Automated Planning of Administrative Tasks Using Historic Events: A File System Case Study

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

Understanding how to implement file system access control rules within a system is heavily reliant on expert knowledge, both that intrinsic to how a system can be configured as well as how a current configuration is structured. Maintaining the required level of expertise in fast-changing environments, where frequent configuration changes are implemented, can be challenging. Another set of complexities lies in gaining structural understanding of large volumes of permission information. The accuracy of a new addition within a file system access control is essential, as inadvertently assigning rights that result in a higher than necessary level of access can generate unintended vulnerabilities. To address these issues, a novel mechanism is devised to automatically process a system’s event history to determine how previous access control configuration actions have been implemented and then utilise the model for suggesting how to implement new access control rules. Throughout this paper, we focus on Microsoft’s New Technology File System permissions (NTFS) access control through processing operating system generated log data. We demonstrate how the novel technique can be utilised to plan for the administrator when assigning new permissions. The plans are then evaluated in terms of their validity as well as the reduction in required expert knowledge.
Original languageEnglish
Title of host publicationGuide to Vulnerability Analysis for Computer Networks and Systems
Subtitle of host publicationAn Artificial Intelligence Approach
EditorsSimon Parkinson, Andrew Crampton, Richard Hill
PublisherSpringer, Cham
Chapter7
Pages159-182
ISBN (Electronic)9783319926247
ISBN (Print)9783319926230
DOIs
Publication statusPublished - 5 Sep 2018

Publication series

NameComputer Communications and Networks
PublisherSpringer
ISSN (Print)1617-7975
ISSN (Electronic)2197-8433

Fingerprint Dive into the research topics of 'Automated Planning of Administrative Tasks Using Historic Events: A File System Case Study'. Together they form a unique fingerprint.

  • Cite this

    Khan, S., & Parkinson, S. (2018). Automated Planning of Administrative Tasks Using Historic Events: A File System Case Study. In S. Parkinson, A. Crampton, & R. Hill (Eds.), Guide to Vulnerability Analysis for Computer Networks and Systems: An Artificial Intelligence Approach (pp. 159-182). (Computer Communications and Networks). Springer, Cham. https://doi.org/10.1007/978-3-319-92624-7_7