Anomalies Correlation for Risk-Aware Access Control Enhancement

Pierrette Annie Evina, Faten Labbene Ayachi, Faouzi Jaidi, Adel Bouhoula

2018

Abstract

In the context of database management systems (DBMS), the integrity of access control policies (ACP) is a constantly neglected aspect. However, throughout its evolution, ACP is not valid and free from irregularities due to users and administrators actions, intentionally or not. So, considering regular ACP updating activities, we pay a particular attention on anomalies in ACP expression. Taking into account the correlation that exists between two or more of such anomalies, we present the “correlated threats management system” (CORMSYS). This system must detect and analyze the correlation between anomalies since we believe that handling correlations between anomalies can reveal sophisticated intrusion scenarios in DBMS. The presented system also produces the necessary input for new risk management approach that will consider and overcome the effects induced by the correlation between anomalies found in the ACP expression. CORMSYS is composed of four main parts: (i) the Correlation Definition and Analysis subsystem; (ii) the Users Tracking subsystem; (iii) the Intrusion Scenario Identification subsystem and (iv) the Illegal Behavior Modeling subsystem.

Download


Paper Citation


in Harvard Style

Evina P., Labbene Ayachi F., Jaidi F. and Bouhoula A. (2018). Anomalies Correlation for Risk-Aware Access Control Enhancement.In Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE, ISBN 978-989-758-300-1, pages 299-304. DOI: 10.5220/0006766802990304


in Bibtex Style

@conference{enase18,
author={Pierrette Annie Evina and Faten Labbene Ayachi and Faouzi Jaidi and Adel Bouhoula},
title={Anomalies Correlation for Risk-Aware Access Control Enhancement},
booktitle={Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,},
year={2018},
pages={299-304},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006766802990304},
isbn={978-989-758-300-1},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,
TI - Anomalies Correlation for Risk-Aware Access Control Enhancement
SN - 978-989-758-300-1
AU - Evina P.
AU - Labbene Ayachi F.
AU - Jaidi F.
AU - Bouhoula A.
PY - 2018
SP - 299
EP - 304
DO - 10.5220/0006766802990304