A survey of intrusion detection techniques
Computers and Security
Role-Based Access Control Models
Computer
Determining role rights from use cases
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Migrating to role-based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Temporal sequence learning and data reduction for anomaly detection
ACM Transactions on Information and System Security (TISSEC)
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Algorithms for Improving the Dependability of Firewall and Filter Rule Lists
DSN '00 Proceedings of the 2000 International Conference on Dependable Systems and Networks (formerly FTCS-30 and DCCA-8)
On modeling system-centric information for role engineering
Proceedings of the eighth ACM symposium on Access control models and technologies
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
Role-Based Access Control Framework for Network Enterprises
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Engineering of Role/Permission Assignments
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Fang: A Firewall Analysis Engine
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Proceedings of the tenth ACM symposium on Access control models and technologies
FIREMAN: A Toolkit for FIREwall Modeling and ANalysis
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Minerals: using data mining to detect router misconfigurations
Proceedings of the 2006 SIGCOMM workshop on Mining network data
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
The role mining problem: finding a minimal descriptive set of roles
Proceedings of the 12th ACM symposium on Access control models and technologies
Specifications of a high-level conflict-free firewall policy language for multi-domain networks
Proceedings of the 12th ACM symposium on Access control models and technologies
A cost-driven approach to role engineering
Proceedings of the 2008 ACM symposium on Applied computing
Fast exact and heuristic methods for role minimization problems
Proceedings of the 13th ACM symposium on Access control models and technologies
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
A class of probabilistic models for role engineering
Proceedings of the 15th ACM conference on Computer and communications security
The Role Hierarchy Mining Problem: Discovery of Optimal Role Hierarchies
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
HyDRo --- Hybrid Development of Roles
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Edge-RMP: Minimizing administrative assignments for role-based access control
Journal of Computer Security
Optimal Boolean Matrix Decomposition: Application to Role Engineering
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Role Engineering for Enterprise Security Management
Role Engineering for Enterprise Security Management
A serially addressable, flexible current monitor for test fixture based IDDQ/ISSQtesting
ITC'94 Proceedings of the 1994 international conference on Test
| Hi-index | 0.00 |
Access control facilitates controlled sharing and protection of resources in an enterprise. When correctly implemented and administered, it is effective in providing security. However, in many cases, there is a belief on the part of the consumers that security requirements can be met by simply acquiring and installing a product. Unfortunately, since the security requirements of each organization are different, there is no single tool (or even any meaningful set of tools) that can be readily employed. Independent of the specific policy adopted, such as discretionary access control or role-based access control, most organizations today perform permission assignment to its entities on a more or less ad-hoc basis. Permissions assigned to entities are poorly documented, and not understood in their entirety. Such lack of system administrators awareness of comprehensive view of total permissions of an entity on all systems results in an ever growing set of permissions leading to misconfigurations such as under privileges, violation of the least privilege requirement (i.e., over authorization), and expensive security administration. In this talk, we examine the problem of automated security configuration and administration. This is a tough area of research since many of the underlying problems are NP-hard and it is difficult to find solutions that work with reasonable performance without trading-off accuracy. To address this, usable security mechanisms must be developed by employing novel methodologies and tools from other areas of research that have a strong theoretical basis. We discuss some of the existing work that addresses this and lay out future problems and challenges.