CN117113378B - Load space isolation method and system based on capability - Google Patents
Load space isolation method and system based on capability Download PDFInfo
- Publication number
- CN117113378B CN117113378B CN202311172227.XA CN202311172227A CN117113378B CN 117113378 B CN117113378 B CN 117113378B CN 202311172227 A CN202311172227 A CN 202311172227A CN 117113378 B CN117113378 B CN 117113378B
- Authority
- CN
- China
- Prior art keywords
- identified
- data
- semantic
- semantic understanding
- sequence
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000002955 isolation Methods 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 claims abstract description 42
- 238000004458 analytical method Methods 0.000 claims abstract description 15
- 239000013598 vector Substances 0.000 claims description 101
- 230000014509 gene expression Effects 0.000 claims description 17
- 238000003062 neural network model Methods 0.000 claims description 10
- 230000004913 activation Effects 0.000 claims description 9
- 238000006243 chemical reaction Methods 0.000 claims description 7
- 238000000265 homogenisation Methods 0.000 claims description 7
- 238000005457 optimization Methods 0.000 claims description 6
- 230000009466 transformation Effects 0.000 claims description 5
- 230000006870 function Effects 0.000 description 13
- 238000013507 mapping Methods 0.000 description 13
- 230000015654 memory Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 10
- 238000012545 processing Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 7
- 238000012549 training Methods 0.000 description 6
- 238000013528 artificial neural network Methods 0.000 description 5
- 230000000903 blocking effect Effects 0.000 description 5
- 239000000872 buffer Substances 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000004422 calculation algorithm Methods 0.000 description 3
- 238000012935 Averaging Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 2
- 230000002457 bidirectional effect Effects 0.000 description 2
- 238000004880 explosion Methods 0.000 description 2
- 238000007477 logistic regression Methods 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000003058 natural language processing Methods 0.000 description 2
- 230000002441 reversible effect Effects 0.000 description 2
- 230000006403 short-term memory Effects 0.000 description 2
- 238000012384 transportation and delivery Methods 0.000 description 2
- 101100001674 Emericella variicolor andI gene Proteins 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000008033 biological extinction Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000008034 disappearance Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000306 recurrent effect Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000013468 resource allocation Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/35—Clustering; Classification
- G06F16/353—Clustering; Classification into predefined classes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/30—Semantic analysis
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Automation & Control Theory (AREA)
- Medical Informatics (AREA)
- Artificial Intelligence (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Storage Device Security (AREA)
Abstract
A method and system for load space isolation based on capability are disclosed. Firstly, acquiring data to be identified, then creating an independent kernel object for the data to be identified, then carrying out semantic analysis on the data to be identified to obtain semantic understanding characteristics of the data to be identified, and finally, determining the access right to the kernel object based on the semantic understanding characteristics of the data to be identified. In this way, the sensitive data can be intelligently classified and marked, and the access to the data is limited according to the authority configuration, so that the data leakage and unauthorized access are prevented, and the privacy of the user is protected.
Description
Technical Field
The present disclosure relates to the field of load space isolation, and more particularly, to a method and system for load space isolation based on capabilities.
Background
In a conventional operating system, resources (e.g., CPU, memory, disk, etc.) are typically allocated and managed in units of processes or threads. However, in a multi-tenant system, multiple users or applications share resources of the same physical machine or virtual machine, which needs to ensure isolation between the resources, so as to avoid interference or security risk caused by one user or application to other users or applications. However, in a conventional access control method, such as an ACL (access control list) method, access rights of objects are generally managed based on classification of a subject (user). This coarse-grained classification approach does not provide fine-grained access control to the data. In practical applications, different users may need to have different access rights to different parts or attributes of the same object, and ACL methods cannot meet this requirement.
Accordingly, a capability-based load space isolation scheme is desired.
Disclosure of Invention
In view of this, the disclosure provides a load space isolation method and system based on capabilities, which can intelligently classify and mark sensitive data and limit access to the data according to authority configuration so as to prevent data leakage and unauthorized access and protect privacy of users.
According to an aspect of the present disclosure, there is provided a method of capability-based load space isolation, comprising:
Acquiring data to be identified;
Creating an independent kernel object for the data to be identified;
carrying out semantic analysis on the data to be identified to obtain semantic understanding characteristics of the data to be identified; and
And determining the access right to the kernel object based on the semantic understanding characteristics of the data to be identified.
According to another aspect of the present disclosure, there is provided a performance-based load space isolation system, comprising:
the data acquisition module is used for acquiring data to be identified;
The kernel object creation module is used for creating an independent kernel object for the data to be identified;
the semantic analysis module is used for carrying out semantic analysis on the data to be identified to obtain semantic understanding characteristics of the data to be identified; and
And the access right determining module is used for determining the access right to the kernel object based on the semantic understanding characteristics of the data to be identified.
According to the embodiment of the disclosure, firstly, data to be identified is obtained, then, an independent kernel object is created for the data to be identified, then, semantic analysis is carried out on the data to be identified to obtain semantic understanding characteristics of the data to be identified, and finally, access rights to the kernel object are determined based on the semantic understanding characteristics of the data to be identified. In this way, the sensitive data can be intelligently classified and marked, and the access to the data is limited according to the authority configuration, so that the data leakage and unauthorized access are prevented, and the privacy of the user is protected.
