Detecting and resolving policy misconfigurations in access-control systems
نویسندگان
چکیده
منابع مشابه
Detecting and Resolving Policy Misconfigurations in Access-Control Systems (CMU-CyLab-08-004)
Access-control policy misconfigurations that cause requests to be erroneously denied can result in wasted time, user frustration and, in the context of particular applications (e.g., health care), very severe consequences. In this paper we apply association rule mining to logs of granted requests to predict changes to access-control policies that are likely to be consistent with users’ intentio...
متن کاملBaaz: A System for Detecting Access Control Misconfigurations
Maintaining correct access control to shared resources such as file servers, wikis, and databases is an important part of enterprise network management. A combination of many factors, including high rates of churn in organizational roles, policy changes, and dynamic informationsharing scenarios, can trigger frequent updates to user permissions, leading to potential inconsistencies. With Baaz, w...
متن کاملAccess and Mobility Policy Control at the Network Edge
The fifth generation (5G) system architecture is defined as service-based and the core network functions are described as sets of services accessible through application programming interfaces (API). One of the components of 5G is Multi-access Edge Computing (MEC) which provides the open access to radio network functions through API. Using the mobile edge API third party analytics applications ...
متن کاملProviding Policy-Neutral and Transparent Access Control in Extensible Systems
Extensible systems, such as Java or the SPIN extensible operating system, allow for units of code, or extensions, to be added to a running system in almost arbitrary fashion. Extensions closely interact through low-latency, but type-safe interfaces to form a tightly integrated system. As extensions can come from arbitrary sources, not all of whom can be trusted to conform to an organization's s...
متن کاملAccess Control Policy Management
Wang, Qihua. Ph.D., Purdue University, May 2009. Access Control Policy Management. Major Professor: Ninghui Li. Access control is the traditional center of gravity of computer security [1]. People specify access control policies to control accesses to resources in computer systems. The management of access control policies include policy specification and policy analysis. In this dissertation, ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM Transactions on Information and System Security
سال: 2011
ISSN: 1094-9224,1557-7406
DOI: 10.1145/1952982.1952984