RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments

The enforcement of fine-grained access control policies in constrained dynamic networks can become a challenging task. The inherit constraints present in those networks, which result from the limitations of the edge devices in terms of power, computational capacity and storage, require an effective...

Descripción completa

Detalles Bibliográficos
Autores principales: Michailidou, Christina, Gkioulos, Vasileios, Shalaginov, Andrii, Rizos, Athanasios, Saracino, Andrea
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2020
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7285324/
https://www.ncbi.nlm.nih.gov/pubmed/32456150
http://dx.doi.org/10.3390/s20102960
_version_ 1783544673828077568
author Michailidou, Christina
Gkioulos, Vasileios
Shalaginov, Andrii
Rizos, Athanasios
Saracino, Andrea
author_facet Michailidou, Christina
Gkioulos, Vasileios
Shalaginov, Andrii
Rizos, Athanasios
Saracino, Andrea
author_sort Michailidou, Christina
collection PubMed
description The enforcement of fine-grained access control policies in constrained dynamic networks can become a challenging task. The inherit constraints present in those networks, which result from the limitations of the edge devices in terms of power, computational capacity and storage, require an effective and efficient access control mechanism to be in place to provide suitable monitoring and control of actions and regulate the access over the resources. In this article, we present RESPOnSE, a framework for the specification and enforcement of security policies within such environments, where the computational burden is transferred to high-tier nodes, while low-tier nodes apply risk-aware policy enforcement. RESPOnSE builds on a combination of two widely used access control models, Attribute-Based Access Control and Role-Based Access Control, exploiting the benefits each one provides. Moreover, the proposed mechanism is founded on a compensatory multicriteria decision-making algorithm, based on the calculation of the Euclidean distance between the run-time values of the attributes present in the security policy and their ideal values, as those are specified within the established policy rules.
format Online
Article
Text
id pubmed-7285324
institution National Center for Biotechnology Information
language English
publishDate 2020
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-72853242020-06-15 RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments Michailidou, Christina Gkioulos, Vasileios Shalaginov, Andrii Rizos, Athanasios Saracino, Andrea Sensors (Basel) Article The enforcement of fine-grained access control policies in constrained dynamic networks can become a challenging task. The inherit constraints present in those networks, which result from the limitations of the edge devices in terms of power, computational capacity and storage, require an effective and efficient access control mechanism to be in place to provide suitable monitoring and control of actions and regulate the access over the resources. In this article, we present RESPOnSE, a framework for the specification and enforcement of security policies within such environments, where the computational burden is transferred to high-tier nodes, while low-tier nodes apply risk-aware policy enforcement. RESPOnSE builds on a combination of two widely used access control models, Attribute-Based Access Control and Role-Based Access Control, exploiting the benefits each one provides. Moreover, the proposed mechanism is founded on a compensatory multicriteria decision-making algorithm, based on the calculation of the Euclidean distance between the run-time values of the attributes present in the security policy and their ideal values, as those are specified within the established policy rules. MDPI 2020-05-23 /pmc/articles/PMC7285324/ /pubmed/32456150 http://dx.doi.org/10.3390/s20102960 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Michailidou, Christina
Gkioulos, Vasileios
Shalaginov, Andrii
Rizos, Athanasios
Saracino, Andrea
RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments
title RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments
title_full RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments
title_fullStr RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments
title_full_unstemmed RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments
title_short RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments
title_sort response—a framework for enforcing risk-aware security policies in constrained dynamic environments
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7285324/
https://www.ncbi.nlm.nih.gov/pubmed/32456150
http://dx.doi.org/10.3390/s20102960
work_keys_str_mv AT michailidouchristina responseaframeworkforenforcingriskawaresecuritypoliciesinconstraineddynamicenvironments
AT gkioulosvasileios responseaframeworkforenforcingriskawaresecuritypoliciesinconstraineddynamicenvironments
AT shalaginovandrii responseaframeworkforenforcingriskawaresecuritypoliciesinconstraineddynamicenvironments
AT rizosathanasios responseaframeworkforenforcingriskawaresecuritypoliciesinconstraineddynamicenvironments
AT saracinoandrea responseaframeworkforenforcingriskawaresecuritypoliciesinconstraineddynamicenvironments

Ejemplares similares