Supporting the Self-adaptation of Authorization Infrastructures

MEDEIROS, Welkson, SARAIVA, José Diego and DA SILVA, Carlos (2017). Supporting the Self-adaptation of Authorization Infrastructures. In: XVII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais: SBSEG 2017: Anais. Sociedade Brasileira de Computação, 603-614.

[img] PDF
2017-WGID-Welkson.pdf - Published Version
Restricted to Repository staff only
All rights reserved.

Download (364kB)
Official URL: https://web.archive.org/web/20190808232652/https:/...
Related URLs:

    Abstract

    Insiders pose a great threat to organizations due to their capacity of exploiting privileged access for inappropriate gain. Traditional access control solutions are not able to deal with insiders, and some solutions apply concepts of self-adaptation to handle such problems. Existing work has been focused on detecting or how to respond to a detected insider. However, in order to allow the dynamic adaptation of access control policies, it is necessary to clearly specify what modification actions can be applied to a policy. Such actions can then be used for the definition of adaptation plans. Thus, this paper describes a generic Application Programming Interface (API) for manipulating access control policy based on Attribute-Based Access Control (ABAC). Our API follows a functional specification of ABAC, and aims to abstract away implementation details of access control engines, providing an effector that can be integrated into a self-adaptation approach.

    Item Type: Book Section
    Page Range: 603-614
    SWORD Depositor: Symplectic Elements
    Depositing User: Symplectic Elements
    Date Deposited: 14 Oct 2022 11:36
    Last Modified: 14 Oct 2022 14:24
    URI: https://shura.shu.ac.uk/id/eprint/26214

    Actions (login required)

    View Item View Item

    Downloads

    Downloads per month over past year

    View more statistics