Other features and aspects of the present disclosure will become apparent from the following detailed description of exemplary embodiments, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate exemplary embodiments, features and aspects of the present disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 illustrates a flow chart of a method of energy-based load space isolation in accordance with an embodiment of the present disclosure.
Fig. 2 shows an architectural diagram of a method of energy-based load space isolation in accordance with an embodiment of the present disclosure.
Fig. 3 shows a flowchart of sub-step S130 of a capability-based load space isolation method according to an embodiment of the present disclosure.
Fig. 4 shows a flowchart of sub-step S140 of the capability-based load space isolation method according to an embodiment of the present disclosure.
FIG. 5 illustrates a block diagram of a performance based load space isolation system, according to an embodiment of the present disclosure.
Fig. 6 illustrates an application scenario diagram of a performance-based load space isolation method according to an embodiment of the present disclosure.
Detailed Description
The following description of the embodiments of the present disclosure will be made clearly and fully with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some, but not all embodiments of the disclosure. All other embodiments, which can be made by one of ordinary skill in the art without undue burden based on the embodiments of the present disclosure, are also within the scope of the present disclosure.
As used in this disclosure and in the claims, the terms "a," "an," "the," and/or "the" are not specific to a singular, but may include a plurality, unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" merely indicate that the steps and elements are explicitly identified, and they do not constitute an exclusive list, as other steps or elements may be included in a method or apparatus.
Various exemplary embodiments, features and aspects of the disclosure will be described in detail below with reference to the drawings. In the drawings, like reference numbers indicate identical or functionally similar elements. Although various aspects of the embodiments are illustrated in the accompanying drawings, the drawings are not necessarily drawn to scale unless specifically indicated.
In addition, numerous specific details are set forth in the following detailed description in order to provide a better understanding of the present disclosure. It will be understood by those skilled in the art that the present disclosure may be practiced without some of these specific details. In some instances, methods, means, elements, and circuits well known to those skilled in the art have not been described in detail in order not to obscure the present disclosure.
To achieve fine-grained control of kernel access to resources. First, a Capability (Capability) concept is introduced to conform to the security principle of minimum rights (PRINCIPLE OF LEAST AUTHORITY (poll)). In ACL methods employed by Linux and Windows, object access principals (users), such as object owners, owner peer users, and other users, are typically categorized. While the rights can be directly oriented to the access subject, defining his access rights to the object, and thus have finer granularity access control capabilities than conventional ACLs. In addition, corresponding rules for creation, authorization, delivery and revocation can be defined for the capability to further strengthen the strength of the object access control.
Specifically, the load space isolation method based on the capability combines resource allocation and access authority control by introducing the capability concept, thereby realizing finer granularity resource isolation and control. In this process, the kernel creates a separate kernel object for each load, which limits access to the resource through rights control. Each kernel object has its own rights configuration for controlling access rights to the resources represented by the kernel object. In this way, different loads may access resources by operating their own kernel objects, but not unauthorized to other loaded resources, to ensure isolation of resources between different users or applications. In addition, the sensitive data can be intelligently classified and marked, and the access to the data is limited according to the authority configuration, so that the data leakage and unauthorized access are prevented, and the privacy of a user is protected.
FIG. 1 illustrates a flow chart of a method of energy-based load space isolation in accordance with an embodiment of the present disclosure. Fig. 2 shows an architectural diagram of a method of energy-based load space isolation in accordance with an embodiment of the present disclosure. As shown in fig. 1 and 2, a method for capability-based load space isolation according to an embodiment of the present disclosure includes the steps of: s110, acquiring data to be identified; s120, creating an independent kernel object for the data to be identified; s130, carrying out semantic analysis on the data to be identified to obtain semantic understanding characteristics of the data to be identified; and S140, determining the access right to the kernel object based on the semantic understanding characteristics of the data to be identified.
Specifically, in the technical scheme of the present disclosure, first, data to be identified is acquired. Then, a separate kernel object is created for the data to be identified, and the object limits access to the resource through authority control. Thus, each kernel object has its own rights configuration for controlling access rights to the resources represented by the kernel object. Thus, different loads may access resources by operating their own kernel objects, while other loads' resources cannot be overridden.
Then, considering that in the natural language processing task, the sentence is a basic unit of semantics, and a plurality of sentences exist in the data to be recognized, different sentences may contain different semantic information, so in order to better understand the semantics of the data to be recognized, the data to be recognized needs to be divided in units of sentences to obtain a sequence of sentences to be recognized. In this way, by processing each sentence individually, independent semantic understanding and processing can be better performed on each sentence, so that characteristics and information of sentence levels can be captured better, and semantic relationships and context information between sentences can be captured more accurately, so that semantic understanding of data to be recognized can be performed more accurately.
And then converting the sequence of the sentences to be recognized into a sequence of the embedded vectors of the sentences to be recognized by utilizing FastText model, so as to express the text data into continuous vector space, thereby facilitating subsequent semantic understanding and feature extraction. It should be appreciated that FastText is a word vector representation method based on a bag of words model that represents the entire sentence by representing each word in the sentence as a vector and averaging or weighted averaging the word vectors. This allows sentences to be mapped into a vector space of fixed dimensions, capturing semantic information of the sentences. That is, the FastText model may learn a distributed representation of words to convert words in the sentence to be recognized into successive vector representations that contain semantic information of the words to better reflect the semantic relationships between the words.
