A Dynamic Access Control Model Based on Attributes and IntroVAE

Affected by the COVID-19 pandemic, teleworking is becoming more popular, with the exposed attack surface of the internal network expanding. Once outsiders personate accounts or insiders conduct illegal operations, the data security in teleworking with traditional border protection will be broken. Therefore, it is necessary to implement fine-grained and dynamic access control to protect data from malicious access. Attributebased access control (ABAC) is ideal, where authorization is performed through attributes and rules. On this basis, risk assessment, context awareness, and machine learning are supplemented for dynamic access control. However, these methods have their limitations due to the requirement of sufficient prior knowledge and massive label-classified data. Moreover, it is challenging to obtain the samples of attack behaviors, and the attack behaviors may change frequently to evade detection. In contrast, the normal behaviors are relatively stable except for the update of network services. We propose a dynamic access control model, ABACIntroVAE, to address the above issues. ABAC-IntroVAE judges users' requests through rule matching and behavior analysis based on the attributes of the requests. It first filters out requests against the rules by rule matching. Then, the introspective variational autoencoder (IntroVAE) is used for behavior analysis to realize dynamic access decisions. Requests classified as normal can be authorized for access. ABAC-IntroVAE only needs samples of normal requests for training, avoiding the difficult task of collecting massive and frequently changing samples of attack requests. Meanwhile, the IntroVAE model is updated through continual learning to adapt to new-style normal behaviors due to the update of network services. Our experiment study suggests that our proposed ABAC-IntroVAE can effectively perform dynamic access control. It achieves an accuracy of 97:2% in abnormal detection and maintains an accuracy of over 97% through continual learning, despite the addition of new-style user behavior patterns.