...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Knowledge-Based Systems >Clustering and supervised response for XACML policy evaluation and management
【24h】

Clustering and supervised response for XACML policy evaluation and management

机译:XACML策略评估和管理的聚类和监督响应

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

To meet the increasingly complex requirements in access control using XACML (eXtensible Access Control Markup Language), it is necessary for a policy decision engine to deal with large-scale policy sets and intensively abundant requests efficiently. A practical policy evaluation engine, namely CSRM, is proposed to tackle this problem. The PDP (Policy Decision Point) in traditional policy decision engines is replaced by a new component ESPDP (Efficient Searching Policy Decision Point). CK-means algorithm is studied in this paper to perform clustering among all policies in a policy set. ESPDP is adopted to construct a virtual mapping table on the basis of the result of the CK-means algorithm. The virtual mapping table stores the relationship between subject attributes and policies, such that the irrelevant polices are excluded when rule search is carried out. Besides, the rules in every policy are merged according to particular principles, thus saving storage space and greatly speeding up rule search. When responding to intensive requests, a supervised response method is applied to determine an optimal rule search order by analyzing the response to the requests in a short period. The experimental results on four practical datasets demonstrate that our proposed CSRM outperforms some classic and state-of-the-art methods when dealing with large-scale policy sets. With high practicality and wide applicability, CSRM effectively eliminates the bottlenecks of improving PDP evaluation performance, and can respond to requests efficiently when handling large-scale policy sets. (C) 2020 Elsevier B.V. All rights reserved.
机译:为了满足使用XACML(可扩展访问控制标记语言)的访问控制中越来越复杂的要求,策略决策引擎必须处理大规模策略集并有效地密集额度。提出了一个实用的政策评估引擎,即CSRM,以解决这个问题。传统策略决策引擎中的PDP(政策决策点)由新的组件ESPDP(有效搜索策略决策点)取代。在本文中研究了CK-Means算法,以在策略集中的所有策略中执行群集。采用ESPDP基于CK-MEAS算法的结果来构建虚拟映射表。虚拟映射表存储主题属性和策略之间的关系,使得执行规则搜索时不包括无关策略。此外,每个策略中的规则都是根据特定原则合并的,从而节省存储空间并大大加速规则搜索。当响应密集请求时,应用监督响应方法通过在短时间内分析对请求的响应来确定最佳规则搜索顺序。四个实际数据集的实验结果表明,我们提出的CSRM在处理大规模政策套件时表现出一些经典和最先进的方法。具有高实用性和广泛的适用性,CSRM有效地消除了提高PDP评估性能的瓶颈,并且在处理大规模政策集时可以有效地响应请求。 (c)2020 Elsevier B.v.保留所有权利。

著录项

  • 来源
    《Knowledge-Based Systems》 |2020年第12期|106312.1-106312.13|共13页
  • 作者

    Deng Fan; Yu Zhenhua; Zhang Liyong; Ge Xiaodong; Zhao Ruiyu; Li Xiaotong; Ma Yuhao; Yan Yang; Wen Zhe;

  • 作者单位

    Xian Univ Sci & Technol Sch Comp Sci & Technol Inst Syst Secur & Control Xian 710054 Peoples R China;

    Xian Univ Sci & Technol Sch Comp Sci & Technol Inst Syst Secur & Control Xian 710054 Peoples R China;

    Xidian Univ Sch Comp Sci & Technol Xian 710071 Peoples R China;

    Xidian Univ Sch Comp Sci & Technol Xian 710071 Peoples R China;

    Xidian Univ Sch Comp Sci & Technol Xian 710071 Peoples R China;

    Xidian Univ Sch Comp Sci & Technol Xian 710071 Peoples R China;

    Xidian Univ Sch Comp Sci & Technol Xian 710071 Peoples R China;

    Xidian Univ Sch Comp Sci & Technol Xian 710071 Peoples R China;

    Xidian Univ Sch Comp Sci & Technol Xian 710071 Peoples R China;

  • 收录信息
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    Clustering algorithm; Large-scale policy sets; Policy Decision Point (PDP); Supervised learning; XACML;

    机译:聚类算法;大规模政策集;策略决策点(PDP);监督学习;XACML;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号