网络与信息安全学报 (Aug 2021)
Permission clustering-based attribute value optimization
Abstract
In new large-scale computing environment, the attributes of entities were massive and they had complex sources and uneven quality, which were great obstacles to the application of ABAC (attribute-based access control).The attributes were also hard to be corrected manually, making it difficult to be applied in access control system straightly.To solve the optimization problem of nominal attributes, a novel algorithm of attribute value optimization based on permission clustering was designed, in which entities were presented by the privilege set related to them.So that the entities were tagged by density-based clustering method with distances of their privilege set presentations.Then the attribute values were reduced and corrected based on rough set theory.Finally, the algorithm was verified on UCI data sets, which proved that after applying it, ABAC policy mining was improved in the evaluation criteria, such as the true positive rate and F1-score.
