Abstract

Access control policies define the rules for accessing system resources. Traditionally, these are designed to take a reactive view for providing access, based on explicit user request. This methodology may not be sufficient in the case of critical events (emergencies) where automatic and timely access to resources may be required to facilitate corrective actions. This paper introduces the novel concept of criticality which measures the level of responsiveness for taking such actions. The paper further incorporates criticality in an access control framework for facilitating the management of critical situations. Specific properties and requirements for such criticality aware access control are identified and a sample model is provided along with its verification