Speculative Authorization

Pranab Kini ; Konstantin Beznosov

20 December 2010

Abstract: As enterprises aim towards achieving zero latency for their systems, latency introduced by authorization process can act as an obstacle towards achieving their goal. We present \emph{\underline{Sp}eculative \underline{A}uthorizatio\underline{n}} (SPAN), a prediction technique to address the problem of latency in enterprise authorization systems. SPAN predicts the possible future requests that could be made by a client, based on the present and past behavior of the client. Authorization decisions to the predicted requests are fetched even before the requests are made by the client, thus reducing the authorization latency virtually to zero. Our implementation indicates that systems deploying SPAN can obtain zero authorization latency for almost $60\%$ of the requests made by the client. We discuss the additional load incurred by the systems to compute responses to the predicted requests, and provide measures to reduce the unnecessary load. We also compare the benefits of deploying caching and SPAN in the same system, and find that SPAN can effectively improve the performance of systems with smaller sizes of cache.

Keyword(s): access control ; machine learning ; prediction

Published in: Pranab Kini and Konstantin Beznosov, "Speculative Authorizaion," Tech. Rep. LERSSE-TR-2010-002, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, December 2010: :

The record appears in these collections:
Technical Reports