Access control relationship prediction method based on GNN dual source learning
With the rapid development and wide application of big data technology, users’ unauthorized access to resources becomes one of the main problems that restrict the secure sharing and controlled access to big data resources.The ReBAC (Relationship-Based Access Control) model uses the relationship betw...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2022-10-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022062 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850073021563273216 |
|---|---|
| author | Dibin SHAN Xuehui DU Wenjuan WANG Aodi LIU Na WANG |
| author_facet | Dibin SHAN Xuehui DU Wenjuan WANG Aodi LIU Na WANG |
| author_sort | Dibin SHAN |
| collection | DOAJ |
| description | With the rapid development and wide application of big data technology, users’ unauthorized access to resources becomes one of the main problems that restrict the secure sharing and controlled access to big data resources.The ReBAC (Relationship-Based Access Control) model uses the relationship between entities to formulate access control rules, which enhances the logical expression of policies and realizes dynamic access control.However, It still faces the problems of missing entity relationship data and complex relationship paths of rules.To overcome these problems, a link prediction model LPMDLG based on GNN dual-source learning was proposed to transform the big data entity-relationship prediction problem into a link prediction problem with directed multiple graphs.A topology learning method based on directed enclosing subgraphs was designed in this modeled.And a directed dual-radius node labeling algorithm was proposed to learn the topological structure features of nodes and subgraphs from entity relationship graphs through three segments, including directed enclosing subgraph extraction, subgraph node labeling calculation and topological structure feature learning.A node embedding feature learning method based on directed neighbor subgraph was proposed, which incorporated elements such as attention coefficients and relationship types, and learned its node embedding features through the sessions of directed neighbor subgraph extraction and node embedding feature learning.A two-source fusion scoring network was designed to jointly calculate the edge scores by topology and node embedding to obtain the link prediction results of entity-relationship graphs.The experiment results of link prediction show that the proposed model obtains better prediction results under the evaluation metrics of AUC-PR, MRR and Hits@N compared with the baseline models such as R-GCN, SEAL, GraIL and TACT.The ablation experiment results illustrate that the model’s dual-source learning scheme outperforms the link prediction effect of a single scheme.The rule matching experiment results verify that the model achieves automatic authorization of some entities and compression of the relational path of rules.The model effectively improves the effect of link prediction and it can meet the demand of big data access control relationship prediction. |
| format | Article |
| id | doaj-art-770fdea96a82498b85bba2142935c4c8 |
| institution | DOAJ |
| issn | 2096-109X |
| language | English |
| publishDate | 2022-10-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-770fdea96a82498b85bba2142935c4c82025-08-20T02:46:57ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2022-10-018405559575041Access control relationship prediction method based on GNN dual source learningDibin SHANXuehui DUWenjuan WANGAodi LIUNa WANGWith the rapid development and wide application of big data technology, users’ unauthorized access to resources becomes one of the main problems that restrict the secure sharing and controlled access to big data resources.The ReBAC (Relationship-Based Access Control) model uses the relationship between entities to formulate access control rules, which enhances the logical expression of policies and realizes dynamic access control.However, It still faces the problems of missing entity relationship data and complex relationship paths of rules.To overcome these problems, a link prediction model LPMDLG based on GNN dual-source learning was proposed to transform the big data entity-relationship prediction problem into a link prediction problem with directed multiple graphs.A topology learning method based on directed enclosing subgraphs was designed in this modeled.And a directed dual-radius node labeling algorithm was proposed to learn the topological structure features of nodes and subgraphs from entity relationship graphs through three segments, including directed enclosing subgraph extraction, subgraph node labeling calculation and topological structure feature learning.A node embedding feature learning method based on directed neighbor subgraph was proposed, which incorporated elements such as attention coefficients and relationship types, and learned its node embedding features through the sessions of directed neighbor subgraph extraction and node embedding feature learning.A two-source fusion scoring network was designed to jointly calculate the edge scores by topology and node embedding to obtain the link prediction results of entity-relationship graphs.The experiment results of link prediction show that the proposed model obtains better prediction results under the evaluation metrics of AUC-PR, MRR and Hits@N compared with the baseline models such as R-GCN, SEAL, GraIL and TACT.The ablation experiment results illustrate that the model’s dual-source learning scheme outperforms the link prediction effect of a single scheme.The rule matching experiment results verify that the model achieves automatic authorization of some entities and compression of the relational path of rules.The model effectively improves the effect of link prediction and it can meet the demand of big data access control relationship prediction.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022062big datarelationship-based access controllink predicationgraph neural network |
| spellingShingle | Dibin SHAN Xuehui DU Wenjuan WANG Aodi LIU Na WANG Access control relationship prediction method based on GNN dual source learning 网络与信息安全学报 big data relationship-based access control link predication graph neural network |
| title | Access control relationship prediction method based on GNN dual source learning |
| title_full | Access control relationship prediction method based on GNN dual source learning |
| title_fullStr | Access control relationship prediction method based on GNN dual source learning |
| title_full_unstemmed | Access control relationship prediction method based on GNN dual source learning |
| title_short | Access control relationship prediction method based on GNN dual source learning |
| title_sort | access control relationship prediction method based on gnn dual source learning |
| topic | big data relationship-based access control link predication graph neural network |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022062 |
| work_keys_str_mv | AT dibinshan accesscontrolrelationshippredictionmethodbasedongnndualsourcelearning AT xuehuidu accesscontrolrelationshippredictionmethodbasedongnndualsourcelearning AT wenjuanwang accesscontrolrelationshippredictionmethodbasedongnndualsourcelearning AT aodiliu accesscontrolrelationshippredictionmethodbasedongnndualsourcelearning AT nawang accesscontrolrelationshippredictionmethodbasedongnndualsourcelearning |