<p>An information system is composed of two types of entities, subjects like users and objects like databases from the security viewpoint. A subject issues an operation to an object to manipulate data in the object. An object is protected from malicious accesses of unauthorized subjects in the AC (Access Control) models. Nevertheless, if data in an object <InlineEquation ID="IEq1"> <EquationSource Format="TEX">\(o_j\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>j</mi> </msub> </math></EquationSource> </InlineEquation> is stored in another object <InlineEquation ID="IEq2"> <EquationSource Format="TEX">\(o_k\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>k</mi> </msub> </math></EquationSource> </InlineEquation>, a subject <InlineEquation ID="IEq3"> <EquationSource Format="TEX">\(s_i\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>s</mi> <mi>i</mi> </msub> </math></EquationSource> </InlineEquation> which is allowed to read <InlineEquation ID="IEq4"> <EquationSource Format="TEX">\(o_k\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>k</mi> </msub> </math></EquationSource> </InlineEquation> can read the data of <InlineEquation ID="IEq5"> <EquationSource Format="TEX">\(o_j\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>j</mi> </msub> </math></EquationSource> </InlineEquation> in <InlineEquation ID="IEq6"> <EquationSource Format="TEX">\(o_k\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>k</mi> </msub> </math></EquationSource> </InlineEquation> even if <InlineEquation ID="IEq7"> <EquationSource Format="TEX">\(s_i\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>s</mi> <mi>i</mi> </msub> </math></EquationSource> </InlineEquation> is not granted an access right of <InlineEquation ID="IEq8"> <EquationSource Format="TEX">\(o_j\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>j</mi> </msub> </math></EquationSource> </InlineEquation>, i.e. illegal information flow from <InlineEquation ID="IEq9"> <EquationSource Format="TEX">\(o_j\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>j</mi> </msub> </math></EquationSource> </InlineEquation> to <InlineEquation ID="IEq10"> <EquationSource Format="TEX">\(s_i\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>s</mi> <mi>i</mi> </msub> </math></EquationSource> </InlineEquation> occurs. In our previous studies, the O-IFC (Object-based Information Flow Control) is proposed where operations occurring illegal information flow are prohibited. Here, a unit of data exchanged among entities is an object. Even if some operations do not occur illegal information flow, the operations are prohibited in the O-IFC. In order to reduce the operations unnecessarily prohibited, a novel C-IFC (Content-based IFC) is proposed where a finer unit of data than an object is considered to be exchanged among entities. In this article, an object is composed of natural language sentences. It is critical to decide whether or not a sentence <InlineEquation ID="IEq11"> <EquationSource Format="TEX">\(st_j\)</EquationSource> <EquationSource Format="MATHML"><math> <mrow> <mi>s</mi> <msub> <mi>t</mi> <mi>j</mi> </msub> </mrow> </math></EquationSource> </InlineEquation> in <InlineEquation ID="IEq12"> <EquationSource Format="TEX">\(o_j\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>j</mi> </msub> </math></EquationSource> </InlineEquation> is the same as another sentence <InlineEquation ID="IEq13"> <EquationSource Format="TEX">\(st_k\)</EquationSource> <EquationSource Format="MATHML"><math> <mrow> <mi>s</mi> <msub> <mi>t</mi> <mi>k</mi> </msub> </mrow> </math></EquationSource> </InlineEquation> in <InlineEquation ID="IEq14"> <EquationSource Format="TEX">\(o_k\)</EquationSource> <EquationSource Format="MATHML"><math> <msub> <mi>o</mi> <mi>k</mi> </msub> </math></EquationSource> </InlineEquation>. In this article, the sentence classifier is used which is generated by using the large language model based on the neural networks. If <InlineEquation ID="IEq15"> <EquationSource Format="TEX">\(st_j\)</EquationSource> <EquationSource Format="MATHML"><math> <mrow> <mi>s</mi> <msub> <mi>t</mi> <mi>j</mi> </msub> </mrow> </math></EquationSource> </InlineEquation> and <InlineEquation ID="IEq16"> <EquationSource Format="TEX">\(st_k\)</EquationSource> <EquationSource Format="MATHML"><math> <mrow> <mi>s</mi> <msub> <mi>t</mi> <mi>k</mi> </msub> </mrow> </math></EquationSource> </InlineEquation> are decided to be the same by the sentence classifier, the sentences are referred to as paraphrases. In the evaluation, the operations unnecessarily prohibited in the C-IFC are fewer than the O-IFC.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Content-based information flow control realized by large language model based on neural networks

  • Shigenari Nakamura,
  • Lidia Ogiela,
  • Makoto Takizawa

摘要

An information system is composed of two types of entities, subjects like users and objects like databases from the security viewpoint. A subject issues an operation to an object to manipulate data in the object. An object is protected from malicious accesses of unauthorized subjects in the AC (Access Control) models. Nevertheless, if data in an object \(o_j\) o j is stored in another object \(o_k\) o k , a subject \(s_i\) s i which is allowed to read \(o_k\) o k can read the data of \(o_j\) o j in \(o_k\) o k even if \(s_i\) s i is not granted an access right of \(o_j\) o j , i.e. illegal information flow from \(o_j\) o j to \(s_i\) s i occurs. In our previous studies, the O-IFC (Object-based Information Flow Control) is proposed where operations occurring illegal information flow are prohibited. Here, a unit of data exchanged among entities is an object. Even if some operations do not occur illegal information flow, the operations are prohibited in the O-IFC. In order to reduce the operations unnecessarily prohibited, a novel C-IFC (Content-based IFC) is proposed where a finer unit of data than an object is considered to be exchanged among entities. In this article, an object is composed of natural language sentences. It is critical to decide whether or not a sentence \(st_j\) s t j in \(o_j\) o j is the same as another sentence \(st_k\) s t k in \(o_k\) o k . In this article, the sentence classifier is used which is generated by using the large language model based on the neural networks. If \(st_j\) s t j and \(st_k\) s t k are decided to be the same by the sentence classifier, the sentences are referred to as paraphrases. In the evaluation, the operations unnecessarily prohibited in the C-IFC are fewer than the O-IFC.