基于场景感知的访问控制模型

doi:10.11959/j.issn.2096-109x.2024003

网络与信息安全学报 ›› 2024, Vol. 10 ›› Issue (1): 58-78.doi: 10.11959/j.issn.2096-109x.2024003

• 学术论文 • 上一篇

基于场景感知的访问控制模型

单棣斌, 杜学绘, 王文娟, 王娜, 刘敖迪

信息工程大学，河南郑州 450001

修回日期:2023-08-28 出版日期:2024-02-01 发布日期:2024-02-01
作者简介:单棣斌（1982− ），男，河北邯郸人，信息工程大学副教授，主要研究方向为大数据安全、信任安全、图神经网络
杜学绘（1968− ），女，河南新乡人，博士，信息工程大学教授、博士生导师，主要研究方向为信息系统安全、大数据和区块链安全
王文娟（1981− ），女，河南鹤壁人，博士，信息工程大学教授，主要研究方向为云计算安全、入侵防御
王娜（1980− ），女，山西临汾人，博士，信息工程大学副教授，主要研究方向为信息系统安全、大数据和区块链安全
刘敖迪（1992− ），男，黑龙江伊春人，博士，信息工程大学讲师，主要研究方向为大数据安全
基金资助:
国家自然科学基金(62102449);国家重点研发计划(2018YFB0803603);国家重点研发计划(2016YFB0501904);河南省重点研发与推广专项(222102210069)

Scenario-aware access control model

Dibin SHAN, Xuehui DU, Wenjuan WANG, Na WANG, Aodi LIU

Information Engineering University, Zhengzhou 450001, China

Revised:2023-08-28 Online:2024-02-01 Published:2024-02-01
Supported by:
The National Natural Science Foundation of China(62102449);The National Key R＆D Program of Chi-na(2018YFB0803603);The National Key R＆D Program of Chi-na(2016YFB0501904);The Key Research and Development and Promotion Program of Henan Prov-ince(222102210069)

摘要/Abstract

摘要：

动态访问控制模型是构建大数据动态访问控制系统的理论基础，而现有访问控制模型大多只能满足单一情景下的动态访问控制，无法适应大数据上下文环境变化、实体关系变更和客体状态变迁等多类型动态情景中的访问控制。针对上述问题，在现有访问控制模型的研究的基础上，对大数据动态因素进行分析，提出基于场景感知的访问控制（SAAC，scenario-aware access control）模型。将各类型动态因素转换为属性、关系等基本元素；并引入场景信息对各类组成元素进行统一建模；基于场景信息构建大数据动态访问控制模型，以实现对多类型动态因素、扩展动态因素的支持。设计 SAAC 模型的工作框架，并提出框架工作流程对应的基于场景感知的访问控制模型规则学习算法和 SAAC 规则执行算法，以实现访问控制规则自动学习和动态访问控制决策。通过引入非传递无干扰理论，分析并验证了对所提模型的安全性。为验证所提模型访问控制策略挖掘方法的有效性，将SAAC模型与ABAC-L、PBAC-X、DTRM和FB-CAAC等基线模型在4个数据集上进行了实验对比。实验结果表明，SAAC模型及其策略挖掘方法的ROC曲线的线下面积、单调性和陡峭度等指标的结果均优于基线模型，验证了所提模型能够支持多类型动态因素和动态因素扩展，其挖掘算法所得的访问控制规则的综合质量相对较高。

关键词: 大数据, 访问控制, 动态因素, 场景, 无干扰理论

Abstract:

