%0 Conference Proceedings
%T Towards Adaptive Access Control
%+ Università della Calabria [Arcavacata di Rende] (Unical)
%+ University of Southampton
%+ Eindhoven University of Technology [Eindhoven] (TU/e)
%A Argento, Luciano
%A Margheri, Andrea
%A Paci, Federica
%A Sassone, Vladimiro
%A Zannone, Nicola
%Z Part 2: Access Control Policies
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 32th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Bergamo, Italy
%Y Florian Kerschbaum
%Y Stefano Paraboschi
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXXII
%V LNCS-10980
%P 99-109
%8 2018-07-16
%D 2018
%R 10.1007/978-3-319-95729-6_7
%K Access control
%K Machine learning
%K Policy adaptation
%K Insider threat
%K Runtime monitoring
%Z Computer Science [cs]Conference papers
%X Access control systems are nowadays the first line of defence of modern IT systems. However, their effectiveness is often compromised by policy miscofigurations that can be exploited by insider threats. In this paper, we present an approach based on machine learning to refine attribute-based access control policies in order to reduce the risks of users abusing their privileges. Our approach exploits behavioral patterns representing how users typically access resources to narrow the permissions granted to users when anomalous behaviors are detected. The proposed solution has been implemented and its effectiveness has been experimentally evaluated using a synthetic dataset.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01954403/document
%2 https://inria.hal.science/hal-01954403/file/470961_1_En_7_Chapter.pdf
%L hal-01954403
%U https://inria.hal.science/hal-01954403
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-10980