Situational Awareness based Risk-Adapatable Access Control in Enterprise Networks

by   Brian Lee, et al.

As the computing landscape evolves towards distributed architectures such as Internet of Things (IoT),enterprises are moving away from traditional perimeter based security models toward so called zero trust networking (ZTN) models that treat both the intranet and Internet as equally untrustworthy. Such security models incorporate risk arising from dynamic and situational factors, such as device location and security risk level risk, into the access control decision. Researchers have developed a number of risk models such as RAdAC (Risk Adaptable Access Control) to handle dynamic contexts and these have been applied to medical and other scenarios. In this position paper we describe our ongoing work to apply RAdAC to ZTN. We develop a policy management framework, FURZE, to facilitate fuzzy risk evaluation that also defines how to adapt to dynamically changing contexts. We also consider how enterprise security situational awareness (SSA) - which describes the potential impact to an organisations mission based on the current threats and the relative importance of the information asset under threat - can be incorporated into a RAdAC scheme


page 1

page 2

page 3

page 4


SAFER: Development and Evaluation of an IoT Device Risk Assessment Framework in a Multinational Organization

Users of Internet of Things (IoT) devices are often unaware of their sec...

A Trust Management System for the IoT domain

In modern internet-scale computing, interaction between a large number o...

A Novel Approach for Security Situational Awareness in the Internet of Things

Internet of Things (IoT) is characterized by various of heterogeneous de...

Trust-based Blockchain Authorization for IoT

Authorization or access control limits the actions a user may perform on...

Trust Management in Decentralized IoT Access Control System

Heterogeneous and dynamic IoT environments require a lightweight, scalab...

Risk-Aware Fine-Grained Access Control in Cyber-Physical Contexts

Access to resources by users may need to be granted only upon certain co...

Please sign up or login with your details

Forgot password? Click here to reset