Poster: Using Gini Impurity to Mine Attribute-based Access Control Policies with Environment Attributes

被引：9

作者：

Das, Saptarshi ^{[1
]}

Sural, Shamik ^{[1
]}

Vaidya, Jaideep ^{[2
]}

Atluri, Vijayalakshmi ^{[2
]}

机构：

[1] IIT Kharagpur, Kharagpur, W Bengal, India

[2] Rutgers State Univ, New Brunswick, NJ USA

来源：

SACMAT'18: PROCEEDINGS OF THE 23RD ACM SYMPOSIUM ON ACCESS CONTROL MODELS & TECHNOLOGIES | 2018年

基金：

美国国家卫生研究院; 美国国家科学基金会;

关键词：

ABAC; Policy mining; Environment attributes; Gini impurity;

D O I：

10.1145/3205977.3208949

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In Attribute-based Access Control (ABAC) systems, utilizing environment attributes along with the subject and object attributes introduces a dynamic nature to the access decisions. The inclusion of environment attributes helps in achieving a more fine-grained access control. In this paper, we present an ABAC policy mining algorithm that considers the environment attributes and their associated values while forming the rules. Furthermore, we use gini impurity to form the rules. This helps to minimize the number of rules in the generated policy. The experimental evaluation shows that our approach is quite effective in practice.

引用

页码：213 / 215

页数：3

共 50 条

[31] ABACaaS: Attribute-Based Access Control as a Service
Meshram, Augustee
Das, Saptarshi
Sural, Shamik
Vaidya, Jaideep
Atluri, Vijayalakshmi
PROCEEDINGS OF THE NINTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY (CODASPY '19), 2019, : 153 - 155
[32] Combining Mandatory and Attribute-based Access Control
Kerr, Lawrence
Alves-Foss, Jim
PROCEEDINGS OF THE 49TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS 2016), 2016, : 2616 - 2623
[33] A contextual attribute-based access control model
Covington, Michael J.
Sastry, Manoj R.
On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, Pt 2, Proceedings, 2006, 4278 : 1996 - 2006
[34] Immediate attribute revocation in decentralized attribute-based access control
Imine, Youcef
Lounis, Ahmed
Bouabdallah, Abdelmadjid
2017 16TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS / 11TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING / 14TH IEEE INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS, 2017, : 33 - 40
[35] Attribute-Based Messaging: Access Control and Confidentiality
Bobba, Rakesh
Fatemieh, Omid
Khan, Fariba
Khan, Arindam
Gunter, Carl A.
Khurana, Himanshu
Prabhakaran, Manoj
ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, 2010, 13 (04)
[36] Attribute-Based Access Control in Service Mesh
Ponomarev, Kirill Yu.
2019 DYNAMICS OF SYSTEMS, MECHANISMS AND MACHINES (DYNAMICS), 2019,
[37] Authorization Recycling in Attribute-Based Access Control
An Y.
Helil N.
Wireless Communications and Mobile Computing, 2023, 2023
[38] Monotonicity and completeness in attribute-based access control
Crampton, Jason
Morisset, Charles
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2014, 8743 : 33 - 48
[39] Supporting attribute-based access control with ontologies
Priebe, Torsten
Dobmeier, Wolfgang
Kamprath, Nora
FIRST INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2006, : 465 - +
[40] Attribute-Based Access Control in Web Applications
Kauser, Sadia
Rahman, Ayesha
Khan, Asad Mohammed
Ahmad, Tameem
APPLICATIONS OF ARTIFICIAL INTELLIGENCE TECHNIQUES IN ENGINEERING, SIGMA 2018, VOL 1, 2019, 698 : 385 - 393

← 1 2 3 4 5 →