CN113546426A - Security policy generation method for data access event in game service - Google Patents
Security policy generation method for data access event in game service Download PDFInfo
- Publication number
- CN113546426A CN113546426A CN202110824250.7A CN202110824250A CN113546426A CN 113546426 A CN113546426 A CN 113546426A CN 202110824250 A CN202110824250 A CN 202110824250A CN 113546426 A CN113546426 A CN 113546426A
- Authority
- CN
- China
- Prior art keywords
- data
- item
- frequent
- data item
- items
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- A—HUMAN NECESSITIES
- A63—SPORTS; GAMES; AMUSEMENTS
- A63F—CARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
- A63F13/00—Video games, i.e. games using an electronically generated display having two or more dimensions
- A63F13/70—Game security or game management aspects
- A63F13/73—Authorising game programs or game devices, e.g. checking authenticity
-
- A—HUMAN NECESSITIES
- A63—SPORTS; GAMES; AMUSEMENTS
- A63F—CARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
- A63F13/00—Video games, i.e. games using an electronically generated display having two or more dimensions
- A63F13/70—Game security or game management aspects
- A63F13/75—Enforcing rules, e.g. detecting foul play or generating lists of cheating players
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
- G06F16/2465—Query processing support for facilitating data mining operations in structured databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- A—HUMAN NECESSITIES
- A63—SPORTS; GAMES; AMUSEMENTS
- A63F—CARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
- A63F2300/00—Features of games using an electronically generated display having two or more dimensions, e.g. on a television screen, showing representations related to the game
- A63F2300/50—Features of games using an electronically generated display having two or more dimensions, e.g. on a television screen, showing representations related to the game characterized by details of game servers
- A63F2300/53—Features of games using an electronically generated display having two or more dimensions, e.g. on a television screen, showing representations related to the game characterized by details of game servers details of basic data processing
- A63F2300/532—Features of games using an electronically generated display having two or more dimensions, e.g. on a television screen, showing representations related to the game characterized by details of game servers details of basic data processing using secure communication, e.g. by encryption, authentication
-
- A—HUMAN NECESSITIES
- A63—SPORTS; GAMES; AMUSEMENTS
- A63F—CARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
- A63F2300/00—Features of games using an electronically generated display having two or more dimensions, e.g. on a television screen, showing representations related to the game
- A63F2300/50—Features of games using an electronically generated display having two or more dimensions, e.g. on a television screen, showing representations related to the game characterized by details of game servers
- A63F2300/55—Details of game data or player data management
- A63F2300/5586—Details of game data or player data management for enforcing rights or rules, e.g. to prevent foul play
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The invention relates to a security policy generation method for a data access event in game service. Then, a column of the game data table is used as a data item, and a FP-Growth algorithm is used for carrying out parallel operation on Spark to process a large-scale data set. And acquiring data frequency characteristics through frequent items obtained by FP-Growth, and acquiring strong association rules through the frequent items. And finally, converting the frequency characteristics and the incidence relation of the data into authority rule configuration to enable the authority rule configuration to act on a game data table row or a game data table column. The scheme can effectively add the system and finish the refinement of the authority control. From the access data, the security policy is generated by using a data mining method, and the method is a reasonable data access control policy.
Description
Technical Field
The invention is applied to the technical field of access data authority control in big data, and particularly relates to a security policy generation method for a data access event in game service, which realizes the detailed access control of data.
Background
In recent years, the performance of computers is improved, so that a big data era comes, and an important conclusion obtained by analyzing a large amount of data is an important assistance for enterprise development. Data has gradually become an important condition for competition among enterprises. For better use of the data, the data must be analyzed and shared, and therefore the data must be open to a specific population. This also creates a data protection problem. Particularly, in the aspect of game data protection, the role relationship among the game data has a plurality of shared data access conditions, and the data authority is more detailed, so that the access authority control technology of specific data in the game data table is one of important means for guaranteeing data security in the data sharing process. Due to different service scenes, the data protection technology has different requirements on control objects, control ranges and the like in implementation. The main framework of access control is mature at present. But there are relatively few access control studies that start from the characteristics of the protected data itself. Therefore, a frequent item set is generated through data mining based on data characteristics to generate a security strategy for protecting game data.
Disclosure of Invention
The invention aims to provide a security policy generation method for a data access event in game business aiming at a game sharing data access event, and a security protection policy is generated by using the access characteristic of data. The problem of the security of data when having solved the game data sharing that exists among the prior art is protected data more meticulous.
The technical scheme adopted by the invention is that association rules among data are obtained based on data mining, a security strategy is regenerated, a game data table is preprocessed, FP-Growth is used for mining the game data, and frequent items are obtained. Analyzing and screening the acquired frequent items, acquiring data frequency characteristics and incidence relation characteristics from the frequent item set, and finally establishing a security strategy according to the data frequency characteristics and the incidence relation characteristics to realize detailed access of the game data table.
A security policy generation method for data access events in game services comprises the steps of preprocessing a source game data table, and mining data through an optimized FP-Growth algorithm to obtain frequent items and association relations. And respectively configuring the authority of the game data list and the game data line by using the acquired frequency characteristics and the acquired incidence relation. And the data feature library is enriched to fulfill the aim of refining and protecting data, and finally, permission judgment is carried out when a user accesses according to a definition model and permission judgment rules.
