Supporting the Self-adaptation of Authorization Infrastructures

MEDEIROS, Welkson, SARAIVA, José Diego and DA SILVA, Carlos (2017). Supporting the Self-adaptation of Authorization Infrastructures. In: XVII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais: SBSEG 2017: Anais. Sociedade Brasileira de Computação, 603-614.

[img] PDF
2017-WGID-Welkson.pdf - Published Version
Restricted to Repository staff only
All rights reserved.

Download (364kB)
Official URL:


Insiders pose a great threat to organizations due to their capacity of exploiting privileged access for inappropriate gain. Traditional access control solutions are not able to deal with insiders, and some solutions apply concepts of self-adaptation to handle such problems. Existing work has been focused on detecting or how to respond to a detected insider. However, in order to allow the dynamic adaptation of access control policies, it is necessary to clearly specify what modification actions can be applied to a policy. Such actions can then be used for the definition of adaptation plans. Thus, this paper describes a generic Application Programming Interface (API) for manipulating access control policy based on Attribute-Based Access Control (ABAC). Our API follows a functional specification of ABAC, and aims to abstract away implementation details of access control engines, providing an effector that can be integrated into a self-adaptation approach.

Item Type: Book Section
Page Range: 603-614
SWORD Depositor: Symplectic Elements
Depositing User: Symplectic Elements
Date Deposited: 14 Oct 2022 11:36
Last Modified: 12 Oct 2023 09:46

Actions (login required)

View Item View Item


Downloads per month over past year

View more statistics