Multiuser Hierarchical Authorization Using Sparsity Polarization Pruning for Model Active Protection

Currently, artificial intelligence technology is rapidly penetrating into various fields of socioeconomic development with increasing depth and breadth, becoming an important force driving innovation and development, empowering thousands of industries, while also bringing challenges such as security governance. The application of deep neural network models must implement hierarchical access based on user permissions to prevent unauthorized users from accessing and abusing the model, and to prevent malicious attackers from tampering or damaging the model, thereby reducing its vulnerabilities and security risks. To address this issue, the model provider must implement a hierarchical authorization policy for the model, which can grant users access to the model based on their specific needs, while ensuring that unauthorized users cannot use the model. Common methods for implementing hierarchical authorization of models include pruning and encryption, but existing technologies require high computational complexity and have unclear hierarchical effects. In this article, we propose a sparsity polarization pruning approach for layered authorization, which combines sparsity regularization to filter insignificant channels and a polarization technique to cluster critical channels into distinct intervals. By pruning channels based on polarized scaling factors from the batch normalization (BN) layer, our method dynamically adjusts model precision to match user authorization levels. Initially, we extract the scaling factor of the BN layer to assess the importance of each channel. A sparsity regularizer is then applied to filter out irrelevant scaling factors. To enhance the clarity and rationality of pruning intervals, we use a polarization technique to induce clustering of scaling factors. So we proposed multiuser hierarchical authorization using sparsity polarization pruning for model active protection. Based on the grading requirements, we prune channels corresponding to varying numbers of significant scaling factors. Access is granted at different levels depending on the precision key provided by the user, thereby ensuring a secure and efficient means of accessing the model's resources. Experimental results demonstrate that our approach achieves superior grading performance across three datasets and two different neural networks, showcasing its broad applicability. Moreover, our method achieves effective grading just by pruning a small portion of the channels, offering a high level of efficiency.