Access Policy Prediction via User Behavior

Shmuel Amour, Ehud Gudes

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Organizations use Role-based access controls (RBACs) and Attribute-based access controls (ABACs) to manage permissions, ensuring sensitive information is protected from junior staff. This management becomes complex in larger organizations with frequent role changes and diverse projects. This paper investigates using historical access data to authorize new requests, whether from existing users needing access to new resources, new users requesting established resources, or existing users seeking broader access. We propose a model based on hierarchical clustering and evaluate it using an ABAC audit dataset.

Original languageEnglish
Title of host publicationCyber Security, Cryptology, and Machine Learning - 8th International Symposium, CSCML 2024, Proceedings
EditorsShlomi Dolev, Michael Elhadad, Mirosław Kutyłowski, Giuseppe Persiano
PublisherSpringer Science and Business Media Deutschland GmbH
Pages257-267
Number of pages11
ISBN (Print)9783031769337
DOIs
StatePublished - 1 Jan 2025
Event8th International Symposium on Cyber Security, Cryptology, and Machine Learning, CSCML 2024 - Be'er Sheva, Israel
Duration: 19 Dec 202420 Dec 2024

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume15349 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference8th International Symposium on Cyber Security, Cryptology, and Machine Learning, CSCML 2024
Country/TerritoryIsrael
CityBe'er Sheva
Period19/12/2420/12/24

Keywords

  • Attribute-based access control (ABAC)
  • Clustering
  • User behavior

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Access Policy Prediction via User Behavior'. Together they form a unique fingerprint.

Cite this