Computer Science ›› 2019, Vol. 46 ›› Issue (2): 109-114.doi: 10.11896/j.issn.1002-137X.2019.02.017

• Information Security • Previous Articles     Next Articles

Access Control Method Based on Feature Extraction

HUANG Mei-rong, OU Bo, HE Si-yuan   

  1. College of Computer Science and Electronic Engineering,Hunan University,Changsha 410082,China
  • Received:2018-01-19 Online:2019-02-25 Published:2019-02-25

Abstract: Recently,fine-grained authorization control has become a hot topic in access control research field,and it can adjust access strategy reasonably in a single fixed environment,so as to meet the safety of workflow.However,it may be difficult to give a correct judgement and only rely on manual checking to confirm whether it is authorized when it is migrated to the new scenario and encounters authorization that is not set by access policy.Manual checking is time-consuming,and it costs too much in big data environments.Therefore,it is imperative to introduce an automatic discrimination mechanism based on past experiences.This paper attempted to give an automatic discrimination method for role-based multilevel access control model,and described the general expression of the access control by sampling the correct and incorrect authorization time and space.This allows the existing access control model to make the righ judgements under the new environments,thus reducing the workload of manual review.The experimental results show that the analysis mechanism has a higher correct judge rate for user access requests.

Key words: Access control, Multi-level authorization management, Data analysis, Feature

CLC Number: 

