NSFOCUS Security Labs recently collaborated with the research team from the School of Computer Science at China University of Geosciences (Wuhan) on a research paper titled “Computable Access Control: Embedding Access Control Rules into Euclidean Space“. This paper has been officially accepted and published online by the prestigious international journal “IEEE Transactions on Systems, Man, and Cybernetics: Systems” (IEEE SMCS).
As an academic publication, IEEE SMCS features peer-reviewed articles, research papers, case studies, and reviews contributed by researchers, scientists, and practitioners from around the world. It serves as a valuable resource for professionals in the field of systems engineering and cybernetics, facilitating the exchange of knowledge and the dissemination of cutting-edge research. IEEE SMCS is a top journal in the field of artificial intelligence, with a current impact factor of 11.471.
The research in this paper addresses the technical bottlenecks in network security control by exploring knowledge-embedded security control methods. Access control is a fundamental theory and technology for securing cyberspace. In traditional network environments, security components such as firewalls and intrusion prevention systems enforce access control based on pre-established security policies and rules to protect the network. However, in the era of big data, cyberspace is highly open, and relying solely on static security techniques makes it difficult to effectively defend against a constant stream of malicious code and attack traffic. To tackle this issue, the paper draws inspiration from the concept of knowledge embedding in artificial intelligence. It treats existing security rules, log information, malicious code features, etc., as “prior security knowledge” of computers, representing them as vectors in Euclidean space. By employing vector-based computations, the paper achieves inference and prediction of security knowledge. This endows computers with the ability to “understand security knowledge and use existing knowledge to anticipate the network security environment,” thus assisting in the realization of intelligent network security access control.
This collaborative work is supported by the NSFOCUS CCF-Kunpeng Fund. It is likely to be applied in current booming technologies like zero-trust network security technology and APT attack prevention and contribute to the construction of the world network security ecosystem.
Information of the Research Paper
Title: Computable Access Control: Embedding Access Control Rules into Euclidean Space
DOI: 10.1109/TSMC.2023.3283527
Link: https://ieeexplore.ieee.org/document/10159673