网络与信息安全学报2024,Vol.10Issue(6):81-95,15.DOI:10.11959/j.issn.2096-109x.2024082
基于指令与描述的文本数据安全业务属性生成机制
Instruction and demonstration-based secure service attribute generation mechanism for textual data
摘要
Abstract
Attribute-based access control is fundamentally dependent on the secure service attribute calibration of object sources.Traditionally,the calibration of secure service attribute for textual data has been primarily reliant on human experts and machine learning methods,yet the efficiency and few-shot ability are insufficient.Moreover,tra-ditional approaches have predominantly utilized entities in textual data as service attributes,resulting in coarse granularity,uncontrollable scale and management level,further leading to the problem of attribute-space explosion.Thus,a secure service attribute generation mechanism for textual data(IDSAM)was introduced.This mechanism addressed the aforementioned challenges by transforming the extraction of candidate service attributes,previously a sequence-calibrated problem,into a controllable-generation problem through instruction learning and in-context learning.Subsequently,WordNet was employed to achieve semantic deduplication and generalization of the candi-date service attributes.Concurrently,to prevent semantic loss due to over-generalization,a cosine similarity thresh-old was regulated,enabling the generation of a service attribute set.Finally,a weighted directed acyclic attribute graph was constructed based on the similarity between initial and derived attributes within the set,facilitating the dynamic construction of a secure service attribute library with a controllable scale and adjustable security granular-ity,in accordance with security control requirements.The candidate service attribute extraction component of the proposed mechanism achieves an optimal average F1 score in few-shot experiments on the CoNLL-2003 dataset,surpassing the baseline model.This positions the mechanism as state-of-the-art.Furthermore,the mechanism is ca-pable of dynamically mining secure service attributes with adjustable security control levels and controllable scales to meet varying security management requirements.The experimental results indicate that the proposed mechanism is effective in generating secure service attributes with the desired characteristics.关键词
命名实体识别/基于属性的访问控制/属性提取/少样本/大语言模型Key words
named entity recognition/attribute-based access control/attribute extraction/few-shot/large language model分类
信息技术与安全科学引用本文复制引用
李晨皓,王娜,刘敖迪..基于指令与描述的文本数据安全业务属性生成机制[J].网络与信息安全学报,2024,10(6):81-95,15.基金项目
国家自然科学基金(61802436,62102449) (61802436,62102449)
河南省重点研发与推广专项(222102210069) The Natural Science Foundation of China(61802436,62102449),The Key Research and Development and Promotion Program of Henan Province(222102210069) (222102210069)
