Computable Access Control: Embedding Access Control Rules Into Euclidean Space

Abstract

Access control is one of the most basic techniques to ensure the security of the information system. The traditional access controls of information systems are usually performed based on the traversals or queries of rules. However, with the increasing complexity of information systems, massive data, and open environments bring great workload and risk for the traditional methods. This study proposes a model of embedding-based computable access control (ECAC), by employing the idea of representation learning in artificial intelligence. According to ECAC, access control rules can be embedded into a Euclidean vector space, and the security of arbitrary behavior can be computed by numerical vector operations, without any traditional querying or traversing of rules, and thus the workload of access control is reduced. Furthermore, by the embedding-based computation, the security of unknown behaviors can be predicted. Potentially, due to the use of numerical vectors instead of traditional semantic symbols, the risk of privacy leakage via semantics can be reduced. Finally, as the first embedding-based access control model, the effectiveness of ECAC is evaluated and concluded by the experiment-based analyses and discussions.