Related papers: IBAC Mathematics and Mechanics: The Case for 'Integer Based Access Control' of Data Security in the Age of AI and AI Automation

IBAC Mathematics and Mechanics: The Case for 'Integer Based Access Control' of Data Security in the Age of AI and AI Automation

URL: http://arxiv.org/abs/2410.19021v1
Date: Thu, 24 Oct 2024 06:19:57 GMT
Title: IBAC Mathematics and Mechanics: The Case for 'Integer Based Access Control' of Data Security in the Age of AI and AI Automation
Authors: Mark Stocks,
Abstract summary: Current methods for data access control, especially regarding AI and AI automation, face unique challenges in ensuring appropriate data access. We introduce aggregated-Based Access Control (IBAC), addressing the limitations of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) IBAC's mathematical foundations enable its application to relational and document authorization.
Score: 0.0
License:
Abstract: Current methods for data access control, especially regarding AI and AI automation, face unique challenges in ensuring appropriate data access. We introduce Integer-Based Access Control (IBAC), addressing the limitations of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). IBAC's mathematical foundations enable its application to relational and NoSQL databases, as well as document authorization. We demonstrate IBAC's suitability for filtering relational database row-level information and AI and NLP access based on separation of duty, supporting both "need to know" and "need to share" data restrictions. IBAC uses security tokens, which are integers representing aggregated security attributes. These tokens maintain orthogonality across encoded attributes but are stored as integers for fast real-time vector comparison and efficient dominance testing. This mechanism allows high-speed row-level result filtering, ensuring unauthorized records are excluded before results reach the requester. We extend the Bell-LaPadula model by incorporating a "process constraint," overcoming RBAC and ABAC limitations with reduced complexity, increased flexibility, and enhanced performance in data filtering. Our theorems demonstrate the extended Dominance relationship, facilitating rapid federated authorization across diverse databases and file systems. This work reaffirms the practical strength of the Bell-LaPadula model in data security through (1) our mathematical extension, (2) a novel IBAC security attribute encoding scheme, and (3) a simplified dominance testing mechanism for security tokens without decoding.

Related papers

Quantum Resistant Ciphertext-Policy Attribute-Based Encryption Scheme with Flexible Access Structure [0.0]
We present a novel ciphertext-policy based encryption (CP-ABE) scheme that offers a flexible access structure. Our scheme incorporates an access tree as its access control policy, enabling fine-grained access control over encrypted data. The security of our scheme is provable under the hardness assumption of the decisional Ring-Learning with Errors (R-LWE) problem.
arXiv Detail & Related papers (2024-01-25T10:55:23Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
Sparsity-Aware Intelligent Massive Random Access Control in Open RAN: A Reinforcement Learning Based Approach [61.74489383629319]
Massive random access of devices in the emerging Open Radio Access Network (O-RAN) brings great challenge to the access control and management. reinforcement-learning (RL)-assisted scheme of closed-loop access control is proposed to preserve sparsity of access requests. Deep-RL-assisted SAUD is proposed to resolve highly complex environments with continuous and high-dimensional state and action spaces.
arXiv Detail & Related papers (2023-03-05T12:25:49Z)
Mixed-modality Representation Learning and Pre-training for Joint Table-and-Text Retrieval in OpenQA [85.17249272519626]
An optimized OpenQA Table-Text Retriever (OTTeR) is proposed. We conduct retrieval-centric mixed-modality synthetic pre-training. OTTeR substantially improves the performance of table-and-text retrieval on the OTT-QA dataset.
arXiv Detail & Related papers (2022-10-11T07:04:39Z)
Relational Action Bases: Formalization, Effective Safety Verification, and Invariants (Extended Version) [67.99023219822564]
We introduce the general framework of relational action bases (RABs) RABs generalize existing models by lifting both restrictions. We demonstrate the effectiveness of this approach on a benchmark of data-aware business processes.
arXiv Detail & Related papers (2022-08-12T17:03:50Z)
Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient. We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z)
Toward Deep Learning Based Access Control [3.2511618464944547]
This paper proposes Deep Learning Based Access Control (DLBAC) by leveraging significant advances in deep learning technology. DLBAC could complement and, in the long-term, has the potential to even replace, classical access control models with a neural network. We demonstrate the feasibility of the proposed approach by addressing issues related to accuracy, generalization, and explainability.
arXiv Detail & Related papers (2022-03-28T22:05:11Z)
Adaptive ABAC Policy Learning: A Reinforcement Learning Approach [2.5997274006052544]
We propose an adaptive ABAC policy learning approach to automate the authorization management task. In particular, we propose a contextual bandit system, in which an authorization engine adapts an ABAC model through a feedback control loop. We focus on developing an adaptive ABAC policy learning model for a home IoT environment as a running example.
arXiv Detail & Related papers (2021-05-18T15:18:02Z)
Learning Attribute-Based and Relationship-Based Access Control Policies with Unknown Values [0.6662800021628273]
This paper presents the first algorithms for mining ABAC and ReBAC policies from access control lists (ACLs) and incomplete information about entities. We show that the core of this problem can be viewed as learning a concise three-valued logic formula from a set of labeled feature vectors containing unknowns.
arXiv Detail & Related papers (2020-08-19T13:56:29Z)
Generating Diverse and Consistent QA pairs from Contexts with Information-Maximizing Hierarchical Conditional VAEs [62.71505254770827]
We propose a conditional variational autoencoder (HCVAE) for generating QA pairs given unstructured texts as contexts. Our model obtains impressive performance gains over all baselines on both tasks, using only a fraction of data for training.
arXiv Detail & Related papers (2020-05-28T08:26:06Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.