Multi-authority Attribute-Based Access Control with Dynamic Policy Updates for Federated Learning
摘要
Federated Learning (FL) has become a key paradigm for privacy-preserving collaborative machine learning, especially in sensitive fields such as medical imaging. However, large-scale, cross-institutional FL deployments still struggle with fine-grained access control, as most existing frameworks rely on static security policies that cannot adapt to participant churn or evolving regulatory requirements. To overcome these scalability and flexibility limitations, this paper presents a dynamic access control framework for FL based on Multi-Authority Attribute-Based Encryption (MA-ABE). We design a multi-attribute management architecture that enforces granular authorization over both local updates and global model parameters. Central to the framework is a policy-token mechanism that allows dynamic policy updates based on contextual changes without incurring high-cost re-encryption or disrupting training. We further introduce a context-aware key generation protocol to ensure secure, seamless policy transitions. Formal analysis shows that the scheme achieves CPA semantic security and resists collusion attacks. Experiments demonstrate that our protocol significantly reduces computational, communication, and storage overheads compared to state-of-the-art approaches, offering a practical and robust foundation for secure collaborative learning in dynamic environments.