Dynamic access control model is the theoretical basis for constructing a dynamic access control system for big data.However, most existing access control models can only fulfill dynamic access control in a single scenario and are unable to adapt to access control in multiple types of dynamic scenarios.These scenarios include changes in the contextual environment of big data, changes in entity relationships, and changes in the state of objects.To address these issues, an analysis was conducted based on the research of existing access control models and the dynamic factors of big data.Subsequently, scenario-aware access control (SAAC) model was proposed, which was based on dynamic factor conversion and scenario unified modeling.All types of dynamic factors were converted into basic elements such as attributes and relationships.Then, scene information was incorporated to model the various types of constituent elements in a unified manner.A big data dynamic access control model was constructed based on scene information to support multi-type dynamic factors and extended dynamic factors.The working framework of the SAAC model was designed, and the SAAC rule learning algorithm and SAAC rule execution algorithm were proposed corresponding to the workflow of the framework.This enabled the automatic learning of access control rules and dynamic access control decision-making.The security of the proposed model was analyzed and verified by introducing the non-transitive non-interference theory.To validate the effectiveness of the access control policy mining method of the proposed model, experimental comparisons were conducted between the SAAC model and baseline models such as ABAC-L, PBAC-X, DTRM, and FB-CAAC using four datasets.The experimental results demonstrate that the SAAC model and its strategy mining method outperforms the baseline models in terms of metrics such as area under the curve AUC, monotonicity, and steepness of the ROC curve.This verification confirms that the proposed model can support multiple types of dynamic factors and dynamic factor extensions, and that the combined effect of the access control rules obtained from its mining algorithm is relatively high.

Key words: big data, access control, dynamic factors, scenarios, non-interference theory

中图分类号:

TP309

单棣斌, 杜学绘, 王文娟, 王娜, 刘敖迪. 基于场景感知的访问控制模型[J]. 网络与信息安全学报, 2024, 10(1): 58-78.

Dibin SHAN, Xuehui DU, Wenjuan WANG, Na WANG, Aodi LIU. Scenario-aware access control model[J]. Chinese Journal of Network and Information Security, 2024, 10(1): 58-78.

图/表 8

表1

图1

图2

表2

SAAC模型形式化定义Table 2 Formal definition of SAAC model"

模型要素	映射函数
1) 主体集S： $S = {s_{1}, s_{2}, \dots, s_{m}}, s_{i} \in S, (1 \leq i \leq \| S \|)$	属性映射函数MA：
2) 客体集O： $O = {o_{1}, o_{2}, \dots, o_{m}}, o_{i} \in O, (1 \leq i \leq \| O \|)$	$S \cup O \cup Op \cup E \to At$
3) 操作集Op： $Op = {{op}_{1}, {op}_{2}, \dots, {op}_{m}}, {op}_{i} \in Op, (1 \leq i \leq \| Op \|)$	关系映射函数MR：
4) 环境集E： $E = {e_{1}, e_{2}, \dots, e_{m}}, e_{i} \in E, (1 \leq i \leq \| E \|)$	$S \cup O \cup Op \cup E \cup At \to R$
5) 属性集At： ${At={at}_{i j}^{x} {\|at}_{i j}^{x} = < name,value,map >, x \in X, 1 \leq i \leq N_{x}, 1 \leq j \leq N_{i}}$	场景权限映射函数MSP：
6) 关系集R： $R = {r_{j}^{n} \| 1 \leq j \leq N, 1 < n \leq N}$	Sc→Perm
7) 场景信息集Sc： $Sc = BSc \cup ASc, BSc = At \cup R, ASc = F (BSc)$	规则权限映射函数MPP：
8) 权限集Perm： $Perm = {< {op}_{i}, o_{j} > \| {op}_{i} \in 2^{Op}, o_{j} \in 2^{O}} \subseteq 2^{Op \times O}$	Policy→Perm
9) 访问控制规则集P：
$P = {p_{i} \| p_{i} = < pid, {sc}_{i}, {perm}_{i}, result >, i, pid \in N, {sc}_{i} \in Sc, {perm}_{i} \in Perm, result \in {Accept, Deny}}$

表2

图3

表3

基于SAAC模型的访问控制系统符号及描述Table 3 Notation and description of access control system based on SAAC model"

