A Decision Tree Learning Approach for Mining Relationship-Based Access Control Policies

被引:11
|
作者
Bui, Thang [1 ]
Stoller, Scott D. [1 ]
机构
[1] SUNY Stony Brook, Stony Brook, NY 11794 USA
来源
SACMAT'20: PROCEEDINGS OF THE 25TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES | 2020年
关键词
security policy mining; attribute-based access control; relationship-based access control; decision trees;
D O I
10.1145/3381991.3395619
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Relationship-based access control (ReBAC) provides a high level of expressiveness and flexibility that promotes security and information sharing, by allowing policies to be expressed in terms of chains of relationships between entities. ReBAC policy mining algorithms have the potential to significantly reduce the cost of migration from legacy access control systems to ReBAC, by partially automating the development of a ReBAC policy. This paper presents new algorithms, called DTRM (Decision Tree ReBAC Miner) and DTRM-, based on decision trees, for mining ReBAC policies from access control lists (ACLs) and information about entities. Compared to state-of-the-art ReBAC mining algorithms, our algorithms are significantly faster, achieve comparable policy quality, and can mine policies in a richer language.
引用
收藏
页码:167 / 178
页数:12
相关论文
共 50 条
  • [21] A data mining approach to optimize pellets manufacturing process based on a decision tree algorithm
    Ronowicz, Joanna
    Thommes, Markus
    Kleinebudde, Peter
    Krysinski, Jerzy
    EUROPEAN JOURNAL OF PHARMACEUTICAL SCIENCES, 2015, 73 : 44 - 48
  • [22] Collective data mining in the ant colony decision tree approach
    Kozak, Jan
    Boryczka, Urszula
    INFORMATION SCIENCES, 2016, 372 : 126 - 147
  • [23] A Nature-Inspired Framework for Optimal Mining of Attribute-Based Access Control Policies
    Narouei, Masoud
    Takabi, Hassan
    SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, SECURECOMM, PT II, 2019, 305 : 489 - 506
  • [24] Category-Based Administrative Access Control Policies
    Bertolissi, Clara
    Fernandez, Maribel
    Thuraisingham, Bhavani
    ACM TRANSACTIONS ON PRIVACY AND SECURITY, 2025, 28 (01)
  • [25] A Monte Carlo tree search approach to learning decision trees
    Nunes, Cecilia
    De Craene, Mathieu
    Langet, Helene
    Camara, Oscar
    Jonsson, Anders
    2018 17TH IEEE INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLICATIONS (ICMLA), 2018, : 429 - 435
  • [26] Experience-based decision making:: A satisficing decision tree approach
    Hüllermeier, E
    IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART A-SYSTEMS AND HUMANS, 2005, 35 (05): : 641 - 653
  • [27] A Decision Tree Based Approach for Controlled Islanding of Microgrids
    Azim, Riyasat
    Li, Fangxing
    2016 IEEE/PES TRANSMISSION AND DISTRIBUTION CONFERENCE AND EXPOSITION (T&D), 2016,
  • [28] Towards Automated Learning of Access Control Policies Enforced by Web Applications
    Iyer, Padmavathi
    Masoumzadeh, Amir
    PROCEEDINGS OF THE 28TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, SACMAT 2023, 2023, : 163 - 168
  • [29] Decision tree underfitting in mining of gene expression data. An evolutionary multi-test tree approach
    Czajkowski, Marcin
    Kretowski, Marek
    EXPERT SYSTEMS WITH APPLICATIONS, 2019, 137 : 392 - 404
  • [30] Deconflicting policies in attribute-based access control systems
    Yahiaoui, Mohamed
    Zinedine, Ahmed
    Harti, Mostafa
    2018 IEEE 5TH INTERNATIONAL CONGRESS ON INFORMATION SCIENCE AND TECHNOLOGY (IEEE CIST'18), 2018, : 130 - 136
12345