Enhancing Access Control in Distributed Systems Through Intelligent ABAC Policy Mining

Sudhir  Kumar Bai; Jason  Aaron Goveas; Barsha Mitra

doi:10.5220/0013636700003979

Enhancing Access Control in Distributed Systems Through Intelligent ABAC Policy Mining

Sudhir Kumar Bai, Jason Aaron Goveas, Barsha Mitra

2025

Abstract

Distributed systems require secure, flexible, and efficient access control mechanisms to protect their resources and data. Attribute-Based Access Control (ABAC) has been found to be suitable for dynamic and cooperative settings of distributed environments. The successful implementation of ABAC in any system requires the formulation of a complete and correct ABAC policy. Creating a policy for ABAC adoption requires a substantial amount of computation and administrative effort. The scale of computational requirements and administrative efforts is further magnified if the target system of deployment is distributed in nature. Several heuristic methods have been proposed for ABAC policy generation. The amount of resources and efforts that need to be invested in policy formulation can be substantially reduced by leveraging machine learning techniques. In this paper, we propose an intelligent framework for mining ABAC policies from access logs for distributed systems. The task of policy generation is carried out in two phases. In the first phase, an initial policy is created by each of the individual entities of the distributed system. In the second phase, all the individually created policies are combined together to create the final ABAC policy. The proposed framework ensures data privacy by preventing the need for an entity to share its access log with any other entity by leveraging Federated Learning (FL) to create the ABAC policy. Experimental results on three access control datasets show that our proposed strategy creates ABAC policies which can efficiently and effectively evaluate access requests and perform access decision inferencing.

Download

Paper Citation

in Harvard Style

Bai S., Goveas J. and Mitra B. (2025). Enhancing Access Control in Distributed Systems Through Intelligent ABAC Policy Mining. In Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-760-3, SciTePress, pages 503-514. DOI: 10.5220/0013636700003979

in Bibtex Style

@conference{secrypt25,
author={Sudhir Bai and Jason Goveas and Barsha Mitra},
title={Enhancing Access Control in Distributed Systems Through Intelligent ABAC Policy Mining},
booktitle={Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2025},
pages={503-514},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013636700003979},
isbn={978-989-758-760-3},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Enhancing Access Control in Distributed Systems Through Intelligent ABAC Policy Mining
SN - 978-989-758-760-3
AU - Bai S.
AU - Goveas J.
AU - Mitra B.
PY - 2025
SP - 503
EP - 514
DO - 10.5220/0013636700003979
PB - SciTePress