Efficient Access Control Permission Decision Engine Based on Machine Learning
Access control technology is critical to the safe and reliable operation of information systems. However, owing to the massive policy scale and number of access control entities in open distributed information systems, such as big data, the Internet of Things, and cloud computing, existing access co...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Hindawi-Wiley
2021-01-01
|
Series: | Security and Communication Networks |
Online Access: | http://dx.doi.org/10.1155/2021/3970485 |
id |
doaj-5567efda7ecf4ed7a5888db5460d32de |
---|---|
record_format |
Article |
spelling |
doaj-5567efda7ecf4ed7a5888db5460d32de2021-03-01T01:14:43ZengHindawi-WileySecurity and Communication Networks1939-01222021-01-01202110.1155/2021/3970485Efficient Access Control Permission Decision Engine Based on Machine LearningAodi Liu0Xuehui Du1Na Wang2Information Engineering UniversityInformation Engineering UniversityInformation Engineering UniversityAccess control technology is critical to the safe and reliable operation of information systems. However, owing to the massive policy scale and number of access control entities in open distributed information systems, such as big data, the Internet of Things, and cloud computing, existing access control permission decision methods suffer from a performance bottleneck. Consequently, the large access control time overhead affects the normal operation of business services. To overcome the above-mentioned problem, this paper proposes an efficient permission decision engine scheme based on machine learning (EPDE-ML). The proposed scheme converts the attribute-based access control request into a permission decision vector, and the access control permission decision problem is transformed into a binary classification problem that allows or denies access. The random forest algorithm is used to construct a vector decision classifier in order to establish an efficient permission decision engine. Experimental results show that the proposed method can achieve a permission decision accuracy of around 92.6% on a test dataset, and its permission decision efficiency is significantly higher than that of the benchmark method. In addition, its performance improvement becomes more obvious as the scale of policy increases.http://dx.doi.org/10.1155/2021/3970485 |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Aodi Liu Xuehui Du Na Wang |
spellingShingle |
Aodi Liu Xuehui Du Na Wang Efficient Access Control Permission Decision Engine Based on Machine Learning Security and Communication Networks |
author_facet |
Aodi Liu Xuehui Du Na Wang |
author_sort |
Aodi Liu |
title |
Efficient Access Control Permission Decision Engine Based on Machine Learning |
title_short |
Efficient Access Control Permission Decision Engine Based on Machine Learning |
title_full |
Efficient Access Control Permission Decision Engine Based on Machine Learning |
title_fullStr |
Efficient Access Control Permission Decision Engine Based on Machine Learning |
title_full_unstemmed |
Efficient Access Control Permission Decision Engine Based on Machine Learning |
title_sort |
efficient access control permission decision engine based on machine learning |
publisher |
Hindawi-Wiley |
series |
Security and Communication Networks |
issn |
1939-0122 |
publishDate |
2021-01-01 |
description |
Access control technology is critical to the safe and reliable operation of information systems. However, owing to the massive policy scale and number of access control entities in open distributed information systems, such as big data, the Internet of Things, and cloud computing, existing access control permission decision methods suffer from a performance bottleneck. Consequently, the large access control time overhead affects the normal operation of business services. To overcome the above-mentioned problem, this paper proposes an efficient permission decision engine scheme based on machine learning (EPDE-ML). The proposed scheme converts the attribute-based access control request into a permission decision vector, and the access control permission decision problem is transformed into a binary classification problem that allows or denies access. The random forest algorithm is used to construct a vector decision classifier in order to establish an efficient permission decision engine. Experimental results show that the proposed method can achieve a permission decision accuracy of around 92.6% on a test dataset, and its permission decision efficiency is significantly higher than that of the benchmark method. In addition, its performance improvement becomes more obvious as the scale of policy increases. |
url |
http://dx.doi.org/10.1155/2021/3970485 |
work_keys_str_mv |
AT aodiliu efficientaccesscontrolpermissiondecisionenginebasedonmachinelearning AT xuehuidu efficientaccesscontrolpermissiondecisionenginebasedonmachinelearning AT nawang efficientaccesscontrolpermissiondecisionenginebasedonmachinelearning |
_version_ |
1714842330281803776 |