类别	符号	描述
成员	ST	系统状态集，ST={st₀,st₁,…,st_n}，st₀表示系统初始状态
	D	安全域，包括请求域d_s、响应域d_o、访问控制域d_a（d_a可细分为访问控制决策域d_d、访问控制实施域d_e）
	A	行为集，A={a ₀,a ₁,…,a_n}，a_i表示第i个行为。根据SAAC模型，行为包括访问请求a _request、访问响应a _response、访问裁决a_decision、访问控制实施a_enforcement、场景感知a_scaware、访问控制规则生成a_rulesg6类行为。
	Out	输出结果集
函数	dom:A→D	行为与安全域的映射函数，返回值是行为所属的安全域。dom(a_i)∈D表示行为a_i对应的安全域
	step:ST×A→ST	系统状态st_i在执行行为a_i后进入系统状态st_i+1(0≤i≤n)，记为st_i+1=step(st_i,a_i)
	run:ST×A*→ST	系统状态st_i在执行一系列行为 $α$ 后进入系统状态st_i+j(0≤i≤n)，记为 ${st}_{i + j} = run ({st}_{i}, α)$ 。其中， $α$ 是行为序列，表示为 $α = a_{i + 1} \circ a_{i +}_{2} \circ, \dots, \circ a_{j}$ ， $\circ$ 表示行为连接
	output:ST×A*→Out	系统状态st_i在执行一系列行为 $α$ 后的输出结果，记为 ${out}_{i + j} = output ({st}_{i}, α)$ 。当 $α$ 只有一次行为时，output表示单步执行后的输出结果
	ipurge:A×D→A	非传递的消除函数，从行为序列 $α$ 中消除与给定安全域d无干扰的行为，记为 $ipurge (α, d)$
	sources:A*×D→2 ^D	在一个行为序列中识别出那些不应该被删除的行为，记为 $sources (α, d)$
关系	～＞	干扰关系：表示对不同安全域之间的信息流的权限
	$\sim >$	无干扰关系：表示禁止不同安全域之间的信息流
	${st}_{i} \overset{d}{\sim} {st}_{j}$	观察等价关系：表示从安全域d的角度来看，系统状态st_i和状态st_j是等价的。 ${st}_{i} \overset{d}{\sim} {st}_{j} \Rightarrow output ({st}_{i}, a) = {output(st}_{j}, a)$
	${st}_{i} \overset{C}{\approx} {st}_{j}$	子域等价关系：表示在安全域集的一个子域中，系统状态 st_i 和状态 st_j 是等价的。 ${st}_{i} \overset{C}{\approx} {st}_{j} \overset{def}{=} (\forall d \in C : {st}_{i} \overset{d}{\sim} {st}_{j})$