The method specifically comprises the following steps:
step 2, mining game data based on the optimized FP-Growth;
step 3, acquiring the occurrence frequency of the data item values in the frequent item set, and using the occurrence frequency as the game data list authority configuration input;
step 4, acquiring authority configuration, and finally acquiring the authority configuration according to the result of the step three to act on a game data list;
step 5, selecting confidence and screening strong association relations, and using the obtained strong association relations as data table row permission configuration input;
step 6, acquiring authority configuration, and acting on a game data table line according to the finally acquired authority configuration in the step five;
the step 1 comprises the following specific steps:
step 1.1: processing source data;
interpreting and defining the corresponding relation between the database and the data mining; the analysis object, namely the data source, is a database table, the data item is a game data table column, the value of the data item is a specific representation of a certain piece of data of the data item, and the transaction is understood as a row of data according to the database;
deleting a data item if the data item value occurrence rate is near zero or if any one of the data item values of the data item is not repeated, including but not limited to a primary key; if a large number of null values exist in a certain data item and the proportion exceeds 90%, determining that the data item is a meaningless data item;
step 1.2: mapping of data values to data items
In order to complete the conversion of rule configuration, the mapping relation between the data item values and the data items needs to be clarified in the process of obtaining the incidence relation of the data item values, and corresponding data item identifications are added to the data item values in the data source, wherein the step needs to be carried out before encoding;
step 1.3: selection of minimum support
The selected FP-Growth algorithm is used for mining frequent items, and a component in the algorithm needs to have the FP-Tree with the minimum support degree, and the selection of the minimum support degree is related; first, the frequency of the data item values in each data item is calculated and averaged as AII denotes a certain data item; calculating AIIn thatThe occupied ratio, n is the total number of data items, and the proportion M of the data quantity in the data items in the whole data set is calculatedIWith MIIs AIMultiplying the corresponding weights by GI(ii) a G is to beISorting, namely selecting a median as a demarcation point; if the data volume at the high frequency is large, selecting all data, otherwise, selecting low-frequency data; take A of each data item of the selected dataIThe average value of the frequency term is used as the support degree of the frequent term mining; the method is adopted to select the minimum support degree so as to obtain more frequent items.
The specific steps of the step 2 are as follows:
and (4) mining frequent items by using the FP-Growth algorithm. The algorithm fails to store the large-scale FP-Tree when processing a large-scale data set, and meanwhile, the mining efficiency is extremely low due to the fact that recursion times in the process of mining the FP-Tree are increased, and the scheme performs data mining on the basis of the optimized FP-Tree;
the FP-Growth optimization of the scheme is that parallel operation is carried out on Spark; firstly, reading original data, randomly dividing a data set, and dividing the data set into different partitions; and then performing data mining on each partition by using FP-Growth, and finally merging the mining results in each partition to obtain and output the mining result of the whole data set.
The specific steps of the step 3 are as follows:
step 3.1: acquiring frequent item sets according to minimum support
The constructed FP-Tree can display all relevant data item values, and under the condition that the frequency of a single data item value meets the minimum support degree, relevant data item values hidden in the FP-Tree need to be mined, and the frequent items need to be ensured to meet the requirement of the minimum support degree, namely, the occurrence frequency is higher than a set threshold value; and finally, obtaining the value association of the data item as the input of the security feature configuration conversion.
Step 3.2: obtaining the occurrence frequency of data items in a frequent itemset
Data after data processing and frequent item mining are converted to permission configuration, the selected algorithm is used for analyzing the association relation of the data items, if algorithm output needs to be converted to permission rule configuration, the most obvious permission division relation means 'occurrence frequency of the data items', and the safety feature is 'data item use frequency division'.
According to the representable permission meaning, the algorithm output needs to be converted as follows to obtain the security configuration. The encoded data item values first need to be decoded to restore their original representation type. The data item value V is mapped to the data item C before the data item value is encoded, so that the decoded real data item value is also mapped to the data item. Replacing the data item value in each frequent item with a corresponding data item, removing repeated data items, and obtaining data which can be expressed as { { C }, support (N) }, and is recorded as S (N), wherein N represents the current frequent item, the data items in the current frequent item are assumed to be I in total, the frequent items are assumed to be N in total, the support rate of each frequent item is calculated, and the occurrence frequency R of each data item in the frequent items is calculated according to the support rate of the frequent itemsc。
The specific steps of the step 4 are as follows: r in step 3cWherein c represents a certain data item, namely the data item c in the nth frequent item, and the calculation result represents the associated frequency of the data item in a certain game data table; experience given by experts is in [0, 1]]Is divided into four frequency intervals, [0,0.25 ]]Low frequency, [025,0.5]Lower frequency, [0.5,0.75 ]]Higher frequency, [0.75,1]High frequencies, denoted R1, R2, R3, R4, respectively; frequency of occurrence R of data itemscCorresponding to four intervals;
according to the description of the security feature, the security feature represents "data item usage frequency division", and includes four security feature elements, each security feature element meaning a data item in a frequency interval, and the security feature elements are defined as F1: high frequency, F2: higher frequency, F3: lower frequency, F4: low frequency; the data items with high frequency occurrence have high priority, which indicates that the data items with frequent occurrence occupy more important position in data mining, so the protection level is correspondingly improved; the safety characteristic element relationship is as follows: { { F1} → { F1, F2, F3, F4}, { F2} → { F2, F3, F4}, { F3} → { F3, F4}, { F4} → { F4}, { } }, (→ means "accessible"); i.e., the column in the game data table is accessible when the user has the highest privilege F1.
