MEDEIROS, Welkson, SARAIVA, José Diego and DA SILVA, Carlos (2017). Supporting the Self-adaptation of Authorization Infrastructures. In: XVII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais: SBSEG 2017: Anais. Sociedade Brasileira de Computação, 603-614. [Book Section]
Documents
26214:547178
PDF
2017-WGID-Welkson.pdf - Published Version
Restricted to Repository staff only
Available under License All rights reserved.
2017-WGID-Welkson.pdf - Published Version
Restricted to Repository staff only
Available under License All rights reserved.
Download (364kB)
Abstract
Insiders pose a great threat to organizations due to their capacity of exploiting privileged access for inappropriate gain. Traditional access control solutions are not able to deal with insiders, and some solutions apply concepts of self-adaptation to handle such problems. Existing work has been focused on detecting or how to respond to a detected insider. However, in order to allow the dynamic adaptation of access control policies, it is necessary to clearly specify what modification actions can be applied to a policy. Such actions can then be used for the definition of adaptation plans. Thus, this paper describes a generic Application Programming Interface (API) for manipulating access control policy based on Attribute-Based Access Control (ABAC). Our API follows a functional specification of ABAC, and aims to abstract away implementation details of access control engines, providing an effector that can be integrated into a self-adaptation approach.
More Information
Metrics
Altmetric Badge
Dimensions Badge
Share
Actions (login required)
View Item |