TC: Medium: Collaborative Research: Towards Formal, Risk-Aware Authorization

TC：媒介：协作研究：迈向正式的、具有风险意识的授权

• 批准号: 0963943
• 负责人: Marianne Winslett
• 金额: $ 32.59万
• 依托单位: University of Illinois at Urbana-Champaign
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2010
• 资助国家: 美国
• 起止时间: 2010-06-01 至 2015-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0963943&HistoricalAwards=false
• 关键词: TC; Medium; Collaborative; Research; Towards

Traditional security authorization decisions are black and white: a user either satisfies a particular access policy or does not. This rigidity is a handicap in our complex and unpredictable world. As a result, even security-conscious organizations typically grossly overprovision principals with access rights and/or underconstrain access policies to ensure that principals can always carry out the organization's mission effectively and respond to unexpected opportunities and challenges. This project focuses on developing dynamic and risk-aware approaches to access control that allow organizations to make security-critical decisions in the face of incomplete information and unexpected circumstances. This is accomplished by combining proof-theoretic access controls with economic models of risk. In the event that the expected proof of authorization for an action cannot be generated, the systems developed in this project carry out an efficient search for similar proofs of authorization that minimize the overall risk incurred by deviating from the expected. This approach allows policies to adapt dynamically to the changing context of the systems in which they are deployed. This research will have several benefits, including increased system availability during disasters or other uncommon cases not explicitly modeled by policies; reduced instances of permission creep, as overprovisioning users is no longer required to ensure that an organization's business needs are met; a quantifiable means of assessing how policies are actually used and how they might be changed to better reflect the evolution of organizations; and the development of metrics for assessing access control risks.

传统的安全授权决策是非黑即白的：用户要么满足特定的访问策略，要么不满足。在我们这个复杂和不可预测的世界里，这种僵化是一个障碍。因此，即使是具有安全意识的组织通常也会向主体过度提供访问权限和/或限制访问策略，以确保主体始终能够有效地执行组织的任务并应对意外的机会和挑战。该项目专注于开发动态且具有风险意识的访问控制方法，使组织能够在信息不完整和意外情况下做出安全关键决策。这是通过将证据理论访问控制与风险经济模型相结合来实现的。如果无法生成预期的行动授权证据，本项目中开发的系统将有效地搜索类似的授权证据，从而最大限度地减少因偏离预期而产生的总体风险。这种方法允许策略动态适应部署它们的系统不断变化的环境。这项研究将有几个好处，包括在灾难或其他未由策略明确建模的罕见情况下提高系统可用性；减少权限蠕变的实例，因为不再需要过度配置用户来确保组织的业务需求得到满足；评估策略的实际使用方式以及如何更改策略以更好地反映组织的发展；以及制定用于评估访问控制风险的指标。