The specific steps of the step 5 are as follows:
step 5.1: converting the frequent items acquired by the mining algorithm into authority rule configuration, enabling the action objects to be game data table rows, finding association relations from the frequent items, evaluating the association relations, and acquiring row authority configuration from the strong association relations, namely, conditions for data row restriction;
suppose a frequent term V ═ V1,v2,…,vmThe frequent item support degree is support (V), and the frequent items in the association relation are called as m item sets; the incidence relation in the frequent item is defined as
Indicating that taking any data item value from this frequent item constitutes two sets left: { vp… and right { vq…, and the values of the data items that make up the sets are different, i.e., the two sets are not equal. The incidence relation is interpreted as the condition that all data item values in a left set and all data item values in a right set occur for one transaction; and the evaluation criterion describing the correlation is defined as confidence coefficient, and the calculation formula of the confidence coefficient is
I.e., by the support of the frequent item as compared to the support of the data item values that appear only in the right set. In the frequent item mining, if a set containing a plurality of data item values meets the minimum support degree, any data item value combination of the data item values also meets the minimum support degree, and the frequent item and the support degree thereof also exist in the frequent item mining result; therefore, the support degree of the left item set can be directly obtained from the frequent item result;
step 5.2: in all the association relations, if the total number of the data item values in the right set is more than that of the data item values in the left set, namely the confidence degree is more than 1, regarding the association relations as the inverse association of the association relations; as the text is aimed at the mining of a large amount of data, 0.1 data is randomly selected here and used as a sample to calculate the overall confidence; verifying the distribution rule of the confidence degrees of the association relation in the [0, 1] interval, if the distribution rule meets normal distribution, obtaining a confidence interval with 95% confidence degree according to prior knowledge, removing a larger value and a smaller value to reduce useless data, and taking the association relation in the confidence interval as the input of the next operation; if the confidence coefficient does not accord with the normal distribution, the incidence relation of the confidence coefficient in the interval of [0, 1] is used as the input of the next operation, and the step is mainly used for screening out a part of rules with weak incidence so as to reduce the workload of evaluation parameter calculation;
in an incidence relation evaluation system, due to the fact that the confidence coefficient ignores the number of the whole transaction, data quantity which does not meet the conditions is not considered, the incidence relation can not be completely determined to be established only by the confidence coefficient, a correlation coefficient is introduced, and the incidence relation is screened; assume a relationship of associationThe correlation coefficient is calculated by
lift represents a correlation coefficient from A to B, if the lift is greater than 1, positive correlation is represented, otherwise, negative correlation is represented if the lift is less than 1, and if the lift is equal to one, the A and the B are considered to be independent of each other; in the present scheme, both positive and negative correlations are of interest to us, while independent is not needed;
step 5.3: to determine whether this relationship is balanced, the imbalance factor IR is used and calculated as
The numerator is the difference of the support degree of two parts of the association relation, the denominator is the affair containing A and B, if the IR is smaller, the more stable the association relation is, namely the association relation is most likely to appear.
The concrete steps of the step 6 are as follows: through the association rules screened out in step 5, we can consider that there are some associations between the data item values in the association relations, which may or may cause data leakage, so in order to protect data, data with association relations are not accessed randomly, a security feature is defined, which indicates whether the associated data is allowed to be accessed or not; assuming that the correlation obtained by screening and evaluation is
vp,vqFor data item values in frequent item V, Vp,vqThe corresponding data item, i.e. the game data table, is listed as cp,cqDefining the Security feature element E1: { filed: c)p,operator:=,value:vp},E2:{filed:cq,operator:=,value:vq};
If something is an element v in the game data table rowp,vqIf there is an association between E and V, the transaction label E1: { filed: c:isgiven to the transactionp,operator:=,value:vp},E2:{filed:cq,operator:=,value:vq}; if the user only holds one of the access rights of the tags E1 and E2, the corresponding data in the association relationship can be accessed, and all data of the things can be accessed only when the user simultaneously holds the corresponding rights of E1 and E2.
The invention has the beneficial effects that:
the invention provides a method for generating a security policy by mining data characteristics, which relates data characteristic extraction and permission judgment bases and adopts a method for carrying out permission configuration on access characteristics of a game data table to carry out access control on table rows or columns. The game data table is subjected to data processing and frequent item mining to obtain strong association rules, the relationship of data 'values' is analyzed from the data, the organizational structure of the 'values' is mined, the access control method for rows and columns of the game data table is completed by rule configuration, a brand new safety strategy is generated, and the scheme can be added into the game data table without feeling to complete more detailed protection of the game data table. In the authority control, the security strategy generation is carried out by using the analysis result of the data from the data characteristics, so that the fine-grained access control of the game data is more reasonably carried out.
Drawings
FIG. 1 is a general flowchart of a security policy generation method for a data access event in a game service according to the present invention;
FIG. 2 is a flowchart of a minimum support selection method in a security policy generation method for a data access event in a game service according to the present invention;
FIG. 3 is a flowchart of an optimization method of an FP-Growth algorithm in a security policy generation method for a data access event in a game service when processing a large-scale game data set according to the present invention;
FIG. 4 is a flowchart illustrating a method for generating a security policy for a data access event in a game service according to the present invention, in which frequent items are converted into column-level security features;
FIG. 5 is a flow of converting a confidence level selection method and an association relationship into row-level security features in a security policy generation method for a data access event in a game service according to the present invention;
fig. 6 is a distribution diagram of confidence level in an association relation (S) in a security policy generation method for a data access event in a game service according to the present invention.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and specific embodiments.
Referring to FIG. 1, the present invention generates security policies based on data mining. And performing data mining by using FP-Growth, and explaining and defining related concepts before performing FP-Tree construction. The analysis object, namely the data source is a database table, the data item is a game data table column, the value of the data item is a certain piece of data of the data item, and a meaningful data item is screened out to be used as the input of FP-Growth. And then performing frequent mining by using the FP-Tree to generate frequent items, acquiring association rules among data based on the frequent items, and finally formulating permission configuration by using the obtained frequent items and the association rules among the data to generate a new security policy. The method is implemented according to the following steps:
the specific steps in step 1 include the following:
step 1.1: processing source data;
the related concepts are defined by explanation. The analysis object, namely the data source, is a database table, the data item is a game data table column, the value of the data item is a specific representation of a certain piece of data of the data item, and the transaction is understood as a row of data according to the database.
The data item is deleted if the data item value occurrence rate is near zero or if any one of the data item values of the data item is not repeated, including but not limited to the primary key. If a large number of null values exist in a certain data item and the proportion exceeds 90%, the data item is judged to be a nonsense data item.