  • TP309
[1]WANG Y D,YANG J H,XU C,et al.Survey on access control technologies for cloud computing[J].Journal of Software,2015,26(5):1129-1150.(in Chinese)
王于丁,杨家海,徐聪,等.云计算访问控制技术研究综述[J].软件学报,2015,26(5):1129-1150.
[2]LI H,ZHANG M,FENG D G,et al.Research on access control of big data[J].Chinese Journal of Computers,2017,40(1):72-91.(in Chinese)
李昊,张敏,冯登国,等.大数据访问控制研究[J].计算机学报,2017,40(1):72-91.
[3]UZUN E,ATLURI V,SURAL S,et al.Analyzing temporal role based access control models[C]∥Proceedings of the 17th ACM symposium on Access Control Models and Technologies.ACM,2012:177-186.
[4]RANISE S,TRUONG A,ARMANDO A.Scalable and precise automated analysis of administrative temporal role-based access control[C]∥Proceedings of the 19th ACM Symposium on Access Control Models and Technologies.ACM,2014:103-114.
[5]BERTINO E,CATANIA B,DAMIANI M L,et al.GEO- RBAC:A spatially aware RBAC[C]∥Proceedings of the 10th ACM Symposium on Access Control Models and Technologies.New York:ACM Press, 2005:29-37.
[6]ANDROULAKI E,SORIENTE C,MALISA L,et al.Enforcing location and time-based access control on cloud-stored data[C]∥2014 IEEE 34th International Conference on Distributed Computing Systems (ICDCS).IEEE,2014:637-648.
[7]LI F H, WANG W, MA J F,et al.Action-based access control model and administration of actions[J].Acta Electronica Sinica,2008,36(10):1881-1890.(in Chinese)
李凤华,王巍,马建峰,等.基于行为的访问控制模型及其行为管理[J].电子学报,2008,36(10):1881-1890.
[8]KUHLMANN M,SHOHAT D,SCHIMPF G.Role mining-revealing business roles for security administration using data mining technology[C]∥Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies.ACM,2003:179-186.
[9]JAFARIAN J H,TAKABI H,TOUATI H,et al.Towards a general framework for optimal role mining:A constraint satisfaction approach[C]∥Proceedings of the 20th ACM Symposium on Access Control Models and Technologies.ACM,2015:211-220.
[10]MARTIN E,XIE T.Inferring access-control policy properties via machine learning[C]∥Seventh IEEE International Workshop on Policies for Distributed Systems and Networks.IEEE,2006.
[11]CLEVELAND J, MAYHEW M J, ADLER A,et al.Scalable machine learning framework for behavior-based access control[C]∥2013 6th International Symposium on Resilient Control Systems (ISRCS).IEEE,2013:181-185.
[12]MA M,TANG Z,LI R F,et al.Improved BLP Model Based on CRFs[J].Computer Science,2015,42(8):138-144,151.(in Chinese)
马萌,唐卓,李仁发,等.基于条件随机场的改进型BLP访问控制模型[J].计算机科学,2015,42(8):138-144,151.
[13]CRAMPTON J,MORISSET C,ZANNONE N.On missing attributes in access control:Non-deterministic and probabilistic attribute retrieval[C]∥Proceedings of the 20th ACM Symposium on Access Control Models and Technologies.ACM,2015:99-109.
[14]LI J,SQUICCIARINI A,LIN D,et al.Secloc:securing location-sensitive storage in the cloud[C]∥Proceedings of the 20th ACM Symposium on Access Control Models and Technologies.ACM,2015:51-61.
[15]JAYARAMAN K,GANESH V,TRIPUNITARA M,et al.Automatic error finding in access-control policies[C]∥Proceedings of the 18th ACM Conference on Computer and Communications Security.ACM,2011:163-174.
[16]OH S,PARK S.Task-role-based access control model[J].Information Systems,2003,28(6):533-562.
[17]ARDAGNA C A,CREMONINI M,DAMIANI E,et al.Supporting location-based conditions in access control policies[C]∥Proceedings of the 2006 ACM Symposium on Information,Computer and Communications Security.ACM,2006:212-222.
[18]RAY I,KUMAR M,YU L.LRBAC:a location-aware role-based access control model[C]∥International Conference on Information Systems Security.Springer Berlin Heidelberg,2006:147-161.
[19]RAY I,TOAHCHOODEEM.A spatio-temporal role-based access control model[C]∥IFIP Annual Conference on Data and Applications Security and Privacy.Springer Berlin Heidelberg,2007:211-226.
[20]CHEN H C,WANG S J,WEN J H,et al.Temporal and Location-based RBAC model[C]∥Fifth International Joint Confe-rence on INC,IMS and IDC.IEEE,2009:2111-2116.
[21]CHAKRABORTY S,RAY I.TrustBAC:integrating trust relationships into the RBAC model for access control in open systems[C]∥Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies.ACM,2006:49-58.
[22]LANG B.Access control oriented quantified trust degree representation model for distributed systems[J].Journal on Communications,2010,31(12):45-54.(in Chinese)
郎波.面向分布式系统访问控制的信任度量化模型[J].通信学报,2010,31(12):45-54.
