Explainable Dynamic Access Control Models
- PhD Student:
- Ahmed Laouar
- Funding : ANR, Artois
- Start year :
This thesis investigates the issue of handling sensitive and inconsistent data. It is well known that the stakeholders in the industry sector increasingly have to deal with massive amounts of data, which can be of different natures, such as : numeric, symbolic, structured and also multimedia. In addition to private companies, public institutions are also concerned with this problem. Furthermore, in most cases, some of the collected data can be of personal nature. It is referred to as sensitive data, which also means that it needs to be protected. Increasingly stringent regulations are imposed on institutions that collect and process personal data. Controlling access to sensitive data is a major property of information systems involving sensitive or personal data. It is then crucial to equip information systems with mechanisms that control and restrict access to sensitive data to authorized users only. Access control is an essential component for ensuring the protection of information systems. In essence, the term access control refers to the possibility of performing an operation or an action on some IT resource, where the aim is to protect the information system against an unauthorised use of its resources by using a security policy.Surprisingly, existing access control systems are limited to providing a binary answer (authorized vs. denied access), in compliance with some security policy. Besides, they are not prepared to support some of the recent restrictive requirements such as the explainability of algorithms. Current access control models generally lack the ability to provide explanations on the existing access control algorithms and/or results. This thesis aims at overcoming this limitation by equipping access control models with capabilities for explaining access control algorithms and results.