Access Control Policy Generation from User Stories Using Machine Learning

Heaps, John; Krishnan, Ram; Huang, Yufei; Niu, Jianwei; Sandhu, Ravi

doi:10.1007/978-3-030-81242-3_10

Cited by 8 publications

(4 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Used in # of studies Percentage SVM [51], [39], [56], [65], [46], [64], [40], [59], [38], [74], [8], [75], [62], [76], [77], [37] 16 25 % RF [50], [41], [44], [26], [64], [29], [59], [60], [10], [33], [34], [13], [37], [69] 14 22 % DT [9], [42], [25], [71], [72], [49], [66], [33], [77] 9 14 % KNN [41], [45] , [46], [66], [59], [10] [8], [77], [43], [70], [73], S15, [53],…”

Section: Methodsmentioning

confidence: 99%

“…Metrics like AUC, ROC, and FNR were employed in two studies each, and the remaining metrics were reported only once. It is important to note that multiple [23], [41], [44], [53], [45], [24], [42], [70], [39], [56], [46], [26], [71], [64], [40], [28], [43], [66], [10], [30], [31], [47], [62], [33], [76], [13], [37], [67] 28 45 % Accuracy [52], [53], [70], [39], [65], [12], [71], [72], [64], [40], [57], [28], [43], [66], [59], [10], [61], [38], [48], [8], [62],…”

Section: H Performance Metrics (Rq8)mentioning

confidence: 99%

See 1 more Smart Citation

Exploring the Role of Machine Learning in Enhancing Access Control Systems: A Comprehensive Review

Ait el hadj

2023

IJCDS

View full text Add to dashboard Cite

Access control (AC) systems are crucial for safeguarding sensitive data and resources, yet the increasing complexity of dynamic environments has underscored the need for more accurate and efficient solutions. Therefore, there is a growing need to enhance the accuracy, efficiency, and decision-making capabilities of AC systems. Machine learning (ML) techniques offer promising solutions to address these challenges and automate access control processes. This paper conducts a systematic review of ML techniques in AC systems, involving a comprehensive analysis covering the identification and classification of ML models and their specific applications. Through a meticulous examination of 62 relevant studies published between 2000 and 2023, the review reveals a predominant focus on innovative solutions and adaptations to enhance access control decision-making. Comparative studies play a significant role in assessing different ML approaches, with a focus on identifying the most effective methods for addressing access control challenges. Notably, Attribute-Based Access Control (ABAC) and Role-Based Access Control (RBAC) emerge as the predominant models, while Support Vector Machine (SVM) tops the list as the most commonly employed ML technique, followed by Random Forest (RF) and Decision Tree (DT). The review evaluates the performance and effectiveness of ML models in AC systems, highlighting their strengths and limitations. Additionally, it addresses significant challenges in the field and identifies potential directions for future research. This systematic review provides valuable insights into the current state of ML-based access control systems, fostering further advancements in this vital domain.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: H Performance Metrics (Rq8)mentioning

confidence: 99%

Exploring the Role of Machine Learning in Enhancing Access Control Systems: A Comprehensive Review

Ait el hadj

2023

IJCDS

View full text Add to dashboard Cite

show abstract

“…To address this issue, [10] designed a verified stateless firewall policy compiler, but this compiler can only perform semantic generation for specific security policies and requires reprocessing of data when dealing with security policies of other syntaxes. With the development of big data and artificial intelligence technologies, security policies are gradually relying on these technologies for optimization and automatic generation [16]. The accuracy of semantic generation is crucial when generating semantics for many different types of security policies.…”

Section: Related Workmentioning

confidence: 99%

ADLBiLSTM: A Semantic Generation Algorithm for Multi-Grammar Network Access Control Policies

Zhang,

Liang

2024

Applied Sciences

View full text Add to dashboard Cite

Semantic generation of network access control policies can help network administrators accurately implement policies to achieve desired security objectives. Current semantic generation research mainly focuses on semantic generation of single grammar and lacks work on automatically generating semantics for different grammatical strategies. Generating semantics for different grammars is a tedious, inefficient, and non-scalable task. Inspired by sequence labeling in the field of natural language processing, this article models automatic semantic generation as a sequence labeling task. We propose a semantic generation algorithm named ADLBiLSTM. The algorithm uses a self-attention mechanism and double-layer BiLSTM to extract the features of security policies from different aspects, so that the algorithm can flexibly adapt to policies of different complexity without frequent modification. Experimental results showed that the algorithm has good performance and can achieve high accuracy in semantic generation of access control list (ACL) and firewall data and can accurately understand and generate the semantics of network access control policies.

show abstract

“…Through evaluation experiments, the models presented good results. To further automate the access control mechanism, the authors of [37] leveraged a transformer-based deep learning approach to extract the access control policies from user and business stories. The authors argued that agile software development involves the user stories to incrementally develop the system, and the same idea can be employed to automate the policy specification.…”

Section: Literature Reviewmentioning

confidence: 99%

Automatic Hybrid Access Control in SCADA-Enabled IIoT Networks Using Machine Learning

Usman

Sarfraz

Habib

et al. 2023

Sensors

View full text Add to dashboard Cite

The recent advancements in the Internet of Things have made it converge towards critical infrastructure automation, opening a new paradigm referred to as the Industrial Internet of Things (IIoT). In the IIoT, different connected devices can send huge amounts of data to other devices back and forth for a better decision-making process. In such use cases, the role of supervisory control and data acquisition (SCADA) has been studied by many researchers in recent years for robust supervisory control management. Nevertheless, for better sustainability of these applications, reliable data exchange is crucial in this domain. To ensure the privacy and integrity of the data shared between the connected devices, access control can be used as the front-line security mechanism for these systems. However, the role engineering and assignment propagation in access control is still a tedious process as its manually performed by network administrators. In this study, we explored the potential of supervised machine learning to automate role engineering for fine-grained access control in Industrial Internet of Things (IIoT) settings. We propose a mapping framework to employ a fine-tuned multilayer feedforward artificial neural network (ANN) and extreme learning machine (ELM) for role engineering in the SCADA-enabled IIoT environment to ensure privacy and user access rights to resources. For the application of machine learning, a thorough comparison between these two algorithms is also presented in terms of their effectiveness and performance. Extensive experiments demonstrated the significant performance of the proposed scheme, which is promising for future research to automate the role assignment in the IIoT domain.

show abstract

Access Control Policy Generation from User Stories Using Machine Learning

Cited by 8 publications

References 21 publications

Exploring the Role of Machine Learning in Enhancing Access Control Systems: A Comprehensive Review

Exploring the Role of Machine Learning in Enhancing Access Control Systems: A Comprehensive Review

ADLBiLSTM: A Semantic Generation Algorithm for Multi-Grammar Network Access Control Policies

Automatic Hybrid Access Control in SCADA-Enabled IIoT Networks Using Machine Learning

Contact Info

Product

Resources

About