Abstract
The article presents an access control model called Criticality Aware Access Control (CAAC) for criticality (emergency) management in smart infrastructures. Criticalities are consequences of events which take a system (in our case, a smart infrastructure) into an unstable state. They require the execution of specific response actions in order to bring them under control. The principal aim of CAAC is to grant the right set of access privileges (to facilitate response action execution), at the right time, to the right set of subjects, for the right duration, in order to control the criticalities within the system. In this regard, the CAAC model uses a stochastic model called the Action Generation Model to determine the required response actions for the combination of criticalities present within the system. It then facilitates response actions by adaptively altering the privileges to specific subjects, in a proactive manner, without the need for any explicit access requests. In this article, we formalize the CAAC model and validate it based on two design goals - proactivity and adaptiveness. Finally, we present a case study demonstrating CAAC’s operation on an oil-rig platform in order to aid in the response to health- and fire-related criticalities.
- Adelstein, F., Gupta, S. K. S., Richard, G., and Schwiebert, L. 2005. Fundamentals of Mobile and Pervasive Computing. McGraw-Hill.Google Scholar
- Ardagna, C. A., di Vimercati, S. D. C., Grandison, T., Jajodia, S., and Samarati, P. 2008. Regulating exceptions in healthcare using policy spaces. In Proceedings of the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security. 254--267. Google Scholar
Digital Library
- Bettini, C., Jajodia, S., Wang, X., and Wijesekera, D. 2002. Obligation monitoring in policy management. In Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks. Springer-Verlag, 2--12. Google Scholar
Digital Library
- Bhargav-Spantzel, A., Squicciarini, A., and Bertino, E. 2006. Privacy preserving multi-factor authentication with biometrics. In Proceedings of the 2nd ACM Workshop on Digital Identity Management. ACM, 63--72. Google Scholar
Digital Library
- Chan, P. S., Krumholz, H. M., Nichol, G., and Nallamothu, B. K. 2008. Delayed time to defibrillation after in-hospital cardiac arrest. The New England J. Med. 358, 1, 9--17.Google Scholar
Cross Ref
- Corradi, A., Montanari, R., and Tibaldi, D. 2004. Context-based access control management in ubiquitous environments. In Proceedings of the 3rd International Symposium on Network Computing and Applications. IEEE, 253--260. Google Scholar
Digital Library
- Covington, M. J., Long, W., and Srinivasan, S. 2001. Secure context-aware applications using environmental roles. In Proceedings of the 6th ACM Symposium on Access Control Models and Technology. ACM, 10--20. Google Scholar
Digital Library
- Denning, T., Fu, K., and Kohno, T. 2008. Absence makes the heart grow fonder: New directions for implantable medical device security. In Proceedings of the 3rd Conference on Hot Topics in Security (HOTSEC’08). USENIX Association, Berkeley, CA, 1--7. Google Scholar
Digital Library
- DiMattia, G. D., Faisal, I. K., and Amyotte, P. R. 2005. Determination of human error probabilities for offshore platform musters. J. Loss Prev. Process Indust. 18, 488--501.Google Scholar
Cross Ref
- Gupta, S. K. S. 2008. Towards formal framework for modeling and evaluation of high-confidence criticality-aware software for distributed CPS: A white paper. In National Workshop for Research on High Confidence Transportation Cyber Physical Systems: Automotive, Avaition, and Rail.Google Scholar
- Gupta, S. K. S., Mukherjee, T., and Venkatasubramanian, K. 2006. Criticality aware access control model for pervasive applications. In Proceedings of the 4th Conference on Pervasive Computing. IEEE, 251--257. Google Scholar
Digital Library
- Hendrix, K., Mayhan, S., Lackland, D., and Egan, B. 2004. Prevalence, treatment, and control of chest pain syndromes and associated risk factors in hypertensive patients. Amer. J. Hyperten. 18, 8, 1026--1032.Google Scholar
Cross Ref
- Hu, J. and Weaver, A. C. 2003. A dynamic, context-aware security infrastructure for distributed healthcare applications. In Proceedings of the 1st Workshop on Pervasive Security, Privacy and Trust. ICST.Google Scholar
- Joshi, J. B. D., Bertino, E., and Ghafoor, A. 2005. Analysis of expressiveness and design issues for a temporal role based access control model. Trans. Depend. Sec. Comput. 2, 2, 157--175. Google Scholar
Digital Library
