Open Access iconOpen Access

ARTICLE

crossmark

Big Data Access Control Mechanism Based on Two-Layer Permission Decision Structure

Aodi Liu, Na Wang*, Xuehui Du, Dibin Shan, Xiangyu Wu, Wenjuan Wang

He’nan Province Key Laboratory of Information Security, Information Engineering University, Zhengzhou, 450000, China

* Corresponding Author: Na Wang. Email: email

(This article belongs to the Special Issue: Cybersecurity for Cyber-attacks in Critical Applications in Industry)

Computers, Materials & Continua 2024, 79(1), 1705-1726. https://doi.org/10.32604/cmc.2024.049011

Abstract

Big data resources are characterized by large scale, wide sources, and strong dynamics. Existing access control mechanisms based on manual policy formulation by security experts suffer from drawbacks such as low policy management efficiency and difficulty in accurately describing the access control policy. To overcome these problems, this paper proposes a big data access control mechanism based on a two-layer permission decision structure. This mechanism extends the attribute-based access control (ABAC) model. Business attributes are introduced in the ABAC model as business constraints between entities. The proposed mechanism implements a two-layer permission decision structure composed of the inherent attributes of access control entities and the business attributes, which constitute the general permission decision algorithm based on logical calculation and the business permission decision algorithm based on a bi-directional long short-term memory (BiLSTM) neural network, respectively. The general permission decision algorithm is used to implement accurate policy decisions, while the business permission decision algorithm implements fuzzy decisions based on the business constraints. The BiLSTM neural network is used to calculate the similarity of the business attributes to realize intelligent, adaptive, and efficient access control permission decisions. Through the two-layer permission decision structure, the complex and diverse big data access control management requirements can be satisfied by considering the security and availability of resources. Experimental results show that the proposed mechanism is effective and reliable. In summary, it can efficiently support the secure sharing of big data resources.

Keywords


Cite This Article

APA Style
Liu, A., Wang, N., Du, X., Shan, D., Wu, X. et al. (2024). Big data access control mechanism based on two-layer permission decision structure. Computers, Materials & Continua, 79(1), 1705-1726. https://doi.org/10.32604/cmc.2024.049011
Vancouver Style
Liu A, Wang N, Du X, Shan D, Wu X, Wang W. Big data access control mechanism based on two-layer permission decision structure. Comput Mater Contin. 2024;79(1):1705-1726 https://doi.org/10.32604/cmc.2024.049011
IEEE Style
A. Liu, N. Wang, X. Du, D. Shan, X. Wu, and W. Wang "Big Data Access Control Mechanism Based on Two-Layer Permission Decision Structure," Comput. Mater. Contin., vol. 79, no. 1, pp. 1705-1726. 2024. https://doi.org/10.32604/cmc.2024.049011



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 195

    View

  • 98

    Download

  • 0

    Like

Share Link