Step 1.2: mapping of data values to data items
In order to complete the conversion of rule configuration, the mapping relationship between the data item value and the data item needs to be clarified in the process of obtaining the association relationship between the data item value, so that a corresponding data item identifier needs to be added to the data item value in the data source, and this step needs to be performed before encoding.
Step 1.3: selection of minimum support
The FP-Growth algorithm selected here is used for mining frequent items, and in the algorithm, a component is required to have the FP-Tree with the minimum support degree, so that the selection of the minimum support degree is involved. First, the frequency of the data item values in each data item is calculated and averaged as AIAnd I denotes a certain data item. Calculating AIIn thatThe occupied ratio, n is the total number of data items, and the proportion M of the data quantity in the data items in the whole data set is calculatedIWith MIIs AICorresponding rightThe product of multiplication is recorded as GI. G is to beIAnd sorting, and selecting a median as a demarcation point. And if the data volume at the high frequency is large, selecting all the data, otherwise, selecting the low-frequency data. Take A of each data item of the selected dataIThe average value of (2) is used as the support degree of frequent item mining. The purpose of selecting the minimum support degree by adopting the method is to acquire more frequent items, and refer to fig. 2.
Step 2, data mining;
step 2.1: obtaining data item values existing in a data source and corresponding frequency of occurrence
In the construction of the FP-Tree, firstly, a data source needs to be scanned, all data item values of the whole table are traversed, the data item values existing in the data source and the corresponding occurrence frequency thereof are obtained, and the data item values are arranged in a descending order by taking the frequency as a reference to be used as a data set (D) of a single frequent item.
2.2 construction of FP-Tree
And constructing to form the FP-Tree according to the data item value (V) in the data set (D) and the frequency (F) thereof as input.
The FP-Growth optimization of the scheme is to perform parallel operation on Spark. Firstly, reading original data, and randomly dividing a data set to divide the data set into different partitions. And then, performing data mining on each partition by using FP-Growth, and finally combining the mining results in each partition to obtain the mining result of the whole data set and outputting the mining result with reference to FIG. 3.
2.3 frequent item acquisitions
The constructed FP-Tree can display all the associated data item values, and under the condition that the frequency of a single data item value meets the minimum support degree, the associated data item values hidden in the FP-Tree need to be mined, and the frequent items need to be ensured to meet the requirement of the minimum support degree, namely, the occurrence frequency is higher than a set threshold value. And finally, obtaining the value association of the data item as the input of the security feature configuration conversion.
Step 3, acquiring the item output frequency of the data items in the frequent item set, and using the frequency as the game data list authority configuration input;
step 3.1: acquiring frequent item sets according to minimum support
The constructed FP-Tree can display all the associated data item values, and under the condition that the frequency of a single data item value meets the minimum support degree, the associated data item values hidden in the FP-Tree need to be mined, and the frequent items need to be ensured to meet the requirement of the minimum support degree, namely, the occurrence frequency is higher than a set threshold value. And finally, obtaining the value association of the data item as the input of the security feature configuration conversion.
Step 3.2: acquiring the item output frequency of the data item in the frequent item set
Data after data processing and frequent item mining are converted to authority configuration, and because the selected algorithm is used for analyzing the association relation of the data items, if the algorithm output needs to be converted to the authority rule configuration, the most obvious authority division relation means 'frequency of occurrence of the data items', and the safety feature is 'frequency of use of the data items' and reference is made to fig. 4.
According to the representable permission meaning, the algorithm output needs to be converted as follows to obtain the security configuration. The encoded data item values first need to be decoded to restore their original representation type. The data item values (V) are mapped to the data items (C) prior to encoding the data item values, so that the decoded real data item values are also mapped to the data items. Replacing the data item value in each frequent item with a corresponding data item, removing repeated data items, and obtaining data which can be expressed as { { C }, support (N) }, and is denoted as S (N), wherein N denotes the current frequent item, the data items in the current frequent item are assumed to be I in total, the frequent items are assumed to be N in total, and the support rate of each frequent item is calculated
Calculating the occurrence frequency of each data item in the frequent items according to the support rate of the frequent items
And 4, step 4: in step 3RcWhere c represents a certain data item, i.e., data item c in the nth frequent item, and the calculation result represents the frequency with which the data item is associated in a certain game data table. Experience given by experts is in [0, 1]]Is divided into four frequency intervals, [0,0.25 ]]Low frequency, [025,0.5]Lower frequency, [0.5,0.75 ]]Higher frequency, [0.75,1]High frequencies, denoted R1, R2, R3, R4, respectively; frequency of occurrence R of data itemscCorresponding to four intervals.
According to the description of the security feature, the security feature represents "data item usage frequency division", and includes four security feature elements, each security feature element meaning a data item in a frequency interval, and the security feature elements are defined as F1: high frequency, F2: higher frequency, F3: lower frequency, F4: a low frequency. The security feature configurations obtained from the different types of security feature element relationships selected are also different. The data items with high frequency are high in priority, which means that the data items with frequent occurrence occupy more important positions in data mining, so that the protection level is correspondingly improved.
The specific steps of the step 5 are as follows:
step 5.1: the frequent items acquired by the mining algorithm are converted into authority rule configuration, the action objects are game data table rows, association relations need to be found from the frequent items, and after the association relations are evaluated, row authority configuration, namely conditions needing data row restriction, is acquired from the strong association relations.
Suppose a frequent term V ═ V1,v2,…,vmAnd the support degree of the frequent item is support (V), and the frequent item is called as an m-item set in the association relationship. The incidence relation in the frequent item is defined as
Indicating that taking any data item value from this frequent item constitutes two sets left: { vp… and right { vq…, and the values of the data items that make up the sets are different, i.e., the two sets are not equal. The incidence is interpreted as the case where all the data item values in the left set occur for a transaction, as well as all the data item values in the right set. And the evaluation criterion describing the correlation is defined as confidence coefficient, and the calculation formula of the confidence coefficient is
I.e., by the support of the frequent item as compared to the support of the data item values that appear only in the right set. In the frequent item mining, if a set containing a plurality of data item values meets the minimum support degree, any combination of the data item values also meets the minimum support degree, and the frequent item and the support degree thereof also exist in the frequent item mining result. Therefore, the support degree of the left item set can be directly obtained from the frequent item result. If the frequent item only contains one value, the frequent item has no association relation.
