IIT Home Page CNR Home Page

Risk-based Auto Delegation for Probabilistic Availability

Dynamic and evolving systems might require flexible access control mechanisms, in order to make sure that the unavailability of some users does not prevent the system to be functional, in particular for emergency-prone environments, such as healthcare, natural disaster response teams, or military systems. The auto-delegation mechanism, which combines the strengths of delegation systems and "break-the-glass" policies, was recently introduced to handle such situations, by stating that the most qualified available user for a resource can access this resource.
In this work we extend this mechanism by considering availability as a quantitative measure, such that each user is associated with a probability of availability. The decision to allow or deny an access is based on the utility of each outcome and on a risk strategy. We describe a generic framework allowing a system designer to define these different concepts. We also illustrate our framework with two specific use cases inspired from healthcare systems and resource management systems.


4th International Workshop pn Autonomous and Spontaneous Security, Leuven, Belgium, 2011

Autori IIT:

Leanid Krautsevich

Foto di Leanid Krautsevich

Charles Morisset

Foto di Charles Morisset

Tipo: Articolo in Atti di convegno internazionale
Area di disciplina: Information Technology and Communication Systems

File: Risk-based_Auto-Delegation.pdf