TY - GEN
T1 - Towards an automated extraction of ABAC constraints from natural language policies
AU - Alohaly, Manar
AU - Takabi, Hassan
AU - Blanco, Eduardo
N1 - Publisher Copyright:
© IFIP International Federation for Information Processing 2019.
PY - 2019
Y1 - 2019
N2 - Due to the recent trend towards attribute-based access control (ABAC), several studies have proposed constraints specification languages for ABAC. These formal languages enable security architects to express constraints in a precise mathematical notation. However, since manually formulating constraints involves analyzing multiple natural language policy documents in order to infer constraints-relevant information, constraints specification becomes a repetitive, time-consuming and error-prone task. To bridge the gap between the natural language expression of constraints and formal representations, we propose an automated framework to infer elements forming ABAC constraints from natural language policies. Our proposed approach is built upon recent advancements in natural language processing, specifically, sequence labeling. The experiments, using Bidirectional Long-Short Term Memory (BiLSTM), achieved an F1 score of 0.91 in detecting at least 75% of each constraint expression. The results suggest that the proposed approach holds promise for enabling this automation.
AB - Due to the recent trend towards attribute-based access control (ABAC), several studies have proposed constraints specification languages for ABAC. These formal languages enable security architects to express constraints in a precise mathematical notation. However, since manually formulating constraints involves analyzing multiple natural language policy documents in order to infer constraints-relevant information, constraints specification becomes a repetitive, time-consuming and error-prone task. To bridge the gap between the natural language expression of constraints and formal representations, we propose an automated framework to infer elements forming ABAC constraints from natural language policies. Our proposed approach is built upon recent advancements in natural language processing, specifically, sequence labeling. The experiments, using Bidirectional Long-Short Term Memory (BiLSTM), achieved an F1 score of 0.91 in detecting at least 75% of each constraint expression. The results suggest that the proposed approach holds promise for enabling this automation.
KW - Access control policy
KW - Attribute-based access control
KW - Constraints specifications
KW - Natural language processing
UR - http://www.scopus.com/inward/record.url?scp=85068222097&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85068222097&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-22312-0_8
DO - 10.1007/978-3-030-22312-0_8
M3 - Conference contribution
AN - SCOPUS:85068222097
SN - 9783030223113
T3 - IFIP Advances in Information and Communication Technology
SP - 105
EP - 119
BT - ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings
A2 - Dhillon, Gurpreet
A2 - Karlsson, Fredrik
A2 - Hedström, Karin
A2 - Zúquete, André
PB - Springer New York LLC
T2 - 34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019
Y2 - 25 June 2019 through 27 June 2019
ER -