@inproceedings{cba31a8fcc0044298fb7757f1dc68e13,
title = "Towards adaptive access control",
abstract = "Access control systems are nowadays the first line of defence of modern IT systems. However, their effectiveness is often compromised by policy miscofigurations that can be exploited by insider threats. In this paper, we present an approach based on machine learning to refine attribute-based access control policies in order to reduce the risks of users abusing their privileges. Our approach exploits behavioral patterns representing how users typically access resources to narrow the permissions granted to users when anomalous behaviors are detected. The proposed solution has been implemented and its effectiveness has been experimentally evaluated using a synthetic dataset.",
keywords = "Access control, Insider threat, Machine learning, Policy adaptation, Runtime monitoring",
author = "Luciano Argento and Andrea Margheri and Federica Paci and Vladimiro Sassone and Nicola Zannone",
year = "2018",
month = jan,
day = "1",
doi = "10.1007/978-3-319-95729-6_7",
language = "English",
isbn = "978-331995728-9",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer",
pages = "99--109",
editor = "S. Paraboschi and F. Kerschbaum",
booktitle = "Data and Applications Security and Privacy XXXII - 32nd Annual IFIP WG 11.3 Conference, DBSec 2018, Proceedings",
address = "Germany",
note = "32nd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2018 ; Conference date: 16-07-2018 Through 18-07-2018",
}