表3

图4

图5

参考文献 50

[1]	李昊, 张敏, 冯登国 ,等. 大数据访问控制研究[J]. 计算机学报, 2017,(1): 72-91.
	LI H , ZHANG M , FENG D G ,et al. Research on access control for big data[J]. Journal of Computer Science, 2017,(1): 72-91.
[2]	SERVOS D , OSBORN S L . Current research and open problems in attribute-based access control[J]. ACM Computing Surveys, 2017,49(4): 1-45.
[3]	CHEN X , GAO Y , TANG H ,et al. Research progress on big data security technology[J]. Scientia Sinica Informationis, 2020,50(1): 25-66.
[4]	高振升, 曹利峰, 杜学绘 . 基于区块链的访问控制技术研究进展[J]. 网络与信息安全学报, 2021,7(6): 68-87.
	GAO Z S , CAO L F , DU X H . Research progress of access control based on blockchain[J]. Chinese Journal of Network and Information Security, 2021,7(6): 68-87.
[5]	KAYES A S M , KALARIA R , SARKER I H ,et al. A survey of context-aware access control mechanisms for cloud and fog networks:taxonomy and open research issues[J]. Sensors (Basel), 2020,20(9): 1-34.
[6]	刘敖迪, 杜学绘, 王娜 ,等. 基于深度学习的ABAC访问控制策略自动化生成技术[J]. 通信学报, 2020,41(12): 8-20.
	LIU A D , DU X H , WANG N ,et al. Automatic Generation technology of ABAC access control policy based on deep learning[J]. Journal on Communications, 2020,41(12): 8-20.
[7]	单棣斌, 杜学绘, 王文娟 ,等. 基于 GNN 双源学习的访问控制关系预测方法[J]. 网络与信息安全学报, 2022,8(5): 40-55.
	SHAN D B , DU X H , WANG W J ,et al. Access control relationship prediction method based on GNN dual source learning[J]. Chinese Journal of Network and Information Security, 2022,8(5): 40-55.
[8]	PARK J , NGUYEN D , SANDHU R . A provenance-based access control model[C]// Proceedings of 2012 Tenth Annual International Conference on Privacy,Security and Trust (PST). 2012: 137-144.
[9]	AKAICHI I , KIRRANE S . Usage control specification,enforcement,and robustness:a survey[J]. 2022,arXiv:2203.04800[04.23 2023].
[10]	BERTINO E , BONATTI P A , FERRARI E . TRBAC:A temporal role-based access control model[C]// Proceedings of TISSEC2001. 2001: 191-233.
[11]	BERTINO E , CATANIA B , DAMIANI M L ,et al. GEO-RBAC:a spatially aware RBAC[C]// Proceedings of the 10th Symposium on Access Control Models and Technologies. 2005: 29-37.
[12]	CHANDRAN S M , JOSHI J B . LoT-RBAC:A location and time-based RBAC model[C]// Proceedings of the International Conference on Web Information Systems Engineering. 2005: 361-375.
[13]	ASIM Y , MALIK A K . A survey on access control techniques for social networks[M]. Information Diffusion Management and Knowledge Sharing. 2020: 319-342.
[14]	BUI T , STOLLER S D . A decision tree learning approach for mining relationship-based access control policies[C]// Proceedings of the 25th ACM Symposium on Access Control Models and Technologies. 2020: 167-178.
[15]	BUI T , STOLLER S D , LE H . Efficient and extensible policy mining for relationship-based access control[C]// Proceedings of the 24th ACM Symposium on Access Control Models and Technologies. 2019: 161-172.
[16]	KAYES A S M , RAHAYU W , DILLON T ,et al. Context-aware access control with imprecise context characterization for cloudbased data resources[J]. Futur Gener Comp Syst, 2019,93: 237-255.
[17]	KAYES A S M , HAN J , RAHAYU W ,et al. A policy model and framework for context-aware access control to information resources[J]. Comput J, 2019,62(5): 670-705.
[18]	BERTOLISSI C , HARTOG J D , ZANNONE N . Using provenance for secure data fusion in cooperative systems[C]// Proceedings of the 24th ACM Symposium on Access Control Models and Technologies. 2019: 185-194.
[19]	YU Y , XIA T , WANG H ,et al. Semantic-aware spatio-temporal app usage representation via graph convolutional network[J]. Proc ACM Interact Mob Wearable Ubiquitous Technol, 2020,4(3): 101: 101-124.
[20]	CHAKRABORTY S , SANDHU R . Formal analysis of ReBAC policy mining feasibility[C]// Proceedings of CODASPY '21. 2021: 197-207.
[21]	FAN X , ZHANG F , SONG J ,et al. A fine-grained policy model for provenance-based access control and policy algebras[J]. 2020,arXiv:2001.01945, 2023.
[22]	GROUP N B D P W , SUBGROUP D A T . NIST big data interoperability framework:volume 1,definitions[R]. 2019.
[23]	GROUP N B D P W , SUBGROUP D A T . NIST big data interoperability framework:volume 2,big data taxonomies[R]. 2019.
[24]	李学龙, 龚海刚 . 大数据系统综述[J]. 中国科学:信息科学, 2015,45(1): 1-44.
	LI X L , GONG H G . A survey on big data systems[J]. SCIENTIA SINICA Informationis, 2015,45(1): 1-44.
[25]	ARSHAD H , JOHANSEN C , OWE O . Semantic attribute-based access control:a review on current status and future perspectives[J]. Journal of Systems Architecture, 2022,129:102625.
[26]	KAYES A S M , HAN J , COLMAN A . ICAF:a context-aware framework for access control[M]. Information Security and Privacy. 2012: 442-449.
