基于Kformer的电力物联网细粒度动态访问控制方法

Pub Date : 2022-01-01 DOI:10.36244/icj.2022.4.11
Rixuan Qiu, Xue Xue, Mingliang Chen, Jinkun Zheng, Sitong Jing, Yuancheng Li
{"title":"基于Kformer的电力物联网细粒度动态访问控制方法","authors":"Rixuan Qiu, Xue Xue, Mingliang Chen, Jinkun Zheng, Sitong Jing, Yuancheng Li","doi":"10.36244/icj.2022.4.11","DOIUrl":null,"url":null,"abstract":"The existing static ABAC(Attribute-Based Access Control) model cannot fully meet the increasingly complex, dynamic and scalable demands of the power grid. At the same time, its versatility and flexibility bring high costs. Additionally, the increasing complexity of organizational systems and the need for federated access to their resources make implementing and managing access control more challenging. This paper proposes a fine-grained dynamic access control method based on Kformer to automate authorization management tasks. We use Kformer, which filters and integrates external knowledge through feed-forward layers in Transformer. Then, we use BERT(Bidirectional Encoder Representations from Transformer) to perform feature extraction on the input fused text, extract the implied attribute-authority relationship from the log records and external documents, and finally, perform sequence modeling on the extracted attribute features and input the obtained results. The final authorization result is obtained by classification through the softmax function in the final fully connected layer. The authorization management of the user’s request to the object is dynamically completed. Finally, using the access data of the grid information system to evaluate the method proposed by us, the experimental results show that the model can continuously monitor the access behavior of users inside the grid information system, change the access rights of entities and adjust the policy in real-time, and carry out dynamic access authorization. At the same time, the accuracy of the generated access control policy can reach 87.73%.","PeriodicalId":0,"journal":{"name":"","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Fine-grained Dynamic Access Control Method for Power IoT Based on Kformer\",\"authors\":\"Rixuan Qiu, Xue Xue, Mingliang Chen, Jinkun Zheng, Sitong Jing, Yuancheng Li\",\"doi\":\"10.36244/icj.2022.4.11\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The existing static ABAC(Attribute-Based Access Control) model cannot fully meet the increasingly complex, dynamic and scalable demands of the power grid. At the same time, its versatility and flexibility bring high costs. Additionally, the increasing complexity of organizational systems and the need for federated access to their resources make implementing and managing access control more challenging. This paper proposes a fine-grained dynamic access control method based on Kformer to automate authorization management tasks. We use Kformer, which filters and integrates external knowledge through feed-forward layers in Transformer. Then, we use BERT(Bidirectional Encoder Representations from Transformer) to perform feature extraction on the input fused text, extract the implied attribute-authority relationship from the log records and external documents, and finally, perform sequence modeling on the extracted attribute features and input the obtained results. The final authorization result is obtained by classification through the softmax function in the final fully connected layer. The authorization management of the user’s request to the object is dynamically completed. Finally, using the access data of the grid information system to evaluate the method proposed by us, the experimental results show that the model can continuously monitor the access behavior of users inside the grid information system, change the access rights of entities and adjust the policy in real-time, and carry out dynamic access authorization. At the same time, the accuracy of the generated access control policy can reach 87.73%.\",\"PeriodicalId\":0,\"journal\":{\"name\":\"\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0,\"publicationDate\":\"2022-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.36244/icj.2022.4.11\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.36244/icj.2022.4.11","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

现有的静态ABAC(Attribute-Based Access Control)模型已不能完全满足电网日益复杂、动态和可扩展的需求。同时,它的通用性和灵活性也带来了高昂的成本。此外,组织系统日益复杂,需要对其资源进行联合访问,这使得实现和管理访问控制更具挑战性。提出了一种基于Kformer的细粒度动态访问控制方法,实现授权管理任务的自动化。我们使用Kformer,它通过Transformer中的前馈层过滤和集成外部知识。然后,我们使用BERT(Bidirectional Encoder Representations from Transformer)对输入的融合文本进行特征提取,从日志记录和外部文档中提取隐含的属性-权限关系,最后对提取的属性特征进行序列建模并输入得到的结果。最终的授权结果通过最终全连接层的softmax函数进行分类得到。动态完成用户对对象请求的授权管理。最后,利用网格信息系统的访问数据对本文提出的方法进行了评估,实验结果表明,该模型可以持续监控网格信息系统内部用户的访问行为,实时改变实体的访问权限和调整策略,并进行动态访问授权。同时,生成的访问控制策略的准确率可达87.73%。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
A Fine-grained Dynamic Access Control Method for Power IoT Based on Kformer
The existing static ABAC(Attribute-Based Access Control) model cannot fully meet the increasingly complex, dynamic and scalable demands of the power grid. At the same time, its versatility and flexibility bring high costs. Additionally, the increasing complexity of organizational systems and the need for federated access to their resources make implementing and managing access control more challenging. This paper proposes a fine-grained dynamic access control method based on Kformer to automate authorization management tasks. We use Kformer, which filters and integrates external knowledge through feed-forward layers in Transformer. Then, we use BERT(Bidirectional Encoder Representations from Transformer) to perform feature extraction on the input fused text, extract the implied attribute-authority relationship from the log records and external documents, and finally, perform sequence modeling on the extracted attribute features and input the obtained results. The final authorization result is obtained by classification through the softmax function in the final fully connected layer. The authorization management of the user’s request to the object is dynamically completed. Finally, using the access data of the grid information system to evaluate the method proposed by us, the experimental results show that the model can continuously monitor the access behavior of users inside the grid information system, change the access rights of entities and adjust the policy in real-time, and carry out dynamic access authorization. At the same time, the accuracy of the generated access control policy can reach 87.73%.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1