{"id":"https://openalex.org/W4389279107","doi":"https://doi.org/10.1145/3627106.3627137","title":"Log2Policy: An Approach to Generate Fine-Grained Access Control Rules for Microservices from Scratch","display_name":"Log2Policy: An Approach to Generate Fine-Grained Access Control Rules for Microservices from Scratch","publication_year":2023,"publication_date":"2023-12-02","ids":{"openalex":"https://openalex.org/W4389279107","doi":"https://doi.org/10.1145/3627106.3627137"},"language":"en","primary_location":{"id":"doi:10.1145/3627106.3627137","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3627106.3627137","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3627106.3627137","source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3627106.3627137","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101656965","display_name":"Shaowen Xu","orcid":"https://orcid.org/0009-0007-8141-8183"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Shaowen Xu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011962388","display_name":"Qihang Zhou","orcid":"https://orcid.org/0000-0002-8565-1923"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qihang Zhou","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054305921","display_name":"Heqing Huang","orcid":"https://orcid.org/0009-0009-7493-6462"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Heqing Huang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015456692","display_name":"Xiaoqi Jia","orcid":"https://orcid.org/0000-0002-8376-3235"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaoqi Jia","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007408376","display_name":"Haichao Du","orcid":"https://orcid.org/0000-0003-2783-3232"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haichao Du","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5092126819","display_name":"Yang Chen","orcid":"https://orcid.org/0009-0006-1308-1462"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yang Chen","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101960854","display_name":"Yamin Xie","orcid":"https://orcid.org/0009-0007-2170-7434"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yamin Xie","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5101656965"],"corresponding_institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":4.9296,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.96415771,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"229","last_page":"240"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/microservices","display_name":"Microservices","score":0.944435715675354},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8312619924545288},{"id":"https://openalex.org/keywords/upgrade","display_name":"Upgrade","score":0.7378440499305725},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.7218575477600098},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.49067389965057373},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.464713454246521},{"id":"https://openalex.org/keywords/scratch","display_name":"Scratch","score":0.41532212495803833},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3876131474971771},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.30446866154670715},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.1621238887310028}],"concepts":[{"id":"https://openalex.org/C2778505942","wikidata":"https://www.wikidata.org/wiki/Q18344624","display_name":"Microservices","level":3,"score":0.944435715675354},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8312619924545288},{"id":"https://openalex.org/C2780615140","wikidata":"https://www.wikidata.org/wiki/Q920419","display_name":"Upgrade","level":2,"score":0.7378440499305725},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.7218575477600098},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.49067389965057373},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.464713454246521},{"id":"https://openalex.org/C2781235140","wikidata":"https://www.wikidata.org/wiki/Q275131","display_name":"Scratch","level":2,"score":0.41532212495803833},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3876131474971771},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.30446866154670715},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.1621238887310028},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3627106.3627137","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3627106.3627137","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3627106.3627137","source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3627106.3627137","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3627106.3627137","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3627106.3627137","source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.6299999952316284,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G391238517","display_name":null,"funder_award_id":", and","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5751519741","display_name":null,"funder_award_id":"XDC02010900","funder_id":"https://openalex.org/F4320321133","funder_display_name":"Chinese Academy of Sciences"},{"id":"https://openalex.org/G578837657","display_name":null,"funder_award_id":"62202465","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5939423041","display_name":null,"funder_award_id":"Technology","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6258415954","display_name":null,"funder_award_id":"Chinese","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320321133","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4389279107.pdf","grobid_xml":"https://content.openalex.org/works/W4389279107.grobid-xml"},"referenced_works_count":15,"referenced_works":["https://openalex.org/W2107147876","https://openalex.org/W2134321101","https://openalex.org/W2167505770","https://openalex.org/W2562313550","https://openalex.org/W2806152525","https://openalex.org/W2817857516","https://openalex.org/W2944096373","https://openalex.org/W2962744771","https://openalex.org/W2982473607","https://openalex.org/W2985027001","https://openalex.org/W2986159792","https://openalex.org/W2998979401","https://openalex.org/W3023514002","https://openalex.org/W3092506792","https://openalex.org/W3123491145"],"related_works":["https://openalex.org/W4210334847","https://openalex.org/W3181741639","https://openalex.org/W4367181468","https://openalex.org/W2767473057","https://openalex.org/W4225586032","https://openalex.org/W2368672678","https://openalex.org/W3003367851","https://openalex.org/W3119944216","https://openalex.org/W2994988622","https://openalex.org/W1492892507"],"abstract_inverted_index":{"Microservice":[0],"application":[1],"architecture":[2],"is":[3,26,40],"one":[4],"of":[5,49,73,105,129],"the":[6,13,30,44,87,102,121],"most":[7],"widely":[8],"used":[9],"service":[10],"architectures":[11],"in":[12],"industry.":[14],"To":[15],"prevent":[16],"a":[17,58,78,93,109,127],"compromised":[18],"microservice":[19,50,63,133,141],"from":[20],"abusing":[21],"other":[22],"microservices,":[23,91],"authorization":[24,64],"policy":[25,38,65,110],"applied":[27],"to":[28,43,61],"regulate":[29],"access":[31,36,68,153],"among":[32,90],"them.":[33],"However,":[34],"configuring":[35],"control":[37,154],"manually":[39],"challenging":[41],"due":[42],"complexity":[45],"and":[46,107,135,151,156],"dynamic":[47],"nature":[48],"applications.":[51,142],"In":[52],"this":[53],"paper,":[54],"we":[55],"present":[56],"Log2Policy,":[57],"novel":[59],"approach":[60,71],"generate":[62,149],"based":[66,96,113],"on":[67,114,131],"logs.":[69],"Our":[70],"consists":[72],"three":[74],"fundamental":[75],"techniques:":[76],"(1)":[77],"log-based":[79],"topological":[80],"graph":[81],"generation":[82],"mechanism":[83,112],"that":[84,100,117,146],"automatically":[85],"infers":[86],"invocation":[88],"logic":[89],"(2)":[92],"machine":[94],"learning":[95],"attributes":[97,104],"mining":[98],"method":[99],"extracts":[101],"relevant":[103],"requests,":[106],"(3)":[108],"upgrade":[111,122,157],"traffic":[115],"management":[116],"can":[118,148],"significantly":[119],"reduce":[120],"time.":[123],"We":[124],"have":[125,136],"implemented":[126],"prototype":[128],"Log2Policy":[130,147],"mainstream":[132],"infrastructures":[134],"evaluated":[137],"it":[138],"with":[139,159],"several":[140],"The":[143],"results":[144],"show":[145],"fine-grained":[150],"effective":[152],"rules":[155],"them":[158],"negligible":[160],"overhead.":[161]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":4}],"updated_date":"2026-03-18T14:38:29.013473","created_date":"2025-10-10T00:00:00"}