Access Control Privileges Management for Risk Areas

摘要

This paper presents adaptive access control for areas where risks require modifying authorizations dynamically at run time to enlarge and/or restrict privileges for risk rescue teams. Resources, which have a spatial description, as well as data elements of the areas to be protected, are considered. Based on a risk scenario, principles of access control based on the ABAC (Attribute Based Access Control) model for Subjects and Objects are given. Adaptivity of access control rules apply to subjects who intervene in the risk area and who require enlarged privileges to access to resources. The Access Control Domain concept models the policies of adaptive changes to Subject/Object attributes to face the crisis events. Events have a spatial description to enable managing the crisis according to where the event has occurred, since the same event can have different impacts on the environment depending on where it happens.