際際滷

際際滷Share a Scribd company logo

Policies for Composed Emergencies in Support of Disaster Management

Download as PPTX, PDF
Michele Guglielmi
Michele Guglielmi

1. The document proposes policies and models for handling composed emergencies involving multiple related emergency situations. 2. A composed emergency is defined as a combination of atomic emergencies, described using patterns. Composed emergency policies define tactics and obligations to override those of individual emergencies. 3. An emergency composition tree (ECT) model represents composed emergencies and their sub-emergencies, along with policies defining which lower-level tactics and obligations to maintain, delete, or block.

1 of 22
Download to read offline
University of Insubria Department of Theoretical and Applied Science Policies for Composed Emergencies in Support of Disaster Management Barbara Carminati, Elena Ferrari, Michele Guglielmi European Office of Aerospace Research & Development
Emergency Management Hurricane Katrina 9/11 Attack Fukushima Information Sharing
Traditional vs Emergency Access Control Traditional access control models are regulated by a proper set of pre-defined access control policies. An Emergency access control model should (during an emergency) bypass the regular access control policies and grant users access to resources not normally authorized. Downgrading of information security Temporary Controlled Timely B. Carminati, E. Ferrari, and M. Guglielmi, Secure information sharing on support of emergency management. In proceeding of The Third IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT).
Emergency Access Control Model Temporary Emergency Emergency access control Detection Obligations policies Complex Event Emergency Policy Processing (CEP)
Access Control Model Emergency Temporary Access Descriptions Control Policies (init, end, timeout, priority) (sbj, obj, priv, obl) Explosion { SteamFilesPol { init: PS1 p1 PS1 = (pressure > 100)(PipeSensors); sbj: EPA Agents end: PS2 p2 obj: SteamFiles PS2 = (pressure 100)(PipeSensors); priv: read timeout: ; obl: null priority: high; } } Emergency Policy (emg, tacp, obl) ExplosionPol { emg: Explosion tacp: SteamFilesPol obl: FacilityEvacuation }
Composed Emergency There exist critical scenarios that cannot be handled by emergency policies: combination of different emergency situations that may give rise to a new and more critical emergency Composed Emergencies requiring a response plan different from those plans already in place for the atomic emergencies Composed Emergency Policies Sometimes it is necessary to override the tacps and obligations that have been activated as response plans of sub-emergencies with the tacps/ obligations of the composed Emergency Overriding Strategies
Reference Scenario Industrial Company Facility Scenario Fire Alarm Explosion Toxic Material Loss obl: obl: Facility obl: Warn EPA 1. FireFightersCall Evacuation 2. PoliceCall MapsFilesPol { SteamFilesPol { ChemicalFilesPol { sbj:FireFighters sbj:EPA Agents sbj:EPA Agents obj: MapsFiles obj: SteamFiles obj: ChemicalFiles priv: read priv: read priv: read } } }
Reference Scenario FireAlarm Explosion ToxicMaterialLoss Ecological Disaster obl: Warn DHS AllFilesPol { sbj:DHS Agents obj: AllFiles priv: read }
Composed Emergency A composed emergency ce is a pair (combination, pr), where pr {high,low} indicates the priority of the composed emergency, whereas combination: multiple occurrence Pattern a sequence a negation EcologicalDisaster = (Pattern,high) FireAlarm, Pattern = Explosion[FireAlarm,1h], ToxicMaterialLoss[Explosion,3h]
Emergency Policy An emergency policy is a tuple: (emg, tacps, obligations, overriding) where: emg: is an atomic or composed emergency tacps: is a set of pairs (tacp, exception) obligations: is a set of pairs (obl, exception) overriding: consist of (tacpOver, oblOver), whose values in {maintain, delete, block} denote the overriding strategies for tacps/ obligations, respectively. exception {true,false} denotes the exception value.
Emergency Policy deleted maintained EcologicalDisasterEP -emg = EcologicalDisaster -tacps = (AllFilesPol, true) -obligations = (warnDHS, true) -overriding = (delete, delete) FireAlarm Explosion ToxicMaterialLoss -tacps = (FacilityMapsFilesPol, true) -tacps = (SteamFilesPol, true) -tacps = (ChemicalFilesPol, true) -obligations = (FireFigthersCall, true), -obligations = (FacilityEvacuation, true) -obligations = (warnEPA, true) (PoliceCall, false) -priority = high -priority = high -priority = low -
