Abstract
In recent years, attribute-based access control (ABAC) is more and more popular because of its flexibility and fine-grained data management. However, manually configuring authorization policies in ABAC system is a time-consuming, labor-intensive, and tedious work. Many researchers explore the ways of automatically configuring authorization policies by parsing requirement specifications that are expressed in natural language. Previous works only focus on English and ignore the semantics of comparative relationship. In this paper, we propose a method based on Chinese including procedures of key words extraction, tag alignment and expression transformation. It can parse Chinese sentence into constraint expressions and authorization sign, by which ABAC system is able to configure authorization policies automatically. Our evaluation results show that it has good performance not only in the independent tests on each procedure but also in the systematic tests on the whole method.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Since we deal with Chinese text, all examples of sentence obey Chinese grammar rules. The words shown in all examples are directly translated from Chinese.
References
Baidubaike corpus. https://github.com/Embedding/Chinese-Word-Vectors
Gensim. https://radimrehurek.com/gensim/
Chen, Y., et al.: Devils in the guidance: predicting logic vulnerabilities in payment syndication services through automated documentation analysis. In: 28th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 2019), pp. 747–764 (2019)
Fedrecheski, G., De Biase, L.C.C., Calcina-Ccori, P.C., Zuffo, M.K.: Attribute-based access control for the swarm with distributed policy management. IEEE Trans. Consum. Electron. 65(1), 90–98 (2018)
Hu, V.C., et al.: Guide to attribute based access control (abac) definition and considerations (draft). NIST Spec. Publ. 800(162), 1–54 (2013)
Levenshtein, V.I.: Binary codes capable of correcting deletions, insertions, and reversals. In: Soviet Physics Doklady, vol. 10, pp. 707–710. Soviet Union (1966)
Li, S., Zhao, Z., Hu, R., Li, W., Liu, T., Du, X.: Analogical reasoning on chinese morphological and semantic relations. In: Proceedings of the 56th Annual Meeting of the Association for Computational Linguistics (Short Papers), vol. 2, pp. 138–143. Association for Computational Linguistics (2018). http://aclweb.org/anthology/P18-2023
Mikolov, T., Chen, K., Corrado, G., Dean, J.: Efficient estimation of word representations in vector space. arXiv preprint arXiv:1301.3781 (2013)
Mikolov, T., Sutskever, I., Chen, K., Corrado, G., Dean, J.: Distributed representations of words and phrases and their compositionality. arXiv preprint arXiv:1310.4546 (2013)
Narouei, M., Khanpour, H., Takabi, H., Parde, N., Nielsen, R.: Towards a top-down policy engineering framework for attribute-based access control. In: Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies, pp. 103–114 (2017)
Narouei, M., Takabi, H.: Automatic top-down role engineering framework using natural language processing techniques. In: Akram, R.N., Jajodia, S. (eds.) WISTP 2015. LNCS, vol. 9311, pp. 137–152. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24018-3_9
Narouei, M., Takabi, H.: Towards an automatic top-down role engineering approach using natural language processing techniques. In: Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, pp. 157–160 (2015)
Narouei, M., Takabi, H., Nielsen, R.: Automatic extraction of access control policies from natural language documents. IEEE Trans. Dependable Secure Comput. 17(3), 506–517 (2018)
Slankas, J., Williams, L.: Access control policy extraction from unconstrained natural language text. In: 2013 International Conference on Social Computing, pp. 435–440. IEEE (2013)
Slankas, J., Xiao, X., Williams, L., Xie, T.: Relation extraction for inferring access control rules from natural language artifacts. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 366–375 (2014)
Story, P., et al.: Natural language processing for mobile app privacy compliance. In: AAAI Spring Symposium on Privacy-Enhancing Artificial Intelligence and Language Technologies (2019)
Xiao, X., Paradkar, A., Thummalapenta, S., Xie, T.: Automated extraction of security policies from natural-language software documents. In: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering, pp. 1–11 (2012)
Yang, R., Kalnis, P., Tung, A.K.: Similarity evaluation on tree-structured data. In: Proceedings of the 2005 ACM SIGMOD International Conference on Management of Data, pp. 754–765 (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
A Parsing Rules for Tag Sequence
Note that these parsing rules have priority. The first rule has the highest priority, while the last one has the lowest priority. To describe the rules exactly, we directly express them as Chinese.
where \(<expr\,n>\) represents constraint expression.
B Algorithm for Key Words Extraction
C Algorithm for Tag Alignment
D Algorithm for Expression Transformation
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Shen, Z., Gao, N., Liu, Z., Li, M., Wang, C. (2021). Using Chinese Natural Language to Configure Authorization Policies in Attribute-Based Access Control System. In: Lu, W., Sun, K., Yung, M., Liu, F. (eds) Science of Cyber Security. SciSec 2021. Lecture Notes in Computer Science(), vol 13005. Springer, Cham. https://doi.org/10.1007/978-3-030-89137-4_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-89137-4_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-89136-7
Online ISBN: 978-3-030-89137-4
eBook Packages: Computer ScienceComputer Science (R0)