Skip to Main content Skip to Navigation
Conference papers

A Framework for Threat Assessment in Access Control Systems

Abstract : We describe a framework for threat assessment specifically within the context of access control systems, where subjects request access to resources for which they may not be pre-authorized. The framework that we describe includes four different approaches for conducting threat assessment: an object sensitivity-based approach, a subject trustworthiness-based approach and two additional approaches which are based on the difference between object sensitivity and subject trustworthiness. We motivate each of the four approaches with a series of examples. We also identify and formally describe the properties that are to be satisfied within each approach. Each of these approaches results in different threat orderings, and can be chosen based on the context of applications or preference of organizations.
Document type :
Conference papers
Complete list of metadata

Cited literature [7 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, May 4, 2017 - 1:45:35 PM
Last modification on : Monday, December 11, 2017 - 2:14:01 PM
Long-term archiving on: : Saturday, August 5, 2017 - 1:25:23 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Hemanth Khambhammettu, Sofiene Boulares, Kamel Adi, Luigi Logrippo. A Framework for Threat Assessment in Access Control Systems. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. pp.187-198, ⟨10.1007/978-3-642-30436-1_16⟩. ⟨hal-01518243⟩



Record views


Files downloads