ANNPDP: An Efficient and Stable Evaluation Engine for Large-Scale Policy Sets
| Autor: | Lingyu Li, Zhenhua Yu, Liyong Zhang, Wenbin Kong, Kexin Feng, Fan Deng, Jiawen Wu, Jiawei Wang |
|---|---|
| Rok vydání: | 2022 |
| Předmět: |
Information Systems and Management
Artificial neural network Computer Networks and Communications business.industry Computer science Hash function Stability (learning theory) XACML Access control Scale (descriptive set theory) Computer Science Applications Set (abstract data type) Computer engineering Hardware and Architecture Key (cryptography) business computer computer.programming_language |
| Zdroj: | IEEE Transactions on Services Computing. 15:1926-1939 |
| ISSN: | 2372-0204 |
| Popis: | The evaluation performance of PDP (Policy Decision Point) plays a key role in the operation of a system. In order to solve bottlenecks of improving the PDP evaluation performance for large-scale policy sets, we propose an evaluation engine based on artificial neural networks, namely ANNPDP. We transform rules in a large-scale policy set described in the XACML (eXtensible Access Control Markup Language) into numerical rules. Evaluation networks are established and trained by the numerical rules. In order to ensure the accuracy, a misjudgment set is constructed for error corrections and stored by hash indexes. By simulating the arrival of requests, ANNPDP is compared with the Sun PDP, HPEngine, XEngine and SBA-XACML. The experiment results show that ANNPDP has: 1) high performance: if the number of requests reaches 10,000, the evaluation time of ANNPDP on the large-scale policy set with 100,000 rules is approximately 0.46%, 0.93%, 0.71% and 1.43% of that of the Sun PDP, HPEngine, XEngine and SBA-XACML, respectively, and 2) stability: as the size of the large-scale policy set and the number of requests increase, the evaluation time of ANNPDP grows linearly. ANNPDP can satisfy the requirements of an authorization system with large-scale policy sets |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|