论文信息 - Detecting and Resolving Misconfigurations in Role-Based Access Control (Short Paper)

Detecting and Resolving Misconfigurations in Role-Based Access Control (Short Paper)

In Role Based Access Control (RBAC) systems, formulating a correct set of roles, assigning appropriate privileges to roles, and assigning roles to users are the fundamental design tasks. Whether these tasks are performed by a human (e.g., system administrator) or by a machine (e.g., expert system), misconfigurations are likely to occur. The misconfigurations could manifest as under-privileges (fewer privileges assigned) or over-privileges (more privileges than necessary). In this paper, we describe an approach based on role mining to detect and correct such misconfigurations. Here, the overlap among the users and privileges of different roles is used to identify possible misconfigurations.

Ravi Mukkamala | Vishnu Kamisetty | Pawankumar Yedugani

[1] Ravi Mukkamala,et al. Effects of distributed database modeling on evaluation of transaction rollbacks , 1990, 1990 Winter Simulation Conference Proceedings.

[2] Vijayalakshmi Atluri,et al. The role mining problem: finding a minimal descriptive set of roles , 2007, SACMAT '07.

[3] Ian Witten,et al. Data Mining , 2000 .

[4] Matt Bishop,et al. Computer Security: Art and Science , 2002 .

[5] Lujo Bauer,et al. Detecting and resolving policy misconfigurations in access-control systems , 2008, SACMAT '08.

[6] Vijayalakshmi Atluri,et al. Migrating to optimal RBAC with minimal perturbation , 2008, SACMAT '08.

[7] Vijayalakshmi Atluri,et al. Role Engineering via Prioritized Subset Enumeration , 2010, IEEE Transactions on Dependable and Secure Computing.

[8] Jaideep Vaidya,et al. RoleMiner: mining roles using subset enumeration , 2006, CCS '06.

[9] Jorge Lobo,et al. Evaluating role mining algorithms , 2009, SACMAT '09.

[10] Ian H. Witten,et al. Data mining: practical machine learning tools and techniques, 3rd Edition , 1999 .

[11] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[12] Robert E. Tarjan,et al. Fast exact and heuristic methods for role minimization problems , 2008, SACMAT '08.