Composed Emergency The introduction of policies for composed emergencies brings new issues: when a composed emergency is triggered, its sub- emergencies have been already instantiated and their tacps and obligations have been already activated the time needed to instantiate the new emergency could be large since for each of the already inserted tacps/obligations it should be determined whether it has to be maintained, deleted or blocked Emergency Composition Tree
ECT Node An Emergency Composition Tree node has the following attributes: tacps obligations prioity {high,low} tacpOver {maintain, delete, block} oblOver {maintain, delete, block} tacpToDelete oblToDelete tacpToBlock oblToBlock
ECT Example EcologicalDisaster -tacps = (AllFilesPol, true) -obligations = (warnDHS, true) -priority = high -tacpOver = delete -oblOver = delete -tacpToDelete = { } -oblToDelete = { PoliceCall } FireAlarm Explosion ToxicMaterialLoss -tacps = (FacilityMapsFilesPol, true) -tacps = (SteamFilesPol, true) -tacps = (ChemicalFilesPol, true) -obligations = (FireFigthersCall, true), -obligations = (FacilityEvacuation, true) -obligations = (warnEPA, true) - (PoliceCall, false) -priority = high -priority = high -priority = low -tacpOver = delete -oblOver = block -tacpToDelete = { WaterFilesPol } -oblToBlock = { WaterMaintenanceCall } WaterContamination AirContamination -tacps = (WaterFilesPol, false) -tacps = (GasFilesPol, false) -obligations = (WaterMaintenanceCall, false) -obligations = (GasMaintenanceCall, false) -priority = low -priority = high
ECT Enforcement For a policy associated with a composed emergency, the enforcement consists of the following steps: retrieval of the ECT node related to the emergency reading of the tacps and obligations attributes enforcement of the retrieved tacps/obligations reading of the overriding lists execution of the overriding operations
ECT Enforcement Example EcologicalDisaster -tacps = (AllFilesPol, true) -obligations = (warnDHS, true) -priority = high -tacpOver = delete -oblOver = delete -tacpToDelete = { } -oblToDelete = { PoliceCall } FireAlarm Explosion ToxicMaterialLoss -tacps = (FacilityMapsFilesPol, true) -tacps = (SteamFilesPol, true) -tacps = (ChemicalFilesPol, true) -obligations = (FireFigthersCall, true), -obligations = (FacilityEvacuation, true) -obligations = (warnEPA, true) - (PoliceCall, false) -priority = high -priority = high -priority = low -tacpOver = delete -oblOver = block -tacpToDelete = { WaterFilesPol } -oblToBlock = { WaterMaintenanceCall } WaterContamination AirContamination -tacps = (WaterFilesPol, false) -tacps = (GasFilesPol, false) -obligations = (WaterMaintenanceCall, false) -obligations = (GasMaintenanceCall, false) -priority = low -priority = high
Indexing Data Structure The same emergency could be part of one or more composed emergencies, therefore to avoid storage of redundant information we make use of an indexing data structure The position is encoded as index[emg] = (tj,lm,cn) where tj denotes an ECT lm and cn denote the position of the node related to emg in tj (i.e., its level lm and relative position cn in the level, from left to right).
Indexing Data Structure Suppose to have the following ECTs: nce1 nce4 nce2 nce3 nce5 nce6 nce2 index[ce1] = (nce1,0,0) index[ce4] = (nce4,0,0) index[ce2] = (nce1,1,0) (nce4,1,2) index[ce5] = (nce4,1,0) index[ce3] = (nce1,1,1) index[ce6] = (nce4,1,1)
ECT Generation In order to generate all ECTs associated with composed emergencies, we have defined an algorithm: It receives as input the policy base containing policies for composed emergencies and returns the set of created ECTs and the associated indexing structure. m = the number of composed emergency max(n) = the maximum number of sub-emergencies involved at any level in a composed emergency max(nt) = the maximum number of tacps associated with policies of all sub-emergencies max(no) = the maximum number of obligations associated with policies of all sub-emergencies
Enforcement Analysis Thanks to ECTs and indexing data structure composed emergency enforcement is efficent retrieval of the ECT node related to the emergency reading of the tacps and obligations attributes enforcement of the retrieved tacps/obligations reading of the overriding lists execution of the overriding operations
Prototype Extend the prototype with the support for composed emergencies Web Application Emergency User Manager php Web Server Access Control Emergency Repository Handler StreamBase Server
Conclusions Composed Emergency & Emergency Policies A suitable data structure for an efficient enforcement Future Work Investigate more complex combination patterns. Incremental maintenance strategies of the ECT data structure Complement our system with new cloud computing techniques

