lock key

Towards Formal Risk-Aware Authorization (RAA)

Marianne Winslett

RAA aims to develop a hybrid authorization approach to access control that augments the strong formal guarantees of ABAC with more adaptive, risk-aware capabilities. This will improve on traditional authorization decisions, which rigidly classify a user as satisfying or not satisfying an access policy. RAA will design strategies for approximate proofs of authorization that can provide a fresh strategy to address the limitations of current health information access policies, which are commonly challenged by being too lax or too strict. RAA is a collaboration with researchers at the University of Pittsburgh and Purdue.

This entry was posted in Project. Bookmark the permalink. Both comments and trackbacks are currently closed.