Efficient Access Control Permission Decision Engine Based on Machine Learning

Access control technology is critical to the safe and reliable operation of information systems. However, owing to the massive policy scale and number of access control entities in open distributed information systems, such as big data, the Internet of Things, and cloud computing, existing access co...

Full description

Bibliographic Details
Main Authors: Aodi Liu, Xuehui Du, Na Wang
Format: Article
Language:English
Published: Hindawi-Wiley 2021-01-01
Series:Security and Communication Networks
Online Access:http://dx.doi.org/10.1155/2021/3970485
id doaj-5567efda7ecf4ed7a5888db5460d32de
record_format Article
spelling doaj-5567efda7ecf4ed7a5888db5460d32de2021-03-01T01:14:43ZengHindawi-WileySecurity and Communication Networks1939-01222021-01-01202110.1155/2021/3970485Efficient Access Control Permission Decision Engine Based on Machine LearningAodi Liu0Xuehui Du1Na Wang2Information Engineering UniversityInformation Engineering UniversityInformation Engineering UniversityAccess control technology is critical to the safe and reliable operation of information systems. However, owing to the massive policy scale and number of access control entities in open distributed information systems, such as big data, the Internet of Things, and cloud computing, existing access control permission decision methods suffer from a performance bottleneck. Consequently, the large access control time overhead affects the normal operation of business services. To overcome the above-mentioned problem, this paper proposes an efficient permission decision engine scheme based on machine learning (EPDE-ML). The proposed scheme converts the attribute-based access control request into a permission decision vector, and the access control permission decision problem is transformed into a binary classification problem that allows or denies access. The random forest algorithm is used to construct a vector decision classifier in order to establish an efficient permission decision engine. Experimental results show that the proposed method can achieve a permission decision accuracy of around 92.6% on a test dataset, and its permission decision efficiency is significantly higher than that of the benchmark method. In addition, its performance improvement becomes more obvious as the scale of policy increases.http://dx.doi.org/10.1155/2021/3970485
collection DOAJ
language English
format Article
sources DOAJ
author Aodi Liu
Xuehui Du
Na Wang
spellingShingle Aodi Liu
Xuehui Du
Na Wang
Efficient Access Control Permission Decision Engine Based on Machine Learning
Security and Communication Networks
author_facet Aodi Liu
Xuehui Du
Na Wang
author_sort Aodi Liu
title Efficient Access Control Permission Decision Engine Based on Machine Learning
title_short Efficient Access Control Permission Decision Engine Based on Machine Learning
title_full Efficient Access Control Permission Decision Engine Based on Machine Learning
title_fullStr Efficient Access Control Permission Decision Engine Based on Machine Learning
title_full_unstemmed Efficient Access Control Permission Decision Engine Based on Machine Learning
title_sort efficient access control permission decision engine based on machine learning
publisher Hindawi-Wiley
series Security and Communication Networks
issn 1939-0122
publishDate 2021-01-01
description Access control technology is critical to the safe and reliable operation of information systems. However, owing to the massive policy scale and number of access control entities in open distributed information systems, such as big data, the Internet of Things, and cloud computing, existing access control permission decision methods suffer from a performance bottleneck. Consequently, the large access control time overhead affects the normal operation of business services. To overcome the above-mentioned problem, this paper proposes an efficient permission decision engine scheme based on machine learning (EPDE-ML). The proposed scheme converts the attribute-based access control request into a permission decision vector, and the access control permission decision problem is transformed into a binary classification problem that allows or denies access. The random forest algorithm is used to construct a vector decision classifier in order to establish an efficient permission decision engine. Experimental results show that the proposed method can achieve a permission decision accuracy of around 92.6% on a test dataset, and its permission decision efficiency is significantly higher than that of the benchmark method. In addition, its performance improvement becomes more obvious as the scale of policy increases.
url http://dx.doi.org/10.1155/2021/3970485
work_keys_str_mv AT aodiliu efficientaccesscontrolpermissiondecisionenginebasedonmachinelearning
AT xuehuidu efficientaccesscontrolpermissiondecisionenginebasedonmachinelearning
AT nawang efficientaccesscontrolpermissiondecisionenginebasedonmachinelearning
_version_ 1714842330281803776