Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

The Need for Application-Aware Access Control Evaluation

Garrison, William C and Lee, Adam J and Hinrichs, Timothy L (2012) The Need for Application-Aware Access Control Evaluation. In: Proceedings of the New Security Paradigms Workshop (NSPW). UNSPECIFIED, 1 - 11. ISBN UNSPECIFIED

[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)


Access control is an area where one size does not fit all. However, previous work in access control has focused solely on expressiveness as an absolute measure. Thus, we discuss and justify the need for a new type of evaluation framework for access control, one that is application-aware. To this end, we apply previous work in access control evaluation, as well as lessons learned from evaluation frameworks used in other domains. We describe the analysis components required by such a framework, the challenges involved in building it, and our preliminary work in realizing this ambitious goal. We then theorize about other areas within the security domain that display a similar absence of such evaluation tools, and consider ways in which we can adapt our framework to analyze these broader types of security workloads.


Social Networking:
Share |


Item Type: Book Section
Status: Published
CreatorsEmailPitt UsernameORCID
Garrison, William C
Lee, Adam Jadamlee@pitt.eduADAMLEE
Hinrichs, Timothy L
Date: September 2012
Date Type: Publication
Access Restriction: No restriction; Release the ETD for access worldwide immediately.
Page Range: 1 - 11
Institution: University of Pittsburgh
Schools and Programs: Dietrich School of Arts and Sciences > Computer Science
Refereed: Yes
Title of Book: Proceedings of the New Security Paradigms Workshop (NSPW)
Related URLs:
Date Deposited: 05 Dec 2012 20:05
Last Modified: 25 Aug 2017 05:05


Monthly Views for the past 3 years

Plum Analytics

Actions (login required)

View Item View Item