Risk-Based Attributed Access Control Modelling in a Health Platform: Results from Project CityZen
| Title | Risk-Based Attributed Access Control Modelling in a Health Platform: Results from Project CityZen |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Nakamura, Emilio, Ribeiro, Sérgio |
| Conference Name | 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC) |
| ISBN Number | 978-1-7281-2542-8 |
| Keywords | Access Control, authentication, Collaboration, composability, Human Behavior, human factors, Identification, Metrics, policy-based governance, privacy, pubcrawl, resilience, Resiliency, risk, Scalability, security, supply chain risk assessment, Trust |
| Abstract | This paper presents an access control modelling that integrates risk assessment elements in the attribute-based model to organize the identification, authentication and authorization rules. Access control is complex in integrated systems, which have different actors accessing different information in multiple levels. In addition, systems are composed by different components, much of them from different developers. This requires a complete supply chain trust to protect the many existent actors, their privacy and the entire ecosystem. The incorporation of the risk assessment element introduces additional variables like the current environment of the subjects and objects, time of the day and other variables to help produce more efficient and effective decisions in terms of granting access to specific objects. The risk-based attributed access control modelling was applied in a health platform, Project CityZen. |
| URL | https://ieeexplore.ieee.org/document/8945859 |
| DOI | 10.1109/CyberC.2019.00074 |
| Citation Key | nakamura_risk-based_2019 |