Zero-Trust Based Distributed Collaborative Dynamic Access Control Scheme with Deep Multi-Agent Reinforcement Learning

Jin, Qiuqing and Wang, Liming (2020) Zero-Trust Based Distributed Collaborative Dynamic Access Control Scheme with Deep Multi-Agent Reinforcement Learning. EAI Endorsed Transactions on Security and Safety, 8 (27). e2. ISSN 2032-9393

[img]
Preview
Text
eai.25-6-2021.170246.pdf
Available under License Creative Commons Attribution No Derivatives.

Download (2MB) | Preview

Abstract

Vast majority of organizations and companies strongly depend on intranet with access control to achieve security data accessibility and authorized resource sharing across departments and networks. However, traditional boundary defense has difficulty in mitigating the increasing threats and attacks that mostly originated by insiders. Common insider threat solutions decouple the detection and defense, which requires domain knowledge and human intervention to achieve the mitigation after the protection. Moreover, these static methods have no capability to dynamically monitor various anomaly events and take corresponding protective measures. In this paper, we present a Zero-Trust based collaborative dynamic access control scheme to rebuild a security network architecture from the traffic scheduling perspective for insider threats mitigation. This scheme organically combines anomaly detection and mitigation execution by constructing dynamic updating user trust profile as the evidence of access control and collaboratively adjusting mitigation policy with any subtle requirement and environment changes in a scalable distributed way. We make use of the Multi Agent Deep Deterministic Policy Gradient (MADDPG) to optimize the traffic allocation policy for adaptive and automatic collaborative management scheme with the consideration of network security, network environment and user requirement. The performance of the scheme is analyzed through a network simulator, which shows promising results for DRL to be applied in threat mitigation.

Item Type: Article
Uncontrolled Keywords: Zero-Trust, Insider Threats, Dynamic Access Control, Reinforcement Learning
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
QA75 Electronic computers. Computer science
T Technology > T Technology (General)
Depositing User: EAI Editor IV
Date Deposited: 09 Jul 2021 08:32
Last Modified: 09 Jul 2021 08:32
URI: https://eprints.eudl.eu/id/eprint/4399

Actions (login required)

View Item View Item