Go home now Header Background Image
Submission Procedure
share: |
Follow us
Volume 18 / Issue 17

available in:   PDF (209 kB) PS (533 kB)
Similar Docs BibTeX   Write a comment
Links into Future
DOI:   10.3217/jucs-018-17-2432


A Formal Approach for Risk Assessment in RBAC Systems

Ji Ma (Software Competence Center Hagenberg, Austria)

Abstract: Risk assessment and access control are important issues in cloud computing. In this paper, we propose a formal approach to risk assessment for RBAC Systems, in which access control decisions are taken after consideration of risk assessment. The risk assessment method considers partial orderings on objects and actions, which allow us to effectively capture the notions of importance of objects and criticality of actions and then to determine the risk of assigning a specific role to a specific user. We in particular consider the cases of permission assignment and delegation assignment.

Keywords: RBAC, access control, poset, risk assessment, security classification

Categories: H.1.0