Visible to the public Validation and Correction of Large Security Policies: A Clustering and Access Log Based Approach

TitleValidation and Correction of Large Security Policies: A Clustering and Access Log Based Approach
Publication TypeConference Paper
Year of Publication2018
AuthorsHadj, M. A. El, Erradi, M., Khoumsi, A., Benkaouz, Y.
Conference Name2018 IEEE International Conference on Big Data (Big Data)
ISBN Number978-1-5386-5035-6
KeywordsABAC Policy, Access Control, Access Log, access log based approach, anomaly detection, Anomaly Detection and Resolution, Big Data, big data environments, clustering, clustering technique, composability, Conferences, edge detection, Image edge detection, Metrics, nonallowed accesses, obtained clusters, pattern clustering, Policy Validation and Correction., potential security breaches, pubcrawl, Redundancy, resilience, Resiliency, Scalability, security, security of data, security policies, verifying security policies

In big data environments with big number of users and high volume of data, we need to manage the corresponding huge number of security policies. Due to the distributed management of these policies, they may contain several anomalies, such as conflicts and redundancies, which may lead to both safety and availability problems. The distributed systems guided by such security policies produce a huge number of access logs. Due to potential security breaches, the access logs may show the presence of non-allowed accesses. This may also be a consequence of conflicting rules in the security policies. In this paper, we present an ongoing work on developing an environment for verifying and correcting security policies. To make the approach efficient, an access log is used as input to determine suspicious parts of the policy that should be considered. The approach is also made efficient by clustering the policy and the access log and considering separately the obtained clusters. The clustering technique and the use of access log significantly reduces the complexity of the suggested approach, making it scalable for large amounts of data.

Citation Keyhadj_validation_2018