- A survey on access control techniques for cloud🔍
- Qualitative Intention|aware Attribute|based Access Control Policy ...🔍
- Specifying and Reasoning About Dynamic Access|Control Policies🔍
- How to Avoid Overly Permissive Data Access Policies🔍
- Mandatory access control🔍
- William Eiers🔍
- Stratified Abstraction of Access Control Policies🔍
- An Extensible Automated Reasoning Framework for Cloud Security ...🔍
Quantifying permissiveness of access control policies
A survey on access control techniques for cloud, blockchain, IoT and ...
The cloud layer security features work with the server and users, focusing on data privacy, such as Access Control mechanisms, data encryption, and ...
Qualitative Intention-aware Attribute-based Access Control Policy ...
It results in over- and under-permissiveness. In this paper, we ... access decisions with the elaborate policy using AUC as a measure.
Specifying and Reasoning About Dynamic Access-Control Policies
Access-control policies have grown from simple matrices to non-trivial specifications written in sophisticated languages. The inc reasing complexity of ...
How to Avoid Overly Permissive Data Access Policies - LinkedIn
Data access control policies are essential for data governance, as they define who can access, use, and modify data assets in an ...
Mandatory access control - Wikipedia
Subjects and objects each have a set of security attributes. Whenever a subject attempts to access an object, the operating system kernel examines these ...
William Eiers - Google Scholar
Quantifying permissiveness of access control policies. W Eiers, G Sankaran, A Li, E O'Mahony, B Prince, T Bultan. Proceedings of the 44th International ...
Stratified Abstraction of Access Control Policies - SpringerLink
In our context: how does the security analyst know whether the policy is, in fact not too strict or too permissive? Zelkova [2] is already ...
An Extensible Automated Reasoning Framework for Cloud Security ...
... Quantifying permissiveness of access control policies. In: Proceedings of the 44th International Conference on Software Engineering, pp. 1805–1817. ICSE ...
An Attribute Based Framework for Risk-Adaptive Access Control ...
A novel approach to capture these characteristics of RAdAC using attribute-based access control is developed and can be expressed in the UCON usage control ...
An Extensible Automated Reasoning Framework for Cloud Security ...
solvers and relative permissiveness between the policies. They ... Bultan, “Quantifying permissiveness of access control policies,” in ...
5 Key Metrics For Review Of User Access Rights - Zluri
Accurately configuring permissions ensures that only authorized individuals can access sensitive data, enhancing organizational security. Regularly reviewing ...
Mining ABAC Rules from Sparse Logs
We show that this approach validates overly permissive rules, which is undesirable from the security perspective. This happens because the logs reflect expected ...
Mining ABAC Rules from Sparse Logs - IEEE Xplore
Abstract: Different methods have been proposed to mine attribute-based access control (ABAC) rules from logs. In practice, these logs are sparse in that ...
Ganesh Sankaran - Google Scholar
Quantifying permissiveness of access control policies W Eiers, G Sankaran, A Li, E O'Mahony, B Prince, T Bultan Proceedings of the 44th International ...
Quantifying permissiveness of access control policies. In 2022 IEEE/ACM 44th International Conference on Software Engineering (ICSE). IEEE ...
Ganesh Sankaran - Amazon - LinkedIn
This paper presents Quacky, a tool for quantifying permissiveness of access control policies in the cloud. Given a policy, Quacky translates it into a SMT ...
Tevfik Bultan - ICSE 2022 - Conferences - Researchr
... security. Contributions. 2022. ICSE. Quantifying Permissiveness of Access Control Policies; PReach: A Heuristic for Probabilistic Reachability to Identify Hard ...
Using LLMs to Intelligently Manage Access Control - arXiv
Users will write access control policies (2) The access control poli- ... that are more permissive on the same role-view pair in NLACM 2.
Solving The Problem of Over-Permissive Privileges - Island Browser
Another key limitation is visibility. While control and oversight are important, the ability to create a detailed record of user activity that can be referenced ...
Simulate attacks to measure and optimize security controls. ... Identify cloud misconfigurations and overly permissive identity and access management policies.