With the support of the Internet of Things (IoT for short) technologies, tracking systems are being widely deployed in many companies and organizations in order to provide more efficient and trustworthy delivery services. Such systems usually support easy-to-use interfaces, by which users can visualize the shipping status and progress of merchandise, according to business data which are collected directly from the merchandise through sensing technologies. However, these business data may include sensitive business information, which should be strongly protected in cross-organizational scenarios. Thus, it is critical for suppliers that the disclosure of such data to unauthorized users is prevented in the context of the open environment of these tracking systems. As business data from different suppliers and organizations are usually associated together with merchandise being shipped, it is also important to support fine-grained confidentiality control. In this paper, we articulate the problem of fine-grained business data confidentiality control in IoT-enabled cross-organizational tracking systems. We then propose a fine-grained confidentiality control mechanism, referred to as xCP-ABE, to address the problem in the context of open environment. The xCP-ABE mechanism is a novel framework which makes suppliers in tracking systems able to selectively authorize specific sets of users to access their sensitive business data and satisfies the confidentiality of transmission path of goods. We develop a prototype of the xCP-ABE mechanism, and then evaluate its performance. We also carry out a brief security analysis of our proposed mechanism. Our evaluation and analysis show that our framework is an effective and efficient solution to ensure the confidentiality of business data in cross-organizational tracking systems.
{"title":"Fine-Grained Business Data Confidentiality Control in Cross-Organizational Tracking","authors":"Weili Han, Yin Zhang, Zeqing Guo, E. Bertino","doi":"10.1145/2752952.2752973","DOIUrl":"https://doi.org/10.1145/2752952.2752973","url":null,"abstract":"With the support of the Internet of Things (IoT for short) technologies, tracking systems are being widely deployed in many companies and organizations in order to provide more efficient and trustworthy delivery services. Such systems usually support easy-to-use interfaces, by which users can visualize the shipping status and progress of merchandise, according to business data which are collected directly from the merchandise through sensing technologies. However, these business data may include sensitive business information, which should be strongly protected in cross-organizational scenarios. Thus, it is critical for suppliers that the disclosure of such data to unauthorized users is prevented in the context of the open environment of these tracking systems. As business data from different suppliers and organizations are usually associated together with merchandise being shipped, it is also important to support fine-grained confidentiality control. In this paper, we articulate the problem of fine-grained business data confidentiality control in IoT-enabled cross-organizational tracking systems. We then propose a fine-grained confidentiality control mechanism, referred to as xCP-ABE, to address the problem in the context of open environment. The xCP-ABE mechanism is a novel framework which makes suppliers in tracking systems able to selectively authorize specific sets of users to access their sensitive business data and satisfies the confidentiality of transmission path of goods. We develop a prototype of the xCP-ABE mechanism, and then evaluate its performance. We also carry out a brief security analysis of our proposed mechanism. Our evaluation and analysis show that our framework is an effective and efficient solution to ensure the confidentiality of business data in cross-organizational tracking systems.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"330 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116528461","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Attribute Based Access Control (ABAC) is becoming the reference model for the specification and evaluation of access control policies. In ABAC policies and access requests are defined in terms of pairs attribute names/values. The applicability of an ABAC policy to a request is determined by matching the attributes in the request with the attributes in the policy. Some languages supporting ABAC, such as PTaCL or XACML 3.0, take into account the possibility that some attributes values might not be correctly retrieved when the request is evaluated, and use complex decisions, usually describing all possible evaluation outcomes, to account for missing attributes. In this paper, we argue that the problem of missing attributes in ABAC can be seen as a non-deterministic attribute retrieval process, and we show that the current evaluation mechanism in PTaCL or XACML can return a complex decision that does not necessarily match with the actual possible outcomes. This, however, is problematic for the enforcing mechanism, which needs to resolve the complex decision into a conclusive one. We propose a new evaluation mechanism, explicitly based on non-deterministic attribute retrieval for a given request. We extend this mechanism to probabilistic attribute retrieval and implement a probabilistic policy evaluation mechanism for PTaCL in PRISM, a probabilistic model-checker.
