Computer Science ›› 2019, Vol. 46 ›› Issue (2): 109-114.doi: 10.11896/j.issn.1002-137X.2019.02.017

• Information Security • Previous Articles     Next Articles

Access Control Method Based on Feature Extraction

HUANG Mei-rong, OU Bo, HE Si-yuan   

  1. College of Computer Science and Electronic Engineering,Hunan University,Changsha 410082,China
  • Received:2018-01-19 Online:2019-02-25 Published:2019-02-25

Abstract: Recently,fine-grained authorization control has become a hot topic in access control research field,and it can adjust access strategy reasonably in a single fixed environment,so as to meet the safety of workflow.However,it may be difficult to give a correct judgement and only rely on manual checking to confirm whether it is authorized when it is migrated to the new scenario and encounters authorization that is not set by access policy.Manual checking is time-consuming,and it costs too much in big data environments.Therefore,it is imperative to introduce an automatic discrimination mechanism based on past experiences.This paper attempted to give an automatic discrimination method for role-based multilevel access control model,and described the general expression of the access control by sampling the correct and incorrect authorization time and space.This allows the existing access control model to make the righ judgements under the new environments,thus reducing the workload of manual review.The experimental results show that the analysis mechanism has a higher correct judge rate for user access requests.

Key words: Access control, Data analysis, Feature, Multi-level authorization management

CLC Number: 

