Clustering-based Approach for Anomaly Detection in XACML Policies

Maryem Ait El Hadj, Meryeme Ayache, Yahya Benkaouz, Ahmed Khoumsi, Mohammed Erradi

2017

Abstract

The development of distributed applications arises multiple security issues such as access control. Attribute-Based Access Control has been proposed as a generic access control model, which provides more flexibility and promotes information and security sharing. eXtensible Access Control Markup Language (XACML) is the most convenient way to express ABAC policies. However, in distributed environments, XACML policies become more complex and hard to manage. In fact, an XACML policy in distributed applications may be aggregated from multiple parties and can be managed by more than one administrator. Therefore, it may contain several anomalies such as conflicts and redundancies, which may affect the performance of the policy execution. In this paper, we propose an anomaly detection method based on the decomposition of a policy into clusters before searching anomalies within each cluster. Our evaluation results demonstrate the efficiency of the suggested approach.

Download


Paper Citation


in Harvard Style

Ait El Hadj M., Ayache M., Benkaouz Y., Khoumsi A. and Erradi M. (2017). Clustering-based Approach for Anomaly Detection in XACML Policies . In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017) ISBN 978-989-758-259-2, pages 548-553. DOI: 10.5220/0006471205480553


in Bibtex Style

@conference{secrypt17,
author={Maryem Ait El Hadj and Meryeme Ayache and Yahya Benkaouz and Ahmed Khoumsi and Mohammed Erradi},
title={Clustering-based Approach for Anomaly Detection in XACML Policies},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)},
year={2017},
pages={548-553},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006471205480553},
isbn={978-989-758-259-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)
TI - Clustering-based Approach for Anomaly Detection in XACML Policies
SN - 978-989-758-259-2
AU - Ait El Hadj M.
AU - Ayache M.
AU - Benkaouz Y.
AU - Khoumsi A.
AU - Erradi M.
PY - 2017
SP - 548
EP - 553
DO - 10.5220/0006471205480553