Research Article
Classification-Based Anomaly Prediction in XACML Policies
@INPROCEEDINGS{10.1007/978-3-031-25538-0_1, author={Maryam Davari and Mohammad Zulkernine}, title={Classification-Based Anomaly Prediction in XACML Policies}, proceedings={Security and Privacy in Communication Networks. 18th EAI International Conference, SecureComm 2022, Virtual Event, October 2022, Proceedings}, proceedings_a={SECURECOMM}, year={2023}, month={2}, keywords={Access control policies XACML ABAC Policy anomalies Classification-based anomaly prediction Security}, doi={10.1007/978-3-031-25538-0_1} }- Maryam Davari
Mohammad Zulkernine
Year: 2023
Classification-Based Anomaly Prediction in XACML Policies
SECURECOMM
Springer
DOI: 10.1007/978-3-031-25538-0_1
Abstract
XACML (eXtensible Access Control Markup Language) has gained significant interest as a standard to define Attribute-Based Access Control (ABAC) policies for different applications, especially web services. XACML policies have become more complex and difficult to administer in distributed systems, which increases the chance of anomalies (redundancy, inconsistency, irrelevancy, and incompleteness). Due to the lack of effective analysis mechanisms and tools, anomaly detection and resolution are challenging, particularly in large and complex policy sets. In this paper, we learn the characteristics of various types of anomalies to predict anomaly types of unseen policy rules with the help of data classification techniques. The effectiveness of our approach in predicting policy anomalies has been demonstrated through experimental evaluation. The discovered correlations between the anomaly types and the number of subject and resource attribute expressions can help system administrators improve the security and efficiency of XACML policies.
