Spectral-clustering-based abnormal permission assignments hunting framework |
| |
Authors: | Liang FANG Li-hua YIN Feng-hua LI Bin-xing FANG |
| |
Affiliation: | 1. School of CyberSpace Security,Beijing University of Posts and Telecommunications,Beijing 100876,China;2. State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;3. Cyberspace Institute of Advanced Technology,Guangdong University,Guangzhou 510006,China;4. Institute of Electronic and Information Engineering of UESTC in Guangdong,Dongguan 523808,China |
| |
Abstract: | Migrating traditional access control,such as mandatory and discretionary access control,into role-based access control(RBAC)lightens a practical way to improve the user-permission management efficiency.To guarantee the security of RBAC system,it is important to generate proper roles during the migration.However,abnormal user-permission configurations lead to wrong roles and cause tremendous security risks.To hunt the potential abnormal user-permission configurations,a novel spectral clustering based abnormal configuration hunting framework was proposed and recommendations were given to correct these configurations.Experimental results show its performance over existing solutions. |
| |
Keywords: | access control abnormal configurations spectral clustering |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|