Journal on Communications ›› 2020, Vol. 41 ›› Issue (12): 8-20.doi: 10.11959/j.issn.1000-436X.2020212
• Papers • Previous Articles Next Articles
Aodi LIU1,2, Xuehui DU1,2, Na WANG1,2, Rui QIAO1,3
Revised:
2020-09-30
Online:
2020-12-25
Published:
2020-12-01
Supported by:
CLC Number:
Aodi LIU, Xuehui DU, Na WANG, Rui QIAO. ABAC access control policy generation technique based on deep learning[J]. Journal on Communications, 2020, 41(12): 8-20.
"
方法 | 数据集 | 性能 | ||
Precision | Recall | F1-score | ||
文献[ | iTrust、IBM App | 0.887 | 0.894 | 0.891 |
文献[ | iTrust | 0.873 | 0.908 | 0.890 |
文献[ | iTrust、IBM App、Cyberchair、Collected ACP | 0.830 | 0.874 | 0.852 |
文献[ | iTrust、IBM App、Cyberchair、Collected ACP | 0.900 | 0.900 | 0.900 |
文献[ | iTrust、IBM App、Cyberchair、Collected ACP | 0.813 | 0.742 | 0.775 |
文献[ | iTrust、IBM App、Cyberchair | 0.583 | 0.863 | 0.657 |
文献[ | iTrust、IBM App、Cyberchair | 0.635 | 0.863 | 0.698 |
本文所提方法 | iTrust、IBM App、Cyberchair、Collected ACP |
[1] | 冯登国, 张敏, 李昊 . 大数据安全与隐私保护[J]. 计算机学报, 2014,37(1): 246-258. |
FENG D G , ZHANG M , LI H . Big data security and privacy protection[J]. Chinese Journal of Computers, 2014,37(1): 246-258. | |
[2] | 房梁, 殷丽华, 郭云川 ,等. 基于属性的访问控制关键技术研究综述[J]. 计算机学报, 2017,40(7): 1680-1698. |
FANG L , YIN L H , GUO Y C ,et al. A survey of key technologies in attribute-based access control scheme[J]. Chinese Journal of Computers, 2017,40(7): 1680-1698. | |
[3] | SERVOS D , OSBORN S L . Current research and open problems in attribute-based access control[J]. ACM Computing Surveys, 2017,49(4): 1-45. |
[4] | XIN J , KRISHNAN R , SANDHU R . A unified attribute-based access control model covering DAC,MAC and RBAC[C]// Proceedings of the 26th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy. Berlin:Springer, 2012: 41-55. |
[5] | HU V , KUHN D , FERRAIOLO D . Attribute-based access control[J]. Computer, 2015,48(2): 85-88. |
[6] | BUI T , STOLLER S D , LI J . Greedy and evolutionary algorithms for mining relationship-based access control policies[J]. Computers & Security, 2019,80: 317-333. |
[7] | SANDERS M W , YUE C . Mining least privilege attribute based access control policies[C]// Annual Computer Security Applications Conference. New York:ACM Press, 2019: 404-416. |
[8] | VAIDYA J , ATLURI V , WARNER J ,et al. Role engineering via prioritized subset enumeration[J]. IEEE Transactions on Dependable & Secure Computing, 2010,7(3): 300-314. |
[9] | BAUMGRASS A , STREMBECK M . Bridging the gap between role mining and role engineering via migration guides[J]. Information Security Technical Report, 2013,17(4): 148-172. |
[10] | HARIKA P , NAGAJYOTHI M , JOHN J C ,et al. Meeting cardinality constraints in role mining[J]. IEEE Transactions on Dependable &Secure Computing, 2015,12(1): 71-84. |
[11] | NEUMANN G , STREMBECK M . A scenario-driven role engineering process for functional RBAC roles[C]// Symposium on Access Control Models and Technologies. New York:ACM Press, 2002: 33-42. |
[12] | DAS S , SURAL S , VAIDYA J ,et al. VisMAP:visual mining of attribute-based access control policies[C]// International Conference on Information Systems Security. Berlin:Springer, 2019: 79-98. |
[13] | TALUKDAR T , BATRA G , VAIDYA J ,et al. Efficient bottom-up mining of attribute based access control policies[C]// IEEE 3rd International Conference on Collaboration and Internet Computing. Piscataway:IEEE Press, 2017: 339-348. |
[14] | KARIMI L , JOSHI J . An unsupervised learning based approach for mining attribute based access control policies[C]// International Conference on Big Data. Piscataway:IEEE Press, 2018: 1427-1436. |
[15] | COTRINI C , WEGHORN T , BASIN D . Mining ABAC rules from sparse logs[C]// IEEE European Symposium on Security and Privacy. Piscataway:IEEE Press, 2018: 31-46. |