Further, considering that each sentence in the data to be recognized contains a plurality of words, and each word has a forward semantic association relationship and a backward semantic association relationship, in order to more fully understand the semantics of each sentence, in the technical scheme of the present disclosure, each sentence embedding vector to be recognized in the sequence of sentence embedding vectors to be recognized is further encoded in a semantic encoder based on BiLSTM models, so as to extract the bidirectional context semantic association feature information in each sentence to be recognized of the data to be recognized, thereby obtaining the sequence of sentence semantic understanding feature vectors to be recognized. It should be understood that the BiLSTM model can consider both the forward and backward context information of each sentence when processing the sentence, and can more fully understand the semantics in the sentence, which is very important for understanding the semantic relationship and the context meaning in the sentence, and helps to capture the semantic information of the sentence more accurately.
In the technical scheme of the disclosure, the sequence of the semantic understanding feature vectors of the sentences to be identified is further encoded in a context encoder based on a converter so as to extract the semantic association feature information based on the global context between the semantic features of each sentence to be identified in the data to be identified, thereby obtaining the semantic understanding feature vectors of the data to be identified.
Correspondingly, as shown in fig. 3, performing semantic analysis on the data to be identified to obtain semantic understanding features of the data to be identified, including: s131, dividing the data to be recognized by taking sentences as units to obtain a sequence of sentences to be recognized; s132, performing embedding conversion on the sequence of the sentences to be identified to obtain a sequence of embedded vectors of the sentences to be identified; s133, semantic coding is carried out on each sentence embedded vector to be identified in the sequence of sentence embedded vectors to be identified through a semantic coder based on a deep neural network model so as to obtain a sequence of sentence semantic understanding feature vectors to be identified; and S134, carrying out semantic association coding on the sequence of the semantic understanding feature vectors of the sentences to be identified to obtain the semantic understanding feature vectors of the data to be identified as the semantic understanding features of the data to be identified.
More specifically, in step S132, performing embedding conversion on the sequence of sentences to be recognized to obtain a sequence of embedded vectors of sentences to be recognized, including: and converting the sequence of the sentences to be recognized into a sequence of the embedded vectors of the sentences to be recognized by utilizing FastText models. Notably FastText is a word-level based text embedding model developed by Facebook AI RESEARCH. The method is a quick and efficient text classification and word embedding method, and is particularly suitable for processing large-scale text data. The core idea of the FastText model is to represent each word as an average of its character-level n-gram features and use these features to represent the whole word. Compared with the traditional Word embedding method (such as Word2 Vec), fastText has the main innovation point that character-level information is introduced, so that richer vocabulary characteristics can be captured. The process of converting a sequence of sentences to be recognized into a sequence of embedded vectors using the FastText model is as follows: 1. pre-training: training FastText models by using a large-scale text corpus to generate word vector representations; 2. text embedding: for a sequence of sentences to be identified, representing words in each sentence as corresponding word vectors thereof; 3. sequence embedding: the word vectors in each sentence are combined into an embedded vector of one sentence according to a certain rule (e.g., average or sum). The main uses of the FastText model include: 1. text classification: fastText may be used to categorize the text data into predefined categories; 2. similarity calculation: semantic similarity between texts can be measured by calculating similarity of embedded vectors between the texts; 3. word embedding: the word vector generated FastText may be used as input for other natural language processing tasks. In other words, the FastText model provides a fast and efficient way to convert text into dense word-embedded vectors by representing words as an average of the character-level n-gram features, thereby playing an important role in various text processing tasks.
More specifically, the deep neural network model is BiLSTM models. It is noted that BiLSTM (Bidirectional Long Short-Term Memory) is a variant of a Recurrent Neural Network (RNN) for processing sequence data. Unlike a conventional unidirectional RNN, biLSTM runs LSTM units in both directions forward and backward simultaneously in time steps to capture context information in the sequence. LSTM (Long Short-Term Memory) is a special type of RNN that is used to solve the problems of gradient extinction and gradient explosion in conventional RNNs. LSTM can selectively remember and forget information in input data by introducing a gating mechanism, so that long-term dependency can be better processed. The BiLSTM structure consists of two LSTM stacks, one processing the input sequence in time order and the other processing the input sequence in reverse time order. Thus, the output of each time step will contain context information from the past and future.
