摘要
针对大多访问控制模型缺乏对系统安全状态和风险的动态感知能力这一问题,通过将基于条件随机场的机器学习方法引入BLP模型的规则优化中,提出一种动态BLP模型——CRFs-BLP。该模型首先通过对历史访问日志进行预处理与标注,来提取特征值。然后用CRF++工具包对其学习和训练,使模型规则能够根据当前系统的安全状态及安全事件进行动态调整,还可以动态地限制敏感客体的读写范围。最后,通过实验表明了模型在实际环境中的有效性和准确性。
As most access control models are short of the ability to perceive the system security status and risks in a dy- namic way, the paper introduced a machine learning method CRFs into the rule optimization of BLP model, and proposed a dynamic BLP model, CRFs-BLP. After preprocessing and tagging the history access log, it will extract the feature set, then CRF++ toolkit will be taken to finish the study and training of these datasets, so the model can be adjusted dynamically according to the current secure state and events in system,and the read-write scope for sensitive objects will be limited dynamically. Finally, the experiment shows the availability and accuracy of the model in a real environment.
出处
《计算机科学》
CSCD
北大核心
2015年第8期138-144,151,共8页
Computer Science
基金
国家自然基金项目(61103047)
863计划(2012AA01A301-01)
武汉大学软件工程国家重点实验室开放基金(SKLSE2012-09-18)资助