Step 5.2: in all the association relations, if the total number of the data item values in the right set is more than that of the data item values in the left set, that is, the confidence degree is more than 1, the association relation is regarded as the inverse association of the association relation. Since this document is directed to the mining of a large amount of data, 0.1 of the data is randomly chosen here as a sample to calculate the overall confidence. Verifying the distribution rule of the confidence degrees of the association relation in the [0, 1] interval, if the distribution rule meets normal distribution, obtaining a confidence interval with 95% confidence degree according to prior knowledge, removing a larger value and a smaller value to reduce useless data, and taking the association relation in the confidence interval as the input of the next operation; if the normal distribution is not met, the association relation with the confidence coefficient in the [0, 1] interval is used as the input of the next operation, and the step is mainly used for screening out a part of rules with weak association so as to reduce the workload of evaluating parameter calculation and refer to fig. 5.
In the incidence relation evaluation system, the confidence coefficient ignores the number of the whole transaction, does not consider the data amount which does not meet the condition, and can not completely determine the incidence relation establishment only by the confidence coefficient, so a correlation coefficient is introduced to screen the incidence relation. Assume a relationship of associationThe correlation coefficient is calculated by
And lift represents a correlation coefficient from A to B, if the lift is greater than 1, positive correlation is represented, if the lift is smaller than 1, negative correlation is represented, and if the lift is equal to one, A and B are considered to be independent of each other. In the scheme herein. Both positive and negative correlations are of interest. But independently is not required.
Step 5.3: in order to determine whether the correlation is balanced, an imbalance factor IR is introduced, which is calculated as
The numerator is the difference of the support degree of two parts of the association relation, the denominator is the affair containing A and B, if the IR is smaller, the more stable the association relation is, namely the association relation is most likely to appear.
For the incidence relations between the data item values appearing, we can consider that some relations exist between the data item values in the incidence relations, and the data can be or cause leakage of the data, so in order to protect the data, the data with the incidence relations can not be accessed freely, and a safety characteristic is defined, wherein the safety characteristic represents that whether the incidence data is allowed to be accessed or not. Assuming that the correlation obtained by screening and evaluation is
vp,vqFor data item values in frequent item V, Vp,vqThe corresponding data item, i.e. the game data table, is listed as cp,cqDefining the Security feature element E1: { filed: c)p,operator:=,value:vp},E2:{filed:cq,operator:=,value:vq}。
If something is an element v in the game data table rowp,vqIf there is an association between E and V, the transaction label E1: { filed: c:isgiven to the transactionp,operator:=,value:vp},E2:{filed:cq,operator:=,value:vq}. If the user only holds one of the access rights of the tags E1 and E2, the corresponding data in the association relationship can be accessed, and all data of the things can be accessed only when the user simultaneously holds the corresponding rights of E1 and E2.
Examples
The embodiment of the invention uses a game data table with the size of 17008 x 18, namely 17008 transactions (game data table rows) and 18 data items (game data table columns). According to the definition that the data items have unique identification in the data processing, the data items with unique identification in the game data table are filtered out, and 7 items are counted. Of the remaining data items, all records in the same data item whose data item value exceeds 90% are filtered again as null values for a total of 4 items. By definition, the 11 game data table columns have no reference value in frequent item mining, and thus the data item values in the remaining 7 game data table columns are used as the data source to be analyzed.
Before frequent item mining is carried out, the minimum support degree needs to be selected, and according to the definition about parameter selection in data processing, the average value of the frequency of different data item values corresponding to each data item is obtained, and the average value is used as the input of the minimum support degree selection. An average frequency of data item values in data items retrieved from a data source.
Determining the number of data items at a low frequency according to the frequency of occurrence of the average frequency of each data item in all the data items and the product of the frequency and the corresponding weight, so that the minimum support degree is to select the average value of the average frequencies of the data items in the low frequency interval. The data items in the low frequency region and the corresponding average frequencies are { Languages: 4, Genres: 16, origin Release: 5, Current Version Release: 6} and therefore support
And according to the minimum support degree, obtaining frequent items of the data item values, constructing an FP-Tree, and obtaining all frequent items from the frequent Tree.
When the acquired frequent items are converted into the security configuration aiming at the game data table column, the ratio of the frequent items to the support degree needs to be calculated, and the frequency of occurrence of each data item is calculated by replacing the data item value in the frequent items with the data item (game data table column).
And corresponding each data item to the divided frequency interval according to the frequency so as to form different data item groups, wherein the different data item groups represent the use frequency of the data items. In the data source, the data items corresponding to the low frequency include Current Version Release and Original Release Date, the data items corresponding to the lower frequency include Price, Languages, genes and Age Rating, the data items corresponding to the higher frequency include Primary Price, and the data items corresponding to the high frequency do not include high frequency. In addition, the data columns filtered out by the data source can be unprotected, namely, the corresponding security feature element level is empty and can be accessed by a user.
Next, when the acquired frequent item is converted into the security configuration for the game data table row, all the association relations (R) in the frequent item need to be found out, a data item value with strong association in the association relations is determined according to the calculation confidence (C), the verification distribution selection confidence interval, the verification KULC coefficient and the IR imbalance factor, and then the data item value and the data item are corresponded to form a specific security feature configuration.
In the association (S), the distribution of confidence is in accordance with the normal distribution as shown in fig. 6, and therefore, a confidence interval having 95% confidence is selected as [0.553495,0.566024 ]. And selecting the incidence relation in the interval.
