Network-Centric Access Control

Information leakage via the networks formed by subjects and objects often leads to unpredicted risks in access control decisions, and needs to be quantified and addressed in an explicit manner. This paper presents a novel network-centric access control paradigm that enhances traditional node-centric models by explicitly accounting for such network effects in information flows, and yet offering scalable and flexible risk estimation regarding access control decisions. The authors show that a range of state-of-the-art access control models can be enhanced using this general framework.