Recommended

Thesis Proposal
Thesis ProposalThesis Proposal
Thesis Proposal
Michele Guglielmi
Passat 2001
Passat 2001Passat 2001
Passat 2001
Michele Guglielmi
IPsec
IPsecIPsec
IPsec
Michele Guglielmi
2024 Trend Updates: What Really Works In SEO & Content Marketing
2024 Trend Updates: What Really Works In SEO & Content Marketing2024 Trend Updates: What Really Works In SEO & Content Marketing
2024 Trend Updates: What Really Works In SEO & Content Marketing
Search Engine Journal
Storytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design ProcessStorytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
Artificial Intelligence, Data and Competition SCHREPEL June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
SocialHRCamp
2024 State of Marketing Report by Hubspot
2024 State of Marketing Report by Hubspot2024 State of Marketing Report by Hubspot
2024 State of Marketing Report by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Christy Abraham Joy
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
MindGenius
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools

More Related Content

Featured (20)

Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Christy Abraham Joy
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
MindGenius
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Christy Abraham Joy
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
MindGenius
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools

Policies for Composed Emergencies in Support of Disaster Management

  • 1. University of Insubria Department of Theoretical and Applied Science Policies for Composed Emergencies in Support of Disaster Management Barbara Carminati, Elena Ferrari, Michele Guglielmi European Office of Aerospace Research & Development
  • 2. Emergency Management Hurricane Katrina 9/11 Attack Fukushima Information Sharing
  • 3. Traditional vs Emergency Access Control Traditional access control models are regulated by a proper set of pre-defined access control policies. An Emergency access control model should (during an emergency) bypass the regular access control policies and grant users access to resources not normally authorized. Downgrading of information security Temporary Controlled Timely B. Carminati, E. Ferrari, and M. Guglielmi, Secure information sharing on support of emergency management. In proceeding of The Third IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT).
  • 4. Emergency Access Control Model Temporary Emergency Emergency access control Detection Obligations policies Complex Event Emergency Policy Processing (CEP)
  • 5. Access Control Model Emergency Temporary Access Descriptions Control Policies (init, end, timeout, priority) (sbj, obj, priv, obl) Explosion { SteamFilesPol { init: PS1 p1 PS1 = (pressure > 100)(PipeSensors); sbj: EPA Agents end: PS2 p2 obj: SteamFiles PS2 = (pressure 100)(PipeSensors); priv: read timeout: ; obl: null priority: high; } } Emergency Policy (emg, tacp, obl) ExplosionPol { emg: Explosion tacp: SteamFilesPol obl: FacilityEvacuation }
  • 6. Composed Emergency There exist critical scenarios that cannot be handled by emergency policies: combination of different emergency situations that may give rise to a new and more critical emergency Composed Emergencies requiring a response plan different from those plans already in place for the atomic emergencies Composed Emergency Policies Sometimes it is necessary to override the tacps and obligations that have been activated as response plans of sub-emergencies with the tacps/ obligations of the composed Emergency Overriding Strategies
  • 7. Reference Scenario Industrial Company Facility Scenario Fire Alarm Explosion Toxic Material Loss obl: obl: Facility obl: Warn EPA 1. FireFightersCall Evacuation 2. PoliceCall MapsFilesPol { SteamFilesPol { ChemicalFilesPol { sbj:FireFighters sbj:EPA Agents sbj:EPA Agents obj: MapsFiles obj: SteamFiles obj: ChemicalFiles priv: read priv: read priv: read } } }
  • 8. Reference Scenario FireAlarm Explosion ToxicMaterialLoss Ecological Disaster obl: Warn DHS AllFilesPol { sbj:DHS Agents obj: AllFiles priv: read }
  • 9. Composed Emergency A composed emergency ce is a pair (combination, pr), where pr {high,low} indicates the priority of the composed emergency, whereas combination: multiple occurrence Pattern a sequence a negation EcologicalDisaster = (Pattern,high) FireAlarm, Pattern = Explosion[FireAlarm,1h], ToxicMaterialLoss[Explosion,3h]
  • 10. Emergency Policy An emergency policy is a tuple: (emg, tacps, obligations, overriding) where: emg: is an atomic or composed emergency tacps: is a set of pairs (tacp, exception) obligations: is a set of pairs (obl, exception) overriding: consist of (tacpOver, oblOver), whose values in {maintain, delete, block} denote the overriding strategies for tacps/ obligations, respectively. exception {true,false} denotes the exception value.
