Abstract

AbstractTraditional multi-level security (MLS) systems associate security clearances with subjects, security classifications with objects, and provide a clear decision mechanism as to whether an access request should be granted or not. Many organisations, especially those in the national security and intelligence arena, are increasingly viewing the inflexibility of such models as a major inhibitor for missions where there is a need to rapidly process, share and disseminate large quantities of sensitive information. One reason for such inflexibility is the fact that subject and object labels are fixed assessments of sensitivity, whereas in practice there will inevitably be some uncertainty about the potential damage caused if a document falls into the wrong hands. Furthermore, the operational reality of many modern systems dictates a temporal element to the actual sensitivity of an object. In this paper we propose to model both security labels and clearances as time-varying probability distributions. We provide practical templates to model both uncertainty and temporally characterised dependencies, and show how these features can be naturally integrated into an access control framework based on quantified risk.KeywordsInformation sharingMulti-level securityRisk based access control

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.