自然语言策略语句生成的基于属性的访问控制模型的综合与分析

Proceedings of the 28th ACM Symposium on Access Control Models and Technologies Pub Date : 2023-05-24 DOI:10.1145/3589608.3593844

Mahmoud Abdelgawad, I. Ray, Saja Alqurashi, Videep Venkatesha, Hosein Shirazi

{"title":"自然语言策略语句生成的基于属性的访问控制模型的综合与分析","authors":"Mahmoud Abdelgawad, I. Ray, Saja Alqurashi, Videep Venkatesha, Hosein Shirazi","doi":"10.1145/3589608.3593844","DOIUrl":null,"url":null,"abstract":"Access control policies (ACPs) are natural language statements that describe criteria under which users can access resources. We focus on constructing NIST Next Generation Access Control (NGAC) ABAC model from ACP statements. NGAC is more complex than RBAC or XACML ABAC as it supports dynamic, event-based policies, as well as prohibitions. We provide algorithms that use spaCy, a NLP library, to extract entities and relations from ACP sentences and convert them into the NGAC model. We then convert this NGAC model into Neo4j representation for the purpose of analysis. We apply the approach to various real-world ACP datasets to demonstrate the feasibility and assess scalability. We demonstrate that the approach is scalable and effectively extracts the NGAC ABAC model from large ACP datasets. We also show that redundancies and inconsistencies of ACP sentences are often found in unclean datasets.","PeriodicalId":124020,"journal":{"name":"Proceedings of the 28th ACM Symposium on Access Control Models and Technologies","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Synthesizing and Analyzing Attribute-Based Access Control Model Generated from Natural Language Policy Statements\",\"authors\":\"Mahmoud Abdelgawad, I. Ray, Saja Alqurashi, Videep Venkatesha, Hosein Shirazi\",\"doi\":\"10.1145/3589608.3593844\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Access control policies (ACPs) are natural language statements that describe criteria under which users can access resources. We focus on constructing NIST Next Generation Access Control (NGAC) ABAC model from ACP statements. NGAC is more complex than RBAC or XACML ABAC as it supports dynamic, event-based policies, as well as prohibitions. We provide algorithms that use spaCy, a NLP library, to extract entities and relations from ACP sentences and convert them into the NGAC model. We then convert this NGAC model into Neo4j representation for the purpose of analysis. We apply the approach to various real-world ACP datasets to demonstrate the feasibility and assess scalability. We demonstrate that the approach is scalable and effectively extracts the NGAC ABAC model from large ACP datasets. We also show that redundancies and inconsistencies of ACP sentences are often found in unclean datasets.\",\"PeriodicalId\":124020,\"journal\":{\"name\":\"Proceedings of the 28th ACM Symposium on Access Control Models and Technologies\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 28th ACM Symposium on Access Control Models and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3589608.3593844\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 28th ACM Symposium on Access Control Models and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3589608.3593844","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

访问控制策略(acp)是描述用户访问资源的标准的自然语言语句。重点研究了基于ACP语句构建NIST下一代访问控制(NGAC) ABAC模型。NGAC比RBAC或XACML ABAC更复杂，因为它支持动态的、基于事件的策略以及禁止。我们提供了使用NLP库spaCy从ACP句子中提取实体和关系并将其转换为NGAC模型的算法。然后，为了分析的目的，我们将这个NGAC模型转换为Neo4j表示。我们将该方法应用于各种现实世界的ACP数据集，以证明可行性和评估可扩展性。我们证明了该方法具有可扩展性，并且可以有效地从大型ACP数据集中提取NGAC ABAC模型。我们还表明，在不干净的数据集中经常发现ACP句子的冗余和不一致。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Synthesizing and Analyzing Attribute-Based Access Control Model Generated from Natural Language Policy Statements

Access control policies (ACPs) are natural language statements that describe criteria under which users can access resources. We focus on constructing NIST Next Generation Access Control (NGAC) ABAC model from ACP statements. NGAC is more complex than RBAC or XACML ABAC as it supports dynamic, event-based policies, as well as prohibitions. We provide algorithms that use spaCy, a NLP library, to extract entities and relations from ACP sentences and convert them into the NGAC model. We then convert this NGAC model into Neo4j representation for the purpose of analysis. We apply the approach to various real-world ACP datasets to demonstrate the feasibility and assess scalability. We demonstrate that the approach is scalable and effectively extracts the NGAC ABAC model from large ACP datasets. We also show that redundancies and inconsistencies of ACP sentences are often found in unclean datasets.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 28th ACM Symposium on Access Control Models and Technologies

自引率

0.00%

发文量