Risk adaptive information flow based access control

摘要

Systems and methods are provided to manage risk associated with access to information within a given organization. The overall risk tolerance for the organization is determined and allocated among a plurality of subjects within the organization. Allocation is accomplished using either a centralized, request/response or free market mechanism. As requested from subjects within the organization for access to objects, i.e. information and data, are received, the amount of risk or risk level associated with each requested is quantified. Risk quantification can be accomplished using, for example, fuzzy multi-level security. The quantified risk associated with the access request in combination with the identity of the object and the identity of the subject are used to determine whether or not the request should be granted, denied or granted with appropriated mitigation measures.

主权项

1. A method for access control, the method comprising:
creating a hierarchical risk scale by:
creating a high risk band comprising risk above an upper risk boundary;creating a low risk band comprising risk below a lower risk boundary, the low risk bank separate from the high risk band; andcreating a plurality of intermediate risk bands located between the high risk band and the low risk band, the plurality of intermediate risk bands comprises more than two intermediate risk bands and each intermediate risk band comprising a given range of risk between the upper risk boundary and the lower risk boundary; estimating a risk based on objects accessed and security attributes of accessing subjects, wherein the risk comprises countable and allocable units of a total amount of risk for unauthorized information disclosure for all objects accessed by all accessing subjects that is tolerated and comprises an expected value of loss incurred through unauthorized disclosure of objects by subjects, and wherein, the expected risk of loss increases from the lower risk boundary to the upper risk boundary; associating a unique access request decision with each risk band; determining a risk estimate associated with access of a given object by a given subject; locating the risk estimate in one of the high risk band, plurality of intermediate risk bands and the low risk band; and applying the access request decision associated with the risk band in which the risk estimate is located and any desired units of the total amount of risk allocated to the given subject to the access of the given object by the given subject.