A Multi-Agent System for Enforcing ``Need-To-Know'' Security Policies - Robotics Institute Carnegie Mellon University

A Multi-Agent System for Enforcing “Need-To-Know” Security Policies

Young-Woo Seo, Joseph Andrew Giampapa, and Katia Sycara
Workshop Paper, AAMAS '04 6th International Workshop on Agent-Oriented Information Systems (AOIS '04), pp. 163 - 179, July, 2004

Abstract

We propose a multi-agent system architecture for the adaptive authorization of access to confidential information. The proposed multi-agent system provides "need-to-know" content-based authorization of requests to access confidential information. "Need-to-know" authorization is that which grants access to confidential information only if that information is necessary for the requester's task or project. In our system, we treat the authorization task as a text classification problem in which the classifier must learn a human supervisor's decision criteria with small amounts of labeled information, e.g. 20 to 30 "documents", and to be capable of generalizing to other documents with a zero, or near-zero, false alarm rate. Since "need-to-know" authorizations must be determined for multiple tasks, multiple users, and multiple collections of confidential information, with quick turn-around from definition to use, the authorization agent must be adaptive and capable of learning new profiles quickly and with little impact on the productivity of the human supervisor and the human end-user. To this end, we examined five different text classification methods for solving this problem, "agentified" the best performer, and inserted it in a secure document management system context.

Notes
http://www.aois.org/

BibTeX

@workshop{Seo-2004-8976,
author = {Young-Woo Seo and Joseph Andrew Giampapa and Katia Sycara},
title = {A Multi-Agent System for Enforcing ``Need-To-Know'' Security Policies},
booktitle = {Proceedings of AAMAS '04 6th International Workshop on Agent-Oriented Information Systems (AOIS '04)},
year = {2004},
month = {July},
editor = {Paolo Giorgini and Michael Winikoff},
pages = {163 - 179},
keywords = {adaptive authorization, content-based authorization, task-based authorization, need-to-know, security policy, text classification, multi-agent system},
}