![[img]](https://epub.uni-regensburg.de/style/images/fileicons/application_pdf.png) | Eingereichte Version Download ( PDF | 504kB) |
Optimization of Access Control Policies
Kern, Sascha
, Baumer, Thomas , Groll, Sebastian , Fuchs, Ludwig und Pernul, Günther
(2022)
Optimization of Access Control Policies.
Journal of Information Security and Applications 70, S. 103301.
Veröffentlichungsdatum dieses Volltextes: 20 Sep 2022 09:08
Artikel
DOI zum Zitieren dieses Dokuments: 10.5283/epub.52885
Zusammenfassung
Organizations undertake complex and costly projects to model high-quality Access Control Policies (ACPs). Once built, these policies must be maintained and managed in an ongoing process to keep their quality high. Insufficient maintenance leads to inaccurate authorization decisions and increases the policies' administrative effort and susceptibility to errors. While the initial modeling of ACPs ...
Organizations undertake complex and costly projects to model high-quality Access Control Policies (ACPs). Once built, these policies must be maintained and managed in an ongoing process to keep their quality high. Insufficient maintenance leads to inaccurate authorization decisions and increases the policies' administrative effort and susceptibility to errors. While the initial modeling of ACPs has received significant research interest, their optimization is not yet covered as broadly. This work provides a theoretical foundation for ACP quality and its optimization. Furthermore, it analyzes how existing research addresses optimization of ACPs with regard to six crucial optimization dimensions. It presents a structured literature survey tracing these optimization dimensions, the contributed research artifact and data requirements. Building on this literature catalogue, this work elaborates on inaccuracies for user permission assignments, data availability, minimal perturbation and recommendation-based optimization.
Alternative Links zum Volltext
Beteiligte Einrichtungen
Details
| Dokumentenart | Artikel | ||||
| Titel eines Journals oder einer Zeitschrift | Journal of Information Security and Applications | ||||
| Verlag: | Elsevier | ||||
|---|---|---|---|---|---|
| Ort der Veröffentlichung: | AMSTERDAM | ||||
| Band: | 70 | ||||
| Seitenbereich: | S. 103301 | ||||
| Datum | 15 September 2022 | ||||
| Institutionen | Wirtschaftswissenschaften > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) Informatik und Data Science > Fachbereich Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) | ||||
| Identifikationsnummer |
| ||||
| Stichwörter / Keywords | CONTROL MODEL; ROLES; REFINEMENT; DISCOVERY; USER; RBAC; Access Management; Data quality; Policy optimization; Policy maintenance; Role-Based Access Control; Attribute-Based Access Control | ||||
| Dewey-Dezimal-Klassifikation | 300 Sozialwissenschaften > 330 Wirtschaft | ||||
| Status | Veröffentlicht | ||||
| Begutachtet | Ja, diese Version wurde begutachtet | ||||
| An der Universität Regensburg entstanden | Ja | ||||
| URN der UB Regensburg | urn:nbn:de:bvb:355-epub-528859 | ||||
| Dokumenten-ID | 52885 |
Bibliographische Daten exportieren
Nur für Besitzer und Autoren: Kontrollseite des Eintrags
Downloadstatistik
Downloadstatistik