Evolving Bipartite Authentication Graph Partitions
As large scale enterprise computer networks become more ubiquitous, finding the appropriate balance between user convenience and user access control is an increasingly challenging proposition. Suboptimal partitioning of users’ access and available services contributes to the vulnerability of enterprise networks. Previous edge-cut partitioning methods unduly restrict users’ access to network resources. This paper introduces a novel method of network partitioning superior to the current state-of-the-art which minimizes user impact by providing alternate avenues for access that reduce vulnerability. Networks are modeled as bipartite authentication access graphs and a multi-objective evolutionary algorithm is used to simultaneously minimize the size of large connected components while minimizing overall restrictions on network users. Results are presented on a real world data set that demonstrate the effectiveness of the introduced method compared to previous naive methods.
A. S. Pope et al., "Evolving Bipartite Authentication Graph Partitions," IEEE Transactions on Dependable and Secure Computing, vol. PP, no. 99, Institute of Electrical and Electronics Engineers (IEEE), Jan 2017.
The definitive version is available at http://dx.doi.org/10.1109/TDSC.2017.2652469
Center for High Performance Computing Research
Article - Journal
© 2017 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.