Reverse engineering of RBAC policy using access logs

Posted on:2010-11-24

Degree:M.S

Type:Thesis

University:University of Maryland, Baltimore County

Candidate:Datar, Kishorkumar

Full Text:PDF

GTID:2448390002480532

Subject:Computer Science

Abstract/Summary:

Role Based Access Control (RBAC) is a flexible and powerful approach to access control which is widely used. We present approaches to finding the functional role hierarchy using access logs. We discuss a method to reconstruct the functional role hierarchy with knowledge of all access rights of all users. New methods of test data generation are introduced. We then present heuristics that work with partial logs to predict an approximate role hierarchy. A method to efficiently use background knowledge is also discussed. We show with empirical evidence that to reconstruct even half the hierarchy correctly with the heuristics; we need significant amount of access logs. We compare the two heuristics in terms of false positives, false negatives and number of correct predictions. The two heuristics are compared w. r. t. parent-child relations as well as ancestor-descendent relations.

Keywords/Search Tags:

Access, Logs, Heuristics

Related items

1	Exploring user behavior utilizing statistical analysis of WWWhttpd access logs: An enquiry employing Net-Frog
2	Research On Algorithms For Mining Web Logs
3	Designing And Researching The Method To Produce Test Case Set Based Web Logs
4	Research On Electronic Evidence Acqicisition And Analysis Method Over Windows Logs
5	Research & Implement On Mining Logs Of Website
6	Research On Mining User Access Mode Based On Web Logs
7	Research On The Algorithm For Mining Continuous Frequent Access Patterns From Web Logs
8	Developing new multidimensional knapsack heuristics based on empirical analysis of legacy heuristics
9	Heuristics for searching chemical structures
10	Developing heuristics to optimize the configuration of the video-mediated environment