A Fine-grained Dynamic Access Control Method for Power IoT Based on Kformer

Abstract

The existing static ABAC(Attribute-Based Access Control) model cannot fully meet the increasingly complex, dynamic and scalable demands of the power grid. At the same time, its versatility and flexibility bring high costs. Additionally, the increasing complexity of organizational systems and the need for federated access to their resources make implementing and managing access control more challenging. This paper proposes a fine-grained dynamic access control method based on Kformer to automate authorization management tasks. We use Kformer, which filters and integrates external knowledge through feed-forward layers in Transformer. Then, we use BERT(Bidirectional Encoder Representations from Transformer) to perform feature extraction on the input fused text, extract the implied attribute-authority relationship from the log records and external documents, and finally, perform sequence modeling on the extracted attribute features and input the obtained results. The final authorization result is obtained by classification through the softmax function in the final fully connected layer. The authorization management of the user’s request to the object is dynamically completed. Finally, using the access data of the grid information system to evaluate the method proposed by us, the experimental results show that the model can continuously monitor the access behavior of users inside the grid information system, change the access rights of entities and adjust the policy in real-time, and carry out dynamic access authorization. At the same time, the accuracy of the generated access control policy can reach 87.73%.