More specifically, in step S134, performing semantic association encoding on the sequence of semantic understanding feature vectors of the sentence to be recognized to obtain a semantic understanding feature vector of the data to be recognized as the semantic understanding feature of the data to be recognized, including: and passing the sequence of the semantic understanding feature vectors of the sentences to be recognized through a sentence meaning context encoder based on a converter to obtain the semantic understanding feature vectors of the data to be recognized. It should be understood that a converter-based semantic context encoder refers to a method of encoding a semantic understanding feature vector sequence of a sentence to be recognized using a converter model (converter). The transducer is a neural network model based on a self-attention mechanism, and the primary function of a semantic context encoder based on a converter is to encode semantic understanding features of a sentence to be recognized so as to capture context information and semantic association in the sentence. Each feature vector in the input sequence is weighted, combined and converted through a multi-layer self-attention mechanism and a feedforward neural network, so that the coded feature vector is generated. The following advantages can be obtained using a converter-based context encoder: 1. context modeling: the converter model can process the whole input sequence in parallel, so that the context information in sentences can be captured better, and the accuracy of semantic understanding can be improved; 2. long-term dependency relationship: due to the introduction of a self-attention mechanism, the converter model can effectively process long-distance dependence, so that the problems of gradient disappearance and gradient explosion in the traditional circulating neural network are avoided; 3. parallel computing: the parallel computing capability of the converter model is strong, so that the training and reasoning speed is faster, and the method is suitable for processing large-scale data. The semantic context encoder based on the converter can extract semantic information in sentences by encoding semantic understanding feature vector sequences of sentences to be recognized, provide richer feature representations for subsequent tasks and improve the performance and effect of the model.
And then, the data semantic understanding feature vector to be identified is further passed through a classifier to obtain a classification result, wherein the classification result is used for representing the sensitive data grade label. That is, classification processing is performed based on global context semantic association feature information among the semantic features of each sentence of the data to be recognized, so that a sensitive data level is judged. Specifically, in the technical solution of the present disclosure, the classification label of the classifier is a class label of sensitive data, so after the classification result is obtained, the sensitive data class may be determined based on the classification result, so as to determine the access right to the kernel object.
Accordingly, as shown in fig. 4, determining the access right to the kernel object based on the semantic understanding feature of the data to be identified includes: s141, carrying out semantic information homogenization activation of feature rank expression on the semantic understanding feature vector of the data to be identified so as to obtain an optimized semantic understanding feature vector of the data to be identified; s142, enabling the optimized data semantic understanding feature vector to pass through a classifier to obtain a classification result, wherein the classification result is used for representing a sensitive data grade label; and S143, determining the access right to the kernel object based on the classification result.
In particular, in the technical scheme of the application, when the sequence of the sentence embedded vectors to be recognized passes through the sentence meaning context encoder based on the converter to obtain the semantic understanding feature vector of the data to be recognized, the intra-sentence semantic expression of the sentence to be recognized expressed by each sentence embedded vector to be recognized can be subjected to cross-sentence context association encoding. That is, in the case of performing overall associative coding based on intra-sentence semantic expressions of sentences to be recognized, when classifying the semantic understanding feature vectors of data to be recognized by a classifier, a scale heuristic type probability mapping based on the intra-sentence semantic expression scale is performed, and meanwhile, considering that the semantic understanding feature vectors of data to be recognized include intra-sentence semantic associative features and inter-sentence context associative semantic feature representations, that is, hybrid semantic space feature representations, the training efficiency of the classifier is reduced. Based on the feature rank expression, the application performs the feature rank expression semantic information homogenization activation on the data semantic understanding feature vector to be identified when the data semantic understanding feature vector to be identified is classified by a classifier.
Correspondingly, in a specific example, the semantic information homogenizing activation of the feature rank expression is carried out on the data semantic understanding feature vector to be identified by the following optimization formula so as to obtain the optimized data semantic understanding feature vector to be identified;
Wherein, the optimization formula is: wherein, Is the semantic understanding feature vector of the data to be identifiedIs the first of (2)The value of the characteristic is a value of,Representing the two norms of the semantic understanding feature vector of the data to be identified,Is a logarithm based on 2, andIs the weight of the parameter to be exceeded,Is the first to optimize the semantic understanding feature vector of the data to be identifiedAnd characteristic values.
Here, the feature vector is understood in consideration of the semantics of the data to be recognizedFeature distribution mapping of the feature distribution in the high-dimensional feature space to the classification regression space can present different mapping modes on different feature distribution levels based on mixed semantic space features, so that the mapping efficiency of a mapping strategy based on a scale heuristic needs to be improved, therefore, feature matching is carried out by combining scale heuristic based on rank expression semantic information homogenization of feature vector norms, similar feature rank expressions can be activated in a similar manner, and the correlation between feature rank expressions with larger difference is reduced, thereby solving the problem that the feature vector is understood by the data semantic to be identifiedThe problem that the probability expression mapping efficiency of the feature distribution under different space rank expressions is low is solved, and the training efficiency of classifying the semantic understanding feature vectors of the data to be recognized through the classifier is improved. Therefore, the sensitive data can be intelligently classified and marked, and the access to the data is limited according to the authority configuration, so that the data leakage and unauthorized access are prevented, and the privacy of a user is protected.
More specifically, in step S142, the optimized to-be-identified data semantic understanding feature vector is passed through a classifier to obtain a classification result, where the classification result is used to represent a sensitive data level label, and the method includes: performing full-connection coding on the optimized data semantic understanding feature vector to be identified by using a full-connection layer of the classifier to obtain a coding classification feature vector; and inputting the coding classification feature vector into a Softmax classification function of the classifier to obtain the classification result.
It should be appreciated that the role of the classifier is to learn the classification rules and classifier using a given class, known training data, and then classify (or predict) the unknown data. Logistic regression (logistics), SVM, etc. are commonly used to solve the classification problem, and for multi-classification problems (multi-class classification), logistic regression or SVM can be used as well, but multiple bi-classifications are required to compose multiple classifications, but this is error-prone and inefficient, and the commonly used multi-classification method is the Softmax classification function.