And according to the fact that the higher the KULC coefficient is, the higher the possibility that the association exists is, and the lower the IR factor is, the more stable the association is, distributing and displaying the KULC and the IR of the association with the confidence level in the confidence interval, and selecting the association with the IR being 0 as the input of the safety feature conversion.
And finally obtaining a stable strong association relation, wherein corresponding security feature elements for describing whether the associated data allows access are respectively { filtered: Age Rating, operator:, value:4}, { filtered: origin Release Date, operator:, value:2/09/2016}, { filtered: Languages, operator:, value: EN }, { filtered: Current Version Release Date, operator:, value:2/09/2016}, { filtered: origin Release Date, operator:, value:20/10/2016}, and { Current Version Release Date, operator:, value:20/10/2016 }.
The invention provides a security policy generation method based on data mining, which relates data feature extraction and permission judgment basis and adopts a method for carrying out permission configuration on access features of a game data table to carry out access control on table rows or columns. Frequent items are extracted by processing the game data table, the relation of data 'value' is analyzed from the data, the organizational structure of the 'value' is mined, the access control method for the game data table rows and columns is completed by adopting rule configuration, a brand-new security strategy is generated, and the game data table is protected more finely.
Claims (8)
1. A security policy generation method for data access events in game services is characterized in that a source game data table is preprocessed, and then data is mined through an optimized FP-Growth algorithm to obtain frequent items and association relations. And respectively configuring the authority of the game data list and the game data line by using the acquired frequency characteristics and the acquired incidence relation. And the data feature library is enriched to fulfill the aim of refining and protecting data, and finally, permission judgment is carried out when a user accesses according to a definition model and permission judgment rules.
2. The method for generating a security policy for a data access event in a game service according to claim 1, specifically comprising the steps of:
step 1, due to the characteristics of complexity of game data, performing data cleaning on a game data table and selecting proper minimum support;
step 2, mining game data based on the optimized FP-Growth;
step 3, acquiring the occurrence frequency of the data item values in the frequent item set, and using the occurrence frequency as the game data list authority configuration input;
step 4, acquiring authority configuration, and finally acquiring the authority configuration according to the result of the step three to act on a game data list;
step 5, selecting confidence and screening strong association relations, and using the obtained strong association relations as data table row permission configuration input;
and 6, acquiring the authority configuration, and acting on the game data table row according to the finally acquired authority configuration in the step five.
3. The method for generating a security policy for a data access event in a game service according to claim 2, wherein the specific steps in step 1 are as follows:
step 1.1: processing source data;
interpreting and defining the corresponding relation between the database and the data mining; the analysis object, namely the data source, is a database table, the data item is a game data table column, the value of the data item is a specific representation of a certain piece of data of the data item, and the transaction is understood as a row of data according to the database;
deleting a data item if the data item value occurrence rate is near zero or if any one of the data item values of the data item is not repeated, including but not limited to a primary key; if a large number of null values exist in a certain data item and the proportion exceeds 90%, determining that the data item is a meaningless data item;
step 1.2: mapping of data values to data items
In order to complete the conversion of rule configuration, the mapping relation between the data item values and the data items needs to be clarified in the process of obtaining the incidence relation of the data item values, and corresponding data item identifications are added to the data item values in the data source, wherein the step needs to be carried out before encoding;
step 1.3: selection of minimum support
The selected FP-Growth algorithm is used for mining frequent items, and a component in the algorithm needs to have the FP-Tree with the minimum support degree, and the selection of the minimum support degree is related; first, the frequency of the data item values in each data item is calculated and averaged as AII denotes a certain data item; calculating AIIn thatThe occupied ratio, n is the total number of data items, and the proportion M of the data quantity in the data items in the whole data set is calculatedIWith MIIs AIMultiplying the corresponding weights by GI(ii) a G is to beISorting, namely selecting a median as a demarcation point; if the data volume at the high frequency is large, selecting all data, otherwise, selecting low-frequency data; take A of each data item of the selected dataIThe average value of the frequency term is used as the support degree of the frequent term mining; the method is adopted to select the minimum support degree so as to obtain more frequent items.
4. The method for generating a security policy for a data access event in a game service according to claim 2, wherein the specific steps of step 2 are:
and (4) mining frequent items by using the FP-Growth algorithm. The algorithm fails to store the large-scale FP-Tree when processing a large-scale data set, and meanwhile, the mining efficiency is extremely low due to the fact that recursion times in the process of mining the FP-Tree are increased, and the scheme performs data mining on the basis of the optimized FP-Tree;
the FP-Growth optimization of the scheme is that parallel operation is carried out on Spark; firstly, reading original data, randomly dividing a data set, and dividing the data set into different partitions; and then performing data mining on each partition by using FP-Growth, and finally merging the mining results in each partition to obtain and output the mining result of the whole data set.
5. The method for generating a security policy for a data access event in a game service according to claim 2, wherein the specific steps of step 3 are:
step 3.1: acquiring frequent item sets according to minimum support
The constructed FP-Tree can display all relevant data item values, and under the condition that the frequency of a single data item value meets the minimum support degree, relevant data item values hidden in the FP-Tree need to be mined, and the frequent items need to be ensured to meet the requirement of the minimum support degree, namely, the occurrence frequency is higher than a set threshold value; and finally, obtaining the value association of the data item as the input of the security feature configuration conversion.
Step 3.2: obtaining the occurrence frequency of data items in a frequent itemset
Data after data processing and frequent item mining are converted to permission configuration, the selected algorithm is used for analyzing the association relation of the data items, if algorithm output needs to be converted to permission rule configuration, the most obvious permission division relation means 'occurrence frequency of the data items', and the safety feature is 'data item use frequency division'.
