TY - GEN
T1 - Access Policy Prediction via User Behavior
AU - Amour, Shmuel
AU - Gudes, Ehud
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.
PY - 2025/1/1
Y1 - 2025/1/1
N2 - Organizations use Role-based access controls (RBACs) and Attribute-based access controls (ABACs) to manage permissions, ensuring sensitive information is protected from junior staff. This management becomes complex in larger organizations with frequent role changes and diverse projects. This paper investigates using historical access data to authorize new requests, whether from existing users needing access to new resources, new users requesting established resources, or existing users seeking broader access. We propose a model based on hierarchical clustering and evaluate it using an ABAC audit dataset.
AB - Organizations use Role-based access controls (RBACs) and Attribute-based access controls (ABACs) to manage permissions, ensuring sensitive information is protected from junior staff. This management becomes complex in larger organizations with frequent role changes and diverse projects. This paper investigates using historical access data to authorize new requests, whether from existing users needing access to new resources, new users requesting established resources, or existing users seeking broader access. We propose a model based on hierarchical clustering and evaluate it using an ABAC audit dataset.
KW - Attribute-based access control (ABAC)
KW - Clustering
KW - User behavior
UR - http://www.scopus.com/inward/record.url?scp=85214265553&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-76934-4_16
DO - 10.1007/978-3-031-76934-4_16
M3 - Conference contribution
AN - SCOPUS:85214265553
SN - 9783031769337
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 257
EP - 267
BT - Cyber Security, Cryptology, and Machine Learning - 8th International Symposium, CSCML 2024, Proceedings
A2 - Dolev, Shlomi
A2 - Elhadad, Michael
A2 - Kutyłowski, Mirosław
A2 - Persiano, Giuseppe
PB - Springer Science and Business Media Deutschland GmbH
T2 - 8th International Symposium on Cyber Security, Cryptology, and Machine Learning, CSCML 2024
Y2 - 19 December 2024 through 20 December 2024
ER -