  • 11. Emergency Policy deleted maintained EcologicalDisasterEP -emg = EcologicalDisaster -tacps = (AllFilesPol, true) -obligations = (warnDHS, true) -overriding = (delete, delete) FireAlarm Explosion ToxicMaterialLoss -tacps = (FacilityMapsFilesPol, true) -tacps = (SteamFilesPol, true) -tacps = (ChemicalFilesPol, true) -obligations = (FireFigthersCall, true), -obligations = (FacilityEvacuation, true) -obligations = (warnEPA, true) (PoliceCall, false) -priority = high -priority = high -priority = low -
  • 12. Composed Emergency The introduction of policies for composed emergencies brings new issues: when a composed emergency is triggered, its sub- emergencies have been already instantiated and their tacps and obligations have been already activated the time needed to instantiate the new emergency could be large since for each of the already inserted tacps/obligations it should be determined whether it has to be maintained, deleted or blocked Emergency Composition Tree
  • 13. ECT Node An Emergency Composition Tree node has the following attributes: tacps obligations prioity {high,low} tacpOver {maintain, delete, block} oblOver {maintain, delete, block} tacpToDelete oblToDelete tacpToBlock oblToBlock
  • 14. ECT Example EcologicalDisaster -tacps = (AllFilesPol, true) -obligations = (warnDHS, true) -priority = high -tacpOver = delete -oblOver = delete -tacpToDelete = { } -oblToDelete = { PoliceCall } FireAlarm Explosion ToxicMaterialLoss -tacps = (FacilityMapsFilesPol, true) -tacps = (SteamFilesPol, true) -tacps = (ChemicalFilesPol, true) -obligations = (FireFigthersCall, true), -obligations = (FacilityEvacuation, true) -obligations = (warnEPA, true) - (PoliceCall, false) -priority = high -priority = high -priority = low -tacpOver = delete -oblOver = block -tacpToDelete = { WaterFilesPol } -oblToBlock = { WaterMaintenanceCall } WaterContamination AirContamination -tacps = (WaterFilesPol, false) -tacps = (GasFilesPol, false) -obligations = (WaterMaintenanceCall, false) -obligations = (GasMaintenanceCall, false) -priority = low -priority = high
  • 15. ECT Enforcement For a policy associated with a composed emergency, the enforcement consists of the following steps: retrieval of the ECT node related to the emergency reading of the tacps and obligations attributes enforcement of the retrieved tacps/obligations reading of the overriding lists execution of the overriding operations
  • 16. ECT Enforcement Example EcologicalDisaster -tacps = (AllFilesPol, true) -obligations = (warnDHS, true) -priority = high -tacpOver = delete -oblOver = delete -tacpToDelete = { } -oblToDelete = { PoliceCall } FireAlarm Explosion ToxicMaterialLoss -tacps = (FacilityMapsFilesPol, true) -tacps = (SteamFilesPol, true) -tacps = (ChemicalFilesPol, true) -obligations = (FireFigthersCall, true), -obligations = (FacilityEvacuation, true) -obligations = (warnEPA, true) - (PoliceCall, false) -priority = high -priority = high -priority = low -tacpOver = delete -oblOver = block -tacpToDelete = { WaterFilesPol } -oblToBlock = { WaterMaintenanceCall } WaterContamination AirContamination -tacps = (WaterFilesPol, false) -tacps = (GasFilesPol, false) -obligations = (WaterMaintenanceCall, false) -obligations = (GasMaintenanceCall, false) -priority = low -priority = high
  • 17. Indexing Data Structure The same emergency could be part of one or more composed emergencies, therefore to avoid storage of redundant information we make use of an indexing data structure The position is encoded as index[emg] = (tj,lm,cn) where tj denotes an ECT lm and cn denote the position of the node related to emg in tj (i.e., its level lm and relative position cn in the level, from left to right).
  • 18. Indexing Data Structure Suppose to have the following ECTs: nce1 nce4 nce2 nce3 nce5 nce6 nce2 index[ce1] = (nce1,0,0) index[ce4] = (nce4,0,0) index[ce2] = (nce1,1,0) (nce4,1,2) index[ce5] = (nce4,1,0) index[ce3] = (nce1,1,1) index[ce6] = (nce4,1,1)
  • 19. ECT Generation In order to generate all ECTs associated with composed emergencies, we have defined an algorithm: It receives as input the policy base containing policies for composed emergencies and returns the set of created ECTs and the associated indexing structure. m = the number of composed emergency max(n) = the maximum number of sub-emergencies involved at any level in a composed emergency max(nt) = the maximum number of tacps associated with policies of all sub-emergencies max(no) = the maximum number of obligations associated with policies of all sub-emergencies
  • 20. Enforcement Analysis Thanks to ECTs and indexing data structure composed emergency enforcement is efficent retrieval of the ECT node related to the emergency reading of the tacps and obligations attributes enforcement of the retrieved tacps/obligations reading of the overriding lists execution of the overriding operations
  • 21. Prototype Extend the prototype with the support for composed emergencies Web Application Emergency User Manager php Web Server Access Control Emergency Repository Handler StreamBase Server
  • 22. Conclusions Composed Emergency & Emergency Policies A suitable data structure for an efficient enforcement Future Work Investigate more complex combination patterns. Incremental maintenance strategies of the ECT data structure Complement our system with new cloud computing techniques
AboutCopyright
息 2025 際際滷