...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>ACM Transaction on Information and System Security >Detecting and Resolving Policy Misconfigurations in Access-Control Systems
【24h】

Detecting and Resolving Policy Misconfigurations in Access-Control Systems

机译:在访问控制系统中检测和解决策略配置错误

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Access-control policy misconfigurations that cause requests to be erroneously denied can result in wasted time, user frustration, and, in the context of particular applications (e.g., health care), very severe consequences. In this article we apply association rule mining to the history of accesses to predict changes to access-control policies that are likely to be consistent with users' intentions, so that these changes can be instituted in advance of misconfigurations interfering with legitimate accesses. Instituting these changes requires the consent of the appropriate administrator, of course, and so a primary contribution of our work is how to automatically determine from whom to seek consent and how to minimize the costs of doing so. We show using data from a deployed access-control system that our methods can reduce the number of accesses that would have incurred costly time-of-access delays by 43%, and can correctly predict 58% of the intended policy. These gains are achieved without impacting the total amount of time users spend interacting with the system.
机译:导致请求被错误地拒绝的访问控制策略配置错误可能导致时间浪费,用户沮丧,并且在特定应用程序(例如医疗保健)的情况下会导致非常严重的后果。在本文中,我们将关联规则挖掘应用于访问历史记录,以预测可能与用户意图一致的访问控制策略更改,以便可以在错误配置干扰合法访问之前进行这些更改。当然,进行这些更改需要相应管理员的同意,因此,我们工作的主要贡献在于如何自动确定从谁那里寻求同意,以及如何最大程度地减少这样做的成本。我们显示,使用来自已部署的访问控制系统的数据,我们的方法可以将导致昂贵的访问时间延迟的访问次数减少43%,并且可以正确预测58%的预期策略。在不影响用户与系统交互花费的总时间的情况下实现了这些收益。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号