Towards an automated extraction of ABAC constraints from natural language policies

Manar Alohaly, Hassan Takabi, Eduardo Blanco

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

Due to the recent trend towards attribute-based access control (ABAC), several studies have proposed constraints specification languages for ABAC. These formal languages enable security architects to express constraints in a precise mathematical notation. However, since manually formulating constraints involves analyzing multiple natural language policy documents in order to infer constraints-relevant information, constraints specification becomes a repetitive, time-consuming and error-prone task. To bridge the gap between the natural language expression of constraints and formal representations, we propose an automated framework to infer elements forming ABAC constraints from natural language policies. Our proposed approach is built upon recent advancements in natural language processing, specifically, sequence labeling. The experiments, using Bidirectional Long-Short Term Memory (BiLSTM), achieved an F1 score of 0.91 in detecting at least 75% of each constraint expression. The results suggest that the proposed approach holds promise for enabling this automation.

Original languageEnglish (US)
Title of host publicationICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings
EditorsGurpreet Dhillon, Fredrik Karlsson, Karin Hedström, André Zúquete
PublisherSpringer New York LLC
Pages105-119
Number of pages15
ISBN (Print)9783030223113
DOIs
StatePublished - 2019
Externally publishedYes
Event34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019 - Lisbon, Portugal
Duration: Jun 25 2019Jun 27 2019

Publication series

NameIFIP Advances in Information and Communication Technology
Volume562
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019
Country/TerritoryPortugal
CityLisbon
Period6/25/196/27/19

Keywords

  • Access control policy
  • Attribute-based access control
  • Constraints specifications
  • Natural language processing

ASJC Scopus subject areas

  • Information Systems
  • Computer Networks and Communications
  • Information Systems and Management

Fingerprint

Dive into the research topics of 'Towards an automated extraction of ABAC constraints from natural language policies'. Together they form a unique fingerprint.

Cite this