Instruction and demonstration-based secure service attribute generation mechanism for textual data
扫码查看
点击上方二维码区域,可以放大扫码查看
原文链接
维普
万方数据
客体资源的安全业务属性标定是实施基于属性的访问控制机制的基础和关键.传统上,文本数据安全业务属性标定主要依靠人类专家及机器学习的方法,其效率及少样本能力过于低,并且传统方法多以文本数据中的实体作为业务属性,所提取的属性粒度粗糙、规模及安全管控层级均不可控,极易导致属性空间膨胀问题.基于此,提出了一种基于指令与描述的文本数据安全业务属性生成机制(IDSAM,instruc-tion and demonstration-based secure service attribute generation mechanism for textual data).具体来说,首先将安全业务属性生成中的候选业务属性(即实体)提取任务由序列标定问题转换为可控生成问题,利用指令学习和情境学习技术实现对候选业务属性的提取;然后,利用WordNet实现对候选业务属性的语义泛化及去冗余,同时通过控制余弦相似度阈值的方法避免语义过于泛化带来的语义丢失问题,生成业务属性集;最后,以集合中初始属性与衍生属性间相似度为边权重,构建加权有向无环属性图,实现了能够根据安全管控需求动态生成、规模可控、安全粒度可调的安全业务属性库构建.实验结果表明,所提机制中候选业务属性提取部分功能在CoNLL-2003数据集上的少样本实验中取得的平均F1分数较基线模型更高,并且所提机制能够按照安全管控需求,动态挖掘出安全管控层级可调、规模可控的安全业务属性.
Attribute-based access control is fundamentally dependent on the secure service attribute calibration of object sources.Traditionally,the calibration of secure service attribute for textual data has been primarily reliant on human experts and machine learning methods,yet the efficiency and few-shot ability are insufficient.Moreover,tra-ditional approaches have predominantly utilized entities in textual data as service attributes,resulting in coarse granularity,uncontrollable scale and management level,further leading to the problem of attribute-space explosion.Thus,a secure service attribute generation mechanism for textual data(IDSAM)was introduced.This mechanism addressed the aforementioned challenges by transforming the extraction of candidate service attributes,previously a sequence-calibrated problem,into a controllable-generation problem through instruction learning and in-context learning.Subsequently,WordNet was employed to achieve semantic deduplication and generalization of the candi-date service attributes.Concurrently,to prevent semantic loss due to over-generalization,a cosine similarity thresh-old was regulated,enabling the generation of a service attribute set.Finally,a weighted directed acyclic attribute graph was constructed based on the similarity between initial and derived attributes within the set,facilitating the dynamic construction of a secure service attribute library with a controllable scale and adjustable security granular-ity,in accordance with security control requirements.The candidate service attribute extraction component of the proposed mechanism achieves an optimal average F1 score in few-shot experiments on the CoNLL-2003 dataset,surpassing the baseline model.This positions the mechanism as state-of-the-art.Furthermore,the mechanism is ca-pable of dynamically mining secure service attributes with adjustable security control levels and controllable scales to meet varying security management requirements.The experimental results indicate that the proposed mechanism is effective in generating secure service attributes with the desired characteristics.
named entity recognitionattribute-based access controlattribute extractionfew-shotlarge language model
维普
万方数据