  • TP309
[1]WANG Y D,YANG J H,XU C,et al.Survey on access control technologies for cloud computing[J].Journal of Software,2015,26(5):1129-1150.(in Chinese)
王于丁,杨家海,徐聪,等.云计算访问控制技术研究综述[J].软件学报,2015,26(5):1129-1150.
[2]LI H,ZHANG M,FENG D G,et al.Research on access control of big data[J].Chinese Journal of Computers,2017,40(1):72-91.(in Chinese)
李昊,张敏,冯登国,等.大数据访问控制研究[J].计算机学报,2017,40(1):72-91.
[3]UZUN E,ATLURI V,SURAL S,et al.Analyzing temporal role based access control models[C]∥Proceedings of the 17th ACM symposium on Access Control Models and Technologies.ACM,2012:177-186.
[4]RANISE S,TRUONG A,ARMANDO A.Scalable and precise automated analysis of administrative temporal role-based access control[C]∥Proceedings of the 19th ACM Symposium on Access Control Models and Technologies.ACM,2014:103-114.
[5]BERTINO E,CATANIA B,DAMIANI M L,et al.GEO- RBAC:A spatially aware RBAC[C]∥Proceedings of the 10th ACM Symposium on Access Control Models and Technologies.New York:ACM Press, 2005:29-37.
[6]ANDROULAKI E,SORIENTE C,MALISA L,et al.Enforcing location and time-based access control on cloud-stored data[C]∥2014 IEEE 34th International Conference on Distributed Computing Systems (ICDCS).IEEE,2014:637-648.
[7]LI F H, WANG W, MA J F,et al.Action-based access control model and administration of actions[J].Acta Electronica Sinica,2008,36(10):1881-1890.(in Chinese)
李凤华,王巍,马建峰,等.基于行为的访问控制模型及其行为管理[J].电子学报,2008,36(10):1881-1890.
[8]KUHLMANN M,SHOHAT D,SCHIMPF G.Role mining-revealing business roles for security administration using data mining technology[C]∥Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies.ACM,2003:179-186.
[9]JAFARIAN J H,TAKABI H,TOUATI H,et al.Towards a general framework for optimal role mining:A constraint satisfaction approach[C]∥Proceedings of the 20th ACM Symposium on Access Control Models and Technologies.ACM,2015:211-220.
[10]MARTIN E,XIE T.Inferring access-control policy properties via machine learning[C]∥Seventh IEEE International Workshop on Policies for Distributed Systems and Networks.IEEE,2006.
[11]CLEVELAND J, MAYHEW M J, ADLER A,et al.Scalable machine learning framework for behavior-based access control[C]∥2013 6th International Symposium on Resilient Control Systems (ISRCS).IEEE,2013:181-185.
[12]MA M,TANG Z,LI R F,et al.Improved BLP Model Based on CRFs[J].Computer Science,2015,42(8):138-144,151.(in Chinese)
马萌,唐卓,李仁发,等.基于条件随机场的改进型BLP访问控制模型[J].计算机科学,2015,42(8):138-144,151.
[13]CRAMPTON J,MORISSET C,ZANNONE N.On missing attributes in access control:Non-deterministic and probabilistic attribute retrieval[C]∥Proceedings of the 20th ACM Symposium on Access Control Models and Technologies.ACM,2015:99-109.
[14]LI J,SQUICCIARINI A,LIN D,et al.Secloc:securing location-sensitive storage in the cloud[C]∥Proceedings of the 20th ACM Symposium on Access Control Models and Technologies.ACM,2015:51-61.
[15]JAYARAMAN K,GANESH V,TRIPUNITARA M,et al.Automatic error finding in access-control policies[C]∥Proceedings of the 18th ACM Conference on Computer and Communications Security.ACM,2011:163-174.
[16]OH S,PARK S.Task-role-based access control model[J].Information Systems,2003,28(6):533-562.
[17]ARDAGNA C A,CREMONINI M,DAMIANI E,et al.Supporting location-based conditions in access control policies[C]∥Proceedings of the 2006 ACM Symposium on Information,Computer and Communications Security.ACM,2006:212-222.
[18]RAY I,KUMAR M,YU L.LRBAC:a location-aware role-based access control model[C]∥International Conference on Information Systems Security.Springer Berlin Heidelberg,2006:147-161.
[19]RAY I,TOAHCHOODEEM.A spatio-temporal role-based access control model[C]∥IFIP Annual Conference on Data and Applications Security and Privacy.Springer Berlin Heidelberg,2007:211-226.
[20]CHEN H C,WANG S J,WEN J H,et al.Temporal and Location-based RBAC model[C]∥Fifth International Joint Confe-rence on INC,IMS and IDC.IEEE,2009:2111-2116.
[21]CHAKRABORTY S,RAY I.TrustBAC:integrating trust relationships into the RBAC model for access control in open systems[C]∥Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies.ACM,2006:49-58.
[22]LANG B.Access control oriented quantified trust degree representation model for distributed systems[J].Journal on Communications,2010,31(12):45-54.(in Chinese)
郎波.面向分布式系统访问控制的信任度量化模型[J].通信学报,2010,31(12):45-54.
[23]KANDALA S,SANDHUR.Secure role-based workflow models[M]∥Database and Application Security XV.Springer US,2002:45-58.
[24]BOTHA R A,ELOFF J H P.Designing role hierarchies for access control in workflow systems[C]∥Computer Software and Applications Conference,2001(COMPSAC 2001).IEEE,2001:117-122.
[25]SUN Y,MENG X,LIU S,et al.Flexible workflow incorporated with RBAC[C]∥International Conference on Computer Supported Cooperative Work in Design.Springer Berlin Heidelberg,2005:525-534.
[26]YAO H B,HU H P,LU Z D,et al.Dynamic role and context-based access control for grid applications[J].Computer Science,2006,33(1):41-44.(in Chinese)
姚寒冰,胡和平,卢正鼎,等.基于角色和上下文的动态网格访问控制研究[J].计算机科学,2006,33(1):41-44.
[1] GUO Peng-jun, ZHANG Jing-zhou, YANG Yuan-fan, YANG Shen-xiang. Study on Wireless Communication Network Architecture and Access Control Algorithm in Aircraft [J]. Computer Science, 2022, 49(9): 268-274.
[2] HU An-xiang, YIN Xiao-kang, ZHU Xiao-ya, LIU Sheng-li. Strcmp-like Function Identification Method Based on Data Flow Feature Matching [J]. Computer Science, 2022, 49(9): 326-332.
[3] LI Bin, WAN Yuan. Unsupervised Multi-view Feature Selection Based on Similarity Matrix Learning and Matrix Alignment [J]. Computer Science, 2022, 49(8): 86-96.
[4] CHEN Jing, WU Ling-ling. Mixed Attribute Feature Detection Method of Internet of Vehicles Big Datain Multi-source Heterogeneous Environment [J]. Computer Science, 2022, 49(8): 108-112.
[5] LI Yao, LI Tao, LI Qi-fan, LIANG Jia-rui, Ibegbu Nnamdi JULIAN, CHEN Jun-jie, GUO Hao. Construction and Multi-feature Fusion Classification Research Based on Multi-scale Sparse Brain Functional Hyper-network [J]. Computer Science, 2022, 49(8): 257-266.
[6] LI Zong-min, ZHANG Yu-peng, LIU Yu-jie, LI Hua. Deformable Graph Convolutional Networks Based Point Cloud Representation Learning [J]. Computer Science, 2022, 49(8): 273-278.
[7] JIANG Meng-han, LI Shao-mei, ZHENG Hong-hao, ZHANG Jian-peng. Rumor Detection Model Based on Improved Position Embedding [J]. Computer Science, 2022, 49(8): 330-335.
[8] SHUAI Jian-bo, WANG Jin-ce, HUANG Fei-hu, PENG Jian. Click-Through Rate Prediction Model Based on Neural Architecture Search [J]. Computer Science, 2022, 49(7): 10-17.
[9] ZHANG Yuan, KANG Le, GONG Zhao-hui, ZHANG Zhi-hong. Related Transaction Behavior Detection in Futures Market Based on Bi-LSTM [J]. Computer Science, 2022, 49(7): 31-39.
[10] GAO Zhen-zhuo, WANG Zhi-hai, LIU Hai-yang. Random Shapelet Forest Algorithm Embedded with Canonical Time Series Features [J]. Computer Science, 2022, 49(7): 40-49.
[11] HU Yan-yu, ZHAO Long, DONG Xiang-jun. Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification [J]. Computer Science, 2022, 49(7): 73-78.
[12] ZHANG Ying-tao, ZHANG Jie, ZHANG Rui, ZHANG Wen-qiang. Photorealistic Style Transfer Guided by Global Information [J]. Computer Science, 2022, 49(7): 100-105.
[13] ZENG Zhi-xian, CAO Jian-jun, WENG Nian-feng, JIANG Guo-quan, XU Bin. Fine-grained Semantic Association Video-Text Cross-modal Entity Resolution Based on Attention Mechanism [J]. Computer Science, 2022, 49(7): 106-112.
[14] CHENG Cheng, JIANG Ai-lian. Real-time Semantic Segmentation Method Based on Multi-path Feature Extraction [J]. Computer Science, 2022, 49(7): 120-126.
[15] SU Dan-ning, CAO Gui-tao, WANG Yan-nan, WANG Hong, REN He. Survey of Deep Learning for Radar Emitter Identification Based on Small Sample [J]. Computer Science, 2022, 49(7): 226-235.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!