A Dimensioning Tool for Access Control Systems

Project Details


Access Control helps to protect digital resources against unauthorised use. Complex rules define what is allowed or not. Consulting these rules can be very time-consuming, so they are often checked only at the start of a session. ATLAS developed a testbed and tooling to assess the performance of a given access control system in its natural environment.

Layman's description

When users log into their account, they expect to be allowed to post updates, transact business, book flights etc. They do not want others to use their account. That is, they should be able to perform authorised actions on their own resources; others should not. The site's access control system defines and enforces the rules to enable this to happen. These rules can be very complex, so consulting them can introduce noticeable delays. Consequently sites use them sparingly. ATLAS developed a way of measuring the performance impact of design and implementation choices, so that site administrators could make suitable adjustments and would then become more confident about rolling out access control more widely. Thus even if the site's outer defences were breached, user data would be protected, at least until the access control system itself was compromised. This would provide better protection for the critical data stored on internet-facing systems.

Key findings

A prototype was built and the project was presented to entrepreneurs engaged by DCU's Ryan Academy, as part of the associated business course for all TIDA award holders. The feedback was generally positive, especially from the CitiBank executive, who said that banks and the financial system generally was struggling to limit the impact of breaches. He explained that ATLAS would need to be integrated into a major security solution because, even though the technology was innovative, it was too niche. Tentative approaches were made but did not lead anywhere.

Effective start/end date01/02/201431/01/2015


Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.