[23]KANDALA S,SANDHUR.Secure role-based workflow models[M]∥Database and Application Security XV.Springer US,2002:45-58.
[24]BOTHA R A,ELOFF J H P.Designing role hierarchies for access control in workflow systems[C]∥Computer Software and Applications Conference,2001(COMPSAC 2001).IEEE,2001:117-122.
[25]SUN Y,MENG X,LIU S,et al.Flexible workflow incorporated with RBAC[C]∥International Conference on Computer Supported Cooperative Work in Design.Springer Berlin Heidelberg,2005:525-534.
[26]YAO H B,HU H P,LU Z D,et al.Dynamic role and context-based access control for grid applications[J].Computer Science,2006,33(1):41-44.(in Chinese)
姚寒冰,胡和平,卢正鼎,等.基于角色和上下文的动态网格访问控制研究[J].计算机科学,2006,33(1):41-44.
[1] YUAN Lu, ZHU Zheng-zhou, REN Ting-yu. Survey on Fake Review Recognition [J]. Computer Science, 2021, 48(1): 111-118.
[2] ZHAO Jia-qi, WANG Han-zheng, ZHOU Yong, ZHANG Di, ZHOU Zi-yuan. Remote Sensing Image Description Generation Method Based on Attention and Multi-scale Feature Enhancement [J]. Computer Science, 2021, 48(1): 190-196.
[3] LIU Yang, JIN Zhong. Fine-grained Image Recognition Method Combining with Non-local and Multi-region Attention Mechanism [J]. Computer Science, 2021, 48(1): 197-203.
[4] ZHANG Fan, HE Wen-qi, JI Hong-bing, LI Dan-ping, WANG Lei. Multi-view Dictionary-pair Learning Based on Block-diagonal Representation [J]. Computer Science, 2021, 48(1): 233-240.
[5] CUI Tong-tong, WANG Gui-ling, GAO Jing. Ship Trajectory Classification Method Based on 1DCNN-LSTM [J]. Computer Science, 2020, 47(9): 175-184.
[6] BAO Yu-xuan, LU Tian-liang, DU Yan-hui. Overview of Deepfake Video Detection Technology [J]. Computer Science, 2020, 47(9): 283-292.
[7] HU Peng-cheng, DIAO Li-li, YE Hua, YANG Yan-lan. DGA Domains Detection Based on Artificial and Depth Features [J]. Computer Science, 2020, 47(9): 311-317.
[8] WANG Liang, ZHOU Xin-zhi, YNA Hua. Real-time SIFT Algorithm Based on GPU [J]. Computer Science, 2020, 47(8): 105-111.
[9] DONG Ming-gang, HUANG Yu-yang, JING Chao. K-Nearest Neighbor Classification Training Set Optimization Method Based on Genetic Instance and Feature Selection [J]. Computer Science, 2020, 47(8): 178-184.
[10] LIU Zhen-peng, SU Nan, QIN Yi-wen, LU Jia-huan, LI Xiao-fei. FS-CRF:Outlier Detection Model Based on Feature Segmentation and Cascaded Random Forest [J]. Computer Science, 2020, 47(8): 185-188.
[11] WANG Jiao-jin, JIAN Mu-wei, LIU Xiang-yu, LIN Pei-guang, GEN Lei-lei, CUI Chao-ran, YIN Yi-long. Video Saliency Detection Based on 3D Full ConvLSTM Neural Network [J]. Computer Science, 2020, 47(8): 195-201.
[12] YAO Lan, ZHAO Yong-heng, SHI Yu-qing, YU Ming-he. Highway Abnormal Event Detection Algorithm Based on Video Analysis [J]. Computer Science, 2020, 47(8): 208-212.
[13] LIANG Zheng-you, HE Jing-lin, SUN Yu. Three-dimensional Convolutional Neural Network Evolution Method for Facial Micro-expression Auto-recognition [J]. Computer Science, 2020, 47(8): 227-232.
[14] WANG Hui, LE Zi-chun, GONG Xuan, WU Yu-kun, ZUO Hao. Review of Link Prediction Methods Based on Feature Classification [J]. Computer Science, 2020, 47(8): 302-312.
[15] WANG Jing-yu, LIU Si-rui. Research Progress on Risk Access Control [J]. Computer Science, 2020, 47(7): 56-65.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] . [J]. Computer Science, 2018, 1(1): 1 .
[2] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75 .
[3] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[4] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[5] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[6] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99 .
[7] ZHOU Yan-ping and YE Qiao-lin. L1-norm Distance Based Least Squares Twin Support Vector Machine[J]. Computer Science, 2018, 45(4): 100 -105 .
[8] LIU Bo-yi, TANG Xiang-yan and CHENG Jie-ren. Recognition Method for Corn Borer Based on Templates Matching in Muliple Growth Periods[J]. Computer Science, 2018, 45(4): 106 -111 .
[9] GENG Hai-jun, SHI Xin-gang, WANG Zhi-liang, YIN Xia and YIN Shao-ping. Energy-efficient Intra-domain Routing Algorithm Based on Directed Acyclic Graph[J]. Computer Science, 2018, 45(4): 112 -116 .
[10] CUI Qiong, LI Jian-hua, WANG Hong and NAN Ming-li. Resilience Analysis Model of Networked Command Information System Based on Node Repairability[J]. Computer Science, 2018, 45(4): 117 -121 .