Evolving Bipartite Authentication Graph Partitions
Abstract
As large scale enterprise computer networks become more ubiquitous, finding the appropriate balance between user convenience and user access control is an increasingly challenging proposition. Suboptimal partitioning of users’ access and available services contributes to the vulnerability of enterprise networks. Previous edge-cut partitioning methods unduly restrict users’ access to network resources. This paper introduces a novel method of network partitioning superior to the current state-of-the-art which minimizes user impact by providing alternate avenues for access that reduce vulnerability. Networks are modeled as bipartite authentication access graphs and a multi-objective evolutionary algorithm is used to simultaneously minimize the size of large connected components while minimizing overall restrictions on network users. Results are presented on a real world data set that demonstrate the effectiveness of the introduced method compared to previous naive methods.
Recommended Citation
A. S. Pope et al., "Evolving Bipartite Authentication Graph Partitions," IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 1, pp. 58 - 71, Institute of Electrical and Electronics Engineers (IEEE), Jan 2019.
The definitive version is available at https://doi.org/10.1109/TDSC.2017.2652469
Department(s)
Computer Science
Research Center/Lab(s)
Center for High Performance Computing Research
Second Research Center/Lab
Intelligent Systems Center
International Standard Serial Number (ISSN)
1545-5971
Document Type
Article - Journal
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2017 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.
Publication Date
Jan-Feb 2019
