Towards Adaptive Access Control

Argento, Luciano; Margheri, Andrea; Paci, Federica; Sassone, Vladimiro; Zannone, Nicola

doi:10.1007/978-3-319-95729-6_7

Cited by 15 publications

(10 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Argento et al [21] proposed an ML-based access control mechanism as the first line of defense, relying on users' behavioural patterns such as data volume and access frequency. Outchakoucht et al [22] introduced a reinforcement-learningbased access control approach tailored for distributed IoT environments.…”

Section: Ml-driven Access Control Approachesmentioning

confidence: 99%

Leveraging Machine Learning to Differentiate Legitimate versus Rogue Privacy Policies for Enhanced Decision Making

Kayes,

Rahayu,

Dillon

et al. 2024

Preprint

View full text Add to dashboard Cite

With the Internet of Things (IoT) generating vast amounts of data, privacy breaches have become increasingly prevalent, exposing individuals to serious risks such as identity theft and life-threatening situations. This research addresses the challenge of identifying cybersecurity threats and vulnerabilities leading to privacy breaches, as evidenced by recent cyber-attacks on Australian Medibank, Optus, and hospital networks. We propose a machine learning (ML)-based approach to distinguish between legitimate and rogue privacy policies, defining fundamental concepts of privacy, security, and access control in the context of personal, confidential, and sensitive information breaches. Our methodology introduces zero-privacy (ZP) and binary question-answer (QA) models to discern legitimate versus illegitimate actions or interests within privacy policies. Our experiments utilise natural language processing (NLP)-based ML models to analyse the linguistics of privacy policies. In experiments conducted on a dataset from the top 100 Forbes-listed companies, including 67 rogue policies, our privacy classification approach demonstrates reliability, accurately distinguishing between legitimate and rogue policies. With a dataset split of 90% for training and 10% for testing, our model achieves accuracy and precision exceeding 94% and 91%, respectively. Additionally, we evaluate the probability of ZP occurrences in organisations’ privacy and service-level agreements, revealing significant privacy breach risks. Through case studies utilising our proposed binary QA model, we underscore the urgent need for enhanced privacy measures across various organisations’ policies. Introducing a novel approach to access control, we specify permissions under conditions of legitimate and rogue privacy policies, exemplifying the applicability of our proposed access control mechanism through security policy modelling.

show abstract

Section: Ml-driven Access Control Approachesmentioning

confidence: 99%

Leveraging Machine Learning to Differentiate Legitimate versus Rogue Privacy Policies for Enhanced Decision Making

Kayes,

Rahayu,

Dillon

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Baumgrass (2011) and Zhang et al (2013) both use access logs to identify missing or excessive UPAs and adjust roles accordingly. Argento et al (2018) use access logs to identify excessive permission assignments and update ABAC policies. Groll et al (2021) propose to use negative access review decisions, i.e.…”

Section: Reduce Excessive and Missing Upasmentioning

confidence: 99%

Optimization of Access Control Policies

Kern¹,

Baumer²,

Groll³

et al. 2022

Journal of Information Security and Applications

View full text Add to dashboard Cite

“…Their proposed approach learns authorization rules from data manipulation patterns and enforces such rules to prevent unauthorized accesses before code fixes are deployed. Argento et al [3] propose an adaptive access control model that exploits users' behavioral patterns to narrow their permissions when anomalous behavior is detected.…”

Section: Adaptive Authorization Modelsmentioning

confidence: 99%

Adaptive ABAC Policy Learning: A Reinforcement Learning Approach

Karimi¹,

Abdelhakim²,

Joshi³

2021

Preprint

View full text Add to dashboard Cite

With rapid advances in computing systems, there is an increasing demand for more effective and efficient access control (AC) approaches. Recently, Attribute Based Access Control (ABAC) approaches have been shown to be promising in fulfilling the AC needs of such emerging complex computing environments. An ABAC model grants access to a requester based on attributes of entities in a system and an authorization policy; however, its generality and flexibility come with a higher cost. Further, increasing complexities of organizational systems and the need for federated accesses to their resources make the task of AC enforcement and management much more challenging. In this paper, we propose an adaptive ABAC policy learning approach to automate the authorization management task. We model ABAC policy learning as a reinforcement learning problem. In particular, we propose a contextual bandit system, in which an authorization engine adapts an ABAC model through a feedback control loop; it relies on interacting with users/administrators of the system to receive their feedback that assists the model in making authorization decisions. We propose four methods for initializing the learning model and a planning approach based on attribute value hierarchy to accelerate the learning process. We focus on developing an adaptive ABAC policy learning model for a home IoT environment as a running example. We evaluate our proposed approach over real and synthetic data. We consider both complete and sparse datasets in our evaluations. Our experimental results show that the proposed approach achieves performance that is comparable to ones based on supervised learning in many scenarios and even outperforms them in several situations.

show abstract

Towards Adaptive Access Control

Cited by 15 publications

References 19 publications

Leveraging Machine Learning to Differentiate Legitimate versus Rogue Privacy Policies for Enhanced Decision Making

Leveraging Machine Learning to Differentiate Legitimate versus Rogue Privacy Policies for Enhanced Decision Making

Optimization of Access Control Policies

Adaptive ABAC Policy Learning: A Reinforcement Learning Approach

Contact Info

Product

Resources

About