It is worth mentioning that the fully connected layer (Fully Connected Layer), also known as the dense connected layer or the linear layer, is a common layer type in neural networks. The main function of the method is to linearly combine each feature of the input data with the weight and perform nonlinear transformation through an activation function so as to generate an output feature. The full connection layer can combine and transform the characteristics in the input data through learning weights and biases, and extract higher-level characteristic representation; by introducing the activation function, the full-connection layer can introduce nonlinear transformation to increase the expression capacity of the model, so that the model is better adapted to complex data distribution, and the full-connection layer is usually used as the last layer of the neural network model, maps the learned characteristics to probability distribution of the target class and is used for classification and prediction tasks. In step S142, the full-join layer is used to encode the semantic understanding feature vector of the optimized data to be identified. The fully connected layer is able to map feature vectors to a higher dimensional feature space by linear combination and nonlinear transformation, and to convert the encoded classification feature vectors into classification results by Softmax classification functions for representing sensitive data class labels. The fully connected layer is a common layer type in the neural network, processes input features through linear combination and nonlinear transformation, and has the functions of extracting features, introducing nonlinearity and carrying out classification prediction.
In summary, according to the method for isolating the load space based on the capability disclosed by the embodiment of the disclosure, the sensitive data can be intelligently classified and marked, and the access to the data is limited according to the authority configuration, so that the data leakage and unauthorized access are prevented, and the privacy of a user is protected.
Fig. 5 illustrates a block diagram of a performance based load space isolation system 100, according to an embodiment of the present disclosure. As shown in fig. 5, a performance based load space isolation system 100 according to an embodiment of the present disclosure includes: a data acquisition module 110, configured to acquire data to be identified; a kernel object creation module 120, configured to create an independent kernel object for the data to be identified; the semantic analysis module 130 is configured to perform semantic analysis on the data to be identified to obtain semantic understanding features of the data to be identified; and an access right determining module 140, configured to determine an access right to the kernel object based on the semantic understanding feature of the data to be identified.
In one possible implementation, the semantic analysis module 130 includes: the dividing unit is used for dividing the data to be identified by taking sentences as units to obtain a sequence of sentences to be identified; the embedding conversion unit is used for carrying out embedding conversion on the sequence of the sentences to be identified to obtain a sequence of embedded vectors of the sentences to be identified; the semantic coding unit is used for respectively carrying out semantic coding on each sentence embedded vector to be identified in the sequence of sentence embedded vectors to be identified through a semantic coder based on a depth neural network model so as to obtain a sequence of sentence semantic understanding feature vectors to be identified; and the semantic association coding unit is used for carrying out semantic association coding on the sequence of the semantic understanding feature vectors of the sentences to be identified so as to obtain the semantic understanding feature vectors of the data to be identified as the semantic understanding features of the data to be identified.
In one possible implementation, the deep neural network model is a BiLSTM model.
Here, it will be appreciated by those skilled in the art that the specific functions and operations of the respective units and modules in the above-described capability-based load space isolation system 100 have been described in detail in the above description of the capability-based load space isolation method with reference to fig. 1 to 5, and thus, repetitive descriptions thereof will be omitted.
As described above, the capability-based load space isolation system 100 according to embodiments of the present disclosure may be implemented in various wireless terminals, such as servers and the like having a capability-based load space isolation algorithm. In one possible implementation, the capability-based load space isolation system 100 according to embodiments of the present disclosure may be integrated into a wireless terminal as one software module and/or hardware module. For example, the capability-based load space isolation system 100 may be a software module in the operating system of the wireless terminal, or may be an application developed for the wireless terminal; of course, the capability-based load space isolation system 100 could equally be one of many hardware modules of the wireless terminal.
Alternatively, in another example, the capability-based loadspace isolation system 100 and the wireless terminal can be separate devices, and the capability-based loadspace isolation system 100 can be connected to the wireless terminal via a wired and/or wireless network and communicate the interaction information in accordance with a agreed-upon data format.
Fig. 6 illustrates an application scenario diagram of a performance-based load space isolation method according to an embodiment of the present disclosure. As shown in fig. 6, in this application scenario, first, data to be identified (for example, D illustrated in fig. 6) is acquired, and then, the data to be identified is input into a server (for example, S illustrated in fig. 6) in which a capability-based load space isolation algorithm is deployed, where the server can process the data to be identified using the capability-based load space isolation algorithm to obtain a classification result for representing a sensitive data class label.
It is worth mentioning that in order to achieve fine-grained control of resource access by the kernel. A Capability (Capability) concept is introduced to meet the security principle of minimum rights (PRINCIPLE OF LEAST AUTHORITY (poll)). In ACL methods employed by Linux and Windows, object access principals (users), such as object owners, owner peer users, and other users, are typically categorized. While the rights can be directly oriented to the access subject, defining his access rights to the object, and thus have finer granularity access control capabilities than conventional ACLs. In addition, corresponding rules for creation, authorization, delivery and revocation can be defined for the capability to further strengthen the strength of the object access control.
