Saved in:
Bibliographic Details
Main Authors: Sitharaman, Sai, Karim, Hassan, Gupta, Deepti, Tyagi, Mudit
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2511.15837
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918210254667776
author Sitharaman, Sai
Karim, Hassan
Gupta, Deepti
Tyagi, Mudit
author_facet Sitharaman, Sai
Karim, Hassan
Gupta, Deepti
Tyagi, Mudit
contents The rapid adoption of multi-cloud environments has amplified risks associated with privileged access mismanagement. Traditional Privileged Access Management (PAM) solutions based on Attribute-Based Access Control (ABAC) exhibit cubic O(n^3) complexity, rendering real-time privilege analysis intractable at enterprise scale. We present a novel PAM framework integrating NIST's Next Generation Access Control (NGAC) with hypergraph semantics to address this scalability crisis. Our approach leverages hypergraphs with labeled hyperedges to model complex, multi-dimensional privilege relationships, achieving sub-linear O(sqrt n) traversal complexity and O(nlogn) detection time-rigorously proven through formal complexity analysis. We introduce a 3-Dimensional Privilege Analysis framework encompassing Attack Surface, Attack Window, and Attack Identity to systematically identify privilege vulnerabilities. Experimental validation on AWS-based systems with 200-4000 users demonstrates 10x improvement over ABAC and 4x improvement over standard NGAC-DAG, enabling sub-second privilege detection at scale. Real-world use cases validate detection of privilege escalation chains, over-privileged users, and lateral movement pathways in multi-cloud infrastructures.
format Preprint
id arxiv_https___arxiv_org_abs_2511_15837
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Scalable Privilege Analysis for Multi-Cloud Big Data Platforms: A Hypergraph Approach
Sitharaman, Sai
Karim, Hassan
Gupta, Deepti
Tyagi, Mudit
Cryptography and Security
The rapid adoption of multi-cloud environments has amplified risks associated with privileged access mismanagement. Traditional Privileged Access Management (PAM) solutions based on Attribute-Based Access Control (ABAC) exhibit cubic O(n^3) complexity, rendering real-time privilege analysis intractable at enterprise scale. We present a novel PAM framework integrating NIST's Next Generation Access Control (NGAC) with hypergraph semantics to address this scalability crisis. Our approach leverages hypergraphs with labeled hyperedges to model complex, multi-dimensional privilege relationships, achieving sub-linear O(sqrt n) traversal complexity and O(nlogn) detection time-rigorously proven through formal complexity analysis. We introduce a 3-Dimensional Privilege Analysis framework encompassing Attack Surface, Attack Window, and Attack Identity to systematically identify privilege vulnerabilities. Experimental validation on AWS-based systems with 200-4000 users demonstrates 10x improvement over ABAC and 4x improvement over standard NGAC-DAG, enabling sub-second privilege detection at scale. Real-world use cases validate detection of privilege escalation chains, over-privileged users, and lateral movement pathways in multi-cloud infrastructures.
title Scalable Privilege Analysis for Multi-Cloud Big Data Platforms: A Hypergraph Approach
topic Cryptography and Security
url https://arxiv.org/abs/2511.15837