According to the representable permission meaning, the algorithm output needs to be converted as follows to obtain the security configuration. The encoded data item values first need to be decoded to restore their original representation type. The data item value V is mapped to the data item C before the data item value is encoded, so that the decoded real data item value is also mapped to the data item. Replacing the data item value in each frequent item with a corresponding data item, removing repeated data items, and obtaining data which can be expressed as { { C }, support (N) }, and is recorded as S (N), wherein N represents the current frequent item, the data items in the current frequent item are assumed to be I in total, the frequent items are assumed to be N in total, the support rate of each frequent item is calculated, and the occurrence frequency R of each data item in the frequent items is calculated according to the support rate of the frequent itemsc。
6. The method for generating a security policy for a data access event in a game service according to claim 2, wherein the specific steps of step 4 are: r in step 3cWherein c represents a certain data item, namely the data item c in the nth frequent item, and the calculation result represents the associated frequency of the data item in a certain game data table; experience given by experts is in [0, 1]]Is divided into four frequency intervals, [0,0.25 ]]Low frequency, [025,0.5]Lower frequency, [0.5,0.75 ]]Higher frequency, [0.75,1]High frequencies, denoted R1, R2, R3, R4, respectively; frequency of occurrence R of data itemscCorresponding to four intervals;
according to the description of the security feature, the security feature represents "data item usage frequency division", and includes four security feature elements, each security feature element meaning a data item in a frequency interval, and the security feature elements are defined as F1: high frequency, F2: higher frequency, F3: lower frequency, F4: low frequency; the data items with high frequency occurrence have high priority, which indicates that the data items with frequent occurrence occupy more important position in data mining, so the protection level is correspondingly improved; the safety characteristic element relationship is as follows: { { F1} → { F1, F2, F3, F4}, { F2} → { F2, F3, F4}, { F3} → { F3, F4}, { F4} → { F4}, { } }, (→ means "accessible"); i.e., the column in the game data table is accessible when the user has the highest privilege F1.
7. The method for generating a security policy for a data access event in a game service according to claim 2, wherein the specific steps of the step 5 are as follows:
step 5.1: converting the frequent items acquired by the mining algorithm into authority rule configuration, enabling the action objects to be game data table rows, finding association relations from the frequent items, evaluating the association relations, and acquiring row authority configuration from the strong association relations, namely, conditions for data row restriction;
suppose a frequent term V ═ V1,v2,…,vmThe frequent item support degree is support (V), and the frequent items in the association relation are called as m item sets; the incidence relation in the frequent item is defined as
Indicating that taking any data item value from this frequent item constitutes two sets left: { vp… and right { vq…, and the values of the data items that make up the sets are different, i.e., the two sets are not equal. The incidence relation is interpreted as the condition that all data item values in a left set and all data item values in a right set occur for one transaction; and the evaluation criterion describing the correlation is defined as confidence coefficient, and the calculation formula of the confidence coefficient is
I.e., by the support of the frequent item as compared to the support of the data item values that appear only in the right set. In the frequent item mining, if a set containing a plurality of data item values meets the minimum support degree, any data item value combination of the data item values also meets the minimum support degree, and the frequent item and the support degree thereof also exist in the frequent item mining result; therefore, the support degree of the left item set can be directly obtained from the frequent item result;
step 5.2: in all the association relations, if the total number of the data item values in the right set is more than that of the data item values in the left set, namely the confidence degree is more than 1, regarding the association relations as the inverse association of the association relations; as the text is aimed at the mining of a large amount of data, 0.1 data is randomly selected here and used as a sample to calculate the overall confidence; verifying the distribution rule of the confidence degrees of the association relation in the [0, 1] interval, if the distribution rule meets normal distribution, obtaining a confidence interval with 95% confidence degree according to prior knowledge, removing a larger value and a smaller value to reduce useless data, and taking the association relation in the confidence interval as the input of the next operation; if the confidence coefficient does not accord with the normal distribution, the incidence relation of the confidence coefficient in the interval of [0, 1] is used as the input of the next operation, and the step is mainly used for screening out a part of rules with weak incidence so as to reduce the workload of evaluation parameter calculation;
in an incidence relation evaluation system, due to the fact that the confidence coefficient ignores the number of the whole transaction, data quantity which does not meet the conditions is not considered, the incidence relation can not be completely determined to be established only by the confidence coefficient, a correlation coefficient is introduced, and the incidence relation is screened; assume a relationship of associationThe correlation coefficient is calculated by
lift represents a correlation coefficient from A to B, if the lift is greater than 1, positive correlation is represented, otherwise, negative correlation is represented if the lift is less than 1, and if the lift is equal to one, the A and the B are considered to be independent of each other; in the present scheme, both positive and negative correlations are of interest to us, while independent is not needed;
step 5.3: to determine whether this relationship is balanced, the imbalance factor IR is used and calculated as
The numerator is the difference of the support degree of two parts of the association relation, the denominator is the affair containing A and B, if the IR is smaller, the more stable the association relation is, namely the association relation is most likely to appear.
