Attribute-Based Access Control Policy Generation Approach from Access Logs Based on the CatBoost
نویسندگان
چکیده
Attribute-based access control (ABAC) has higher flexibility and better scalability than traditional can be used for fine-grained of large-scale information systems. Although ABAC depict a dynamic, complex policy, it is costly, tedious, error-prone to manually define. Therefore, worth studying how construct an policy efficiently accurately. This paper proposes generation approach based on the CatBoost algorithm automatically learn policies from historical logs. First, we perform weighted reconstruction attributes mined. Second, provide rule extraction algorithm, pruning optimization among which algorithms are improve accuracy generated policies. In addition, present new quality indicator measure simplicity Finally, results experiment conducted validate verify its feasibility effectiveness.
منابع مشابه
Mining Attribute-Based Access Control Policies from Logs
Attribute-based access control (ABAC) provides a high level of flexibility that promotes security and information sharing. ABAC policy mining algorithms have potential to significantly reduce the cost of migration to ABAC, by partially automating the development of an ABAC policy from information about the existing access-control policy and attribute data. This paper presents an algorithm for m...
متن کاملAttribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملAttribute-Based Oblivious Access Control
In an attribute-based system (ABS), users are identified by various attributes, instead of their identities. Since its seminal introduction, the attribute-based mechanism has attracted a lot of attention. However, current ABS schemes have a number of drawbacks: (i) the communication cost is linear in the number of the required attributes; (ii) the computation cost is linear in the number of the...
متن کاملTowards Policy Engineering for Attribute-Based Access Control
Attribute-based Access Control (ABAC) was recently proposed as a general model which is able to capture the main existing access control models. This paper discusses the problems of configuring ABAC and engineering access policies. We question how to design attributes, how to assign attributes to subjects, objects, actions, and how to formulate access policies which bind subjects to objects and...
متن کاملTowards Attribute-Based Access Control Policy Engineering Using Risk
In this paper, we consider a policy engineering problem for attribute-based access control. The general goal is to help a policy writer to specify access control policies. In particular, we target the problem of defining the values of attributes when access to an object should be granted or denied. We use risk to quantify possible harm caused by misuses and abuses of granted access rights and a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computing and informatics
سال: 2023
ISSN: ['1335-9150', '2585-8807']
DOI: https://doi.org/10.31577/cai_2023_3_615