Thang Bui and Scott D. Stoller. Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values. In Proceedings of the 16th International Conference on Information Systems Security (ICISS 2020), volume 12553 of Lecture Notes in Computer Science, pages 23-44. Springer-Verlag, 2020. [PDF]
A slightly longer version (the only difference is a few additional references) is available on arXiv.
Thang Bui and Scott D. Stoller. A Decision Tree Learning Approach for Mining Relationship-Based Access Control Policies. In Proceedings of the 25th ACM Symposium on Access Control Models and Technologies (SACMAT 2020). ACM Press, 2020. [PDF]
An extended version is available as arXiv preprint arxiv:1909.12095 [cs.CR], September 2019 (updated February 2020), https://arxiv.org/abs/1909.12095.
Thang Bui, Scott D. Stoller, and Hieu Le. Efficient and Extensible Policy Mining for Relationship-Based Access Control. In Proceedings of the 24th ACM Symposium on
Access Control Models and Technologies (SACMAT 2019), pages 161-172. ACM Press, 2019.
[abstract, BibTeX, PDF]
The version posted here corrects the following errors in
the published version: In the definitions of sz0 and sz1 in Section 4.2, y0 and y1 should be replaced with p0 and p1, respectively. The second paragraph heading in Section 6 should be FS-SEA*, not FS-SEA1.
Thang Bui, Scott D. Stoller, and Jiajie Li. Mining Relationship-Based Access Control Policies from Incomplete and Noisy Data. In Proceedings of the 11th International Symposium on Foundations & Practice of Security (FPS 2018), volume 11358 of Lecture Notes in Computer Science, pages 267-284. Springer-Verlag, 2019. [abstract, BibTeX, PDF]
Thang Bui, Scott D. Stoller, and Jiajie Li. Greedy and Evolutionary Algorithms for Mining Relationship-Based Access Control Policies. Computers & Security, 80:317-333, January 2019. [abstract, BibTeX, PDF (before journal formatting)]
Also available as: arXiv preprint arxiv:1708.04749 [cs.CR], August 2017 (updated August 2018), http://arxiv.org/abs/1708.04749.
An earlier version without the evolutionary algorithm was published as: Thang Bui, Scott D. Stoller, and Jiajie Li. Mining Relationship-Based Access Control Policies. In Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies (SACMAT 2017). ACM Press, 2017. [abstract, BibTeX, PDF]
Scott D. Stoller and Thang Bui. Mining Hierarchical Temporal Roles with Multiple Metrics. Journal of Computer Security 26(1):121-142, 2018. [abstract, BibTeX, PDF]
Also available as: arXiv preprint arxiv:1603.02640 [cs.CR], February 2016 (updated August 2017), http://arxiv.org/abs/1603.02640. [PDF]
An earlier version was published as: Scott D. Stoller and Thang Bui. Mining Hierarchical Temporal Roles with Multiple Metrics. In Proceedings of the 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016), volume 9766 of Lecture Notes in Computer Science. © Springer-Verlag, 2016. [abstract, BibTeX, PDF]
Zhongyuan Xu and Scott D. Stoller. Mining Attribute-Based Access Control Policies. IEEE Transactions on Dependable and Secure Computing 12(5):533-545, September-October 2015. [abstract and errata, BibTeX, PDF]
An earlier version was published as arXiv preprint arxiv:1306.2401 [cs.CR], June 2013 (updated August 2014), http://arxiv.org/abs/1306.2401. [abstract, BibTeX, PDF]
Zhongyuan Xu and Scott D. Stoller. Mining Attribute-Based Access Control Policies from Logs. In Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2014). © Springer-Verlag, 2014. [abstract, BibTeX, PDF]
The version posted here incorporates a correction to the published version, namely, in the displayed equation in Section 4, overAssign(ρ) (which has not been defined) should be replaced with [[ ρ ]] ∖ UP(L). Also, this version incorporates a small change to the algorithm (a stricter condition in the if-statement in the pseudocode for mergeRules) and improved experimental results.
A longer version was published as arXiv preprint arxiv:1403.5715 [cs.CR], March 2014 (updated July 2014), http://arxiv.org/abs/1403.5715. [abstract, BibTeX, PDF]
Zhongyuan Xu and Scott D. Stoller. Mining Attribute-Based Access Control Policies from Role-Based Policies. In Proceedings of the 10th International Conference & Expo on Emerging Technologies for a Smarter World (CEWIT 2013). © IEEE Press, 2013. [abstract, BibTeX, PDF]
Zhongyuan Xu and Scott D. Stoller. Mining Parameterized Role-Based Policies. In Proceedings of the Third ACM Conference on Data and Application Security and Privacy (CODASPY 2013). © ACM Press, 2013. [abstract, BibTeX, PDF]
Zhongyuan Xu and
Scott D. Stoller.
Algorithms for Mining Meaningful Roles. In Proceedings of the
17th ACM Symposium on Access Control
Models and Technologies (SACMAT). © ACM Press, 2012.
[abstract,
BibTeX,
PDF]
The version posted here incorporates the following corrections to the published version:
page 6, column 1, lines -7 to -6: exponential → Weibull; page 6,
column 1, line -1 and page 6, column 2, line 6: Weibull → exponential.
Implementations are available from my research group's Software Page.