Abstrakt: |
In response to the challenges of generating Attribute-Based Access Control (ABAC) policies, this paper proposes a deep learning-based method to automatically generate ABAC policies from natural language documents. This method is aimed at organizations such as companies and schools that are transitioning from traditional access control models to the ABAC model. The manual retrieval and analysis involved in this transition are inefficient, prone to errors, and costly. Most organizations have high-level specifications defined for security policies that include a set of access control policies, which often exist in the form of natural language documents. Utilizing this rich source of information, our method effectively identifies and extracts the necessary attributes and rules for access control from natural language documents, thereby constructing and optimizing access control policies. This work transforms the problem of policy automation generation into two tasks: extraction of access control statements and mining of access control attributes. First, the Chat General Language Model (ChatGLM) is employed to extract access control-related statements from a wide range of natural language documents by constructing unique prompts and leveraging the model's In-Context Learning to contextualize the statements. Then, the Iterated Dilated-Convolutions-Conditional Random Field (ID-CNN-CRF) model is used to annotate access control attributes within these extracted statements, including subject attributes, object attributes, and action attributes, thus reassembling new access control policies. Experimental results show that our method, compared to baseline methods, achieved the highest F1 score of 0.961, confirming the model's effectiveness and accuracy. [ABSTRACT FROM AUTHOR] |