{"title":"Digital flight plans for server access control: Restricting anomalous activity with path-based declarations of intentions","authors":"R. Loui, Lucinda Caughey","doi":"10.1109/CCST.2016.7815705","DOIUrl":null,"url":null,"abstract":"In response to increasing threats of malicious activity and data loss on servers, we propose a different and practical strategy for access control modeled after flight plans for pilots, which mixes existing role-based, object-based, and intention-based access models; it supports much finer grained, real-time, sequence-oriented anomaly detection. Users are required to declare their intended “flight path” in advance, a sketch of resource use: this may vary in detail, but could include database tables, file system directories, byte and bandwidth limits, use of encryption and archive creation, command sets, connection time, number and origin of connections, and ports. Sequence information provides especially strong constraint, even if it incomplete. We find an important place for active, on-line human sampling of flight plans, as well as pre-authorization for non-standard paths, and alerts for deviation from path. We also find a place for improved user profiling and a paradigm shift from ex-post log-based reconstruction of user activity to ex-ante declaration.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"15 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2016.7815705","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
In response to increasing threats of malicious activity and data loss on servers, we propose a different and practical strategy for access control modeled after flight plans for pilots, which mixes existing role-based, object-based, and intention-based access models; it supports much finer grained, real-time, sequence-oriented anomaly detection. Users are required to declare their intended “flight path” in advance, a sketch of resource use: this may vary in detail, but could include database tables, file system directories, byte and bandwidth limits, use of encryption and archive creation, command sets, connection time, number and origin of connections, and ports. Sequence information provides especially strong constraint, even if it incomplete. We find an important place for active, on-line human sampling of flight plans, as well as pre-authorization for non-standard paths, and alerts for deviation from path. We also find a place for improved user profiling and a paradigm shift from ex-post log-based reconstruction of user activity to ex-ante declaration.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
