A search space optimization method for fuzzy access control auditing

摘要

As data become an increasingly important asset for organizations, so does the access control policies that protect aforesaid data. Many subjects (public, researchers, etc.) are interested in accessing these data, leading to the desire for simple access control. However, some scenarios use vague concepts, such as the “researcher’s expertise”, when making access control decisions. Therefore, access control models based on fuzzy logic have been proposed to handle these scenarios. However, subject attributes can change between access requests and are processed in non-trivial ways by these models to reach a decision. This makes it difficult to audit the capabilities of subjects and their permissions over resources, and consequently, the number of application scenarios naturally suffers. Hence, the contribution of this paper lies in proposing an optimized auditing algorithm that allows fuzzy policies to be validated before being used. An assessment is also carried out to validate the method and its effectiveness.