可计算访问控制:将访问控制规则嵌入欧几里得空间

Computable Access Control: Embedding Access Control Rules Into Euclidean Space

IEEE Transactions on Systems, Man, and Cybernetics: Systems · 2023
被引 6
ABS 3

中文导读

提出一种基于嵌入的可计算访问控制模型,将访问控制规则转化为欧几里得空间中的数值向量,通过向量运算判断行为安全性,无需传统规则查询,降低工作负载并支持未知行为预测。

Abstract

Access control is one of the most basic techniques to ensure the security of the information system. The traditional access controls of information systems are usually performed based on the traversals or queries of rules. However, with the increasing complexity of information systems, massive data, and open environments bring great workload and risk for the traditional methods. This study proposes a model of embedding-based computable access control (ECAC), by employing the idea of representation learning in artificial intelligence. According to ECAC, access control rules can be embedded into a Euclidean vector space, and the security of arbitrary behavior can be computed by numerical vector operations, without any traditional querying or traversing of rules, and thus the workload of access control is reduced. Furthermore, by the embedding-based computation, the security of unknown behaviors can be predicted. Potentially, due to the use of numerical vectors instead of traditional semantic symbols, the risk of privacy leakage via semantics can be reduced. Finally, as the first embedding-based access control model, the effectiveness of ECAC is evaluated and concluded by the experiment-based analyses and discussions.

访问控制信息安全表示学习人工智能