{"id":"https://openalex.org/W2760996419","doi":"https://doi.org/10.1145/3132465.3132470","title":"Automated least privileges in cloud-based web services","display_name":"Automated least privileges in cloud-based web services","publication_year":2017,"publication_date":"2017-10-04","ids":{"openalex":"https://openalex.org/W2760996419","doi":"https://doi.org/10.1145/3132465.3132470","mag":"2760996419"},"language":"en","primary_location":{"id":"doi:10.1145/3132465.3132470","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3132465.3132470","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the fifth ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055523017","display_name":"Matthew W. Sanders","orcid":null},"institutions":[{"id":"https://openalex.org/I167576493","display_name":"Colorado School of Mines","ror":"https://ror.org/04raf6v53","country_code":"US","type":"education","lineage":["https://openalex.org/I167576493"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Matthew Sanders","raw_affiliation_strings":["Colorado School of Mines"],"affiliations":[{"raw_affiliation_string":"Colorado School of Mines","institution_ids":["https://openalex.org/I167576493"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101641878","display_name":"Chuan Yue","orcid":"https://orcid.org/0000-0002-6095-4768"},"institutions":[{"id":"https://openalex.org/I167576493","display_name":"Colorado School of Mines","ror":"https://ror.org/04raf6v53","country_code":"US","type":"education","lineage":["https://openalex.org/I167576493"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chuan Yue","raw_affiliation_strings":["Colorado School of Mines"],"affiliations":[{"raw_affiliation_string":"Colorado School of Mines","institution_ids":["https://openalex.org/I167576493"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5055523017"],"corresponding_institution_ids":["https://openalex.org/I167576493"],"apc_list":null,"apc_paid":null,"fwci":2.1388,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.91023383,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9911999702453613,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.797762930393219},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.74921715259552},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.7414054870605469},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.6893237829208374},{"id":"https://openalex.org/keywords/permission","display_name":"Permission","score":0.6720494627952576},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.5521801114082336},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5396978259086609},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.33127838373184204},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.16972237825393677},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.10782516002655029},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.08256018161773682}],"concepts":[{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.797762930393219},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.74921715259552},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.7414054870605469},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.6893237829208374},{"id":"https://openalex.org/C2779089604","wikidata":"https://www.wikidata.org/wiki/Q7169333","display_name":"Permission","level":2,"score":0.6720494627952576},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.5521801114082336},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5396978259086609},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.33127838373184204},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.16972237825393677},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.10782516002655029},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.08256018161773682},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3132465.3132470","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3132465.3132470","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the fifth ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5899999737739563,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G8887132362","display_name":null,"funder_award_id":"DGE-1619841","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W1454815643","https://openalex.org/W1964154990","https://openalex.org/W1968110920","https://openalex.org/W1987455670","https://openalex.org/W2028341057","https://openalex.org/W2054075152","https://openalex.org/W2060690494","https://openalex.org/W2065076704","https://openalex.org/W2095881341","https://openalex.org/W2161358272","https://openalex.org/W2350778671"],"related_works":["https://openalex.org/W2374086689","https://openalex.org/W3176279093","https://openalex.org/W2373945265","https://openalex.org/W2370203001","https://openalex.org/W1912565424","https://openalex.org/W1968505275","https://openalex.org/W4246410201","https://openalex.org/W2959939328","https://openalex.org/W2385081216","https://openalex.org/W2392327727"],"abstract_inverted_index":{"The":[0],"principle":[1],"of":[2,34,76,130,163],"least":[3,28,64,83],"privilege":[4,84],"is":[5,44,154],"a":[6,41,97,126,139],"fundamental":[7],"guideline":[8],"for":[9,53,101],"secure":[10],"computing":[11],"that":[12,61,152],"restricts":[13],"privileged":[14],"entities":[15],"to":[16,22,79,113,125,156],"only":[17],"the":[18,59,69,73,115,146],"permissions":[19],"they":[20],"need":[21],"perform":[23],"their":[24],"authorized":[25],"tasks.":[26],"Achieving":[27],"privileges":[29,65],"in":[30,68],"an":[31,45,110],"environment":[32,71],"composed":[33],"many":[35,54],"heterogeneous":[36],"web":[37],"services":[38],"provided":[39,117],"by":[40,118],"third":[42],"party":[43],"important":[46],"but":[47],"difficult":[48,67],"and":[49,72,109,142,160],"error":[50],"prone":[51],"task":[52],"organizations.":[55],"This":[56],"paper":[57],"explores":[58],"challenges":[60],"make":[62],"achieving":[63],"uniquely":[66],"cloud":[70],"potential":[74],"benefits":[75],"automated":[77],"methods":[78],"assist":[80],"with":[81,134],"creating":[82,103],"policies":[85,104],"from":[86,105,138],"audit":[87,106,131],"logs.":[88],"To":[89],"accomplish":[90],"these":[91,123],"goals,":[92],"we":[93],"implement":[94],"two":[95],"frameworks:":[96],"Policy":[98],"Generation":[99],"Framework":[100,112],"automatically":[102],"log":[107,132],"data,":[108],"Evaluation":[111],"quantify":[114],"security":[116],"generated":[119],"roles.":[120],"We":[121],"apply":[122],"frameworks":[124],"real":[127],"world":[128],"dataset":[129],"data":[133],"4.3":[135],"million":[136],"events":[137],"small":[140],"company":[141],"present":[143],"results":[144],"describing":[145],"policy":[147],"generator's":[148],"effectiveness.":[149],"Results":[150],"show":[151],"it":[153],"possible":[155],"significantly":[157],"reduce":[158],"over-privilege":[159],"administrative":[161],"burden":[162],"permission":[164],"management.":[165]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":4},{"year":2018,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}