New publication of the lab at the (biennal and prestigious) 8-th International Conference on Evolutionary Multiobjective Optimization—in collaboration with Prof. Elena Ferrari and Prof. Barbara Carminati.
In this work we consider a challenging security-related problem: how to generate access control rules expressed in a modern attribute-based access control language automatically, starting from a set of examples in the form of a log of requests to be allowed and of requests to be denied.
We solve this problem with an evolutionary approach that is capable of dealing successfully with case studies of realistic complexity. We designed and implemented this approach that exhibits several interesting features:
This work greatly benefited from our strong experience in automatic generation of regular expressions from examples. It also allowed us to identify new strategies that are extremely useful also for those problems---we will describe them publicly soon, stay tuned.
This multi-objective optimization problem is probably more interesting but certainly less funny than other problems that we have considered earlier in the lab (see "Design of Footbal Teams").