一种基于特征提取的访问控制方法

当前,细粒度的授权控制是访问控制中的研究热点,它能够在单一固定的环境下合理地调整访问策略以满足工作流安全。然而,一旦其迁移到新场景,遭遇访问策略未设定的授权,它就可能难以给出正确判断,只能依靠人工审查来确认是否授权,但人工审查授权耗时耗力,在大数据环境下成本过高。因此,引入一种基于过去经验学习的自动化判别机制势在必行。文中尝试给出一种针对基于角色的多级访问控制模型的自动化审查方法,通过采样已有的正确和错误授权的时间、空间等特征来刻画出该访问控制的一般化特征表达,从而使得已有的访问控制模型在迁移环境下面对新情况依然能够给出正确判断,降低人工审查的工作量。实验表明,该分析机制对用户的访问请求有较高的正确评判率。

Access Control Method Based on Feature Extraction

Recently,fine-grained authorization control has become a hot topic in access control research field,and it can adjust access strategy reasonably in a single fixed environment,so as to meet the safety of workflow.However,it may be difficult to give a correct judgement and only rely on manual checking to confirm whether it is authorized when it is migrated to the new scenario and encounters authorization that is not set by access policy.Manual checking is time-consuming,and it costs too much in big data environments.Therefore,it is imperative to introduce an automatic discrimination mechanism based on past experiences.This paper attempted to give an automatic discrimination method for role-based multilevel access control model,and described the general expression of the access control by sampling the correct and incorrect authorization time and space.This allows the existing access control model to make the righ judgements under the new environments,thus reducing the workload of manual review.The experimental results show that the analysis mechanism has a higher correct judge rate for user access requests.