{"title":"On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval","authors":"J. Crampton, C. Morisset, Nicola Zannone","doi":"10.1145/2752952.2752970","DOIUrl":"https://doi.org/10.1145/2752952.2752970","url":null,"abstract":"Attribute Based Access Control (ABAC) is becoming the reference model for the specification and evaluation of access control policies. In ABAC policies and access requests are defined in terms of pairs attribute names/values. The applicability of an ABAC policy to a request is determined by matching the attributes in the request with the attributes in the policy. Some languages supporting ABAC, such as PTaCL or XACML 3.0, take into account the possibility that some attributes values might not be correctly retrieved when the request is evaluated, and use complex decisions, usually describing all possible evaluation outcomes, to account for missing attributes. In this paper, we argue that the problem of missing attributes in ABAC can be seen as a non-deterministic attribute retrieval process, and we show that the current evaluation mechanism in PTaCL or XACML can return a complex decision that does not necessarily match with the actual possible outcomes. This, however, is problematic for the enforcing mechanism, which needs to resolve the complex decision into a conclusive one. We propose a new evaluation mechanism, explicitly based on non-deterministic attribute retrieval for a given request. We extend this mechanism to probabilistic attribute retrieval and implement a probabilistic policy evaluation mechanism for PTaCL in PRISM, a probabilistic model-checker.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"24 8","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114136311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
J. H. Jafarian, Hassan Takabi, Hakim Touati, Ehsan Hesamifard, Mohamed Shehab
Role Based Access Control (RBAC) is the most widely used advanced access control model deployed in a variety of organizations. To deploy an RBAC system, one needs to first identify a complete set of roles, including permission role assignments and role user assignments. This process, known as role engineering, has been identified as one of the costliest tasks in migrating to RBAC. Since many organizations already have some form of user permission assignments defined, it makes sense to identify roles from this existing information. This process, known as role mining, has gained significant interest in recent years and numerous role mining techniques have been developed that take into account the characteristics of the core RBAC model, as well as its various extended features and each is based on a specific optimization metric. In this paper, we propose a generic approach which transforms the role mining problem into a constraint satisfaction problem. The transformation allows us to discover the optimal RBAC state based on customized optimization metrics. We also extend the RBAC model to include more context-aware and application specific constraints. These extensions broaden the applicability of the model beyond the classic role mining to include features such as permission usage, hierarchical role mining, hybrid role engineering approaches, and temporal RBAC models. We also perform experiments to show applicability and effectiveness of the proposed approach.
基于角色的访问控制(Role Based Access Control, RBAC)是一种应用最广泛的高级访问控制模型,已部署在各种组织中。要部署RBAC系统,首先需要确定一组完整的角色,包括权限角色分配和角色用户分配。这个过程被称为角色工程,它被认为是迁移到RBAC过程中成本最高的任务之一。由于许多组织已经定义了某种形式的用户权限分配,因此从这些现有信息中确定角色是有意义的。这个过程被称为角色挖掘,近年来获得了极大的兴趣,并且已经开发了许多角色挖掘技术,这些技术考虑了核心RBAC模型的特征,以及它的各种扩展特征,每个特征都基于特定的优化度量。本文提出了一种将角色挖掘问题转化为约束满足问题的通用方法。这种转换使我们能够根据定制的优化指标发现最佳的RBAC状态。我们还扩展了RBAC模型,以包含更多上下文感知和特定于应用程序的约束。这些扩展扩展了模型在经典角色挖掘之外的适用性,使其包括权限使用、分层角色挖掘、混合角色工程方法和时态RBAC模型等特性。通过实验验证了该方法的适用性和有效性。
{"title":"Towards a General Framework for Optimal Role Mining: A Constraint Satisfaction Approach","authors":"J. H. Jafarian, Hassan Takabi, Hakim Touati, Ehsan Hesamifard, Mohamed Shehab","doi":"10.1145/2752952.2752975","DOIUrl":"https://doi.org/10.1145/2752952.2752975","url":null,"abstract":"Role Based Access Control (RBAC) is the most widely used advanced access control model deployed in a variety of organizations. To deploy an RBAC system, one needs to first identify a complete set of roles, including permission role assignments and role user assignments. This process, known as role engineering, has been identified as one of the costliest tasks in migrating to RBAC. Since many organizations already have some form of user permission assignments defined, it makes sense to identify roles from this existing information. This process, known as role mining, has gained significant interest in recent years and numerous role mining techniques