2019
DOI: 10.1016/j.cose.2018.09.011
|View full text |Cite
|
Sign up to set email alerts
|

Greedy and evolutionary algorithms for mining relationship-based access control policies

Abstract: Relationship-based access control (ReBAC) provides a high level of expressiveness and flexibility that promotes security and information sharing. We formulate ReBAC as an object-oriented extension of attribute-based access control (ABAC) in which relationships are expressed using fields that refer to other objects, and path expressions are used to follow chains of relationships between objects.ReBAC policy mining algorithms have potential to significantly reduce the cost of migration from legacy access control… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
2

Citation Types

0
63
0

Year Published

2019
2019
2025
2025

Publication Types

Select...
3
2
1

Relationship

1
5

Authors

Journals

citations
Cited by 22 publications
(63 citation statements)
references
References 23 publications
0
63
0
Order By: Relevance
“…Our policy language, which we call ORAL20, is Bui et al's ORAL19 (our name for it) [BSL19a], extended to allow negative conditions and constraints. We give a brief overview of the language, and refer the reader to [BSL19a] for details of ORAL19 and to [BSL19b] for details of the original version of ORAL, which ORAL19 extends. This overview is largely the same as in [BSL19a].…”
Section: Policy Languagementioning
confidence: 99%
See 4 more Smart Citations
“…Our policy language, which we call ORAL20, is Bui et al's ORAL19 (our name for it) [BSL19a], extended to allow negative conditions and constraints. We give a brief overview of the language, and refer the reader to [BSL19a] for details of ORAL19 and to [BSL19b] for details of the original version of ORAL, which ORAL19 extends. This overview is largely the same as in [BSL19a].…”
Section: Policy Languagementioning
confidence: 99%
“…A rule is a tuple subjectType, subjectCondition, resourceType, resourceCondition, constraint, actions , where subjectType and resourceType are class names, subjectCondition and resourceCondition are conditions, constraint is a constraint, actions is a set of actions. A rule must satisfy several well-formedness requirements [BSL19b]. For a rule ρ = st, sc, rt, rc, c, A , let sType(ρ) = st, sCond(ρ) = sc, rType(ρ) = rt, rCond(ρ) = rc, con(ρ) = c, and acts(ρ) = A.…”
Section: Policy Languagementioning
confidence: 99%
See 3 more Smart Citations