A Decision Tree Learning Approach for Mining Relationship-Based Access Control Policies

被引:11
|
作者
Bui, Thang [1 ]
Stoller, Scott D. [1 ]
机构
[1] SUNY Stony Brook, Stony Brook, NY 11794 USA
来源
SACMAT'20: PROCEEDINGS OF THE 25TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES | 2020年
关键词
security policy mining; attribute-based access control; relationship-based access control; decision trees;
D O I
10.1145/3381991.3395619
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Relationship-based access control (ReBAC) provides a high level of expressiveness and flexibility that promotes security and information sharing, by allowing policies to be expressed in terms of chains of relationships between entities. ReBAC policy mining algorithms have the potential to significantly reduce the cost of migration from legacy access control systems to ReBAC, by partially automating the development of a ReBAC policy. This paper presents new algorithms, called DTRM (Decision Tree ReBAC Miner) and DTRM-, based on decision trees, for mining ReBAC policies from access control lists (ACLs) and information about entities. Compared to state-of-the-art ReBAC mining algorithms, our algorithms are significantly faster, achieve comparable policy quality, and can mine policies in a richer language.
引用
收藏
页码:167 / 178
页数:12
相关论文
共 50 条
  • [41] A decision tree-based approach to mining the rules of concept drift
    Lee, Chien-, I
    Tsai, Cheng-Jung
    Wu, Jhe-Hao
    Yang, Wei-Pang
    FOURTH INTERNATIONAL CONFERENCE ON FUZZY SYSTEMS AND KNOWLEDGE DISCOVERY, VOL 4, PROCEEDINGS, 2007, : 639 - +
  • [42] An Ensemble-based Decision Tree Approach for Educational Data Mining
    Abdar, Moloud
    Zomorodi-Moghadam, Mariam
    Zhou, Xujuan
    2018 5TH INTERNATIONAL CONFERENCE ON BEHAVIORAL, ECONOMIC, AND SOCIO-CULTURAL COMPUTING (BESC), 2018, : 126 - 129
  • [43] Applications of data mining approach based on rough sets and decision tree
    Wu, Cheng-Dong
    Xu, Ke
    Zhang, Hai-Bo
    Liu, Jian-Shun
    Li, Yang
    Shenyang Jianzhu Daxue Xuebao (Ziran Kexue Ban)/Journal of Shenyang Jianzhu University (Natural Science), 2005, 21 (04): : 386 - 389
  • [44] Object-to-Object Relationship-Based Access Control: Model and Multi-Cloud Demonstration
    Ahmed, Tahmina
    Patwa, Farhan
    Sandhu, Ravi
    PROCEEDINGS OF 2016 IEEE 17TH INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION (IEEE IRI), 2016, : 297 - 304
  • [45] Relationship-based Access Control for Online Social Networks: Beyond User-to-User Relationships
    Cheng, Yuan
    Park, Jaehong
    Sandhu, Ravi
    PROCEEDINGS OF 2012 ASE/IEEE INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY, RISK AND TRUST AND 2012 ASE/IEEE INTERNATIONAL CONFERENCE ON SOCIAL COMPUTING (SOCIALCOM/PASSAT 2012), 2012, : 646 - 655
  • [46] The Hardness of Learning Access Control Policies
    Lei, Xiaomeng
    Tripunitara, Mahesh
    PROCEEDINGS OF THE 28TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, SACMAT 2023, 2023, : 133 - 144
  • [47] Expressing Access Control Policies with an Event-Based Approach
    Konopacki, Pierre
    Frappier, Marc
    Laleau, Regine
    ADVANCED INFORMATION SYSTEMS ENGINEERING WORKSHOPS, 2011, 83 : 607 - +
  • [48] Efficient bottom-up Mining of Attribute Based Access Control Policies
    Talukdar, Tanay
    Batra, Gunjan
    Vaidya, Jaideep
    Atluri, Vijayalakshmi
    Sural, Shamik
    2017 IEEE 3RD INTERNATIONAL CONFERENCE ON COLLABORATION AND INTERNET COMPUTING (CIC), 2017, : 339 - 348
  • [49] The role of demographics in online learning; A decision tree based approach
    Rizvi, Saman
    Rienties, Bart
    Khoja, Shakeel Ahmed
    COMPUTERS & EDUCATION, 2019, 137 : 32 - 47
  • [50] Treating of Complex Trauma: A Sequenced Relationship-Based Approach
    Macintosh, Heather B.
    CANADIAN PSYCHOLOGY-PSYCHOLOGIE CANADIENNE, 2013, 54 (03): : 200 - 200
12345