[16] | GAUTAM M , JHA S , SURAL S ,et al. Poster:constrained policy mining in attribute based access control[C]// Symposium on Access Control Models and Technologies. New York:ACM Press, 2017: 121-123. |
[17] | IYER P , MASOUMZADEH A . Mining positive and negative attribute-based access control policy rules[C]// Symposium on Access Control Models and technologies. New York:ACM Press, 2018: 161-172. |
[18] | KUHLMANN M , SHOHAT D , SCHIMPF G ,et al. Role mining-revealing business roles for security administration using data mining technology[C]// Symposium on Access Control Models and Technologies. New York:ACM Press, 2003: 179-186. |
[19] | NAROUEI M , KHANPOUR H , TAKABI H . Identification of access control policy sentences from natural language policy documents[C]// IFIP Annual Conference on Data and Applications Security and Privacy. Berlin:Springer, 2017: 82-100. |
[20] | NAROUEI M , TAKABI H , NIELSEN R D . Automatic extraction of access control policies from natural language documents[J]. IEEE Transactions on Dependable and Secure Computing, 2018,17(3): 1. |
[21] | XU Z , STOLLER S D . Mining attribute-based access control policies[J]. IEEE Transactions on Dependable and Secure Computing, 2015,12(5): 533-545. |
[22] | MOCANU D C , TURKMEN F , LIOTTA A . Towards ABAC policy mining from logs with deep learning[C]// In Proceedings of International Multi Conference. Piscataway:IEEE Press, 2015: 10-16. |
[23] | HE Q,ANTóN A I . Requirements-based access control analysis and policy specification (ReCAPS)[J]. Information & Software Technology, 2009,51(6): 993-1009. |
[24] | SHI L L , CHADWICK D W . A controlled natural language interface for authoring access control policies[C]// Applied Computing. New York:ACM Press, 2011: 1524-1530. |
[25] | SCHWITTER R , . Controlled natural languages for knowledge representation[C]// International Conference on Computational Linguistics. New York:ACM Press, 2010: 1113-1121. |
[26] | XIAO X , PARADKAR A , THUMMALAPENTA S ,et al. Automated extraction of security policies from natural-language software documents[C]// ACM Sigsoft International Symposium on the Foundations of Software Engineering. New York:ACM Press, 2012: 1-11. |
[27] | SLANKAS J , WILLIAMS L . Access control policy extraction from unconstrained natural language text[C]// 2013 International Conference on Social Computing. New York:ACM Press, 2013: 435-440. |
[28] | SLANKAS J , XIAO X , WILLIAMS L ,et al. Relation extraction for inferring access control rules from natural language artifacts[C]// Proceedings of the 30th Annual Computer Security Applications Conference. New York:ACM Press, 2014: 366-375. |
[29] | NAROUEI M , TAKABI H . Automatic top-down role engineering framework using natural language processing techniques[C]// International Conference Information Security Theory and Practice. New York:ACM Press, 2015: 137-152. |
[30] | NAROUEI M , TAKABI H . Towards an automatic top-down role engineering approach using natural language processing techniques[C]// Symposium on Access Control Models and Technologies. New York:ACM Press, 2015: 157-160. |
[31] | NAROUEI M , KHANPOUR H , TAKABI H ,et al. Towards a top-down policy engineering framework for attribute-based access control[C]// Symposium on Access Control Models and Technologies. New York:ACM Press, 2017: 103-114. |
[32] | ALOHALY M , TAKABI H , BLANCO E ,et al. A deep learning approach for extracting attributes of ABAC policies[C]// Symposium on Access Control models and Technologies. New York:ACM Press, 2018: 137-148. |
