Detecting and Resolving Misconfigurations in Role-Based Access Control

被引：0

作者：

Mukkamala, Ravi ^{[1
]}

Kamisetty, Vishnu ^{[1
]}

Yedugani, Pawankumar ^{[1
]}

机构：

[1] Old Dominion Univ, Dept Comp Sci, Norfolk, VA 23529 USA

来源：

INFORMATION SYSTEMS SECURITY, PROCEEDINGS | 2009年 / 5905卷

关键词：

Access control; failed accesses; misconfigurations; role-based access control; role mining;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In Role Based Access Control (RBAC) systems, formulating a correct set of roles, assigning appropriate privileges to roles, and assigning roles to users are the fundamental design tasks. Whether these tasks are performed by a human (e.g., system administrator) or by a machine (e.g., expert system), misconfigurations are likely to occur. The misconfigurations could manifest as under-privileges (fewer pr(i)vileges assigned) or over-privileges (more privileges than necessary). In this paper, we describe an approach based on role mining to detect and correct such misconfigurations. Here, the overlap among the users and privileges of different roles is used to identify possible misconfigurations.

引用

页码：318 / 325

页数：8

共 11 条

[1]

[Anonymous], Data Mining Practical Machine Learning Tools and Techniques with Java

[2]

BAUER L, 2008, 13 ACM S ACC CONTR M, P185

[3]

Bishop M., 2002, Computer Security: Art and Science

[4]

ENE A, 2008, 13 ACM S ACC CONTR M, P21

[5]

MOLLOY I, 2009, 14 ACM S ACC CONTR M, P21

[6]

MUKKAMALA R, 1990, 22 WINT SIM C, P839

[7]

Sandhu R., 1996, IEEE Computer, V29, P38

[8]

VAIDYA J, 2008, IEEE T DEPENDABLE SE, V28

[9]

Vaidya J., 2006, Proceedings of the 13th ACM conference on Computer and communications security, P144

[10]

Vaidya J, 2008, SACMAT'08: PROCEEDINGS OF THE 13TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, P11

← 1 2 →