Skip to content

Detecting permissions creep in access control

Posted 9 May 2019

Simon Parkinson completed a residency with Digital Catapult researching permissions creep.

During his time as Digital Catapult Researcher in Residence, Simon Parkinson undertook research, guided by end-user consultation, into machine learning techniques of detecting irregular access control permissions without any prior knowledge (i.e., they are unsupervised). This resulted in the development of a new modelling and learning technique, which was applied to Microsoft’s New Technology File System permissions as a case study. Known as Creeper, this new software automatically reviews access control permissions across a network and alerts you when a user does not appear to have permissions that are appropriate to their current role.

To learn more about permissions creep and the research that Simon Parkinson undertook as part of the Researchers in Residence programme, click here.