Abstract
In big data environments with big number of users and high volume of data, we need to manage the corresponding huge number of security policies. Using Attribute-Based Access Control (ABAC) model to ensure access control might become complex and hard to manage. Moreover, ABAC policies may be aggregat
Highlights
In the current big data environments, a huge amount of data can be generated from various sources, which require new forms of processing techniques in order to improve decision making
Based on this concept of access domain, we develop a method to detect and resolve rigorously anomalies in an Attribute-based access control (ABAC) policy, while retaining the policy semantics
To make the suggested method scalable with great policies, we decompose the policy into several clusters of rules, and the method is applied to each cluster
Summary
In the current big data environments, a huge amount of data can be generated from various sources, which require new forms of processing techniques in order to improve decision making. An attribute is assigned to a subject (e.g., user, application or process), resource (e.g., data structure, web service or system component) and environment (e.g., current time, location). These attributes may be considered as characteristics of anything that may be defined and to which a value may be assigned. ABAC representation is more expressive and fine-grained than existing access control models, because it might consider any combination of subject, resource and environment attributes. Due to the huge number of rules and the policies distributed management, deploying and managing an ABAC model to ensure access control might become too complex and hard to manage. Detecting and resolving automatically such anomalies in large complex policies is crucial
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
