通信学报2017,Vol.38Issue(12):63-72,10.DOI:10.11959/j.issn.1000-436x.2017285
基于谱聚类的访问控制异常权限配置挖掘机制
Spectral-clustering-based abnormal permission assignments hunting framework
摘要
Abstract
Migrating traditional access control,such as mandatory and discretionary access control,into role-based access control(RBAC)lightens a practical way to improve the user-permission management efficiency.To guarantee the security of RBAC system,it is important to generate proper roles during the migration.However,abnormal user-permission configura-tions lead to wrong roles and cause tremendous security risks.To hunt the potential abnormal user-permission configura-tions,a novel spectral clustering based abnormal configuration hunting framework was proposed and recommendations were given to correct these configurations.Experimental results show its performance over existing solutions.关键词
访问控制/异常权限配置/谱聚类Key words
access control/abnormal configurations/spectral clustering分类
信息技术与安全科学引用本文复制引用
房梁,殷丽华,李凤华,方滨兴..基于谱聚类的访问控制异常权限配置挖掘机制[J].通信学报,2017,38(12):63-72,10.基金项目
国家重点研发计划基金资助项目(No.2016YFB0801001) (No.2016YFB0801001)
国家自然科学基金资助项目(No.61672515) (No.61672515)
东莞市引进创新科研团队计划基金资助项目(No.201636000100038)The National Key Research and Development Program of China (No.2016YFB0801001),The National Natural Science Foundation of China (No.61672515),Dongguan Innovative Research Team Program (No.201636000100038) (No.201636000100038)
