Repository logo
 
Publication

SoTRAACE: Socio-technical risk-adaptable access control model

dc.contributor.authorMoura, Pedro
dc.contributor.authorFazendeiro, Paulo
dc.contributor.authorMarques, Pedro
dc.contributor.authorFerreira, Ana
dc.date.accessioned2020-01-10T14:28:33Z
dc.date.available2020-01-10T14:28:33Z
dc.date.issued2017
dc.description.abstractWithin the necessary security requirements, accesRisk Adaptable Accesss control measures are essential to provide adequate means to protect data from unauthorized accesses. However, current and traditional solutions are commonly based on predefined access policies and roles and are therefore inflexible by assuming uniform access control decisions through people’s different type of devices, environments and situational conditions, across enterprises, location and time. The most ubiquitous device that people now hold is the smartphone. We live in an age of the mobile paradigm of anytime/anywhere access from different types of connections and situations to different types of information. In this new age, access control models need to determine adaptable access decisions based on multiple factors aggregated at the moment of the request, to calculate the security risk and operational security needs, and not just to perform a predefined comparison of attributes. Thus, there is a need for more innovative, flexible, adaptive, dynamic, transparent and more resilient access control models, that are required for more heterogeneous requests. This paper presents a new dynamic access control model: SoTRAACE - Socio-Technical Risk-Adaptable Access Control Model. The model aggregates attributes from various domains to help performing a risk assessment at the moment of request. The risk assessment is balanced against the operational needs to provide the most accurate and secure access decision. As a proof of concept SoTRAACE is used to model and compare two different use-case scenarios in the healthcare sector.pt_PT
dc.description.versioninfo:eu-repo/semantics/publishedVersionpt_PT
dc.identifier.doi10.1109/CCST.2017.8167835pt_PT
dc.identifier.urihttp://hdl.handle.net/10400.6/8204
dc.language.isoengpt_PT
dc.peerreviewedyespt_PT
dc.subjectData privacypt_PT
dc.subjectHealth Information Systemspt_PT
dc.subjectMobile Access Controlpt_PT
dc.subjectRisk Adaptable Accesspt_PT
dc.subjectSocio-technical Systemspt_PT
dc.subjectUbiquitous Accesspt_PT
dc.titleSoTRAACE: Socio-technical risk-adaptable access control modelpt_PT
dc.typeconference object
dspace.entity.typePublication
oaire.citation.endPage6pt_PT
oaire.citation.startPage1pt_PT
person.familyNameFazendeiro
person.familyNameFerreira
person.givenNamePaulo
person.givenNameAna
person.identifier.ciencia-id911F-3584-721F
person.identifier.ciencia-id231D-F68A-3726
person.identifier.orcid0000-0001-6054-7188
person.identifier.orcid0000-0002-6673-7406
person.identifier.ridB-7713-2008
person.identifier.scopus-author-id19640174600
rcaap.embargofctCopyright cedido à editora no momento da publicaçãopt_PT
rcaap.rightsclosedAccesspt_PT
rcaap.typeconferenceObjectpt_PT
relation.isAuthorOfPublication47442970-f246-4908-b873-0b58e684a9e9
relation.isAuthorOfPublication50c4a96a-e1e2-4a5b-a99e-8f7ae8582f7c
relation.isAuthorOfPublication.latestForDiscovery50c4a96a-e1e2-4a5b-a99e-8f7ae8582f7c

Files

Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
SoTRAACE_ICCST2017.pdf
Size:
214.42 KB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description: