Lookup NU author(s): Dr Charles Morisset,
Dr Iryna Yevseyeva,
Dr Thomas Gross,
Professor Aad van Moorsel
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
We propose in this paper a formal model for soft enforcement, where a decision-maker is influenced towards a decision, rather than forced to select that decision. This novel type of enforcement is particularly useful when the policy enforcer cannot fully control the environment of the decision-maker, as we illustrate in the context of attribute-based access control, by limiting the control over attributes. We also show that soft enforcement can improve the security of the system when the influencer is uncertain about the environment, and when neither forcing the decision-maker nor leaving them make their own selection is optimal. We define the general notion of optimal influencing policy, that takes into account both the control of the influencer and the uncertainty in the system.
Author(s): Morisset C, Yevseyeva I, Gross T, van Moorsel A
Editor(s): Sjouke Mauw, Christian Damsgaard Jensen
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: 10th International Workshop on Security Trust and Management (STM 2014)
Year of Conference: 2014
Online publication date: 10/09/2014
Acceptance date: 01/01/1900
Library holdings: Search Newcastle University Library for this item
Series Title: Lecture Notes in Computer Science