Dynamic and risk-aware network access management

Lawrence Teo, Gail-Joon Ahn, Yuliang Zheng

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Citations (Scopus)

Abstract

Traditional network security technologies such as firewalls and intrusion detection systems usually work according to a static ruleset only. We believe that a better approach to network security can be achieved if we use quantified levels of risk as an input. In this paper, we describe a dynamic access control architecture which uses risk to determine whether to allow or deny access by a source connection into the network. A simulation of our architecture shows favorable and promising results.

Original languageEnglish (US)
Title of host publicationProceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)
Pages217-230
Number of pages14
StatePublished - 2003
Externally publishedYes
EventProceedings of Eighth ACM Symposium on Access Control Models and Technologies - Villa Gallia, Como, Italy
Duration: Jun 2 2003Jun 3 2003

Other

OtherProceedings of Eighth ACM Symposium on Access Control Models and Technologies
CountryItaly
CityVilla Gallia, Como
Period6/2/036/3/03

Fingerprint

Network security
Intrusion detection
Access control

Keywords

  • Dynamic access control
  • Network management
  • Risk
  • Risk awareness
  • Role

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Teo, L., Ahn, G-J., & Zheng, Y. (2003). Dynamic and risk-aware network access management. In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002) (pp. 217-230)

Dynamic and risk-aware network access management. / Teo, Lawrence; Ahn, Gail-Joon; Zheng, Yuliang.

Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002). 2003. p. 217-230.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Teo, L, Ahn, G-J & Zheng, Y 2003, Dynamic and risk-aware network access management. in Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002). pp. 217-230, Proceedings of Eighth ACM Symposium on Access Control Models and Technologies, Villa Gallia, Como, Italy, 6/2/03.
Teo L, Ahn G-J, Zheng Y. Dynamic and risk-aware network access management. In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002). 2003. p. 217-230
Teo, Lawrence ; Ahn, Gail-Joon ; Zheng, Yuliang. / Dynamic and risk-aware network access management. Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002). 2003. pp. 217-230
@inproceedings{2f66409f83204f21a91820f986ad64f2,
title = "Dynamic and risk-aware network access management",
abstract = "Traditional network security technologies such as firewalls and intrusion detection systems usually work according to a static ruleset only. We believe that a better approach to network security can be achieved if we use quantified levels of risk as an input. In this paper, we describe a dynamic access control architecture which uses risk to determine whether to allow or deny access by a source connection into the network. A simulation of our architecture shows favorable and promising results.",
keywords = "Dynamic access control, Network management, Risk, Risk awareness, Role",
author = "Lawrence Teo and Gail-Joon Ahn and Yuliang Zheng",
year = "2003",
language = "English (US)",
pages = "217--230",
booktitle = "Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)",

}

TY - GEN

T1 - Dynamic and risk-aware network access management

AU - Teo, Lawrence

AU - Ahn, Gail-Joon

AU - Zheng, Yuliang

PY - 2003

Y1 - 2003

N2 - Traditional network security technologies such as firewalls and intrusion detection systems usually work according to a static ruleset only. We believe that a better approach to network security can be achieved if we use quantified levels of risk as an input. In this paper, we describe a dynamic access control architecture which uses risk to determine whether to allow or deny access by a source connection into the network. A simulation of our architecture shows favorable and promising results.

AB - Traditional network security technologies such as firewalls and intrusion detection systems usually work according to a static ruleset only. We believe that a better approach to network security can be achieved if we use quantified levels of risk as an input. In this paper, we describe a dynamic access control architecture which uses risk to determine whether to allow or deny access by a source connection into the network. A simulation of our architecture shows favorable and promising results.

KW - Dynamic access control

KW - Network management

KW - Risk

KW - Risk awareness

KW - Role

UR - http://www.scopus.com/inward/record.url?scp=0242456725&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0242456725&partnerID=8YFLogxK

M3 - Conference contribution

SP - 217

EP - 230

BT - Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)

ER -