- Kagal, L., Finin, T., and Joshi, A. 2003. A policy language for a pervasive computing environment. In Proceedings of the 4th International Workshop on Policies for Distributed Systems and Networks. Springer-Verlag, 63--74. Google Scholar
Digital Library
- Khot, U. N., Khot, M. B., Bajzer, C. T., Sapp, S. K., Ohman, E. M., Brener, S. J., Ellis, S. G., Lincodd, A. M., and Topol, E. J. 2003. Prevalence of conventional risk factors in patients with coronary heart disease. J. AMA 290, 7, 898--904.Google Scholar
- Liu, H., Motoda, H., and Yu, L. 2004. A selective sampling approach to active feature selection. Artif. Intell. 159, 1--2, 49--74. Google Scholar
Digital Library
- Mehrotra, S., Butts, C., Kalashnikov, D., Venkatasubramanian, N., Rao, R., Chockalingam, G., Eguchi, R., Adams, B., and Huyck, C. 2004. Project RESCUE: Challenges in responding to the unexpected. In Proceedings of the 16th Annual Symposium on Electronic Imaging Science and Technology. SPIE, 179--192.Google Scholar
- Moyer, M. J. and Ahamad, M. 2001. Generalized role based access control. In Proceedings of the 21st International Conference Distributed Computing System. IEEE, 391--398. Google Scholar
Digital Library
- Mukherjee, T. and Gupta, S. K. S. 2009. CRET: A crisis response evaluation tool to improve crisis preparednesss. In Proceedings of the International Conference on Technologies for Homeland Security. IEEE.Google Scholar
- Mukherjee, T., Venkatasubramanian, K., and Gupta, S. K. S. 2006. Performance modeling of critical event management for ubiquitous computing applications. In Proceedings of the International Symposium on Modeling, Analysis and Simulation of Wireless and Mobile Systems. ACM/IEEE, 12--19. Google Scholar
Digital Library
- Oil Spill. 2010. Gulf of Mexico Oil Spill (2010). NY Times, http://topics.nytimes.com/top/reference/timestopics/subjects/o/oil_spills/index.html.Google Scholar
- Pope, J. H., Aufderheide, T. P., Ruthazer, R., Woolard, R. H., Feldman, J. A., Beshansky, J. R., Griffith, J. L., and Selker, H. P. 2000. Missed diagnoses of acute cardiac ischemia in the emergency department. New Engl. J. Med. 342, 16, 1163--1170.Google Scholar
Cross Ref
- Povey, D. 2000. Optimistic security: A new access control paradigm. In Proceedings of the Workshop on New Security Paradigms. ACM, 40--45. Google Scholar
Digital Library
- Sampemane, G., Naldurg, P., and Campbell, R. H. 2002. Access control for active spaces. In Proceedings of the 18th Annual Computer Security Applications Conference. IEEE, 343--352. Google Scholar
Digital Library
- Sandhu, R., Coyne, E. J., Feinstein, H. L., and Youman, C. E. 1996. Role based access control models. IEEE Comput. 29, 2, 38--47. Google Scholar
Digital Library
- Sloman, M. and Lupu, E. 2002. Security and management policy specification. IEEE Net. 16, 2, 10--19. Google Scholar
Digital Library
- Venkatasubramanian, K., Deng, G., Mukherjee, T., Quintero, J., Annamalai, V., and Gupta, S. K. S. 2005. Ayushman: A wireless sensor network based health monitoring infrastructure and testbed. In Proceedings of the International Conference on Distributed Computing in Sensor Systems. IEEE, 406--407. Google Scholar
Digital Library
- Wang, H., Zhang, Y., and Cao, J. 2006. Ubiquitous computing environments and its usage access control. In Proceedings of the 1st International Conference on Scalable Information Systems. ACM, 6. Google Scholar
Digital Library
Index Terms
CAAC -- An Adaptive and Proactive Access Control Approach for Emergencies in Smart Infrastructures
Recommendations
A generalized context-based access control model for pervasive environments
SPRINGL '09: Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBSPervasive Computing Environments enable new opportunities for users to share and to access resources anytime and anywhere in a more natural way, making access control a critical issue. These heterogeneous and dynamic sensor-rich environments ...
Constraints-based access control
Das'01: Proceedings of the fifteenth annual working conference on Database and application securityThe most important aspect of security in a database after establishing the authenticity of the user is its access control mechanism. The ability of this access control mechanism to express the security policy can make or break the system.This paper ...
An Evaluation of Role Based Access Control Towards Easier Management Compared to Tight Security
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed SystemsRole-based access control (RBAC) is a widely-used protocol to design and build an access control for providing the system security regarding authorization. Even though in the context of internet resources access, the authentication and access control ...






Comments