Open Access iconOpen Access

ARTICLE

crossmark

Automatic Generation of Attribute-Based Access Control Policies from Natural Language Documents

Fangfang Shan1,2,*, Zhenyu Wang1,2, Mengyao Liu1,2, Menghan Zhang1,2

1 College of Computer, Zhongyuan University of Technology, Zhengzhou, 450007, China
2 Henan Key Laboratory of Cyberspace Situation Awareness, Zhengzhou, 450001, China

* Corresponding Author: Fangfang Shan. Email: email

Computers, Materials & Continua 2024, 80(3), 3881-3902. https://doi.org/10.32604/cmc.2024.055167

Abstract

In response to the challenges of generating Attribute-Based Access Control (ABAC) policies, this paper proposes a deep learning-based method to automatically generate ABAC policies from natural language documents. This method is aimed at organizations such as companies and schools that are transitioning from traditional access control models to the ABAC model. The manual retrieval and analysis involved in this transition are inefficient, prone to errors, and costly. Most organizations have high-level specifications defined for security policies that include a set of access control policies, which often exist in the form of natural language documents. Utilizing this rich source of information, our method effectively identifies and extracts the necessary attributes and rules for access control from natural language documents, thereby constructing and optimizing access control policies. This work transforms the problem of policy automation generation into two tasks: extraction of access control statements and mining of access control attributes. First, the Chat General Language Model (ChatGLM) is employed to extract access control-related statements from a wide range of natural language documents by constructing unique prompts and leveraging the model’s In-Context Learning to contextualize the statements. Then, the Iterated Dilated-Convolutions-Conditional Random Field (ID-CNN-CRF) model is used to annotate access control attributes within these extracted statements, including subject attributes, object attributes, and action attributes, thus reassembling new access control policies. Experimental results show that our method, compared to baseline methods, achieved the highest F1 score of 0.961, confirming the model’s effectiveness and accuracy.

Keywords


Cite This Article

APA Style
Shan, F., Wang, Z., Liu, M., Zhang, M. (2024). Automatic generation of attribute-based access control policies from natural language documents. Computers, Materials & Continua, 80(3), 3881-3902. https://doi.org/10.32604/cmc.2024.055167
Vancouver Style
Shan F, Wang Z, Liu M, Zhang M. Automatic generation of attribute-based access control policies from natural language documents. Comput Mater Contin. 2024;80(3):3881-3902 https://doi.org/10.32604/cmc.2024.055167
IEEE Style
F. Shan, Z. Wang, M. Liu, and M. Zhang "Automatic Generation of Attribute-Based Access Control Policies from Natural Language Documents," Comput. Mater. Contin., vol. 80, no. 3, pp. 3881-3902. 2024. https://doi.org/10.32604/cmc.2024.055167



cc Copyright © 2024 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 295

    View

  • 121

    Download

  • 0

    Like

Share Link