An Adaptive BLP Access Control Model Based On Maximum Entropy

In the current popular access control model,once the process running in the security system is completed,the security policy and rules of the security system will not be changed.With such a security system,the likelihood of an attacker finding a vulnerability will increase because it lacks the ability to dynamically sense the security state and risk of the system.With the increase of unknown risks and the constant changes in the methods of attack,the system is eventually exposed to risks.This paper first improves the most basic Bell-LaPadula(BLP)model,and then introduces the maximum entropy model(Maxent)in machine learning in the rules of the BLP mandatory access control model,and further optimizes the established model.In other words,this paper proposes an improved BLP model with self-learning:MaxENT-BLP.The model first establishes security attributes,system states,transformation rules,and constraint models based on MaxENT state transitions.In order to solve the problem of lack of self-adaptation,this paper established a bridge between maximum entropy and BLP model,taking the ten rules of the BLP model as the characteristic function of maximum entropy,and extracting the training template from the BLP model and integrating logical operations into the training template.Next,after processing the historical system access log as the original data set,the model extracts the user request,the current state,and the request decision as the basic feature vectors of the training.Second,this paper uses k-fold cross-validation to partition all vectors into training and test sets.After training on the model based on the Broyden Fletcher Goldfarb Shanno(BFGS)algorithm,this paper proposes a strategy update algorithm that enables access control rules to automatically adjust dynamically based on access and decision record sets.Then,this paper theoretically proved that the MaxENT-BLP model is safe.Through the estimation of the model's precision,recall and F1-score values,the validity and accuracy of the model are verified.Finally,by comparing the deep learning model with the discussion of the malware samples,this paper has proved that the MaxENT-BLP model is a suitable choice and has the ability to avoid more risks and losses by running the information system.