Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values

Add code
Aug 26, 2020
Thang Bui, Scott D. Stoller
Figure 1 for Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values
Figure 2 for Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values
Figure 3 for Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values
Figure 4 for Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Attribute-Based Access Control (ABAC) and Relationship-based access control (ReBAC) provide a high level of expressiveness and flexibility that promote security and information sharing, by allowing policies to be expressed in terms of attributes of and chains of relationships between entities. Algorithms for learning ABAC and ReBAC policies from legacy access control information have the potential to significantly reduce the cost of migration to ABAC or ReBAC. This paper presents the first algorithms for mining ABAC and ReBAC policies from access control lists (ACLs) and incomplete information about entities, where the values of some attributes of some entities are unknown. We show that the core of this problem can be viewed as learning a concise three-valued logic formula from a set of labeled feature vectors containing unknowns, and we give the first algorithm (to the best of our knowledge) for that problem.

* arXiv admin note: text overlap with arXiv:1909.12095  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon