Risk-Aware Fine-Grained Access Control in Cyber-Physical Contexts
- URL: http://arxiv.org/abs/2108.12739v1
- Date: Sun, 29 Aug 2021 03:38:45 GMT
- Title: Risk-Aware Fine-Grained Access Control in Cyber-Physical Contexts
- Authors: Jinxin Liu, Murat Simsek, Burak Kantarci, Melike Erol-Kantarci, Andrew
Malton, Andrew Walenstein
- Abstract summary: RASA is a context-sensitive access authorization approach and mechanism leveraging unsupervised machine learning to automatically infer risk-based authorization decision boundaries.
We explore RASA in a healthcare usage environment, wherein cyber and physical conditions create context-specific risks for protecting private health information.
- Score: 12.138525287184061
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: Access to resources by users may need to be granted only upon certain
conditions and contexts, perhaps particularly in cyber-physical settings.
Unfortunately, creating and modifying context-sensitive access control
solutions in dynamic environments creates ongoing challenges to manage the
authorization contexts. This paper proposes RASA, a context-sensitive access
authorization approach and mechanism leveraging unsupervised machine learning
to automatically infer risk-based authorization decision boundaries. We explore
RASA in a healthcare usage environment, wherein cyber and physical conditions
create context-specific risks for protecting private health information. The
risk levels are associated with access control decisions recommended by a
security policy. A coupling method is introduced to track coexistence of the
objects within context using frequency and duration of coexistence, and these
are clustered to reveal sets of actions with common risk levels; these are used
to create authorization decision boundaries. In addition, we propose a method
for assessing the risk level and labelling the clusters with respect to their
corresponding risk levels. We evaluate the promise of RASA-generated policies
against a heuristic rule-based policy. By employing three different coupling
features (frequency-based, duration-based, and combined features), the
decisions of the unsupervised method and that of the policy are more than 99%
consistent.
Related papers
- Trustworthy AI: Securing Sensitive Data in Large Language Models [0.0]
Large Language Models (LLMs) have transformed natural language processing (NLP) by enabling robust text generation and understanding.
This paper proposes a comprehensive framework for embedding trust mechanisms into LLMs to dynamically control the disclosure of sensitive information.
arXiv Detail & Related papers (2024-09-26T19:02:33Z) - Last-Iterate Global Convergence of Policy Gradients for Constrained Reinforcement Learning [62.81324245896717]
We introduce an exploration-agnostic algorithm, called C-PG, which exhibits global last-ite convergence guarantees under (weak) gradient domination assumptions.
We numerically validate our algorithms on constrained control problems, and compare them with state-of-the-art baselines.
arXiv Detail & Related papers (2024-07-15T14:54:57Z) - Safe Multi-agent Learning via Trapping Regions [89.24858306636816]
We apply the concept of trapping regions, known from qualitative theory of dynamical systems, to create safety sets in the joint strategy space for decentralized learning.
We propose a binary partitioning algorithm for verification that candidate sets form trapping regions in systems with known learning dynamics, and a sampling algorithm for scenarios where learning dynamics are not known.
arXiv Detail & Related papers (2023-02-27T14:47:52Z) - Safety-Constrained Policy Transfer with Successor Features [19.754549649781644]
We propose a Constrained Markov Decision Process (CMDP) formulation that enables the transfer of policies and adherence to safety constraints.
Our approach relies on a novel extension of generalized policy improvement to constrained settings via a Lagrangian formulation.
Our experiments in simulated domains show that our approach is effective; it visits unsafe states less frequently and outperforms alternative state-of-the-art methods when taking safety constraints into account.
arXiv Detail & Related papers (2022-11-10T06:06:36Z) - Enforcing Hard Constraints with Soft Barriers: Safe Reinforcement
Learning in Unknown Stochastic Environments [84.3830478851369]
We propose a safe reinforcement learning approach that can jointly learn the environment and optimize the control policy.
Our approach can effectively enforce hard safety constraints and significantly outperform CMDP-based baseline methods in system safe rate measured via simulations.
arXiv Detail & Related papers (2022-09-29T20:49:25Z) - Constrained Policy Optimization for Controlled Self-Learning in
Conversational AI Systems [18.546197100318693]
We introduce a scalable framework for supporting fine-grained exploration targets for individual domains via user-defined constraints.
We present a novel meta-gradient learning approach that is scalable and practical to address this problem.
We conduct extensive experiments using data from a real-world conversational AI on a set of realistic constraint benchmarks.
arXiv Detail & Related papers (2022-09-17T23:44:13Z) - Inference and dynamic decision-making for deteriorating systems with
probabilistic dependencies through Bayesian networks and deep reinforcement
learning [0.0]
We propose an efficient algorithmic framework for inference and decision-making under uncertainty for engineering systems exposed to deteriorating environments.
In terms of policy optimization, we adopt a deep decentralized multi-agent actor-critic (DDMAC) reinforcement learning approach.
Results demonstrate that DDMAC policies offer substantial benefits when compared to state-of-the-art approaches.
arXiv Detail & Related papers (2022-09-02T14:45:40Z) - Sample-Based Bounds for Coherent Risk Measures: Applications to Policy
Synthesis and Verification [32.9142708692264]
This paper aims to address a few problems regarding risk-aware verification and policy synthesis.
First, we develop a sample-based method to evaluate a subset of a random variable distribution.
Second, we develop a robotic-based method to determine solutions to problems that outperform a large fraction of the decision space.
arXiv Detail & Related papers (2022-04-21T01:06:10Z) - Multi-Objective SPIBB: Seldonian Offline Policy Improvement with Safety
Constraints in Finite MDPs [71.47895794305883]
We study the problem of Safe Policy Improvement (SPI) under constraints in the offline Reinforcement Learning setting.
We present an SPI for this RL setting that takes into account the preferences of the algorithm's user for handling the trade-offs for different reward signals.
arXiv Detail & Related papers (2021-05-31T21:04:21Z) - Closing the Closed-Loop Distribution Shift in Safe Imitation Learning [80.05727171757454]
We treat safe optimization-based control strategies as experts in an imitation learning problem.
We train a learned policy that can be cheaply evaluated at run-time and that provably satisfies the same safety guarantees as the expert.
arXiv Detail & Related papers (2021-02-18T05:11:41Z) - Privacy-Constrained Policies via Mutual Information Regularized Policy Gradients [54.98496284653234]
We consider the task of training a policy that maximizes reward while minimizing disclosure of certain sensitive state variables through the actions.
We solve this problem by introducing a regularizer based on the mutual information between the sensitive state and the actions.
We develop a model-based estimator for optimization of privacy-constrained policies.
arXiv Detail & Related papers (2020-12-30T03:22:35Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.