An Approach for Handling Missing Attribute Values in Attribute-Based Access Control Policy Mining

• URL: http://arxiv.org/abs/2505.01873v1
• Date: Sat, 03 May 2025 17:34:46 GMT
• Title: An Approach for Handling Missing Attribute Values in Attribute-Based Access Control Policy Mining
• Authors: Thang Bui, Elliot Shabram, Anthony Matricia,
• Abstract summary: Attribute-Based Access Control (ABAC) enables highly expressive and flexible access decisions by considering a wide range of contextual attributes.<n>Algorithms that mine ABAC policies from legacy access control systems can significantly reduce the costs associated with migrating to ABAC.<n>This paper introduces an approach that enhances the policy mining process by predicting or inferring missing attribute values.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Attribute-Based Access Control (ABAC) enables highly expressive and flexible access decisions by considering a wide range of contextual attributes. ABAC policies use logical expressions that combine these attributes, allowing for precise and context-aware control. Algorithms that mine ABAC policies from legacy access control systems can significantly reduce the costs associated with migrating to ABAC. However, a major challenge in this process is handling incomplete entity information, where some attribute values are missing. This paper introduces an approach that enhances the policy mining process by predicting or inferring missing attribute values. This is accomplished by employing a contextual clustering technique that groups entities according to their known attributes, which are then used to analyze and refine authorization decisions. By effectively managing incomplete data, our approach provides security administrators with a valuable tool to improve their attribute data and ensure a smoother, more efficient transition to ABAC.

Related papers

• Does Machine Unlearning Truly Remove Model Knowledge? A Framework for Auditing Unlearning in LLMs [58.24692529185971]
  We introduce a comprehensive auditing framework for unlearning evaluation comprising three benchmark datasets, six unlearning algorithms, and five prompt-based auditing methods.<n>We evaluate the effectiveness and robustness of different unlearning strategies.
  arXiv  Detail & Related papers  (2025-05-29T09:19:07Z)
• Self-Refinement Strategies for LLM-based Product Attribute Value Extraction [51.45146101802871]
  This paper investigates applying two self-refinement techniques to the product attribute value extraction task.<n>The experiments show that both self-refinement techniques fail to significantly improve the extraction performance while substantially increasing processing costs.<n>For scenarios with development data, fine-tuning yields the highest performance, while the ramp-up costs of fine-tuning are balanced out as the amount of product descriptions increases.
  arXiv  Detail & Related papers  (2025-01-02T12:55:27Z)
• IBAC Mathematics and Mechanics: The Case for 'Integer Based Access Control' of Data Security in the Age of AI and AI Automation [0.0]
  Current methods for data access control, especially regarding AI and AI automation, face unique challenges in ensuring appropriate data access. We introduce aggregated-Based Access Control (IBAC), addressing the limitations of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) IBAC's mathematical foundations enable its application to relational and document authorization.
  arXiv  Detail & Related papers  (2024-10-24T06:19:57Z)
• Trustworthy AI: Securing Sensitive Data in Large Language Models [0.0]
  Large Language Models (LLMs) have transformed natural language processing (NLP) by enabling robust text generation and understanding. This paper proposes a comprehensive framework for embedding trust mechanisms into LLMs to dynamically control the disclosure of sensitive information.
  arXiv  Detail & Related papers  (2024-09-26T19:02:33Z)
• EIVEN: Efficient Implicit Attribute Value Extraction using Multimodal LLM [52.016009472409166]
  EIVEN is a data- and parameter-efficient generative framework for implicit attribute value extraction. We introduce a novel Learning-by-Comparison technique to reduce model confusion. Our experiments reveal that EIVEN significantly outperforms existing methods in extracting implicit attribute values.
  arXiv  Detail & Related papers  (2024-04-13T03:15:56Z)
• Sparsity-Aware Intelligent Massive Random Access Control in Open RAN: A Reinforcement Learning Based Approach [61.74489383629319]
  Massive random access of devices in the emerging Open Radio Access Network (O-RAN) brings great challenge to the access control and management. reinforcement-learning (RL)-assisted scheme of closed-loop access control is proposed to preserve sparsity of access requests. Deep-RL-assisted SAUD is proposed to resolve highly complex environments with continuous and high-dimensional state and action spaces.
  arXiv  Detail & Related papers  (2023-03-05T12:25:49Z)
• A Simple Information-Based Approach to Unsupervised Domain-Adaptive Aspect-Based Sentiment Analysis [58.124424775536326]
  We propose a simple but effective technique based on mutual information to extract their term. Experiment results show that our proposed method outperforms the state-of-the-art methods for cross-domain ABSA by 4.32% Micro-F1.
  arXiv  Detail & Related papers  (2022-01-29T10:18:07Z)
• Controllable Summarization with Constrained Markov Decision Process [50.04321779376415]
  We study controllable text summarization which allows users to gain control on a particular attribute. We propose a novel training framework based on Constrained Markov Decision Process (CMDP) Our framework can be applied to control important attributes of summarization, including length, covered entities, and abstractiveness.
  arXiv  Detail & Related papers  (2021-08-07T09:12:53Z)
• Adaptive ABAC Policy Learning: A Reinforcement Learning Approach [2.5997274006052544]
  We propose an adaptive ABAC policy learning approach to automate the authorization management task. In particular, we propose a contextual bandit system, in which an authorization engine adapts an ABAC model through a feedback control loop. We focus on developing an adaptive ABAC policy learning model for a home IoT environment as a running example.
  arXiv  Detail & Related papers  (2021-05-18T15:18:02Z)
• Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values [0.6662800021628273]
  This paper presents the first algorithms for mining ABAC and ReBAC policies from access control lists (ACLs) and incomplete information about entities. We show that the core of this problem can be viewed as learning a concise three-valued logic formula from a set of labeled feature vectors containing unknowns.
  arXiv  Detail & Related papers  (2020-08-19T13:56:29Z)
• Towards Inheritable Models for Open-Set Domain Adaptation [56.930641754944915]
  We introduce a practical Domain Adaptation paradigm where a source-trained model is used to facilitate adaptation in the absence of the source dataset in future. We present an objective way to quantify inheritability to enable the selection of the most suitable source model for a given target domain, even in the absence of the source data.
  arXiv  Detail & Related papers  (2020-04-09T07:16:30Z)
• An Automatic Attribute Based Access Control Policy Extraction from Access Logs [5.142415132534397]
  An attribute-based access control (ABAC) model provides a more flexible approach for addressing the authorization needs of complex and dynamic systems. We present a methodology for automatically learning ABAC policy rules from access logs of a system to simplify the policy development process.
  arXiv  Detail & Related papers  (2020-03-16T15:08:54Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.