Incremental Maintenance of ABAC Policies

Gunjan Batra, Vijayalakshmi Atluri, Jaideep Vaidya, Shamik Sural

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Discovery of Attribute Based Access Control policies through mining has been studied extensively in the literature. However, current solutions assume that the rules are to be mined from a static data set of access permissions and that this process only needs to be done once. However, in real life, access policies are dynamic in nature and may change based on the situation. Simply utilizing the current approaches would necessitate that the mining algorithm be re-executed for every update in the permissions or user/object attributes, which would be significantly inefficient. In this paper, we propose to incrementally maintain ABAC policies by only updating the rules that may be affected due to any change in the underlying access permissions or attributes. A comprehensive experimental evaluation demonstrates that the proposed incremental approach is significantly more efficient than the conventional ABAC mining.

Original languageEnglish (US)
Title of host publicationCODASPY 2021 - Proceedings of the 11th ACM Conference on Data and Application Security and Privacy
PublisherAssociation for Computing Machinery, Inc
Pages185-196
Number of pages12
ISBN (Electronic)9781450381437
DOIs
StatePublished - Apr 26 2021
Event11th ACM Conference on Data and Application Security and Privacy, CODASPY 2021 - Virtual, Online, United States
Duration: Apr 26 2021Apr 28 2021

Publication series

NameCODASPY 2021 - Proceedings of the 11th ACM Conference on Data and Application Security and Privacy

Conference

Conference11th ACM Conference on Data and Application Security and Privacy, CODASPY 2021
Country/TerritoryUnited States
CityVirtual, Online
Period4/26/214/28/21

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Information Systems
  • Software

Keywords

  • Attribute based access control
  • incremental mining
  • policy mining

Fingerprint

Dive into the research topics of 'Incremental Maintenance of ABAC Policies'. Together they form a unique fingerprint.

Cite this