have been developed that take into account the characteristics of the core RBAC model, as well as its various extended features and each is based on a specific optimization metric. In this paper, we propose a generic approach which transforms the role mining problem into a constraint satisfaction problem. The transformation allows us to discover the optimal RBAC state based on customized optimization metrics. We also extend the RBAC model to include more context-aware and application specific constraints. These extensions broaden the applicability of the model beyond the classic role mining to include features such as permission usage, hierarchical role mining, hybrid role engineering approaches, and temporal RBAC models. We also perform experiments to show applicability and effectiveness of the proposed approach.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134175021","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jingwei Li, A. Squicciarini, D. Lin, Shuang Liang, Chunfu Jia
Cloud computing offers a wide array of storage services. While enjoying the benefits of flexibility, scalability and reliability brought by the cloud storage, cloud users also face the risk of losing control of their own data, in partly because they do not know where their data is actually stored. This raises a number of security and privacy concerns regarding one's sensitive data such as health records. For example, according to Canadian laws, data related to personal identifiable information must be stored within Canada. Nevertheless, in contrast to the urgent demands, privacy requirements regarding to cloud storage locations have not been well investigated in the current cloud computing market, fostering security and privacy concerns among potential adopters. Aiming at addressing this emerging critical issue, we propose a novel secure location-sensitive storage framework, called SecLoc, which offers protection for cloud users' data following the storage location restrictions, with minimum management overhead to existing cloud storage services. We conduct security analysis, complexity analysis and experimental evaluation on the proposed SecLoc system. Our results demonstrate both effectiveness and efficiency of our mechanism.
{"title":"SecLoc: Securing Location-Sensitive Storage in the Cloud","authors":"Jingwei Li, A. Squicciarini, D. Lin, Shuang Liang, Chunfu Jia","doi":"10.1145/2752952.2752965","DOIUrl":"https://doi.org/10.1145/2752952.2752965","url":null,"abstract":"Cloud computing offers a wide array of storage services. While enjoying the benefits of flexibility, scalability and reliability brought by the cloud storage, cloud users also face the risk of losing control of their own data, in partly because they do not know where their data is actually stored. This raises a number of security and privacy concerns regarding one's sensitive data such as health records. For example, according to Canadian laws, data related to personal identifiable information must be stored within Canada. Nevertheless, in contrast to the urgent demands, privacy requirements regarding to cloud storage locations have not been well investigated in the current cloud computing market, fostering security and privacy concerns among potential adopters. Aiming at addressing this emerging critical issue, we propose a novel secure location-sensitive storage framework, called SecLoc, which offers protection for cloud users' data following the storage location restrictions, with minimum management overhead to existing cloud storage services. We conduct security analysis, complexity analysis and experimental evaluation on the proposed SecLoc system. Our results demonstrate both effectiveness and efficiency of our mechanism.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131259691","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Armando, Silvio Ranise, Riccardo Traverso, K. Wrona
NATO is developing a new IT infrastructure for automated information sharing between different information security domains and supporting dynamic and flexible enforcement of the need-to-know principle. In this context, the Content-based Protection and Release (CPR) model has been introduced to support the specification and enforcement of NATO access control policies. While the ability to define fine-grained security policies for a large variety of users, resources, and devices is desirable, their definition, maintenance, and enforcement can be difficult, time-consuming, and error prone. In this paper, we give an overview of a tool capable of assisting NATO security personnel in these tasks by automatically solving several policy analysis problems of practical interest. The tool levarages state-of-the-art SMT solvers.
