Affiliation:
1. Saint-Petersburg Institute of Informatics and Automation of Russian Academy of Sciences, and St. Petersburg National Research University of Information Technologies, Mechanics and Optics, Russia
Abstract
To create solutions for providing the required access control in computer networks it is not sufficient to have only tools and protocols in the network that are needed for it. It is necessary to create corresponding configuration, or scheme, of such tools, which will allow us to satisfy the existing security requirements. At the same time, the problems of creating an access control scheme, as a rule, are NP-complete and require heuristic models for their solving. In this article, we propose a unified approach to creation of control access schemes, based on usage of genetic algorithms. The approach is applied not only to original schemes configuration but to reconfiguration as well. Successful testing of the suggested approach on RBAC, VLAN, and VPN schemes allows us to suppose that it may be applied to other types of access control schemes as well. Experimental testing of suggested genetic algorithms, performed on a specially designed test bed, showed their sufficiently high efficiency.
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Networks and Communications
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Design And Analysis Of Insider Threat Detection And Prediction System Using Machine Learning Techniques;2023 Fifth International Conference on Electrical, Computer and Communication Technologies (ICECCT);2023-02-22
2. Detection of Insider Threats Using Deep Learning: A Review;Computational Intelligence in Data Mining;2022
3. RMPlib: A Library of Benchmarks for the Role Mining Problem;Proceedings of the 26th ACM Symposium on Access Control Models and Technologies;2021-06-11
4. The addRole-EA: A New Evolutionary Algorithm for the Role Mining Problem;Proceedings of the 12th International Joint Conference on Computational Intelligence;2020