Efficient bottom-up Mining of Attribute Based Access Control Policies

被引：16

作者：

Talukdar, Tanay ^{[1
]}

Batra, Gunjan ^{[1
]}

Vaidya, Jaideep ^{[1
]}

Atluri, Vijayalakshmi ^{[1
]}

Sural, Shamik ^{[2
]}

机构：

[1] Rutgers Business Sch, MSIS Dept, Newark, NJ 08854 USA

[2] IIT Kharagpur, Dept Comp Sci & Engn, Kharagpur, W Bengal, India

来源：

2017 IEEE 3RD INTERNATIONAL CONFERENCE ON COLLABORATION AND INTERNET COMPUTING (CIC) | 2017年

基金：

美国国家卫生研究院; 美国国家科学基金会;

关键词：

D O I：

10.1109/CIC.2017.00051

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Attribute Based Access Control (ABAC) is fast replacing traditional access control models due to its dynamic nature, flexibility and scalability. ABAC is often used in collaborative environments. However, a major hurdle to deploying ABAC is to precisely configure the ABAC policy. In this paper, we present an ABAC mining approach that can automatically discover the appropriate ABAC policy rules. We first show that the ABAC mining problem is equivalent to identifying a set of functional dependencies in relational databases that cover all of the records in a table. We also propose a more efficient algorithm, called ABAC-SRM which discovers the most general policy rules from a set of candidate rules. We experimentally show that ABAC-SRM is accurate and significantly more efficient than the existing state of the art.

引用

页码：339 / 348

页数：10

共 25 条

[11]

Frank M, 2009, CCS'09: PROCEEDINGS OF THE 16TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P101

[12]

Graham G. S., 1972, AFIPS Conference Proceedings Vol. 40, the 1972 Spring Joint Computer Conference, P417

[13]

Hejiao Huang, 2012, Proceedings of the 2012 IEEE 36th IEEE Annual Computer Software and Applications Conference Workshops (COMPSACW), P427, DOI 10.1109/COMPSACW.2012.81

[14]

Hu VC., 2013, NIST SPECIAL PUBLICA, V800, P1, DOI DOI 10.6028/NIST.SP.800-162

[15] Enforcing Separation of Duty in Attribute Based Access Control Systems [J].

Jha, Sadhana ;

Sural, Shamik ;

Atluri, Vijayalakshmi ;

Vaidya, Jaideep .

INFORMATION SYSTEMS SECURITY, (ICISS 2015), 2015, 9478 :61-78

[16]

Lu H., 2015, J COMPUTER SECURITY, V23, P1

[17] Evolutionary Inference of Attribute-Based Access Control Policies [J].

Medvet, Eric ;

Bartoli, Alberto ;

Carminati, Barbara ;

Ferrari, Elena .

EVOLUTIONARY MULTI-CRITERION OPTIMIZATION, PT I, 2015, 9018 :351-365

[18] A Survey of Role Mining [J].

Mitra, Barsha ;

Sural, Shamik ;

Vaidya, Jaideep ;

Atluri, Vijayalakshmi .

ACM COMPUTING SURVEYS, 2016, 48 (04)

[19]

Mocanu DC, 2015, PROC 18 INT MULTICON, P124

[20]

Molloy I, 2008, SACMAT'08: PROCEEDINGS OF THE 13TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, P21

← 1 2 3 →