Poster: Using Gini Impurity to Mine Attribute-based Access Control Policies with Environment Attributes

被引：9

作者：

Das, Saptarshi ^{[1
]}

Sural, Shamik ^{[1
]}

Vaidya, Jaideep ^{[2
]}

Atluri, Vijayalakshmi ^{[2
]}

机构：

[1] IIT Kharagpur, Kharagpur, W Bengal, India

[2] Rutgers State Univ, New Brunswick, NJ USA

来源：

SACMAT'18: PROCEEDINGS OF THE 23RD ACM SYMPOSIUM ON ACCESS CONTROL MODELS & TECHNOLOGIES | 2018年

基金：

美国国家卫生研究院; 美国国家科学基金会;

关键词：

ABAC; Policy mining; Environment attributes; Gini impurity;

D O I：

10.1145/3205977.3208949

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In Attribute-based Access Control (ABAC) systems, utilizing environment attributes along with the subject and object attributes introduces a dynamic nature to the access decisions. The inclusion of environment attributes helps in achieving a more fine-grained access control. In this paper, we present an ABAC policy mining algorithm that considers the environment attributes and their associated values while forming the rules. Furthermore, we use gini impurity to form the rules. This helps to minimize the number of rules in the generated policy. The experimental evaluation shows that our approach is quite effective in practice.

引用

页码：213 / 215

页数：3

共 50 条

[1] Mining Attribute-Based Access Control Policies
Davari, Maryam
Zulkernine, Mohammad
INFORMATION SYSTEMS SECURITY, ICISS 2022, 2022, 13784 : 186 - 201
[2] Mining Attribute-Based Access Control Policies
Xu, Zhongyuan
Stoller, Scott D.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2015, 12 (05) : 533 - 545
[3] POSTER: Enabling Attribute-Based Access Control in Linux Kernel
Varshith, H. O. Sai
Sural, Shamik
Vaidya, Jaideep
Atluri, Vijayalakshmi
ASIA CCS'22: PROCEEDINGS OF THE 2022 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2022, : 1237 - 1239
[4] Deconflicting policies in attribute-based access control systems
Yahiaoui, Mohamed
Zinedine, Ahmed
Harti, Mostafa
2018 IEEE 5TH INTERNATIONAL CONGRESS ON INFORMATION SCIENCE AND TECHNOLOGY (IEEE CIST'18), 2018, : 130 - 136
[5] Attribute-based access control policies composition algebra
Lin, Li
Huai, Jin-Peng
Li, Xian-Xian
Ruan Jian Xue Bao/Journal of Software, 2009, 20 (02): : 403 - 414
[6] Evolutionary Inference of Attribute-Based Access Control Policies
Medvet, Eric
Bartoli, Alberto
Carminati, Barbara
Ferrari, Elena
EVOLUTIONARY MULTI-CRITERION OPTIMIZATION, PT I, 2015, 9018 : 351 - 365
[7] Using attribute-based access control to enable attribute-based messaging
Bobba, Rakesh
Fatemieh, Omid
Khan, Fariba
Gunter, Carl A.
Khurana, Himanshu
22ND ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2006, : 403 - +
[8] Automated extraction of attributes from natural language attribute-based access control (ABAC) Policies
Manar Alohaly
Hassan Takabi
Eduardo Blanco
Cybersecurity, 2
[9] Automated extraction of attributes from natural language attribute-based access control (ABAC) Policies
Alohaly, Manar
Takabi, Hassan
Blanco, Eduardo
CYBERSECURITY, 2019, 2 (01)
[10] Mining Attribute-Based Access Control Policies from RBAC Policies
Xu, Zhongyuan
Stoller, Scott D.
2013 10TH INTERNATIONAL CONFERENCE AND EXPO ON EMERGING TECHNOLOGIES FOR A SMARTER WORLD (CEWIT), 2013,

← 1 2 3 4 5 →