TC: Medium: Collaborative Research: Towards Formal, Risk-Aware Authorization

TC：媒介：协作研究：迈向正式的、具有风险意识的授权

• 批准号: 0964295
• 负责人: Adam Lee
• 金额: $ 32.47万
• 依托单位: University of Pittsburgh
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2010
• 资助国家: 美国
• 起止时间: 2010-06-01 至 2014-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0964295&HistoricalAwards=false
• 关键词: TC; Medium; Collaborative; Research; Towards

Traditional security authorization decisions are black and white: a user either satisfies a particular access policy or does not. This rigidity is a handicap in our complex and unpredictable world. As a result, even security-conscious organizations typically grossly overprovision principals with access rights and/or underconstrain access policies to ensure that principals can always carry out the organization's mission effectively and respond to unexpected opportunities and challenges. This project focuses on developing dynamic and risk-aware approaches to access control that allow organizations to make security-critical decisions in the face of incomplete information and unexpected circumstances. This is accomplished by combining proof-theoretic access controls with economic models of risk. In the event that the expected proof of authorization for an action cannot be generated, the systems developed in this project carry out an efficient search for similar proofs of authorization that minimize the overall risk incurred by deviating from the expected. This approach allows policies to adapt dynamically to the changing context of the systems in which they are deployed. This research will have several benefits, including increased system availability during disasters or other uncommon cases not explicitly modeled by policies; reduced instances of permission creep, as overprovisioning users is no longer required to ensure that an organization's business needs are met; a quantifiable means of assessing how policies are actually used and how they might be changed to better reflect the evolution of organizations; and the development of metrics for assessing access control risks.

传统的安全授权决策是白色的：用户要么满足特定的访问策略，要么不满足。 在我们这个复杂和不可预测的世界中，这种僵化是一种障碍。 因此，即使是有安全意识的组织通常也会过度向主体提供访问权限和/或限制访问策略，以确保主体始终能够有效地执行组织的使命并对意外的机会和挑战做出响应。 该项目的重点是开发动态和风险意识的访问控制方法，使组织能够在面对不完整的信息和意外情况下做出安全关键决策。 这是通过将证据理论访问控制与风险的经济模型相结合来实现的。 如果无法生成预期的行动授权证明，本项目开发的系统将有效搜索类似的授权证明，从而最大限度地减少因偏离预期而产生的总体风险。 这种方法允许策略动态地适应部署它们的系统的不断变化的上下文。这项研究将有几个好处，包括在发生灾害或政策未明确建模的其他罕见情况下提高系统可用性;减少权限蔓延的情况，因为不再需要过度配置用户来确保满足组织的业务需求;评估政策实际使用情况以及如何改变政策以更好地反映组织的演变的可量化手段;以及制定评估访问控制风险的指标。