Abstract

Self-adaptive systems are able to modify their behaviour and/or structure in response to changes that occur to the system, its environment, or even its goals. In terms of authorisation infrastructures, self-adaptation has shown to be a promising solution for enforcing access control policies and subject access privileges when mitigating insider threat. This paper describes the resilience evaluation of a self-adaptive authorisation infrastructure by simulating a case study related to insider threats. As part of this evaluation, a malicious changeload has been formally defined in order to describe scenarios of abuse in access control. This malicious changeload was then used to stimulate self-adaptation within a federated authorisation infrastructure. The evaluation confirmed the resilience of a self-adaptive authorisation infrastructure in handling abuse of access under repeatable conditions by consistently mitigating abuse under normal and high loads. The evaluation has also shown that self-adaptation had a minimal impact on the authorisation infrastructure, even when adapting authorisation policies while mitigating abuse of access.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.