Towards Adaptive Access Control - 32th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
Conference Papers Year : 2018

Towards Adaptive Access Control

Abstract

Access control systems are nowadays the first line of defence of modern IT systems. However, their effectiveness is often compromised by policy miscofigurations that can be exploited by insider threats. In this paper, we present an approach based on machine learning to refine attribute-based access control policies in order to reduce the risks of users abusing their privileges. Our approach exploits behavioral patterns representing how users typically access resources to narrow the permissions granted to users when anomalous behaviors are detected. The proposed solution has been implemented and its effectiveness has been experimentally evaluated using a synthetic dataset.
Fichier principal
Vignette du fichier
470961_1_En_7_Chapter.pdf (357.29 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01954403 , version 1 (13-12-2018)

Licence

Identifiers

Cite

Luciano Argento, Andrea Margheri, Federica Paci, Vladimiro Sassone, Nicola Zannone. Towards Adaptive Access Control. 32th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2018, Bergamo, Italy. pp.99-109, ⟨10.1007/978-3-319-95729-6_7⟩. ⟨hal-01954403⟩
74 View
69 Download

Altmetric

Share

More