Abstract

In big data environments with big number of users and high volume of data, we need to manage the corresponding huge number of security policies. Using Attribute-Based Access Control (ABAC) model to ensure access control might become complex and hard to manage. Moreover, ABAC policies may be aggregat

Highlights

  • In the current big data environments, a huge amount of data can be generated from various sources, which require new forms of processing techniques in order to improve decision making

  • Based on this concept of access domain, we develop a method to detect and resolve rigorously anomalies in an Attribute-based access control (ABAC) policy, while retaining the policy semantics

  • To make the suggested method scalable with great policies, we decompose the policy into several clusters of rules, and the method is applied to each cluster

Read more

Summary

Introduction

In the current big data environments, a huge amount of data can be generated from various sources, which require new forms of processing techniques in order to improve decision making. An attribute is assigned to a subject (e.g., user, application or process), resource (e.g., data structure, web service or system component) and environment (e.g., current time, location). These attributes may be considered as characteristics of anything that may be defined and to which a value may be assigned. ABAC representation is more expressive and fine-grained than existing access control models, because it might consider any combination of subject, resource and environment attributes. Due to the huge number of rules and the policies distributed management, deploying and managing an ABAC model to ensure access control might become too complex and hard to manage. Detecting and resolving automatically such anomalies in large complex policies is crucial

Objectives
Results
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call