On the Feasibility of Attribute-Based Access Control Policy Mining

被引：9

作者：

Chakraborty, Shuvra ^{[1
,2
]}

Sandhu, Ravi ^{[1
,2
]}

Krishnan, Ram ^{[1
,3
]}

机构：

[1] Univ Texas San Antonio, Inst Cyber Secur, San Antonio, TX 78249 USA

[2] Univ Texas San Antonio, Dept Comp Sci, San Antonio, TX 78249 USA

[3] Univ Texas San Antonio, Dept Elect & Comp Engn, San Antonio, TX USA

来源：

2019 IEEE 20TH INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION FOR DATA SCIENCE (IRI 2019) | 2019年

关键词：

Access Control; Attribute-Based Access Control; ABAC Policy Mining; ABAC Rule Existence Problem; Policy Mining;

D O I：

10.1109/IRI.2019.00047

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

As the technology of attribute-based access control (ABAC) matures and begins to supplant earlier models such as role-based or discretionary access control, it becomes necessary to convert from already deployed access control systems to ABAC. Several variations of this general problem can be defined, some of which have been studied by researchers. In particular the ABAC policy mining problem assumes that attribute values for various entities such as users and objects in the system are given, in addition to the authorization state, from which the ABAC policy needs to be discovered. In this paper, we formalize the ABAC RuleSet Existence problem in this context and develop an algorithm and complexity analysis for its solution. We further introduce the notion of ABAC RuleSet Infeasibility Correction along with an algorithm for its solution.

引用

页码：245 / 252

页数：8

共 50 条

[1] Mining Positive and Negative Attribute-Based Access Control Policy Rules
Iyer, Padmavathi
Masoumzadeh, Amirreza
[J]. SACMAT'18: PROCEEDINGS OF THE 23RD ACM SYMPOSIUM ON ACCESS CONTROL MODELS & TECHNOLOGIES, 2018, : 161 - 172
[2] Mining Attribute-Based Access Control Policies
Davari, Maryam
Zulkernine, Mohammad
[J]. INFORMATION SYSTEMS SECURITY, ICISS 2022, 2022, 13784 : 186 - 201
[3] Mining Attribute-Based Access Control Policies
Xu, Zhongyuan
Stoller, Scott D.
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2015, 12 (05) : 533 - 545
[4] Attribute Expressions, Policy Tables and Attribute-Based Access Control
Crampton, Jason
Williams, Conrad
[J]. PROCEEDINGS OF THE 22ND ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES (SACMAT'17), 2017, : 79 - 90
[5] On the Feasibility of Attribute-Based Encryption for WLAN Access Control
Pisa, Claudio
Dargahi, Tooska
Caponi, Alberto
Bianchi, Giuseppe
Blefari-Melazzi, Nicola
[J]. 2017 IEEE 13TH INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB), 2017, : 783 - 790
[6] Attribute-based access control policy specification language
Ye, Chunxiao
Zhong, Jiang
Feng, Yong
[J]. Journal of Southeast University (English Edition), 2008, 24 (03) : 260 - 263
[7] Attribute-Based Hierarchical Access Control With Extendable Policy
Xiao, Meiyan
Li, Hongbo
Huang, Qiong
Yu, Shui
Susilo, Willy
[J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2022, 17 : 1868 - 1883
[8] Attribute-based lightweight reconfigurable access control policy
Xie, Rongna
Li, Hui
Shi, Guozhen
Guo, Yunchuan
[J]. Tongxin Xuebao/Journal on Communications, 2020, 41 (02): : 112 - 122
[9] Mining Attribute-Based Access Control Policies from Logs
Xu, Zhongyuan
Stoller, Scott D.
[J]. DATA AND APPLICATIONS SECURITY AND PRIVACY XXVIII, 2014, 8566 : 276 - 291
[10] VisMAP: Visual Mining of Attribute-Based Access Control Policies
Das, Saptarshi
Sural, Shamik
Vaidya, Jaideep
Atluri, Vijayalakshmi
Rigoll, Gerhard
[J]. INFORMATION SYSTEMS SECURITY (ICISS 2019), 2019, 11952 : 79 - 98

← 1 2 3 4 5 →