Xem mẫu
9. Role-BasedAccess Control (RBAC) Role Classification Algorithm
Prof. Bharat Bhargava
Center for Education and Research in Information Assurance and Security (CERIAS) and
Department of Computer Sciences Purdue University
http://www.cs.purdue.edu/people/bb bb@cs.purdue.edu
Collaborators in the RAID Lab (http://raidlab.cs.purdue.edu): Ms. E. Terzi (former Graduate Student) Dr. Yuhui Zhong (former Ph.D. Student) Prof. Sanjay Madria (U. Missouri-Rolla)
This research is supported by CERIAS and NSF grants from IIS and ANIR.
1 --- 12/11/15 11:45 AM
RBAC Role Classification Algorithm - Outline
1) Introduction 2) Algorithm
2.1) Algorithm Preliminaries 2.2) Algorithm - Training Phase
2.3) Algorithm - Classification Phase
2.4) Classification Algorithm Pseudocode 3) Experiments
3.1) Experiment 1: Classification Accuracy 3.2) Experiment 2: Detection and Diagnosis 3.3) Experiment Summary
2 --- 12/11/15 11:45 AM
1) Introduction
[E. Terzi, Y. Zhong, B. Bhargava et al., 2002]
Goals for RBAC Role Classification Algorithm
Detect intruders (malicious users) that enter the system
Build user role profiles using a supervised clustering algorithm Incorporate the method in RBAC Server Architecture
RBAC = Role Based Access Control
Context
Role server architecture that dynamically assigns roles to users based on trust and credential information
Role classification algorithm phases Training phase
Build clusters that correspond to the role profiles based on the previously selected training set of normal audit log records
Classification phase
Process on the run users audit records and specify whether they behave according to the profile of the role they are holding
3 --- 12/11/15 11:45 AM
2) Algorithm
2.1) Algorithm Preliminaries
Data format
Audit log record
[X1, X2 ,…,Xn, Ri ]
where:
X1, X2 ,…,Xn - n attributes of the audit log
Ri : role held by user who created the log record
assumption:
Every user can hold only one role
No records of the form: [X1, X2 ,…,Xn, Ri ] [X1, X2 ,…,Xn, Rj] with Ri Rj
4 --- 12/11/15 11:45 AM
2.2) Algorithm - Training Phase
Training Phase – Building the Cluster
Create d dummy clusters, where d - nr of all discrete system roles
Centroid - the mean vector, containing the average values of the selected audit data attributes of all the users that belong to the specific role
a) For each training data record (Reccur ), calculate its Euclidean distance from each one of existing clusters
b) Find the closest cluster Ccur to Reccur
c) If role represented by Ccur= role of Reccur then cluster Reccur to Ccur else create a new cluster Cnew containing Reccur
Cnew centroid: Reccur Cnew role: Role of Reccur
5 --- 12/11/15 11:45 AM
...
- tailieumienphi.vn
nguon tai.lieu . vn