ABSTRACT
An insider threat is caused by authorized users potentially performing unsanctioned or inappropriate actions that endanger the computer security of an organization. This paper describes a novel approach that employs the ideas of Role-Based Access Control (RBAC) to initiate role-action mapping rules in line with organization specific security policies. These rules can be refined by genetic algorithms (GAs) to identify discrepancies between user roles and processes.
- E. Bertino, A. Kamra, E. Terzi, and A. Vakali, "Intrusion Detection in RBAC-administered Databases," CERIAS TR 2005--70, 2005.Google Scholar
- P. G. Bradford, M. Brown, J. Perdue, and B. Self, "Towards Proactive Computer-System Forensics," Proc. of International Conference on Information Technology: Coding and Computing, Vol. 2, 2004 (ITCC 2004), 648--652. Google ScholarDigital Library
- P. G. Bradford and N. Hu, "A Layered Approach to Insider Threat Detection and Proactive Forensics," Annual Computer Security Applications Conference (ACSAC), Technology Blitz, Dec. 2005, Tucson, AZ.Google Scholar
- D. Ferraiolo and R. Kuhn, "Role-Based Access Controls," Proc. of the 15th National Computer Security Conference, Oct. 1992, 554--563.Google Scholar
- J. H. Holland, "Genetic Algorithms and the Optimal Allcation of Trials," SIAM Journal on Computing, Vol. 2, No. 2, 88--105, 1973.Google ScholarCross Ref
- R. Sandhu, D. Ferraiolo, and R. Kuhn, "The NIST Model for Role-Based Access Control: Towards a Unified Standard," Proc. of the 5th ACM Workshop on Role Based Access Control, July 26--27, 2000. Google ScholarDigital Library
Index Terms
- Applying role based access control and genetic algorithms to insider threat detection
Recommendations
Role-Based Access Control Models
Since the 1970s, computer systems have featured multiple applications and served multiple users, leading to heightened awareness of data security issues. System administrators and software developers focused on different kinds of access control to ...
Administrating role-based access control by genetic algorithms
GECCO '17: Proceedings of the Genetic and Evolutionary Computation Conference CompanionIn the paper we address the problem of administering Role-Based Access Control (RBAC) systems, which consists in substantiation of the choice of solution of the RBAC design or reconfiguration problem based on using genetic algorithms (in conditions of ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Comments