProceedings of the 4th ACM Workshop on Cyber-Physical System Security10.1145/3198458.3198463(27-37)Online publication date: 22-May-2018
https://dl.acm.org/doi/10.1145/3198458.3198463
Martinelli FMatteucci ISantini F(2015)There are Two Sides to Every QuestionEssays Dedicated to Pierpaolo Degano on Programming Languages with Applications to Biology and Security - Volume 946510.5555/2963891.2963911(304-318)Online publication date: 1-Aug-2015
https://dl.acm.org/doi/10.5555/2963891.2963911
Show More Cited By

Recommendations

Toward high performance nonblocking software transactional memory
PPoPP '08: Proceedings of the 13th ACM SIGPLAN Symposium on Principles and practice of parallel programming

Substantial advances in STM performance in recent years have mostly focused on blocking systems. We describe our work integrating the most important techniques and optimizations emerging from the recent work on blocking STMs into several variants of a ...
Multi-Interval DomLock: Toward Improving Concurrency in Hierarchies
Locking has been a predominant technique depended upon for achieving thread synchronization and ensuring correctness in multi-threaded applications. It has been established that the concurrent applications working with hierarchical data witness ...
Toward a theory of transactional contention managers
PODC '05: Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing

In recent software transactional memory proposals, a contention manager module is responsible for ensuring that the system as a whole makes progress. A number of contention manager algorithms have been proposed and empirically evaluated.In this paper we ...

Comments

Information & Contributors

Information

Published In

POLICY '06: Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks

June 2006

240 pages

ISBN:0769525989

Publisher

IEEE Computer Society

United States

Publication History

Published: 05 June 2006

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Jiang RXin YCheng HWu W(2021)T-RBAC Model Based on Two-Dimensional Dynamic Trust Evaluation under Medical Big DataWireless Communications & Mobile Computing10.1155/2021/99572142021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/9957214
Martinelli FMichailidou CMori PSaracino AGollmann DZhou J(2018)Too Long, did not EnforceProceedings of the 4th ACM Workshop on Cyber-Physical System Security10.1145/3198458.3198463(27-37)Online publication date: 22-May-2018
https://dl.acm.org/doi/10.1145/3198458.3198463
Martinelli FMatteucci ISantini F(2015)There are Two Sides to Every QuestionEssays Dedicated to Pierpaolo Degano on Programming Languages with Applications to Biology and Security - Volume 946510.5555/2963891.2963911(304-318)Online publication date: 1-Aug-2015
https://dl.acm.org/doi/10.5555/2963891.2963911
Zhang WChen YCybulski TFabbri DGunter CLawlor PLiebovitz DMalin BAhn GYung MLi N(2014)Decide Now or Decide Later?Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security10.1145/2660267.2660341(1182-1192)Online publication date: 3-Nov-2014
https://dl.acm.org/doi/10.1145/2660267.2660341
Han WSun CShen CLei CShen S(2014)Dynamic combination of authentication factors based on quantified risk and benefitSecurity and Communication Networks10.1002/sec.7297:2(385-396)Online publication date: 1-Feb-2014
https://dl.acm.org/doi/10.1002/sec.729
Tanaka NWinslett MLee AYau DBao FBertino ESandhu RBauer LPark J(2013)Insured accessProceedings of the third ACM conference on Data and application security and privacy10.1145/2435349.2435393(301-308)Online publication date: 18-Feb-2013
https://dl.acm.org/doi/10.1145/2435349.2435393
Basin DBurri SKarjoth GAtluri VVaidya JKern AKantarcioglu M(2012)Optimal workflow-aware authorizationsProceedings of the 17th ACM symposium on Access Control Models and Technologies10.1145/2295136.2295154(93-102)Online publication date: 20-Jun-2012
https://dl.acm.org/doi/10.1145/2295136.2295154
Molloy IDickens LMorisset CCheng PLobo JRusso ABertino ESandhu R(2012)Risk-based security decisions under uncertaintyProceedings of the second ACM conference on Data and Application Security and Privacy10.1145/2133601.2133622(157-168)Online publication date: 7-Feb-2012
https://dl.acm.org/doi/10.1145/2133601.2133622
Shaikh RAdi KLogrippo L(2012)Dynamic risk-based decision methods for access control systemsComputers and Security10.1016/j.cose.2012.02.00631:4(447-464)Online publication date: 1-Jun-2012
https://dl.acm.org/doi/10.1016/j.cose.2012.02.006
Han WShen CYin YGu YChen CChen YDanezis GShmatikov V(2011)PosterProceedings of the 18th ACM conference on Computer and communications security10.1145/2046707.2093492(781-784)Online publication date: 17-Oct-2011
https://dl.acm.org/doi/10.1145/2046707.2093492
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Toward high performance nonblocking software transactional memory

Multi-Interval DomLock: Toward Improving Concurrency in Hierarchies

Toward a theory of transactional contention managers

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations