Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values

08/19/2020
by   Thang Bui, et al.
0

Attribute-Based Access Control (ABAC) and Relationship-based access control (ReBAC) provide a high level of expressiveness and flexibility that promote security and information sharing, by allowing policies to be expressed in terms of attributes of and chains of relationships between entities. Algorithms for learning ABAC and ReBAC policies from legacy access control information have the potential to significantly reduce the cost of migration to ABAC or ReBAC. This paper presents the first algorithms for mining ABAC and ReBAC policies from access control lists (ACLs) and incomplete information about entities, where the values of some attributes of some entities are unknown. We show that the core of this problem can be viewed as learning a concise three-valued logic formula from a set of labeled feature vectors containing unknowns, and we give the first algorithm (to the best of our knowledge) for that problem.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

09/24/2019

A Decision Tree Learning Approach for Mining Relationship-Based Access Control Policies

Relationship-based access control (ReBAC) provides a high level of expre...
01/17/2022

End to End Secure Data Exchange in Value Chains with Dynamic Policy Updates

Data exchange among value chain partners provides them with a competitiv...
03/18/2019

Efficient and Extensible Policy Mining for Relationship-Based Access Control

Relationship-based access control (ReBAC) is a flexible and expressive f...
12/28/2018

A Precedent Approach to Assigning Access Rights

To design a discretionary access control policy, a technique is proposed...
09/21/2019

Graph Model Implementation of Attribute-Based Access Control Policies

Attribute-based access control (ABAC) promises a powerful way of formali...
05/16/2018

Practical Decentralized Attribute-Based Delegation using Secure Name Systems

Identity and trust in the modern Internet are centralized around an olig...
05/07/2020

Cascade Attribute Network: Decomposing Reinforcement Learning Control Policies using Hierarchical Neural Networks

Reinforcement learning methods have been developed to achieve great succ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.