Handling Environmental Uncertainty in Design Time Access Control Analysis
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216208%3A11320%2F22%3A10453484" target="_blank" >RIV/00216208:11320/22:10453484 - isvavai.cz</a>
Result on the web
<a href="https://doi.org/10.1109/SEAA56994.2022.00067" target="_blank" >https://doi.org/10.1109/SEAA56994.2022.00067</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1109/SEAA56994.2022.00067" target="_blank" >10.1109/SEAA56994.2022.00067</a>
Alternative languages
Result language
angličtina
Original language name
Handling Environmental Uncertainty in Design Time Access Control Analysis
Original language description
The high complexity, connectivity, and data exchange of modern software systems make it crucial to consider confidentiality early. An often used mechanism to ensure confidentiality is access control. When the system is modeled during design time, access control can already be analyzed. This enables early identification of confidentiality violations and the ability to analyze the impact of what-if scenarios. However, due to the abstract view of the design time model and the ambiguity in the early stages of development, uncertainties exist in the system environment. These uncertainties can have a direct effect on the validity of access control attributes in use, which might result in compromised confidentiality.To handle such known uncertainty, we present a notion of confidence in the context of design time access control. We define confidence as a composition of known uncertainties in the environment of the system, which influence the validity of access control attributes. We extend an existing modeling and analysis approach for design time access control with our notion of confidence. For evaluation, we apply the notion of confidence to multiple real-world case studies and discuss the resulting benefits for different stages of system development. We also analyze the expressiveness of the extended approach in defining confidentiality constraints and measure the accuracy in identifying confidentiality violations. Our results show that using the notion of confidence increases expressiveness while being able to accurately identify access control violations.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
<a href="/en/project/GC20-24814J" target="_blank" >GC20-24814J: FluidTrust – Enabling trust by fluid access control to data and physical resources in Industry 4.0 systems</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2022
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Proceedings of 48th Euromicro Conference on Software Engineering and Advanced Applications (SEAA)
ISBN
978-1-66546-152-8
ISSN
—
e-ISSN
—
Number of pages
8
Pages from-to
382-389
Publisher name
IEEE
Place of publication
Los Alamitos
Event location
Gran Canaria, Spain
Event date
Aug 31, 2022
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—