8. The method for generating a security policy for a data access event in a game service according to claim 2, wherein the specific steps of the step 6 are as follows: through the association rules screened out in step 5, we can consider that there are some associations between the data item values in the association relations, which may or may cause data leakage, so in order to protect data, data with association relations are not accessed randomly, a security feature is defined, which indicates whether the associated data is allowed to be accessed or not; assuming that the correlation obtained by screening and evaluation is
vp,vqFor data item values in frequent item V, Vp,vqThe corresponding data item, i.e. the game data table, is listed as cp,cqDefining the Security feature element E1: { filed: c)p,operator:=,value:vp},E2:{filed:cq,operator:=,value:vq};
If something is an element v in the game data table rowp,vqIf there is an association between E and V, the transaction label E1: { filed: c:isgiven to the transactionp,operator:=,value:vp},E2:{filed:cq,operator:=,value:vq}; if the user only holds one of the access rights of the tags E1 and E2, the corresponding data in the association relationship can be accessed, and all data of the things can be accessed only when the user simultaneously holds the corresponding rights of E1 and E2.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110824250.7A CN113546426B (en) | 2021-07-21 | 2021-07-21 | Security policy generation method for data access event in game service |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110824250.7A CN113546426B (en) | 2021-07-21 | 2021-07-21 | Security policy generation method for data access event in game service |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113546426A true CN113546426A (en) | 2021-10-26 |
CN113546426B CN113546426B (en) | 2023-08-22 |
Family
ID=78103828
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110824250.7A Active CN113546426B (en) | 2021-07-21 | 2021-07-21 | Security policy generation method for data access event in game service |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113546426B (en) |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008110053A (en) * | 2006-10-30 | 2008-05-15 | Nintendo Co Ltd | Information processing program and device |
CN105224616A (en) * | 2015-09-18 | 2016-01-06 | 浪潮软件股份有限公司 | A kind of based on seasonal effect in time series APRIORI algorithm improvement method |
US20180107695A1 (en) * | 2016-10-19 | 2018-04-19 | Futurewei Technologies, Inc. | Distributed fp-growth with node table for large-scale association rule mining |
CN110309200A (en) * | 2019-06-26 | 2019-10-08 | 复旦大学 | Improved products abnormal quality data FP-Growth association analysis method |
CN110489453A (en) * | 2019-07-02 | 2019-11-22 | 广东工业大学 | User's game real-time recommendation method and system based on big data log analysis |
CN110968894A (en) * | 2019-11-28 | 2020-04-07 | 西安理工大学 | Fine-grained access control scheme for game business data |
CN111597350A (en) * | 2020-04-30 | 2020-08-28 | 西安理工大学 | Rail transit event knowledge map construction method based on deep learning |
CN111985207A (en) * | 2020-08-17 | 2020-11-24 | 中国人民解放军战略支援部队信息工程大学 | Method and device for acquiring access control policy and electronic equipment |
CN112528458A (en) * | 2020-09-16 | 2021-03-19 | 贵州电网有限责任公司 | Metering master station alarm analysis model construction method based on FP-Growth algorithm |
CN113064932A (en) * | 2021-03-18 | 2021-07-02 | 中国石油大学(华东) | Network situation assessment method based on data mining |
-
2021
- 2021-07-21 CN CN202110824250.7A patent/CN113546426B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008110053A (en) * | 2006-10-30 | 2008-05-15 | Nintendo Co Ltd | Information processing program and device |
CN105224616A (en) * | 2015-09-18 | 2016-01-06 | 浪潮软件股份有限公司 | A kind of based on seasonal effect in time series APRIORI algorithm improvement method |
US20180107695A1 (en) * | 2016-10-19 | 2018-04-19 | Futurewei Technologies, Inc. | Distributed fp-growth with node table for large-scale association rule mining |
CN110309200A (en) * | 2019-06-26 | 2019-10-08 | 复旦大学 | Improved products abnormal quality data FP-Growth association analysis method |
CN110489453A (en) * | 2019-07-02 | 2019-11-22 | 广东工业大学 | User's game real-time recommendation method and system based on big data log analysis |
CN110968894A (en) * | 2019-11-28 | 2020-04-07 | 西安理工大学 | Fine-grained access control scheme for game business data |
CN111597350A (en) * | 2020-04-30 | 2020-08-28 | 西安理工大学 | Rail transit event knowledge map construction method based on deep learning |
CN111985207A (en) * | 2020-08-17 | 2020-11-24 | 中国人民解放军战略支援部队信息工程大学 | Method and device for acquiring access control policy and electronic equipment |
CN112528458A (en) * | 2020-09-16 | 2021-03-19 | 贵州电网有限责任公司 | Metering master station alarm analysis model construction method based on FP-Growth algorithm |
CN113064932A (en) * | 2021-03-18 | 2021-07-02 | 中国石油大学(华东) | Network situation assessment method based on data mining |
Also Published As
Publication number | Publication date |
---|---|
CN113546426B (en) | 2023-08-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Gan et al. | Privacy preserving utility mining: a survey | |
Molloy et al. | Mining roles with semantic meanings | |
Molloy et al. | Mining roles with multiple objectives | |
Plantevit et al. | Mining multidimensional and multilevel sequential patterns | |
Chen et al. | Map-reduce meets wider varieties of applications | |
Kandel et al. | Profiler: Integrated statistical analysis and visualization for data quality assessment | |
Harman et al. | An empirical study of the robustness of two module clustering fitness functions | |
Chang et al. | TFRP: An efficient microaggregation algorithm for statistical disclosure control | |
Keneshloo et al. | Detecting and forecasting domestic political crises: A graph-based approach | |
Lin et al. | Mining high-utility itemsets with multiple minimum utility thresholds | |
CN110378148B (en) | Multi-domain data privacy protection method facing cloud platform | |
CN113254988A (en) | High-dimensional sensitive data privacy classified protection publishing method, system, medium and equipment | |
Grasedyck et al. | Performance of H-LU preconditioning for sparse matrices | |
Studer | Divisive property-based and fuzzy clustering for sequence analysis | |
Xu et al. | Generative models for evolutionary clustering | |
Vu et al. | Using deep learning for big spatial data partitioning | |
Chawla et al. | Wrapper-based computation and evaluation of sampling methods for imbalanced datasets | |
Huynh et al. | Multi-core parallel algorithms for hiding high-utility sequential patterns | |
Atzmueller et al. | MinerLSD: efficient mining of local patterns on attributed networks | |
CN108062363A (en) | A kind of data filtering method and system towards active power distribution network | |
Bhalla et al. | Local edge dynamics and opinion polarization | |
Wu et al. | Efficient nonparametric subgraph detection using tree shaped priors | |
Batra et al. | Incremental maintenance of abac policies | |
CN113546426A (en) | Security policy generation method for data access event in game service | |
Molloy et al. | Adversaries' holy grail: access control analytics |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |