Evolutionary Inference of Attribute-Based Access Control Policies. Medvet, E., Bartoli, A., Carminati, B., & Ferrari, E. In -, A. G., Antunes, C. H., & Coello, C. C. A, editors, Evolutionary Multi-Criterion Optimization - 8th International Conference, EMO 2015, Guimarães, Portugal, March 29 -April 1, 2015. Proceedings, Part I, volume 9018, of Lecture Notes in Computer Science, pages 351–365, 2015. Springer. Paper doi abstract bibtex The interest in attribute-based access control policies is increasingly growing due to their ability to accommodate the complex security requirements of modern computer systems. With this novel paradigm, access control policies consist of attribute expressions which implicitly describe the properties of subjects and protection objects and which must be satisfied for a request to be allowed. Since specifying a policy in this framework may be very complex, approaches for policy mining, i.e., for inferring a specification automatically from examples in the form of logs of authorized and denied requests, have been recently proposed. In this work, we propose a multi-objective evolutionary approach for solving the policy mining task. We designed and implemented a problem representation suitable for evolutionary computation, along with several search-optimizing features which have proven to be highly useful in this context: a strategy for learning a policy by learning single rules, each one focused on a subset of requests; a custom initialization of the population; a scheme for diversity promotion and for early termination. We show that our approach deals successfully with case studies of realistic complexity.
@inproceedings{DBLP:conf/emo/MedvetBCF15,
title = {Evolutionary Inference of Attribute-Based Access Control Policies},
author = {Eric Medvet and Alberto Bartoli and Barbara Carminati and Elena Ferrari},
editor = {Ant\'{o}nio Gaspar - and Carlos Henggeler Antunes and Carlos Coello A Coello},
url = {https://doi.org/10.1007/978-3-319-15934-8_24},
doi = {10.1007/978-3-319-15934-8_24},
year = {2015},
date = {2015-01-01},
booktitle = {Evolutionary Multi-Criterion Optimization - 8th International Conference,
EMO 2015, Guimar\~{a}es, Portugal, March 29 -April 1, 2015. Proceedings,
Part I},
volume = {9018},
pages = {351--365},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
abstract = {The interest in attribute-based access control policies is increasingly growing due to their ability to accommodate the complex security requirements of modern computer systems. With this novel paradigm, access control policies consist of attribute expressions which implicitly describe the properties of subjects and protection objects and which must be satisfied for a request to be allowed. Since specifying a policy in this framework may be very complex, approaches for policy mining, i.e., for inferring a specification automatically from examples in the form of logs of authorized and denied requests, have been recently proposed.
In this work, we propose a multi-objective evolutionary approach for solving the policy mining task. We designed and implemented a problem representation suitable for evolutionary computation, along with several search-optimizing features which have proven to be highly useful in this context: a strategy for learning a policy by learning single rules, each one focused on a subset of requests; a custom initialization of the population; a scheme for diversity promotion and for early termination. We show that our approach deals successfully with case studies of realistic complexity.},
keywords = {Access Control; Policy Language; Security Policy; Access Control Policy; Access Control Model},
pubstate = {published},
tppubtype = {inproceedings}
}
Downloads: 0
{"_id":"69qSXTAAMbwzdDZEm","bibbaseid":"medvet-bartoli-carminati-ferrari-evolutionaryinferenceofattributebasedaccesscontrolpolicies-2015","downloads":0,"creationDate":"2016-04-20T19:53:33.186Z","title":"Evolutionary Inference of Attribute-Based Access Control Policies","author_short":["Medvet, E.","Bartoli, A.","Carminati, B.","Ferrari, E."],"year":2015,"bibtype":"inproceedings","biburl":"http://strict.dista.uninsubria.it/wp-content/uploads/2021/10/strict.bib","bibdata":{"bibtype":"inproceedings","type":"inproceedings","title":"Evolutionary Inference of Attribute-Based Access Control Policies","author":[{"firstnames":["Eric"],"propositions":[],"lastnames":["Medvet"],"suffixes":[]},{"firstnames":["Alberto"],"propositions":[],"lastnames":["Bartoli"],"suffixes":[]},{"firstnames":["Barbara"],"propositions":[],"lastnames":["Carminati"],"suffixes":[]},{"firstnames":["Elena"],"propositions":[],"lastnames":["Ferrari"],"suffixes":[]}],"editor":[{"firstnames":["António","Gaspar"],"propositions":[],"lastnames":["-"],"suffixes":[]},{"firstnames":["Carlos","Henggeler"],"propositions":[],"lastnames":["Antunes"],"suffixes":[]},{"firstnames":["Carlos","Coello","A"],"propositions":[],"lastnames":["Coello"],"suffixes":[]}],"url":"https://doi.org/10.1007/978-3-319-15934-8_24","doi":"10.1007/978-3-319-15934-8_24","year":"2015","date":"2015-01-01","booktitle":"Evolutionary Multi-Criterion Optimization - 8th International Conference, EMO 2015, Guimarães, Portugal, March 29 -April 1, 2015. Proceedings, Part I","volume":"9018","pages":"351–365","publisher":"Springer","series":"Lecture Notes in Computer Science","abstract":"The interest in attribute-based access control policies is increasingly growing due to their ability to accommodate the complex security requirements of modern computer systems. With this novel paradigm, access control policies consist of attribute expressions which implicitly describe the properties of subjects and protection objects and which must be satisfied for a request to be allowed. Since specifying a policy in this framework may be very complex, approaches for policy mining, i.e., for inferring a specification automatically from examples in the form of logs of authorized and denied requests, have been recently proposed. In this work, we propose a multi-objective evolutionary approach for solving the policy mining task. We designed and implemented a problem representation suitable for evolutionary computation, along with several search-optimizing features which have proven to be highly useful in this context: a strategy for learning a policy by learning single rules, each one focused on a subset of requests; a custom initialization of the population; a scheme for diversity promotion and for early termination. We show that our approach deals successfully with case studies of realistic complexity.","keywords":"Access Control; Policy Language; Security Policy; Access Control Policy; Access Control Model","pubstate":"published","tppubtype":"inproceedings","bibtex":"@inproceedings{DBLP:conf/emo/MedvetBCF15,\r\ntitle = {Evolutionary Inference of Attribute-Based Access Control Policies},\r\nauthor = {Eric Medvet and Alberto Bartoli and Barbara Carminati and Elena Ferrari},\r\neditor = {Ant\\'{o}nio Gaspar - and Carlos Henggeler Antunes and Carlos Coello A Coello},\r\nurl = {https://doi.org/10.1007/978-3-319-15934-8_24},\r\ndoi = {10.1007/978-3-319-15934-8_24},\r\nyear = {2015},\r\ndate = {2015-01-01},\r\nbooktitle = {Evolutionary Multi-Criterion Optimization - 8th International Conference, \r\n EMO 2015, Guimar\\~{a}es, Portugal, March 29 -April 1, 2015. Proceedings, \r\n Part I},\r\nvolume = {9018},\r\npages = {351--365},\r\npublisher = {Springer},\r\nseries = {Lecture Notes in Computer Science},\r\nabstract = {The interest in attribute-based access control policies is increasingly growing due to their ability to accommodate the complex security requirements of modern computer systems. With this novel paradigm, access control policies consist of attribute expressions which implicitly describe the properties of subjects and protection objects and which must be satisfied for a request to be allowed. Since specifying a policy in this framework may be very complex, approaches for policy mining, i.e., for inferring a specification automatically from examples in the form of logs of authorized and denied requests, have been recently proposed. \r\n In this work, we propose a multi-objective evolutionary approach for solving the policy mining task. We designed and implemented a problem representation suitable for evolutionary computation, along with several search-optimizing features which have proven to be highly useful in this context: a strategy for learning a policy by learning single rules, each one focused on a subset of requests; a custom initialization of the population; a scheme for diversity promotion and for early termination. We show that our approach deals successfully with case studies of realistic complexity.},\r\nkeywords = {Access Control; Policy Language; Security Policy; Access Control Policy; Access Control Model},\r\npubstate = {published},\r\ntppubtype = {inproceedings}\r\n}\r\n","author_short":["Medvet, E.","Bartoli, A.","Carminati, B.","Ferrari, E."],"editor_short":["-, A. G.","Antunes, C. H.","Coello, C. C. A"],"key":"DBLP:conf/emo/MedvetBCF15","id":"DBLP:conf/emo/MedvetBCF15","bibbaseid":"medvet-bartoli-carminati-ferrari-evolutionaryinferenceofattributebasedaccesscontrolpolicies-2015","role":"author","urls":{"Paper":"https://doi.org/10.1007/978-3-319-15934-8_24"},"keyword":["Access Control; Policy Language; Security Policy; Access Control Policy; Access Control Model"],"metadata":{"authorlinks":{}}},"search_terms":["evolutionary","inference","attribute","based","access","control","policies","medvet","bartoli","carminati","ferrari"],"keywords":["access control; policy language; security policy; access control policy; access control model"],"authorIDs":[],"dataSources":["wGMs8MzbpbdJFLyJk","gCSZRFeq7GvXmEPsn"]}