Unlock instant, AI-driven research and patent intelligence for your innovation.
Access control strategy generation method and device based on machine learning
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
An access control strategy and machine learning technology, applied in neural learning methods, biological neural network models, neural architectures, etc., can solve problems such as labor-intensive, difficult to automatically construct, and rely on, so as to increase statistical strength and solve the problem of sparse authorization data. Effect
Active Publication Date: 2020-12-29
NANJING UNIV OF SCI & TECH
View PDF2 Cites 0 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
Because ABAC's flexibility and ease of use are widely used in access control, but ABAC's access control policies need to be manually formulated, and new access rules need to be continuously added during system operation, which is labor-intensive.
The automated access control policy generation method can help administrators reduce the cost of manually formulating rules. Association rule mining technology can construct if-then rules. Using association rule mining methods to process historical authorization data in access logs can automatically formulate access policies. However, this method relies on a large number of authorization records of the target resource. If the number of authorization records of the target access resource is insufficient, it is difficult for the traditional access control policy generation method to automatically construct rules.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0050] Such as figure 1 As shown, this embodiment proposes a method for generating an access control policy based on machine learning, the method comprising:
[0051] S101. Obtain an authorization log and historical authorization records of different access resources in the access log, and construct attribute tuple pairs for the historical authorization records through the authorization log.
[0052] Specifically, in this embodiment, each access record in the authorization log includes user attributes, resource attributes, and operation attributes. In each authorization record, any two or more attributes form an attribute tuple. For example, the authorization record contains attributes: a, b, c; then the attribute tuple is obtained: (a, b), (a, c), (b,c),(a,b,c), thus constructing multiple attribute tuple pairs.
[0053] S102. Train the attribute weight neural network through the attribute tuple pairs.
[0054] Specifically, in this embodiment, the attribute weight neural n...
corresponding Embodiment 1
[0075] Corresponding to Embodiment 1, this embodiment proposes a device for generating an access control policy based on machine learning. The device includes a processor, and the processor is internally configured with a processor-executable operation instruction to perform the following operate:
[0076] Obtain the authorization log and the historical authorization records of different access resources in the access log, construct an attribute tuple pair for the historical authorization record through the authorization log, and the attribute tuple pair includes any two and the above attributes;
[0077] training an attribute weight neural network by said attribute tuple pair;
[0078] Obtaining the vector representation of the attribute according to the attribute weight neural network, and calculating the correlation between the accessed resources through the vector representation of the resource attribute;
[0079] calculating the occurrence frequency of the attribute tup...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
The invention provides an access control strategy generation method based on machine learning, which comprises the following steps: acquiring an authorization log and historical authorization recordsof different access resources in an access log, and constructing an attribute tuple pair for the historical authorization records through the authorization log; training an attribute weight neural network through the attribute tuple pair; obtaining vector representation of the attribute according to the attribute weight neural network, and calculating correlation between access resources through the vector representation of the resource attribute; calculating the occurrence frequency of the attribute tuple pair, and generating a frequent item set when the occurrence frequency of the attributetuple pair exceeds a given threshold value; obtaining candidate rules according to the frequent item set; calculating the confidence coefficient and the support degree of the candidate rule accordingto the correlation between the access log and the access resource; and generating an access control strategy according to the confidence coefficient and the support degree. According to the invention,the similarity of access resources is utilized to help to increase the statistical strength and solve the problem of sparse authorization data.
Description
technical field [0001] The present application relates to the field of access control, in particular to a method and device for generating an access control policy based on machine learning. Background technique [0002] In the data accesssystem, the access devices are connected to each other and are all connected to an open network environment, which brings severe challenges to data security and privacy protection. The current ABAC access control model formulates access policies based on user attributes, resource attributes, environment attributes, and operation attributes, and authorizes user access requests based on access policies. Because of the flexibility and ease of use of ABAC, it is widely used in access control, but the access control policy of ABAC needs to be formulated manually, and new access rules need to be continuously added during system operation, which is labor-intensive. The automated access control policy generation method can help administrators red...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More