Kernel objects such as lines, address spaces, inter-process communication, etc. can be subjected to capability-based access control in the microkernel. A token is a non-counterfeitable token that references a particular kernel object. As shown in the following figures, the capability includes two parts: a pointer or name to the access object and an operation right to access the object. The microkernel provides an API for operations provided by the capability, facilitating that authorized users must use the kernel services by calling the API.
Virtual address space VSpace is made up of microkernel-provided objects that largely correspond to the objects of hardware for managing virtual memory. Thus, each architecture defines its own objects for the top level VSpace and further intermediate paging structures. Shared by each architecture is a Page, which represents a physical memory frame. The kernel also includes an ASID pool and ASID control objects for tracking address space states.
These VSpace related objects are sufficient to implement the hardware data structures required to create, manipulate, and destroy the virtual memory address space. Each architecture has a top level paging structure (level 0) and a number of intermediate levels. The top-level paging structure directly corresponds to the higher level concept of VSpace. VSpace are implemented for each architecture by different objects, which are determined by the architecture details.
Typically, each paging structure of each level contains a memory frame slot that may map the next level of paging structure or a particular size. If the previous level is not mapped, the mapping operation will fail. The size and type of structure for each level, and the number of bits in the virtual address resolved for that level, are defined by the hardware.
Microkernels provide a method for operating on these hardware paging structures, including mapping and caching operations. The mapping operation is invoked on the mapped capability, e.g., mapping the 1 st level page structure at a particular virtual address, which invokes the corresponding object through the mapping operation.
In general, the top level structure does not have a call for mapping, but rather serves as a parameter for several other virtual memory related object calls. For some architectures, the top level page table may be called for caching. In addition to the page capabilities themselves, the API allows the user more flexible policy options by making these cache-related operation calls to the page directory capabilities. For example, a process delegating a page directory may perform a caching operation on all frames mapped from that capability without directly accessing those capabilities.
The page object corresponds to a physical memory frame used to implement a virtual memory page in the virtual address space. The virtual address of the page map must be aligned to the size of the page and must be mapped to the appropriate VSpace and required for each intermediate paging structure. To map a readable page, to map a capability to the page being called, it is necessary to have read rights. To map writable pages, the capability must have write rights.
The number of applications that the system can support is fixed for internal kernel billing purposes. To manage such limited resources, the microkernel provides address space identification ASID control capabilities. ASID control capabilities are used to generate capabilities that authorize use of a subset of available address space identifiers. The newly created capability is called the ASID pool, which determines the number of ASIDs that a thread can use.
Based on security consideration, the microkernel does not support page table sharing, only supports page sharing, the sharing is provided by copying the capability, and the sharing thread performs page mapping through an operation interface inside the capability so as to achieve the purpose of page sharing.
The use of capabilities and hardware mechanisms of the MMU effectively achieve spatial isolation. Through VSpace and ASID management, memory management certainty can be better supported.
Microkernels provide threads to represent execution contexts, and processor time may also be represented by thread abstractions. The thread uses its Thread Control Block (TCB) object representation. Each TCB has an associated CSpace and VSpace that can be shared with other threads. The TCB may also have an IPC buffer for passing additional parameters during IPC or kernel object calls. Each thread belongs to only one security domain and will only run when that domain is active. The security domains are used to isolate independent subsystems to limit the flow of information between them, and the kernel switches between domains according to a fixed time-triggered schedule.
The microkernel uses a preemptive non-ticking scheduler with 256 priorities (0-255). All threads have a Maximum Controlled Priority (MCP) and a valid priority. When one thread modifies another thread priority (including itself), it must provide the thread capabilities of the MCP used. The thread can only set the priority and MCP to be less than or equal to the MCP of the provided thread.
The state of the thread includes: is running: threads are eligible for selection by the scheduler and have been scheduled in a queue, or are currently running threads. Inactive: threads are not runnable and are not in the dispatch queue. It has been paused or may no longer be able to resume. Receiving a blockage: the thread is waiting to receive IPC (or binding notification). Transmission blocking: the thread is waiting to send IPC. Reverting to blocking: the thread is blocked in the resume function waiting for a reply or a failure. Notifying blocking: the thread is waiting to receive a notification.
Microkernels provide a messaging IPC mechanism for communication between threads, and the same mechanism is used for communication with services provided by the kernels. The message is sent by invoking the kernel object's capabilities. Messages sent to the endpoint are sent to other threads, while messages sent to other objects are processed by the kernel.
IPC consists of threads that send and receive messages through endpoints (message ports) in a blocking or non-blocking manner. Each thread has a buffer (called IPC buffer) containing the payload (consisting of data and capabilities) of the message. The sender specifies the message length and the kernel replicates this (bounded) amount of payload between the sender's and receiver's IPC buffers. The first few words in the payload can be implemented using physical CPU registers while the rest is supported by the fixed memory area of the IPC buffer, so that the short message does not need to use memory, thereby improving communication efficiency.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The foregoing description of the embodiments of the present disclosure has been presented for purposes of illustration and description, and is not intended to be exhaustive or limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the various embodiments described. The terminology used herein was chosen in order to best explain the principles of the embodiments, the practical application, or the improvement of technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.