[27]	KAYES A S M , RAHAYU W , WATTERS P ,et al. Achieving security scalability and flexibility using fog-based context-aware access control[J]. Futur Gener Comp Syst, 2020,107: 307-323.
[28]	KAYES A S M , HAN J , COLMAN A . An ontological framework for situation-aware access control of software services[J]. Information Systems, 2015,53: 253-277.
[29]	MCINTOSH T , WATTERS P , KAYES A S M ,et al. Enforcing situation-aware access control to build malware-resilient file systems[J]. Future Generation Computer Systems, 2021,115: 568-582.
[30]	CORRADI A , MONTANARI R , TIBALDI D . Context-based access control for ubiquitous service provisioning[C]// Proceedings of the 28th Annual International Computer Software and Applications Conference (COMPSAC’04). 2004: 444-451.
[31]	BUI T , STOLLER S D , LI J J . Greedy and evolutionary algorithms for mining relationship-based access control policies[J]. Computers＆ Security, 2019,80: 317-333.
[32]	IYER P , MASOUMZADEH A . Active learning of relationship-based access control policies[C]// Proceedings of the 25th ACM Symposium on Access Control Models and Technologies. 2020: 155-166.
[33]	KAYES A S M , HAN J , COLMAN A ,et al. RelBOSS:a relationship-aware access control framework for software services[M]// MEERSMAN R,PANETTO H,DILLON T,et al. On the Move to Meaningful Internet Systems: Otm 2014 Conferences. 2014: 258-276.
[34]	SUN L , PARK J , NGUYEN D ,et al. A provenance-aware access control framework with typed provenance[J]. IEEE Trans Dependable Secur Comput, 2016,13(4): 411-423.
[35]	NGUYEN D , PARK J , SANDHU R . A provenance-based access control model for dynamic separation of duties[C]// Proceedings of 2013 Eleventh Annual Conference on Privacy,Security and Trust (PST). 2013: 247-256.
[36]	CHAKRABORTY S , SANDHU R . On feasibility of attributeaware relationship-based access control policy mining[M]// Berlin: Springer.Data and Applications Security and Privacy. 2021: 393-405.
[37]	HU V C , FERRAIOLO D , KUHN R ,et al. Guide to attribute based access control (abac) definition and considerations:NIST special publication 800-162[S]. 2014: 1-37.
[38]	KAYES A S M , HAN J , COLMAN A ,et al. A semantic policy framework for context-aware access control applications[C]// Proceedings of 2013 12th IEEE International Conference on Trust,Security and Privacy in Computing and Communications. 2013: 753-762.
[39]	KAYES A S M , RAHAYU W , DILLON T . An ontology-based approach to dynamic contextual role for pervasive access control[C]// Proceedings 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications. 2018: 601-608.
[40]	MOREAU L , CLIFFORD B , FREIRE J ,et al. The open provenance model core specification (v1.1)[J]. Future Generation Computer Systems, 2011,27(6): 743-756.
[41]	MISSIER P , BELHAJJAME K , CHENEY J . The W3C PROV family of specifications for modelling provenance metadata[C]// Proceedings of the 16th International Conference. 2013: 773-776.
[42]	BATRA G , ATLURI V , VAIDYA J ,et al. Incremental maintenance of ABAC Policies[C]// Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy, 2021.
[43]	SHAN D , DU X , WANG W ,et al. GNN-based method for predicting access control relationships for big data[C]// 2022 2nd International Conference on Computer Science,Electronic Information Engineering and Intelligent Control Technology (CEI). 2022.
[44]	HAN J , PEI J , YIN Y ,et al. Mining frequent patterns without candidate generation:a frequent-pattern tree approach[J]. Data Mining and Knowledge Discovery, 2004,8(1): 53-87.
[45]	HUANG H , FU Y , HU J ,et al. Research on distributed dynamic trusted access control based on security subsystem[J]. IEEE Transactions on Information Forensics and Security, 2022: 1-15.
[46]	RUSHBY J . Noninterference,transitivity,and channel-control security policies[R]. 2005.
[47]	WANG X , JI H , SHI C ,et al. Heterogeneous graph attention network[C]// Proceedings of The World Wide Web Conference(WWW '19). 2019: 2022-2032.
[48]	TU Z , LI R , LI Y ,et al. Your apps give you away distinguishing mobile users by their app usage fingerprints[C]// Proceedings of the ACM on Interactive,Mobile,Wearable and Ubiquitous Technologies. 2018,138: 131-123.
[49]	KARIMI L , ALDAIRI M . An automatic attribute based access control policy extraction from access logs[J]. IEEE Trans Dependable Secur Comput, 2022,19(4): 2304-2317.
[50]	SANDERS M W , YUE C,ACM . Mining least privilege attribute based access control policies[C]// Proceedings of 35th Annual Computer Security Applications Conference (ACSA). 2019: 404-416.

