期刊文献+
共找到3篇文章
< 1 >
每页显示 20 50 100
Conflict detection and resolution for authorization policies in workflow systems 被引量:1
1
作者 Chen-hua MA Guo-dong LU Jiong QIU 《Journal of Zhejiang University-Science A(Applied Physics & Engineering)》 SCIE EI CAS CSCD 2009年第8期1082-1092,共11页
The specification of authorization policies in access control models proposed so far cannot satisfy the requirements in workflow management systems(WFMSs).Furthermore,existing approaches have not provided effective co... The specification of authorization policies in access control models proposed so far cannot satisfy the requirements in workflow management systems(WFMSs).Furthermore,existing approaches have not provided effective conflict detection and resolution methods to maintain the consistency of authorization polices in WFMSs.To address these concerns,we propose the definition of authorization policies in which context constraints are considered and the complicated requirements in WFMSs can be satisfied.Based on the definition,we put forward static and dynamic conflict detection methods for authorization policies.By defining two new concepts,the precedence establishment rule and the conflict resolution policy,we provide a flexible approach to resolving conflicts. 展开更多
关键词 Workflow management system (WFMS) authorization policy Conflict detection and resolution
原文传递
Automated extraction of attributes from natural language attribute-based access control(ABAC)Policies 被引量:4
2
作者 Manar Alohaly Hassan Takabi Eduardo Blanco 《Cybersecurity》 CSCD 2019年第1期38-62,共25页
The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access... The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy(NLACP)to a machine-readable form.To study the automation process,we consider the hierarchical ABAC model as our reference model since it better reflects the requirements of real-world organizations.Therefore,this paper focuses on the questions of:how can we automatically infer the hierarchical structure of an ABAC model given NLACPs;and,how can we extract and define the set of authorization attributes based on the resulting structure.To address these questions,we propose an approach built upon recent advancements in natural language processing and machine learning techniques.For such a solution,the lack of appropriate data often poses a bottleneck.Therefore,we decouple the primary contributions of this work into:(1)developing a practical framework to extract authorization attributes of hierarchical ABAC system from natural language artifacts,and(2)generating a set of realistic synthetic natural language access control policies(NLACPs)to evaluate the proposed framework.Our experimental results are promising as we achieved-in average-an F1-score of 0.96 when extracting attributes values of subjects,and 0.91 when extracting the values of objects’attributes from natural language access control policies. 展开更多
关键词 Attribute-based access control(ABAC)policy authoring natural language processing relation extraction clustering deep learning
原文传递
Automated extraction of attributes from natural language attribute-based access control(ABAC)Policies
3
作者 Manar Alohaly Hassan Takabi Eduardo Blanco 《Cybersecurity》 2018年第1期313-337,共25页
The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access... The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy(NLACP)to a machine-readable form.To study the automation process,we consider the hierarchical ABAC model as our reference model since it better reflects the requirements of real-world organizations.Therefore,this paper focuses on the questions of:how can we automatically infer the hierarchical structure of an ABAC model given NLACPs;and,how can we extract and define the set of authorization attributes based on the resulting structure.To address these questions,we propose an approach built upon recent advancements in natural language processing and machine learning techniques.For such a solution,the lack of appropriate data often poses a bottleneck.Therefore,we decouple the primary contributions of this work into:(1)developing a practical framework to extract authorization attributes of hierarchical ABAC system from natural language artifacts,and(2)generating a set of realistic synthetic natural language access control policies(NLACPs)to evaluate the proposed framework.Our experimental results are promising as we achieved-in average-an F1-score of 0.96 when extracting attributes values of subjects,and 0.91 when extracting the values of objects’attributes from natural language access control policies. 展开更多
关键词 Attribute-based access control(ABAC)policy authoring natural language processing relation extraction clustering deep learning
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部