A deep learning approach for extracting attributes of ABAC policies

Manar Alohaly, Hassan Takabi, Eduardo Blanco

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Scopus citations

Abstract

The National Institute of Standards and Technology (NIST) has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy (NLACP) to a machine-readable form. An essential step towards this automation is to automate the extraction of ABAC attributes from NLACPs, which is the focus of this paper. We, therefore, raise the question of: how can we automate the task of attributes extraction from natural language documents? Our proposed solution to this question is built upon the recent advancements in natural language processing and machine learning techniques. For such a solution, the lack of appropriate data often poses a bottleneck. Therefore, we decouple the primary contributions of this work into: (1) developing a practical framework to extract ABAC attributes from natural language artifacts, and (2) generating a set of realistic synthetic natural language access control policies (NLACPs) to evaluate the proposed framework. The experimental results are promising with regard to the potential automation of the task of interest. Using a convolutional neural network (CNN), we achieved - in average - an F1-score of 0.96 when extracting the attributes of subjects, and 0.91 when extracting the objects' attributes from natural language access control policies.

Original languageEnglish (US)
Title of host publicationSACMAT 2018 - Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies
PublisherAssociation for Computing Machinery
Pages137-148
Number of pages12
ISBN (Electronic)9781450356664
DOIs
StatePublished - Jun 7 2018
Externally publishedYes
Event23rd ACM Symposium on Access Control Models and Technologies, SACMAT 2018 - Indianapolis, United States
Duration: Jun 13 2018Jun 15 2018

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference23rd ACM Symposium on Access Control Models and Technologies, SACMAT 2018
Country/TerritoryUnited States
CityIndianapolis
Period6/13/186/15/18

Keywords

  • Access control policy
  • Attribute based access control
  • Deep learning
  • Natural language processing
  • Policy authoring
  • Relation extraction

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Fingerprint

Dive into the research topics of 'A deep learning approach for extracting attributes of ABAC policies'. Together they form a unique fingerprint.

Cite this