dynamic security modeling in risk management using environmental knowledge
DESCRIPTION
This presentation, introduces the design principles for dynamic security modelling in risk-prone environments, where elements of the environment to be protected are classified in Contexts and are monitored and geo-referenced. Based on a motivating scenario, the security model elements are introduced building on the ABAC (Attribute Based Access Control) paradigm. Dynamicity is integrated into the model to make it self-adaptable to dynamic changes in the environment conditions, including the occurrence of risks and emergencies. The model aims at dynamically authorising subjects to access diverse data and physical objects (resources) based on adaptive activation/deactivation of security rules and changes in subject or object attributes, while still preserving the need-to-know principle.TRANSCRIPT
Dynamic Security Modeling in Risk Management Using Environmental Knowledge
Mariagrazia Fugini1, George Hadjichristofi2,,and Mahsa Teimourikia3
1,3Politecnico di Milano, 2Frederick University
[email protected], [email protected], [email protected] June 2014
Polo Territoriale di Como
Motivations
2
[1] K. Smith, Environmental hazards: assessing risk and reducing disaster, Routledge, 2013.[2] R. H. Weber, " Internet of Things–New security and privacy challenges," Computer Law & Security Review, vol. 26, no. 1, pp. 23-30, 2010.
• In environmental risk management, providing security for people and various devices dynamically, according what happens in the environment is an open issue [1].
• The characteristics of a highly distributed and resource-constrained systems, make the application of conventional access control models a challenging issue.
• With the emergence of smart environments and Internet of things (IoT), security issues considering both conceptual and physical security should be properly addressed [2].
Polo Territoriale di Como
Objectives
• To design a security model, which is flexible enough to accommodate varying security rules according to changes in the environment conditions.
• Elements of the security model are described based on the Attribute-Based Access Control (ABAC).
• The model aims at dynamically authorize subjects to access diverse data and physical objects employing the adaptive activation and deactivation of security rules and changes in the subject and object attributes.
Polo Territoriale di Como
A Scenario
• Considering an smart environment (i.e. an airport), in which the objects, people and the environment itself are monitored using sensors, and monitoring devices such as surveillance cameras, check points, wearable devices, and etc.
• The environment includes both open and closed areas in which different sensors and monitoring devices are available.
• The airport Security Staff intervene in case of emergencies, the Security Manager, is the subject in charge in case of an emergency with the highest clearance, and the Surveillance Personnel are in charge of monitoring the environment and can only intervene in minor security problems.
Polo Territoriale di Como
Security Modeling for Risk Management
• The security model is based on ABAC including the following components:
Subjects: this abstracts a user, an application, or a process wanting to perform an operation on a resource/object. A subject can hold many attributes in these three categories: General Attributes, Geo Attributes, Security Attributes.
Objects: abstract resources that a subject can access or act on. Objects hold three groups of attributes: General Attributes, Geo Attributes, Security Attributes.
Environment: this component models the environment (i.e., the airport) with its dynamic conditions, which affect the security decisions.
Polo Territoriale di Como
Security Modeling for Risk Management
Actions and Activities: these are operations that can be executed by subjects on objects in a given context including Simple operations (actions)(e.g. read, write, etc.) and complex operations, called activities, which combine simple actions to model a task, a processor or a physical action. (e.g. “Redirect the airplane to another runway”).
Contexts: this component indicates a set of security rules, which are valid in a certain situation based on dynamic changes in the environment, including occurrence of risks.
Polo Territoriale di Como
Security Modeling for Risk Management
Risk and Emergency: The monitored environment conditions, which change dynamically, can cause the occurrence of some risks/emergencies. A risky situation is recognized based on parameters such as: type, level, and location determining how to adapt security rules to handle it.
Events: Changes in the environment monitored conditions, trigger events that in turn activate/deactivate contexts that modify the security rules. Or cause changes in the subject/object attributes.
Polo Territoriale di Como
Security Modeling for Risk Management
Polo Territoriale di Como
Adaptivity
Polo Territoriale di Como
Adaptivity
Polo Territoriale di Como
Adaptivity
ECA (Event-Condition-Action):
Polo Territoriale di Como
The Adaptive Security Model
Polo Territoriale di Como
Conclusions
• Here we introduced design principles for dynamic security modeling considering the environment risks.
• We make extensions on ABAC paradigm to make the security model adaptive to handle risk situations.
• To facilitate this adaptivity we employed the concept of contexts to dynamically change the security rules
Polo Territoriale di Como
Future Works
• As future work, we intend to focus on the topics of:
• binding environmental and spatial information,
• on the dynamics of assigning authoritative roles to administrators,
• and on ways to handle conflicting Context switching.
• We are working towards inclusion of this security model in the Risk Management Tool simulator developed for risk management and described in [3], based on Matlab and on a web application deployment environment.
[3] M. Fugini, C. Raibulet and L. Ubezio, "Risk assessment in work environments: modeling and simulation.," Concurrency and computation: Practice and experience, vol. 24, no. 18,pp. 2381-2403, 2012.
Polo Territoriale di Como
Thank You