{"title":"A SMT-based Tool for the Analysis and Enforcement of NATO Content-based Protection and Release Policies","authors":"A. Armando, Silvio Ranise, Riccardo Traverso, K. Wrona","doi":"10.1145/2752952.2752954","DOIUrl":"https://doi.org/10.1145/2752952.2752954","url":null,"abstract":"NATO is developing a new IT infrastructure for automated information sharing between different information security domains and supporting dynamic and flexible enforcement of the need-to-know principle. In this context, the Content-based Protection and Release (CPR) model has been introduced to support the specification and enforcement of NATO access control policies. While the ability to define fine-grained security policies for a large variety of users, resources, and devices is desirable, their definition, maintenance, and enforcement can be difficult, time-consuming, and error prone. In this paper, we give an overview of a tool capable of assisting NATO security personnel in these tasks by automatically solving several policy analysis problems of practical interest. The tool levarages state-of-the-art SMT solvers.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115622750","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Access control is a fundamental security mechanism that both protects processes from attacks and confines compromised processes that may try to propagate an attack. Nonetheless, we still see an ever increasing number of software vulnerabilities. Researchers have long proposed that improvements in access control could prevent many vulnerabilities, many of which capture contextual information to more accurately detect obviously unsafe operations. However, developers are often hesitant to extend their access control mechanisms to use more sensitive access control policies. My experience leads me to propose that it is imperative that an access control systems be able to extract context accurately and efficiently and be capable of inferring any non-trivial policies. In this talk, I will discuss some recent research that enforces context-sensitive policies by either extracting process context, integrating code to extract context from programs, or extracting user context. We find that context-sensitive mechanisms can prevent some obviously unsafe operations from being authorized efficiently and discuss our experiences in inferring access control policies. Based on this research, we are encouraged that future research may enable context-sensitive access control policies to be produced and enforced to prevent vulnerabilities.
{"title":"Challenges in Making Access Control Sensitive to the \"Right\" Contexts","authors":"T. Jaeger","doi":"10.1145/2752952.2752979","DOIUrl":"https://doi.org/10.1145/2752952.2752979","url":null,"abstract":"Access control is a fundamental security mechanism that both protects processes from attacks and confines compromised processes that may try to propagate an attack. Nonetheless, we still see an ever increasing number of software vulnerabilities. Researchers have long proposed that improvements in access control could prevent many vulnerabilities, many of which capture contextual information to more accurately detect obviously unsafe operations. However, developers are often hesitant to extend their access control mechanisms to use more sensitive access control policies. My experience leads me to propose that it is imperative that an access control systems be able to extract context accurately and efficiently and be capable of inferring any non-trivial policies. In this talk, I will discuss some recent research that enforces context-sensitive policies by either extracting process context, integrating code to extract context from programs, or extracting user context. We find that context-sensitive mechanisms can prevent some obviously unsafe operations from being authorized efficiently and discuss our experiences in inferring access control policies. Based on this research, we are encouraged that future research may enable context-sensitive access control policies to be produced and enforced to prevent vulnerabilities.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130473529","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Syed Zain R. Rizvi, Philip W. L. Fong, J. Crampton, J. Sellwood
Inspired by the access control models of social network systems, Relationship-Based Access Control (ReBAC) was recently proposed as a general-purpose access control paradigm for application domains in which authorization must take into account the relationship between the access requestor and the resource owner. The healthcare domain is envisioned to be an archetypical application domain in which ReBAC is sorely needed: e.g., my patient record should be accessible only by my family doctor, but not by all doctors. In this work, we demonstrate for the first time that ReBAC can be incorporated into a production-scale medical records system, OpenMRS, with backward compatibility to the legacy RBAC mechanism. Specifically, we extend the access control mechanism of OpenMRS to enforce ReBAC policies. Our extensions incorporate and extend advanced ReBAC features recently proposed by Crampton and Sellwood. In addition, we designed and implemented the first administrative model for ReBAC. In this paper, we describe our ReBAC implementation, discuss the system engineering lessons learnt as a result, and evaluate the experimental work we have undertaken. In particular, we compare the performance of the various authorization schemes we implemented, thereby demonstrating the feasibility of ReBAC.
