Relation extraction for inferring access control rules from natural language artifacts

John Slankas, Xusheng Xiao, Laurie Williams, Tao Xie

Research output: Contribution to conferencePaper

Abstract

With over forty years of use and refinement, access control, often in the form of access control rules (ACRs), continues to be a significant control mechanism for information security. However, ACRs are typically either buried within existing natural language (NL) artifacts or elicited from subject matter experts. To address the first situation, our research goal is to aid developers who implement ACRs by inferring ACRs from NL artifacts. To aid in rule inference, we propose an approach that extracts relations (i.e., the relationship among two or more items) from NL artifacts such as requirements documents. Unlike existing approaches, our approach combines techniques from information extraction and machine learning. We develop an iterative algorithm to discover patterns that represent ACRs in sentences. We seed this algorithm with frequently occurring nouns matching a subject action resource pattern throughout a document. The algorithm then searches for additional combinations of those nouns to discover additional patterns. We evaluate our approach on documents from three systems in three domains: conference management, education, and healthcare. Our evaluation results show that ACRs exist in 47% of the sentences, and our approach effectively identifies those ACR sentences with a precision of 81% and recall of 65%; our approach extracts ACRs from those identified ACR sentences with an average precision of 76% and an average recall of 49%.

Original languageEnglish (US)
Pages366-375
Number of pages10
DOIs
StatePublished - Dec 8 2014
Event30th Annual Computer Security Applications Conference, ACSAC 2014 - New Orleans, United States
Duration: Dec 8 2014Dec 12 2014

Other

Other30th Annual Computer Security Applications Conference, ACSAC 2014
CountryUnited States
CityNew Orleans
Period12/8/1412/12/14

Fingerprint

Access control
Security of data
Seed
Learning systems
Education

Keywords

  • Access control
  • Classification
  • Natural language parsing
  • Security

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Cite this

Slankas, J., Xiao, X., Williams, L., & Xie, T. (2014). Relation extraction for inferring access control rules from natural language artifacts. 366-375. Paper presented at 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, United States. https://doi.org/10.1145/2664243.2664280

Relation extraction for inferring access control rules from natural language artifacts. / Slankas, John; Xiao, Xusheng; Williams, Laurie; Xie, Tao.

2014. 366-375 Paper presented at 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, United States.

Research output: Contribution to conferencePaper

Slankas, J, Xiao, X, Williams, L & Xie, T 2014, 'Relation extraction for inferring access control rules from natural language artifacts' Paper presented at 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, United States, 12/8/14 - 12/12/14, pp. 366-375. https://doi.org/10.1145/2664243.2664280
Slankas J, Xiao X, Williams L, Xie T. Relation extraction for inferring access control rules from natural language artifacts. 2014. Paper presented at 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, United States. https://doi.org/10.1145/2664243.2664280
Slankas, John ; Xiao, Xusheng ; Williams, Laurie ; Xie, Tao. / Relation extraction for inferring access control rules from natural language artifacts. Paper presented at 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, United States.10 p.
@conference{b9afddc76da94c5988166c87985be7ed,
title = "Relation extraction for inferring access control rules from natural language artifacts",
abstract = "With over forty years of use and refinement, access control, often in the form of access control rules (ACRs), continues to be a significant control mechanism for information security. However, ACRs are typically either buried within existing natural language (NL) artifacts or elicited from subject matter experts. To address the first situation, our research goal is to aid developers who implement ACRs by inferring ACRs from NL artifacts. To aid in rule inference, we propose an approach that extracts relations (i.e., the relationship among two or more items) from NL artifacts such as requirements documents. Unlike existing approaches, our approach combines techniques from information extraction and machine learning. We develop an iterative algorithm to discover patterns that represent ACRs in sentences. We seed this algorithm with frequently occurring nouns matching a subject action resource pattern throughout a document. The algorithm then searches for additional combinations of those nouns to discover additional patterns. We evaluate our approach on documents from three systems in three domains: conference management, education, and healthcare. Our evaluation results show that ACRs exist in 47{\%} of the sentences, and our approach effectively identifies those ACR sentences with a precision of 81{\%} and recall of 65{\%}; our approach extracts ACRs from those identified ACR sentences with an average precision of 76{\%} and an average recall of 49{\%}.",
keywords = "Access control, Classification, Natural language parsing, Security",
author = "John Slankas and Xusheng Xiao and Laurie Williams and Tao Xie",
year = "2014",
month = "12",
day = "8",
doi = "10.1145/2664243.2664280",
language = "English (US)",
pages = "366--375",
note = "30th Annual Computer Security Applications Conference, ACSAC 2014 ; Conference date: 08-12-2014 Through 12-12-2014",

}

TY - CONF

T1 - Relation extraction for inferring access control rules from natural language artifacts

AU - Slankas, John

AU - Xiao, Xusheng

AU - Williams, Laurie

AU - Xie, Tao

PY - 2014/12/8

Y1 - 2014/12/8

N2 - With over forty years of use and refinement, access control, often in the form of access control rules (ACRs), continues to be a significant control mechanism for information security. However, ACRs are typically either buried within existing natural language (NL) artifacts or elicited from subject matter experts. To address the first situation, our research goal is to aid developers who implement ACRs by inferring ACRs from NL artifacts. To aid in rule inference, we propose an approach that extracts relations (i.e., the relationship among two or more items) from NL artifacts such as requirements documents. Unlike existing approaches, our approach combines techniques from information extraction and machine learning. We develop an iterative algorithm to discover patterns that represent ACRs in sentences. We seed this algorithm with frequently occurring nouns matching a subject action resource pattern throughout a document. The algorithm then searches for additional combinations of those nouns to discover additional patterns. We evaluate our approach on documents from three systems in three domains: conference management, education, and healthcare. Our evaluation results show that ACRs exist in 47% of the sentences, and our approach effectively identifies those ACR sentences with a precision of 81% and recall of 65%; our approach extracts ACRs from those identified ACR sentences with an average precision of 76% and an average recall of 49%.

AB - With over forty years of use and refinement, access control, often in the form of access control rules (ACRs), continues to be a significant control mechanism for information security. However, ACRs are typically either buried within existing natural language (NL) artifacts or elicited from subject matter experts. To address the first situation, our research goal is to aid developers who implement ACRs by inferring ACRs from NL artifacts. To aid in rule inference, we propose an approach that extracts relations (i.e., the relationship among two or more items) from NL artifacts such as requirements documents. Unlike existing approaches, our approach combines techniques from information extraction and machine learning. We develop an iterative algorithm to discover patterns that represent ACRs in sentences. We seed this algorithm with frequently occurring nouns matching a subject action resource pattern throughout a document. The algorithm then searches for additional combinations of those nouns to discover additional patterns. We evaluate our approach on documents from three systems in three domains: conference management, education, and healthcare. Our evaluation results show that ACRs exist in 47% of the sentences, and our approach effectively identifies those ACR sentences with a precision of 81% and recall of 65%; our approach extracts ACRs from those identified ACR sentences with an average precision of 76% and an average recall of 49%.

KW - Access control

KW - Classification

KW - Natural language parsing

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84954538008&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84954538008&partnerID=8YFLogxK

U2 - 10.1145/2664243.2664280

DO - 10.1145/2664243.2664280

M3 - Paper

AN - SCOPUS:84954538008

SP - 366

EP - 375

ER -