Design and validation of a trust-based opportunity-enabled risk management system

What is it about?

This paper proposes an automated methodology supporting security-critical real-time decision-making processes in BYOD environments (Bring-Your-Own-Device). It takes into accout risk assessment (e.g., how safe is the wi-fi connection at the airport?), opportunity analysis (e.g., what is the benefit of allowing a worker to access from his laptop sensitive corporate data through such a wi-fi connection?), and trust (e.g., what are the past experiences with such a worker?) to guide security-critical decisions (i.e., shall the worker be authorized for the current remote access request to corporate data?).

Featured Image

Why is it important?

BYOD environments represent a challenge for traditional risk management systems and access control systems. This is the first proposal combining orthogonal aspects, including risk metrics, cost/benefit estimations, and trust, in a fully automated, dynamic, and real-time framework.