Conference Paper

PolicyMorph: Interactive Policy Transformations for a Logical Attribute-Based Access Control Framework

New York, NY, USA
DOI: 10.1145/1266840.1266874 Conference: Proceedings of the 12th ACM symposium on Access control models and technologies
Source: DBLP

ABSTRACT Constraint systems provide techniques for automatically analyzing the conformance of low-level access control policies to high-level business rules formalized as logical constraints. However, there are likely to be priorities for solutions that are not easy to encode formally, so administrator input is often important. This paper introduces PolicyMorph, a constraint system that supports interactive development and maintenance of access control policies that respect both formalized and un-formalized business rules and priorities. We provide a mathematical description of the system and an architecture for implementing it. We constructed a prototype that is validated using a case study in which constraints are imposed on a building automation system that controls door locks. PolicyMorph advances the state-of-the-art in constraint systems by suggesting predictable policy model modifications that will resolve specific constraint violations and then allowing policy administrators to select the appropriate mo

0 Bookmarks
 · 
62 Views
  • Source
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Access control and privacy policy relations tend to focus on decision outcomes and are very sensitive to defined terms and state. Small changes or updates to a policy language or vocabulary may make two similar policies incomparable. To address this we develop two flexible policy relations derived from bisimulation in process calculi. Strong licensing compares the outcome of two policies strictly, similar to strong bisimulation. Weak licensing compares the outcome of policies more flexibly by ignoring irrelevant (non-conflicting)differences between outcomes, similar to weak bisimulation. We illustrate the relations using examples from P3P.
    Policies for Distributed Systems and Networks, IEEE International Workshop on. 01/2009;
  • [Show abstract] [Hide abstract]
    ABSTRACT: A central building block of data privacy is the individual right of information self-determination, once these information identify individual persons and can therefore be considered as sensitive. Following from that when dealing with shared electronic health records (SEHR), citizens, as the identified individuals of such health records, have to be enabled to decide what medical data can be used in which way by medical professionals. In this context individual preferences of privacy have to be reflected by authorization policies enforced to control access to personal health records. We see two potential challenges, when enabling patient-controlled access control policy authoring: First, an ordinary citizen is considered a non-security expert, thus not necessarily aware of implications of her/his actions of defining access control to protect personal health data. Second, permissions to access medical data are necessary to support the daily routines of medical personnel. The better the health-care information system supports these work procedures the more effective and useful it is. There should be a balance between access restrictions through privacy settings and required access permissions in order to allow the system to be effective. In this paper we present a case study in the context of SEHR in Austria. In this scenario we identify different types of authorization policies to support individuals' privacy. Patient privacy is an important factor in access decision making, but in order to ensure the privacy - effectiveness balance, citizen-authors of policies should be informed about implications of their privacy settings on the underlying information system. To ensure this balance, policies need to be analysed. In this paper we describe a policy analysis method based on generated rules to evaluate the consequences of citizens privacy settings. Analysis results can then be used to inform and support a citizen during the policy authoring process.
    01/2012;

Full-text

Download
1 Download
Available from