{"title":"Relationship-Based Access Control for an Open-Source Medical Records System","authors":"Syed Zain R. Rizvi, Philip W. L. Fong, J. Crampton, J. Sellwood","doi":"10.1145/2752952.2752962","DOIUrl":"https://doi.org/10.1145/2752952.2752962","url":null,"abstract":"Inspired by the access control models of social network systems, Relationship-Based Access Control (ReBAC) was recently proposed as a general-purpose access control paradigm for application domains in which authorization must take into account the relationship between the access requestor and the resource owner. The healthcare domain is envisioned to be an archetypical application domain in which ReBAC is sorely needed: e.g., my patient record should be accessible only by my family doctor, but not by all doctors. In this work, we demonstrate for the first time that ReBAC can be incorporated into a production-scale medical records system, OpenMRS, with backward compatibility to the legacy RBAC mechanism. Specifically, we extend the access control mechanism of OpenMRS to enforce ReBAC policies. Our extensions incorporate and extend advanced ReBAC features recently proposed by Crampton and Sellwood. In addition, we designed and implemented the first administrative model for ReBAC. In this paper, we describe our ReBAC implementation, discuss the system engineering lessons learnt as a result, and evaluate the experimental work we have undertaken. In particular, we compare the performance of the various authorization schemes we implemented, thereby demonstrating the feasibility of ReBAC.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130998422","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Zeqing Guo, Weili Han, Liangxing Liu, Wenyuan Xu, Ruiqin Bu, Minyue Ni
More and more powerful personal smart devices take users, especially the elder, into a disaster of policy administration where users are forced to set personal management policies in these devices. Considering a real case of this issue in the Android security, it is hard for users, even some programmers, to generally identify malicious permission requests when they install a third-party application. Motivated by the popularity of mutual assistance among friends (including family members) in the real world, we propose a novel framework for policy administration, referring to Socialized Policy Administration (SPA for short), to help users manage the policies in widely deployed personal devices. SPA leverages a basic idea that a user may invite his or her friends to help set the applications. Especially, when the size of invited friends increases, the setting result can be more resilient to a few malicious or unprofessional friends. We define the security properties of SPA, and propose an enforcement framework where users' friends can help users set applications without the leakage of friends' preferences with the supports of a privacy preserving mechanism. In our prototype, we only leverage partially homomorphic encryption cryptosystems to implement our framework, because the fully homomorphic encryption is not acceptable to be deployed in a practical service at the moment. Based on our prototype and performance evaluation, SPA is promising to support major types of policies in current popular applications with acceptable performance.
{"title":"SPA: Inviting Your Friends to Help Set Android Apps","authors":"Zeqing Guo, Weili Han, Liangxing Liu, Wenyuan Xu, Ruiqin Bu, Minyue Ni","doi":"10.1145/2752952.2752974","DOIUrl":"https://doi.org/10.1145/2752952.2752974","url":null,"abstract":"More and more powerful personal smart devices take users, especially the elder, into a disaster of policy administration where users are forced to set personal management policies in these devices. Considering a real case of this issue in the Android security, it is hard for users, even some programmers, to generally identify malicious permission requests when they install a third-party application. Motivated by the popularity of mutual assistance among friends (including family members) in the real world, we propose a novel framework for policy administration, referring to Socialized Policy Administration (SPA for short), to help users manage the policies in widely deployed personal devices. SPA leverages a basic idea that a user may invite his or her friends to help set the applications. Especially, when the size of invited friends increases, the setting result can be more resilient to a few malicious or unprofessional friends. We define the security properties of SPA, and propose an enforcement framework where users' friends can help users set applications without the leakage of friends' preferences with the supports of a privacy preserving mechanism. In our prototype, we only leverage partially homomorphic encryption cryptosystems to implement our framework, because the fully homomorphic encryption is not acceptable to be deployed in a practical service at the moment. Based on our prototype and performance evaluation, SPA is promising to support major types of policies in current popular applications with acceptable performance.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128414330","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Role Based Access Control (RBAC) is the most widely used model for access control due to the ease of administration as well as economic benefits it provides. In order to deploy an RBAC system, one requires to first identify a complete set of roles. This process, known as role engineering, has been identified as one of the costliest tasks in migrating to RBAC. In this paper, we propose a top-down role engineering approach and take the first steps towards using natural language processing techniques to extract policies from unrestricted natural language documents. Most organizations have high-level requirement specifications that include a set of access control policies which describes allowable operations for the system. However, it is very time consuming, labor-intensive, and error-prone to manually sift through these natural language documents to identify and extract access control policies. Our goal is to automate this process to reduce manual efforts and human errors. We apply natural language processing techniques, more specifically semantic role labeling to automatically extract access control policies from unrestricted natural language documents, define roles, and build an RBAC model. Our preliminary results are promising and by applying semantic role labeling to automatically identify predicate-argument structure, and a set of predefined rules on the extracted arguments, we were able correctly identify access control policies with a precision of 75%, recall of 88%, and F1 score of 80%.
