The usage control (UCON) model demands for continuous control over objects of a system. Access decisions are done several times within a usage session and are performed on the basis of mutable attributes. Values of attributes in modern highly-dynamic and distributed systems sometimes are not up-to-date, because attributes may be updated by several entities and reside outside the system domain. Thus, the access decisions about a usage session are made under uncertainties, while existing usage control approaches are based on the assumption that all attributes are up-to-date. In this paper we propose an approach which helps to make a rational access decision even if some uncertainty presents. The proposed approach uses the continuous-time Markov chains (CTMC) in order to compute the probability of unnoticed changes of attributes and risk analysis for making a decision.

Leanid Krautsevich

Aliaksandr Lazouski

Fabio Martinelli

Artsiom Yautsiukhin