Abstract
Demands for better design and analysis of access controls require system-level evaluation models that can facilitate a quantitative and consistent study of operational capabilities and economics of access control implementations. Previous works on access control models are mainly centered on the access interaction between system subjects and objects with respect to rights, addressing their basic security goals, thus failing to address other dependability attributes. To address this shortcoming, we first propose the abstraction of a computing system into: objects and rights of subjects (called in this paper assets and controls, respectively) to study the unavoidable failure interdependency between these two classes, a perspective that can be a basis for various failure-related assessment methods. We then propose a modeling technique that probabilistically captures the interaction between assets and controls into a graph theoretic paradigm; we specifically show how Bayesian Networks (BNs) can model this dilemma. This paper presents the proposed abstraction, modeling formalism, and associated notation, along with a demonstration example of various useful inferences and further research directions.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Intelligent Computing Research
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