[33] | ALOHALY M , TAKABI H , BLANCO E . Automated extraction of attributes from natural language attribute-based access control (ABAC) policies[J]. Cybersecurity, 2019,2(1): 2-12. |
[34] | BROSSARD D , GEBEL G , BERG M . A systematic approach to implementing ABAC[C]// Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control. New York:ACM Press, 2017: 53-59. |
[35] | DEVLIN J , CHANG M , LEE K ,et al. BERT模型:pre-training of deep bidirectional transformers for language understanding[C]// North American Chapter of the Association for Computational Linguistics. Virginia:NAACL, 2019: 4171-4186. |
[36] | LUO X , ZHOU W , WANG W ,et al. Attention-based relation extraction with bidirectional gated recurrent unit and highway network in the analysis of geological data[J]. IEEE Access, 2018,6: 5705-5715. |
[1] | Dongyu CHEN, Hua CHEN, Limin FAN, Yifang FU, Jian WANG. Research on test strategy for randomness based on deep learning [J]. Journal on Communications, 2023, 44(6): 23-33. |
[2] | Rongpeng LI, Bingyan WANG, Honggang ZHANG, Zhifeng ZHAO. Design of knowledge enhanced semantic communication receiver [J]. Journal on Communications, 2023, 44(6): 70-76. |
[3] | Shuai MA, Ke PEI, Huayan QI, Hang LI, Wen CAO, Hongmei WANG, Hailiang XIONG, Shiyin LI. Research on geomagnetic indoor high-precision positioning algorithm based on generative model [J]. Journal on Communications, 2023, 44(6): 211-222. |
[4] | Wei JIN, Fenghua LI, Mingjie YU, Yunchuan GUO, Ziyan ZHOU, Liang FANG. HDFS-oriented cryptographic key resource control mechanism [J]. Journal on Communications, 2022, 43(9): 27-41. |
[5] | Jie YANG, Biao DONG, Xue FU, Yu WANG, Guan GUI. Lightweight decentralized learning-based automatic modulation classification method [J]. Journal on Communications, 2022, 43(7): 134-142. |
[6] | Xiuzhang YANG, Guojun PENG, Zichuan LI, Yangqi LYU, Side LIU, Chenguang LI. Research on entity recognition and alignment of APT attack based on Bert and BiLSTM-CRF [J]. Journal on Communications, 2022, 43(6): 58-70. |
[7] | Yong LIAO, Shiyi WANG. CSI feedback algorithm based on RM-Net for massive MIMO systems in high-speed mobile environment [J]. Journal on Communications, 2022, 43(5): 166-176. |
[8] | Yurong LIAO, Haining WANG, Cunbao LIN, Yang LI, Yuqiang FANG, Shuyan NI. Research progress of deep learning-based object detection of optical remote sensing image [J]. Journal on Communications, 2022, 43(5): 190-203. |
[9] | Zenghua ZHAO, Yuefan TONG, Jiayang CUI. Device-independent Wi-Fi fingerprinting indoor localization model based on domain adaptation [J]. Journal on Communications, 2022, 43(4): 143-153. |
[10] | Yong LIAO, Gang CHENG, Yujie LI. CSI feedback algorithm based on deep unfolding for massive MIMO systems [J]. Journal on Communications, 2022, 43(12): 77-88. |
[11] | Xueyuan DUAN, Yu FU, Kun WANG, Bin LI. LDoS attack detection method based on simple statistical features [J]. Journal on Communications, 2022, 43(11): 53-64. |
[12] | Junyan HUO, Ruipeng QIU, Yanzhuo MA, Fuzheng YANG. Reference frame list optimization algorithm in video coding by quality enhancement of the nearest picture [J]. Journal on Communications, 2022, 43(11): 136-147. |
[13] | Haiyan KANG, Yuanrui JI. Research on federated learning approach based on local differential privacy [J]. Journal on Communications, 2022, 43(10): 94-105. |
[14] | Hongxia ZHANG, Qi WANG, Dengyue WANG, Ben WANG. Honeypot contract detection of blockchain based on deep learning [J]. Journal on Communications, 2022, 43(1): 194-202. |
[15] | Yan YAN, Yiming CONG, Mahmood Adnan, Quanzheng SHENG. Statistics release and privacy protection method of location big data based on deep learning [J]. Journal on Communications, 2022, 43(1): 203-216. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|