Towards adaptive access control

Luciano Argento, Andrea Margheri, Federica Paci, Vladimiro Sassone, Nicola Zannone

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

3 Citations (Scopus)

Abstract

Access control systems are nowadays the first line of defence of modern IT systems. However, their effectiveness is often compromised by policy miscofigurations that can be exploited by insider threats. In this paper, we present an approach based on machine learning to refine attribute-based access control policies in order to reduce the risks of users abusing their privileges. Our approach exploits behavioral patterns representing how users typically access resources to narrow the permissions granted to users when anomalous behaviors are detected. The proposed solution has been implemented and its effectiveness has been experimentally evaluated using a synthetic dataset.

Original languageEnglish
Title of host publicationData and Applications Security and Privacy XXXII - 32nd Annual IFIP WG 11.3 Conference, DBSec 2018, Proceedings
EditorsS. Paraboschi, F. Kerschbaum
Place of PublicationCham
PublisherSpringer
Pages99-109
Number of pages11
ISBN (Print)978-331995728-9
DOIs
Publication statusPublished - 1 Jan 2018
Event32nd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2018 - Bergamo, Italy
Duration: 16 Jul 201818 Jul 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10980 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference32nd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2018
CountryItaly
CityBergamo
Period16/07/1818/07/18

Keywords

  • Access control
  • Insider threat
  • Machine learning
  • Policy adaptation
  • Runtime monitoring

Fingerprint Dive into the research topics of 'Towards adaptive access control'. Together they form a unique fingerprint.

Cite this