demonstration

Practical risk aggregation in RBAC models

Authors:

Suresh Chari,

Jorge Lobo,

Ian MolloyAuthors Info & Claims

SACMAT '12: Proceedings of the 17th ACM symposium on Access Control Models and Technologies

Pages 117 - 118

https://doi.org/10.1145/2295136.2295158

Published: 20 June 2012 Publication History

Get Access

Abstract

This paper describes our system, built as part of a commercially available product, for inferring the risk in an RBAC policy model, i.e., the assignment of permissions to roles and roles to users. Our system implements a general model of risk based on any arbitrary set of properties of permissions and users. Our experience shows that fuzzy inferencing systems are best suited to capture how humans assign risk to such assignments. To implement fuzzy inferencing practically we need the axiom of monotonicity, i.e., risk can not decrease when more permissions are assigned to a role or when the role is assigned to fewer users. We describe the visualization component which administrators can use to infer aggregate risk in role assignments as well as drill down into which assignments are actually risky. Administrators can then use this knowledge to refactor roles and assignments.

References

[1]

Tivoli identity manager. http://www-01.ibm.com/software/tivoli/products/identity-mgr/.

Google Scholar

[2]

Q. Ni, E. Bertino, and J. Lobo. Risk-based access control systems built on fuzzy inferences. In ASIACCS, Apr. 2010.

Digital Library

Google Scholar

Cited By

View all

Helil NRahman K(2014)Attribute based access control constraint based on subject similarity2014 IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA)10.1109/WARTIA.2014.6976238(226-229)Online publication date: Sep-2014
https://doi.org/10.1109/WARTIA.2014.6976238

Recommendations

Risk-based access control systems built on fuzzy inferences

ASIACCS '10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security

Fuzzy inference is a promising approach to implement risk-based access control systems. However, its application to access control raises some novel problems that have not been yet investigated. First, because there are many different fuzzy operations, ...

Comments

Information & Contributors

Information

Published In

SACMAT '12: Proceedings of the 17th ACM symposium on Access Control Models and Technologies

June 2012

242 pages

ISBN:9781450312950

DOI:10.1145/2295136

General Chairs:
Vijay Atluri
Rutgers University, USA
,
Jaideep Vaidya
Rutgers University, USA
,
Program Chairs:
Axel Kern
Beta Systems Software AG, Germany
,
Murat Kantarcioglu
University of Texas at Dallas, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 June 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Demonstration

Conference

SACMAT '12

Sponsor:

SIGSAC

SACMAT '12: 17th ACM Symposium on Access Control Models and Technologies

June 20 - 22, 2012

New Jersey, Newark, USA

Acceptance Rates

SACMAT '12 Paper Acceptance Rate 19 of 73 submissions, 26%;

Overall Acceptance Rate 177 of 597 submissions, 30%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
226
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Helil NRahman K(2014)Attribute based access control constraint based on subject similarity2014 IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA)10.1109/WARTIA.2014.6976238(226-229)Online publication date: Sep-2014
https://doi.org/10.1109/WARTIA.2014.6976238

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Risk-based access control systems built on fuzzy inferences

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Recommendations

Risk-based access control systems built on fuzzy inferences

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations