Architectural Access Control Policy Refinement and Verification under Uncertainty
Hahner, Sebastian
Abstract:
In our connected world, confidentiality is a central quality requirement. A commonly used mechanism to meet confidentiality requirements is access control. However, access control policies are usually not defined on the architectural abstraction level and are imprecise during design time due to the high degree of uncertainty. This impedes early considerations of confidentiality as implied by "Privacy by Design". We propose an approach to refine and verify access control policies while handling uncertainty that fills the gap between high-level confidentiality requirements and low-level access control.
| Zugehörige Institution(en) am KIT | Institut für Informationssicherheit und Verlässlichkeit (KASTEL) |
| Publikationstyp | Proceedingsbeitrag |
| Publikationsjahr | 2021 |
| Sprache | Englisch |
| Identifikator | ISSN: 1613-0073 KITopen-ID: 1000139152 |
| HGF-Programm | 46.23.03 (POF IV, LK 01) Engineering Security for Mobility Systems |
| Erschienen in | 15th European Conference on Software Architecture - Companion (ECSA-C 2021), Virtual online (originally: Växjö, Sweden), September, 13-17, 2021. Ed.: R. Heinrich |
| Veranstaltung | 15th European Conference on Software Architecture (ECSA 2021), Online, 13.09.2021 – 17.09.2021 |
| Verlag | RWTH Aachen |
| Serie | CEUR Workshop Proceedings ; 2978 |
| Schlagwörter | Software Architecture, Access Control, Uncertainty, Confidentiality |
| Nachgewiesen in | Scopus |