Claims (8)
1. A method of load space isolation based on performance, comprising:
Acquiring data to be identified;
Creating an independent kernel object for the data to be identified;
Carrying out semantic analysis on the data to be identified to obtain a data semantic understanding feature vector to be identified as a data semantic understanding feature to be identified; and
Determining access rights to the kernel object based on the semantic understanding characteristics of the data to be identified;
wherein determining access rights to the kernel object based on the semantic understanding features of the data to be identified comprises:
carrying out semantic information homogenization activation of feature rank expression on the semantic understanding feature vector of the data to be identified so as to obtain an optimized semantic understanding feature vector of the data to be identified;
the optimized data semantic understanding feature vector to be identified passes through a classifier to obtain a classification result, and the classification result is used for representing a sensitive data grade label; and
Determining access rights to the kernel object based on the classification result;
The method for optimizing the semantic understanding feature vector of the data to be recognized comprises the following steps of:
carrying out semantic information homogenization activation of feature rank expression on the data semantic understanding feature vector to be identified by using the following optimization formula to obtain the optimized data semantic understanding feature vector to be identified;
Wherein, the optimization formula is:
Wherein V i is the i-th eigenvalue of the data semantic understanding eigenvector V to be identified, |v| 2 represents the two norms of the data semantic understanding eigenvector to be identified, log is the base-2 logarithm, α is the weight super-parameter, and V' i is the i-th eigenvalue of the optimized data semantic understanding eigenvector to be identified.
2. The method for claim 1, wherein performing semantic analysis on the data to be identified to obtain semantic understanding features of the data to be identified comprises:
dividing the data to be identified by taking sentences as units to obtain a sequence of sentences to be identified;
Performing embedding conversion on the sequence of the sentence to be identified to obtain a sequence of an embedding vector of the sentence to be identified;
Respectively carrying out semantic coding on each sentence embedded vector to be recognized in the sequence of sentence embedded vectors to be recognized through a semantic coder based on a deep neural network model so as to obtain a sequence of sentence semantic understanding feature vectors to be recognized; and
And carrying out semantic association coding on the sequence of the semantic understanding feature vectors of the sentences to be identified to obtain the semantic understanding feature vectors of the data to be identified as the semantic understanding features of the data to be identified.
3. The method of claim 2, wherein performing an embedding transformation on the sequence of sentences to be identified to obtain a sequence of embedded vectors of sentences to be identified comprises:
and converting the sequence of the sentences to be recognized into a sequence of the embedded vectors of the sentences to be recognized by utilizing FastText models.
4. The energy-based load space isolation method of claim 3, wherein the deep neural network model is a BiLSTM model.
5. The method for claim 4, wherein performing semantic association encoding on the sequence of semantic understanding feature vectors of the sentence to be recognized to obtain the semantic understanding feature vector of the data to be recognized as the semantic understanding feature of the data to be recognized comprises:
And passing the sequence of the semantic understanding feature vectors of the sentences to be recognized through a sentence meaning context encoder based on a converter to obtain the semantic understanding feature vectors of the data to be recognized.
6. A performance-based load space isolation system, comprising:
the data acquisition module is used for acquiring data to be identified;
The kernel object creation module is used for creating an independent kernel object for the data to be identified;
the semantic analysis module is used for carrying out semantic analysis on the data to be identified to obtain a data semantic understanding feature vector to be identified as a data semantic understanding feature to be identified; and
The access right determining module is used for determining the access right to the kernel object based on the semantic understanding characteristics of the data to be identified;
wherein, the access right determining module comprises:
carrying out semantic information homogenization activation of feature rank expression on the semantic understanding feature vector of the data to be identified so as to obtain an optimized semantic understanding feature vector of the data to be identified;
the optimized data semantic understanding feature vector to be identified passes through a classifier to obtain a classification result, and the classification result is used for representing a sensitive data grade label; and
Determining access rights to the kernel object based on the classification result;
The method for optimizing the semantic understanding feature vector of the data to be recognized comprises the following steps of:
carrying out semantic information homogenization activation of feature rank expression on the data semantic understanding feature vector to be identified by using the following optimization formula to obtain the optimized data semantic understanding feature vector to be identified;
Wherein, the optimization formula is:
Wherein V i is the i-th eigenvalue of the data semantic understanding eigenvector V to be identified, |v| 2 represents the two norms of the data semantic understanding eigenvector to be identified, log is the base-2 logarithm, α is the weight super-parameter, and V' i is the i-th eigenvalue of the optimized data semantic understanding eigenvector to be identified.
7. The energy-based load space isolation system of claim 6, wherein the semantic analysis module comprises:
the dividing unit is used for dividing the data to be identified by taking sentences as units to obtain a sequence of sentences to be identified;
The embedding conversion unit is used for carrying out embedding conversion on the sequence of the sentences to be identified to obtain a sequence of embedded vectors of the sentences to be identified;
The semantic coding unit is used for respectively carrying out semantic coding on each sentence embedded vector to be identified in the sequence of sentence embedded vectors to be identified through a semantic coder based on a depth neural network model so as to obtain a sequence of sentence semantic understanding feature vectors to be identified; and
The semantic association coding unit is used for carrying out semantic association coding on the sequence of the semantic understanding feature vectors of the sentences to be identified so as to obtain the semantic understanding feature vectors of the data to be identified as the semantic understanding features of the data to be identified.
