7 research outputs found
Efficient and Extensible Policy Mining for Relationship-Based Access Control
Relationship-based access control (ReBAC) is a flexible and expressive
framework that allows policies to be expressed in terms of chains of
relationship between entities as well as attributes of entities. ReBAC policy
mining algorithms have a potential to significantly reduce the cost of
migration from legacy access control systems to ReBAC, by partially automating
the development of a ReBAC policy. Existing ReBAC policy mining algorithms
support a policy language with a limited set of operators; this limits their
applicability. This paper presents a ReBAC policy mining algorithm designed to
be both (1) easily extensible (to support additional policy language features)
and (2) scalable. The algorithm is based on Bui et al.'s evolutionary algorithm
for ReBAC policy mining algorithm. First, we simplify their algorithm, in order
to make it easier to extend and provide a methodology that extends it to handle
new policy language features. However, extending the policy language increases
the search space of candidate policies explored by the evolutionary algorithm,
thus causes longer running time and/or worse results. To address the problem,
we enhance the algorithm with a feature selection phase. The enhancement
utilizes a neural network to identify useful features. We use the result of
feature selection to reduce the evolutionary algorithm's search space. The new
algorithm is easy to extend and, as shown by our experiments, is more efficient
and produces better policies
Contextual and Granular Policy Enforcement in Database-backed Applications
Database-backed applications rely on inlined policy checks to process users'
private and confidential data in a policy-compliant manner as traditional
database access control mechanisms cannot enforce complex policies. However,
application bugs due to missed checks are common in such applications, which
result in data breaches. While separating policy from code is a natural
solution, many data protection policies specify restrictions based on the
context in which data is accessed and how the data is used. Enforcing these
restrictions automatically presents significant challenges, as the information
needed to determine context requires a tight coupling between policy
enforcement and an application's implementation. We present Estrela, a
framework for enforcing contextual and granular data access policies. Working
from the observation that API endpoints can be associated with salient
contextual information in most database-backed applications, Estrela allows
developers to specify API-specific restrictions on data access and use. Estrela
provides a clean separation between policy specification and the application's
implementation, which facilitates easier auditing and maintenance of policies.
Policies in Estrela consist of pre-evaluation and post-evaluation conditions,
which provide the means to modulate database access before a query is issued,
and to impose finer-grained constraints on information release after the
evaluation of query, respectively. We build a prototype of Estrela and apply it
to retrofit several real world applications (from 1000-80k LOC) to enforce
different contextual policies. Our evaluation shows that Estrela can enforce
policies with minimal overheads
A Hybrid Framework Combining Vehicle System Knowledge with Machine Learning Methods for Improved Highway Trajectory Prediction
Vehicle-to-vehicle communication is a solution to improve the quality of on-road traveling in terms of throughput, safety, efficiency and comfort. However, road users that do not communicate their planned activities can create dangerous situations, so prediction models are needed to foresee and anticipate their motions in the drivable space. Various prediction methods exist, either physics-based, data-based or hybrids, but they all make conservative assumptions about others’ intentions, or they are developed using unrealistic data, and it is unclear how they perform for trajectory prediction. In this work, we introduce and demonstrate an optimal hybrid framework that overcomes these limitations, by combining the predictions of several physics-based and data-based models. Using on-road measured data we show that this novel framework outperforms the individual models in both longitudinal and lateral position predictions. We also discuss the required prediction boundaries from a safety perspective and estimate the accuracies of the models in relation to automated vehicle functions. The results achieved by this method will enable increased safety, comfort and even more proactive reactions of the automated vehicles
Big IoT data mining for real-time energy disaggregation in buildings Citation for published version (APA): Big IoT data mining for real-time energy disaggregation in buildings
Abstract-In the smart grid context, the identification and prediction of building energy flexibility is a challenging open question, thus paving the way for new optimized behaviors from the demand side. At the same time, the latest smart meters developments allow us to monitor in real-time the power consumption level of the home appliances, aiming at a very accurate energy disaggregation. However, due to practical constraints is infeasible in the near future to attach smart meter devices on all home appliances, which is the problem addressed herein. We propose a hybrid approach, which combines sparse smart meters with machine learning methods. Using a subset of buildings equipped with subset of smart meters we can create a database on which we train two deep learning models, i.e. Factored FourWay Conditional Restricted Boltzmann Machines (FFW-CRBMs) and Disjunctive FFW-CRBM. We show how our method may be used to accurately predict and identify the energy flexibility of buildings unequipped with smart meters, starting from their aggregated energy values. The proposed approach was validated on a real database, namely the Reference Energy Disaggregation Dataset. The results show that for the flexibility prediction problem solved here, Disjunctive FFW-CRBM outperforms the FFWCRBMs approach, where for classification task their capabilities are comparable
Cognitive no-reference video quality assessment for mobile streaming services Citation for published version (APA): Cognitive No-Reference Video Quality Assessment for Mobile Streaming Services
Abstract-The evaluation of mobile streaming services, particularly in terms of delivered Quality of Experience (QoE), entails the use of automated methods (which excludes subjective QoE) that can be executed in real-time (i.e. without delaying the streaming process). This calls for lightweight algorithms that provide accurate results under considerable constraints. Starting from a low complexity no-reference objective algorithm for still images, in this work we contribute a new version that not only works for videos but, is general enough to adjust to a diverse range of video types while not significantly increasing the computational complexity. To achieve the necessary level of flexibility and computational efficiency, our method relies merely on information available at the client side and is equipped with a lightweight Artificial Neural Network which makes the algorithm independent from type of network or video. Its resource efficiency and generality make our method fit to be used in mobile streaming services. To prove the viability of our approach, we show a high level of correlation with the well-known full-reference method SSIM
Situation-Aware Drivable Space Estimation for Automated Driving
An automated vehicle (AV) must always have a correct representation of the drivable space to position itself accurately and operate safely. To determine the drivable space, current research focuses on single sources of information, either using pre-computed high-definition maps, or mapping the environment online with sensors such as LiDARs or cameras. However, each of these information sources can fail, some are too costly, and maps could be outdated. In this work a new method for situation-aware drivable space (SDS) estimation combining multiple information sources is proposed, which is also suitable for AVs equipped with inexpensive sensors. Depending on the situation, semantic information of sensed objects is combined with domain knowledge to estimate the drivability of the space surrounding each object (e.g. traffic light, another vehicle). These estimates are modeled as probabilistic graphs to account for the uncertainty of information sources, and an optimal spatial configuration of their elements is determined via graph-based simultaneous localization and mapping (SLAM). To investigate the robustness of SDS towards potentially unreliable sensors and maps, it has been tested in a simulation environment and real world data. Results on different use cases (e.g. straight roads, curved roads, and intersections) show considerable robustness towards unreliable inputs, and the recovered drivable space allows for accurate in-lane localization of the AV even in extreme cases where no prior knowledge of the road network is available
Topological Insights into Sparse Neural Networks
Sparse neural networks are effective approaches to reduce the resource requirements for the deployment of deep neural networks. Recently, the concept of adaptive sparse connectivity, has emerged to allow training sparse neural networks from scratch by optimizing the sparse structure during training. However, comparing different sparse topologies and determining how sparse topologies evolve during training, especially for the situation in which the sparse structure optimization is involved, remain as challenging open questions. This comparison becomes increasingly complex as the number of possible topological comparisons increases exponentially with the size of networks. In this work, we introduce an approach to understand and compare sparse neural network topologies from the perspective of graph theory. We first propose Neural Network Sparse Topology Distance (NNSTD) to measure the distance between different sparse neural networks. Further, we demonstrate that sparse neural networks can outperform over-parameterized models in terms of performance, even without any further structure optimization. To the end, we also show that adaptive sparse connectivity can always unveil a plenitude of sparse sub-networks with very different topologies which outperform the dense model, by quantifying and comparing their topological evolutionary processes. The latter findings complement the Lottery Ticket Hypothesis by showing that there is a much more efficient and robust way to find “winning tickets”. Altogether, our results start enabling a better theoretical understanding of sparse neural networks, and demonstrate the utility of using graph theory to analyze them