access control. insider threats. abac. rbac. self-adaptive sytems. suap.

Access control mechanisms have been used in information systems to restrict access to sensitive information.
Such mechanisms are able to deal with external agent threats, but they are ineffective when considering attacks involving internal users. Access control policies are often static and unable to deal with anomalous behavior of malicious users who have access permission to the system. Self-adaptive systems have been shown as a possible response for this situation, since they are able to analyze themselves and the environment in which they are deployed, modifying themselves over various and unpredictable conditions. For this, a set of well-defined operations that can be used in the definition of adaptation plans is required. In this sense, this work proposes the SecAuthAPI, an approach to support self-adaptive authorization infrastructures, by exposing a set of operations for manipulating ABAC (Attribute-Based Access Control) access control policies. The defined operations are based on a formal functional specification of the ABAC model and are exposed through a REST API. They aim to enable the dynamic adaptation of access control policies. Considering the application of this approach in a real system, this work also proposes and implements the externalization of authorization mechanisms for the SUAP system, which has been developed and used at IFRN. In this context, access restrictions that were previously fixed directly in the code (hard-coded) are now defined through an authorization server, decoupling access control concern from the business logic of the application. Additionally, when SecAuthAPI is applied on the authorization server, policies can be dynamically manipulated. SecAuthAPI operations were evaluated through a series of unit tests that attest its adherence to the formal functional specification, while separation of access control from SUAP had its performance evaluated and compared to the legacy approach. The results show that, although it has an additional computational cost, the impact on application performance is negligible. In addition, the solution is highly feasible in view of the benefits brought due to the decoupling of concern from access control from the source code of the application.