8. The energy-based load space isolation system of claim 7, wherein the deep neural network model is a BiLSTM model.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311172227.XA CN117113378B (en) | 2023-09-12 | 2023-09-12 | Load space isolation method and system based on capability |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311172227.XA CN117113378B (en) | 2023-09-12 | 2023-09-12 | Load space isolation method and system based on capability |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117113378A CN117113378A (en) | 2023-11-24 |
| CN117113378B true CN117113378B (en) | 2024-08-13 |
Family
ID=88796372
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311172227.XA Active CN117113378B (en) | 2023-09-12 | 2023-09-12 | Load space isolation method and system based on capability |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117113378B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117972791B (en) * | 2024-03-25 | 2024-06-14 | 中国人民解放军国防科技大学 | Method for revoking capability in operating system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019237646A1 (en) * | 2018-06-14 | 2019-12-19 | 清华大学深圳研究生院 | Image retrieval method based on deep learning and semantic segmentation |
| CN116522197A (en) * | 2023-04-18 | 2023-08-01 | 广西盈仕咨询有限公司 | Identity authentication and access control system based on security management |
| CN116702180A (en) * | 2023-08-02 | 2023-09-05 | 北京智芯微电子科技有限公司 | Microkernel operating system, access control method, chip, device and medium thereof |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2149476A1 (en) * | 1994-06-21 | 1995-12-22 | James Michael Magee | Capability engine method and apparatus for a microkernel data processing system |
| EP0689138A3 (en) * | 1994-06-22 | 1998-02-04 | International Business Machines Corporation | Temporary data method and apparatus for a microkernel data processing system |
| JPH09230954A (en) * | 1996-02-28 | 1997-09-05 | Olympus Optical Co Ltd | Vector standardizing device |
| CN109391312B (en) * | 2017-08-11 | 2022-11-25 | 华为技术有限公司 | Data transmission method and device |
| CN108491249B (en) * | 2018-03-16 | 2020-11-10 | 中国人民解放军战略支援部队信息工程大学 | Kernel module isolation method and system based on module weight |
| CN110377686B (en) * | 2019-07-04 | 2021-09-17 | 浙江大学 | Address information feature extraction method based on deep neural network model |
| CN116700403A (en) * | 2023-06-26 | 2023-09-05 | 杭州国辰智企科技有限公司 | Automation system and method based on industrial system role division |
| CN116663568B (en) * | 2023-07-31 | 2023-11-17 | 腾云创威信息科技(威海)有限公司 | Critical task identification system and method based on priority |
-
2023
- 2023-09-12 CN CN202311172227.XA patent/CN117113378B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019237646A1 (en) * | 2018-06-14 | 2019-12-19 | 清华大学深圳研究生院 | Image retrieval method based on deep learning and semantic segmentation |
| CN116522197A (en) * | 2023-04-18 | 2023-08-01 | 广西盈仕咨询有限公司 | Identity authentication and access control system based on security management |
| CN116702180A (en) * | 2023-08-02 | 2023-09-05 | 北京智芯微电子科技有限公司 | Microkernel operating system, access control method, chip, device and medium thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117113378A (en) | 2023-11-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107885762B (en) | Intelligent big data system, method and equipment for providing intelligent big data service | |
| Imani et al. | Hierarchical hyperdimensional computing for energy efficient classification | |
| Junaid et al. | Modeling an optimized approach for load balancing in cloud | |
| WO2020119268A1 (en) | Model-based prediction method and device | |
| US10037225B2 (en) | Method and system for scheduling computing | |
| CN109376009A (en) | A kind of method and device of shared resource | |
| CN117113378B (en) | Load space isolation method and system based on capability | |
| Liu et al. | K‐PSO: An improved PSO‐based container scheduling algorithm for big data applications | |
| US9286125B2 (en) | Processing engine implementing job arbitration with ordering status | |
| Karthikeyan et al. | COSCO2: AI‐augmented evolutionary algorithm based workload prediction framework for sustainable cloud data centers | |
| US11573828B2 (en) | Efficient and scalable enclave protection for machine learning programs | |
| Wang et al. | ETS-TEE: An energy-efficient task scheduling strategy in a mobile trusted computing environment | |
| CN112965788B (en) | Task execution method, system and equipment in hybrid virtualization mode | |
| Zhang et al. | A locally distributed mobile computing framework for DNN based android applications | |
| US20210311773A1 (en) | Efficient Condition Variables via Delegated Condition Evaluation | |
| US20230047184A1 (en) | Techniques for prediction based machine learning models | |
| Awasare et al. | Survey and comparative study on resource allocation strategies in cloud computing environment | |
| CN115375453A (en) | System resource allocation method and device | |
| CN113760407A (en) | Information processing method, device, equipment and storage medium | |
| CN117178257A (en) | Task scheduling architecture and method | |
| CN118153649B (en) | Soft and hard all-in-one machine integrating large model training and reasoning and large model training method | |
| CN117311941B (en) | Image processing method and related equipment | |
| CN118363751B (en) | Rule matching method, device and medium based on high concurrency decision engine | |
| Liu et al. | Research on Fog Computing Task Scheduling Strategy with Deadline Constraints | |
| CN118409873B (en) | Model memory occupation optimization method, equipment, medium, product and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |