Abstract

Discovery of Attribute Based Access Control policies through mining has been studied extensively in the literature. However, current solutions assume that the rules are to be mined from a static data set of access permissions and that this process only needs to be done once. However, in real life, access policies are dynamic in nature and may change based on the situation. Simply utilizing the current approaches would necessitate that the mining algorithm be re-executed for every update in the permissions or user/object attributes, which would be significantly inefficient. In this paper, we propose to incrementally maintain ABAC policies by only updating the rules that may be affected due to any change in the underlying access permissions or attributes. A comprehensive experimental evaluation demonstrates that the proposed incremental approach is significantly more efficient than the conventional ABAC mining.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Mining least privilege attribute based access control policies
Matthew W Sanders ... Chuan Yue
-
Matthew W Sanders, et. al.Matthew W Sanders ... Chuan Yue
09 Dec 2019
Detecting Conflicts in ABAC Policies with Rule-Reduction and Binary-Search Techniques
Cheng-Chun Shu ... Alvaro E Arenas
-
Cheng-Chun Shu, et. al.Cheng-Chun Shu ... Alvaro E Arenas
01 Jul 2009
A System for Centralized ABAC Policy Administration and Local ABAC Policy Decision and Enforcement in Host Systems using Access Control Lists
David Ferraiolo ... Gopi Katwala
-
David Ferraiolo, et. al.David Ferraiolo ... Gopi Katwala
14 Mar 2018
Data Leakage Free ABAC Policy Construction in Multi-Cloud Collaboration
John C John ... Arobinda Gupta
-
John C John, et. al.John C John ... Arobinda Gupta
01 Jul 2022
View more papers

More From: CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy

Paper Title
Journal
Date
Author
Genomic Data Sharing under Dependent Local Differential Privacy.
Emre Yilmaz ... Erman Ayday
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy | VOL. 2022
Emre Yilmaz, et. al.Emre Yilmaz ... Erman Ayday
14 Apr 2022
Incremental Maintenance of ABAC Policies.
Gunjan Batra ... Vijayalakshmi Atluri
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy | VOL. 2021
Gunjan Batra, et. al.Gunjan Batra ... Vijayalakshmi Atluri
26 Apr 2021
Efficient Discovery of De-identification Policies Through a Risk-Utility Frontier.
Weiyi Xia ... Bradley Malin
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy | VOL. 2013
Weiyi Xia, et. al.Weiyi Xia ... Bradley Malin
18 Feb 2013
Detection of Anomalous Insiders in Collaborative Environments via Relational Analysis of Access Logs.
You Chen ... Bradley Malin
CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy | VOL. 2011
You Chen, et. al.You Chen ... Bradley Malin
21 Feb 2011