{"title":"Towards an Automatic Top-down Role Engineering Approach Using Natural Language Processing Techniques","authors":"M. Narouei, Hassan Takabi","doi":"10.1145/2752952.2752958","DOIUrl":"https://doi.org/10.1145/2752952.2752958","url":null,"abstract":"Role Based Access Control (RBAC) is the most widely used model for access control due to the ease of administration as well as economic benefits it provides. In order to deploy an RBAC system, one requires to first identify a complete set of roles. This process, known as role engineering, has been identified as one of the costliest tasks in migrating to RBAC. In this paper, we propose a top-down role engineering approach and take the first steps towards using natural language processing techniques to extract policies from unrestricted natural language documents. Most organizations have high-level requirement specifications that include a set of access control policies which describes allowable operations for the system. However, it is very time consuming, labor-intensive, and error-prone to manually sift through these natural language documents to identify and extract access control policies. Our goal is to automate this process to reduce manual efforts and human errors. We apply natural language processing techniques, more specifically semantic role labeling to automatically extract access control policies from unrestricted natural language documents, define roles, and build an RBAC model. Our preliminary results are promising and by applying semantic role labeling to automatically identify predicate-argument structure, and a set of predefined rules on the extracted arguments, we were able correctly identify access control policies with a precision of 75%, recall of 88%, and F1 score of 80%.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133803037","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nowadays in popular online social networks users can blacklist some of their friends in order to disallow them to access resources that other non-blacklisted friends may access. We identify three independent binary decisions to utilize users' blacklists in access control policies, resulting into eight access restrictions. We formally define these restrictions in a hybrid logic for relationship-based access control, and provide syntactical transformations to rewrite a hybrid logic access control formula when fixing an access restriction. This enables a flexible and user-friendly approach for restricting access in social networks. We develop efficient algorithms for enforcing a subset of access control policies with restrictions. The effectiveness of the access restrictions and the efficiency of our algorithms are evaluated on a Facebook dataset.
{"title":"A Logical Approach to Restricting Access in Online Social Networks","authors":"M. Cramer, Jun Pang, Yang Zhang","doi":"10.1145/2752952.2752967","DOIUrl":"https://doi.org/10.1145/2752952.2752967","url":null,"abstract":"Nowadays in popular online social networks users can blacklist some of their friends in order to disallow them to access resources that other non-blacklisted friends may access. We identify three independent binary decisions to utilize users' blacklists in access control policies, resulting into eight access restrictions. We formally define these restrictions in a hybrid logic for relationship-based access control, and provide syntactical transformations to rewrite a hybrid logic access control formula when fixing an access restriction. This enables a flexible and user-friendly approach for restricting access in social networks. We develop efficient algorithms for enforcing a subset of access control policies with restrictions. The effectiveness of the access restrictions and the efficiency of our algorithms are evaluated on a Facebook dataset.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"186 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114853264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: