FLAP - A Federated Learning Framework for Attribute-based Access Control Policies

Technology advances in areas such as sensors, IoT, and robotics, enable new collaborative applications (e.g., autonomous devices). A primary requirement for such collaborations is to have a secure system that enables information sharing and information flow protection. A policy-based management system is a key mechanism for secure selective sharing of protected resources. However, policies in each party of a collaborative environment cannot be static as they have to adapt to different contexts and situations. One advantage of collaborative applications is that each party in the collaboration can take advantage of the knowledge of the other parties for learning or enhancing its own policies. We refer to this learning mechanism as policy transfer. The design of a policy transfer framework has challenges, including policy conflicts and privacy issues. Policy conflicts typically arise because of differences in the obligations of the parties, whereas privacy issues result because of data sharing constraints for sensitive data. Hence, the policy transfer framework should be able to tackle such challenges by considering minimal sharing of data and supporting policy adaptation to address conflict. In the paper, we propose a framework that aims at addressing such challenges. We introduce a formal definition of the policy transfer problem for attribute-based access control policies. We then introduce the transfer methodology which consists of three sequential steps. Finally, we report experimental results.