基于场景感知的访问控制模型

Scenario-aware access control model

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献 50

相关文章 15

Metrics

推荐阅读 0

模型	支持动态授权	动态因素动态访问控制内容
RBAC	否	无无
TRBAC	是	时间时间约束，随时间动态激活角色
GEO-RBAC	是	地点结合用户位置授予用户角色
LoT-RBAC	是	时间+地点结合时间、地点授予用户角色
ABAC	是	属性、环境条件随属性值的变化、环境条件的变化确定访问者权限
CAAC	是	上下文条件随时间、地点、客体类别、访问目的等上下文条件的变化判断主体访问权限
ReBAC	是	实体关系根据主体之间、主客体之间、客体之间的关系判定主体权限
PBAC	是	起源信息根据起源信息中客体的状态判定主体权限

[1]	祖铄迪, 丁世昌, 袁福祥, 罗向阳. 目标网络场景自适应的IP定位框架[J]. 网络与信息安全学报, 2023, 9(6): 71-85.
[2]	李婧文, 李雅文. 深度合成技术应用与风险应对[J]. 网络与信息安全学报, 2023, 9(2): 184-190.
[3]	李东, 郝艳妮, 彭升辉, 訾瑞杰, 刘西蒙. 国家自然科学基金委员会网络安全现状与展望[J]. 网络与信息安全学报, 2022, 8(6): 92-101.
[4]	单棣斌, 杜学绘, 王文娟, 刘敖迪, 王娜. 基于GNN双源学习的访问控制关系预测方法[J]. 网络与信息安全学报, 2022, 8(5): 40-55.
[5]	穆超, 王鑫, 杨明, 张恒, 陈振娅, 吴晓明. 面向物联网设备固件的硬编码漏洞检测方法[J]. 网络与信息安全学报, 2022, 8(5): 98-110.
[6]	高振升, 曹利峰, 杜学绘. 基于区块链的访问控制技术研究进展[J]. 网络与信息安全学报, 2021, 7(6): 68-87.
[7]	杨冠群, 刘荫, 徐浩, 邢宏伟, 张建辉, 李恩堂. 基于区块链的电网可信分布式身份认证系统[J]. 网络与信息安全学报, 2021, 7(6): 88-98.
[8]	周家顺, 王娜, 杜学绘. 基于区块链的数据完整性多方高效审计机制[J]. 网络与信息安全学报, 2021, 7(6): 113-125.
[9]	宋甫元, 秦拯, 张吉昕, 刘羽. 基于访问控制安全高效的多用户外包图像检索方案[J]. 网络与信息安全学报, 2021, 7(5): 29-39.
[10]	毋文超, 任志宇, 杜学绘. 基于权限聚类的属性值优化[J]. 网络与信息安全学报, 2021, 7(4): 175-182.
[11]	郝一诺, 金梁, 黄开枝, 肖帅芳. 准静态场景下基于智能超表面的密钥生成方法[J]. 网络与信息安全学报, 2021, 7(2): 77-85.
[12]	诸天逸, 李凤华, 成林, 郭云川. 跨域访问控制技术研究[J]. 网络与信息安全学报, 2021, 7(1): 20-27.
[13]	熊钢,葛雨玮,褚衍杰,曹卫权. 基于跨域协同的网络空间威胁预警模式[J]. 网络与信息安全学报, 2020, 6(6): 88-96.
[14]	邱云翔,张红霞,曹琪,章建聪,陈兴蜀,金泓键. 基于CP-ABE算法的区块链数据访问控制方案[J]. 网络与信息安全学报, 2020, 6(3): 88-98.
[15]	牛玉坤,魏凌波,张驰,张霞,GustavoVejarano. 基于比特币区块链的公共无线局域网接入控制隐私保护研究[J]. 网络与信息安全学报, 2020, 6(2): 56-66.