We consider the safety problem for Administrative Role-Based Access Control (ARBAC) policies, i.e. detecting whether sequences of administrative actions can result in policies by which a user can acquire permissions that may compromise some security goals. In particular, we are interested in sequences of safety problems generated by modifications (namely, adding/deleting an element to/from the set of possible actions) to an ARBAC policy accommodating the evolving needs of an organization. or resulting from fixing some safety issues. Since problems in such sequences share almost all administrative actions, we propose an incremental technique that avoids the re-computation of the solution to the current problem by re-using much of the work done on the previous problem in a sequence. An experimental evaluation shows the better performances of an implementation of our technique with respect to the only available approach to solve safety problems for evolving ARBAC policies proposed by Gofman, Luo, and Yang. © 2014 IFIP International Federation for Information Processing.

Incremental analysis of evolving administrative role based access control policies / Ranise, S.; Truong, A.. - 8566:(2014), pp. 260-275. (Intervento presentato al convegno 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, DBSEC 2014 tenutosi a Vienna, aut nel 2014) [10.1007/978-3-662-43936-4_17].

Incremental analysis of evolving administrative role based access control policies

Ranise S.;Truong A.
2014-01-01

Abstract

We consider the safety problem for Administrative Role-Based Access Control (ARBAC) policies, i.e. detecting whether sequences of administrative actions can result in policies by which a user can acquire permissions that may compromise some security goals. In particular, we are interested in sequences of safety problems generated by modifications (namely, adding/deleting an element to/from the set of possible actions) to an ARBAC policy accommodating the evolving needs of an organization. or resulting from fixing some safety issues. Since problems in such sequences share almost all administrative actions, we propose an incremental technique that avoids the re-computation of the solution to the current problem by re-using much of the work done on the previous problem in a sequence. An experimental evaluation shows the better performances of an implementation of our technique with respect to the only available approach to solve safety problems for evolving ARBAC policies proposed by Gofman, Luo, and Yang. © 2014 IFIP International Federation for Information Processing.
2014
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Germany
Springer Verlag
978-3-662-43935-7
978-3-662-43936-4
Ranise, S.; Truong, A.
Incremental analysis of evolving administrative role based access control policies / Ranise, S.; Truong, A.. - 8566:(2014), pp. 260-275. (Intervento presentato al convegno 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, DBSEC 2014 tenutosi a Vienna, aut nel 2014) [10.1007/978-3-662-43936-4_17].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333014
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 8
  • ???jsp.display-item.citation.isi??? ND
  • OpenAlex ND
social impact