@article {AitElHadj2021836, title = {A Log-Based Method to Detect and Resolve Efficiently Conflicts in Access Control Policies}, journal = {Advances in Intelligent Systems and Computing}, volume = {1383 AISC}, year = {2021}, note = {cited By 0}, pages = {836-846}, abstract = {Typically, a security audit is conducted to detect and track inappropriate activities, such as security policy misconfigurations and attacks. Practically, an audit can be done through the analysis and assessment of data in logs registering traces of queries according to predefined policies. In this paper, we present an auditing approach that detects and resolves efficiently conflicting rules of a security policy. Such efficiency translates into a reduction in the time it takes to detect and resolve conflicts. Such efficiency is a consequence of the fact that conflict detection is executed only among suspicious pairs of rules, instead of all pairs of rules. The idea of using suspicious pairs of rules has recently been applied to reduce the execution time of previous detection methods. The present study goes further by applying the idea not only for conflict detection, but also for reducing the resolution time of the detected conflicts. We present experimental results that illustrate the efficiency of the suggested method. {\textcopyright} 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.}, keywords = {Access control, Access control policies, conflict detection, Detection methods, Efficiency, Misconfigurations, Pattern recognition, Resolution time, Security audit, Security policy, Security systems, Soft computing}, doi = {10.1007/978-3-030-73689-7_79}, url = {https://www.scopus.com/inward/record.uri?eid=2-s2.0-85105891237\&doi=10.1007\%2f978-3-030-73689-7_79\&partnerID=40\&md5=f0de7beea992beee027f768bafe5cf58}, author = {Ait El Hadj, M. and Khoumsi, A. and Benkaouz, Y. and Erradi, M.} }