A framework for the extended evaluation of ABAC policies

Cloud computing offers several services, such as storage, software, networking, and other computing services.
Cloud storage is a boon for big data and big data owners.
Although big data owners can easily avail cloud storage without spending much on infrastructure and software to manage their data, security is a big issue, and protecting the outsourced big data is challenging and ongoing research. Cloud service providers use the attribute-based access control model to detect malicious intruders and address the security requirements of today’s new computing technologies. Anomalies in security policies are removed to improve the efficiency of the access control model. This paper implements a novel clustering approach to cluster security policies. Our proposed approach uses a rule-specific cluster merging technique that compares the rule with the clusters where the probability of similarity is high. Hence this technique reduces the cost, time, and complexity of
clustering. Rather than verifying all rules, detecting and
removing anomalies in every cluster of rules improve the
performance of the intrusion detection system. Our novel
clustering approach is useful for the researchers and
practitioners in the ABAC policy validation.