scholarly journals Policy Decomposition for Evaluation Performance Improvement of PDP

2014 ◽  
Vol 2014 ◽  
pp. 1-14 ◽  
Author(s):  
Fan Deng ◽  
Ping Chen ◽  
Li-Yong Zhang ◽  
Xian-Qing Wang ◽  
Sun-De Li ◽  
...  
Keyword(s):  
Performance Improvement ◽  
Greedy Algorithm ◽  
Policy Decision ◽  
Decision Point ◽  
Evaluation Performance ◽  
Évaluation Performance ◽  
Policy Decision Point ◽  
Evaluation Time ◽  
The Cost ◽  
The Greedy Algorithm

In conventional centralized authorization models, the evaluation performance of policy decision point (PDP) decreases obviously with the growing numbers of rules embodied in a policy. Aiming to improve the evaluation performance of PDP, a distributed policy evaluation engine called XDPEE is presented. In this engine, the unicity of PDP in the centralized authorization model is changed by increasing the number of PDPs. A policy should be decomposed into multiple subpolicies each with fewer rules by using a decomposition method, which can have the advantage of balancing the cost of subpolicies deployed to each PDP. Policy decomposition is the key problem of the evaluation performance improvement of PDPs. A greedy algorithm withO(nlgn)time complexity for policy decomposition is constructed. In experiments, the policy of the LMS, VMS, and ASMS in real applications is decomposed separately into multiple subpolicies based on the greedy algorithm. Policy decomposition guarantees that the cost of subpolicies deployed to each PDP is equal or approximately equal. Experimental results show that (1) the method of policy decomposition improves the evaluation performance of PDPs effectively and that (2) the evaluation time of PDPs reduces with the growing numbers of PDPs.

scholarly journals Elimination of the Redundancy Related to Combining Algorithms to Improve the PDP Evaluation Performance

2016 ◽  
Vol 2016 ◽  
pp. 1-18
Author(s):  
Fan Deng ◽  
Li-Yong Zhang ◽  
Bo-Yu Zhou ◽  
Jia-Wei Zhang ◽  
Hong-Yang Cao
Keyword(s):  
Policy Decision ◽  
Brick Wall ◽  
Decision Point ◽  
Evaluation Performance ◽  
Policy Rule ◽  
Évaluation Performance ◽  
Policy Decision Point ◽  
Evaluation Time ◽  
And Storage ◽  
Target Attributes

If there are lots of redundancies in the policies loaded on the policy decision point (PDP) in the authorization access control model, the system will occupy more resources in operation and consumes plenty of evaluation time and storage space. In order to detect and eliminate policy redundancies and then improve evaluation performance of the PDP, aredundancy related to combining algorithmsdetecting and eliminating engine is proposed in this paper. This engine cannot only detect and eliminate theredundancy related to combining algorithms, but also evaluate access requests. AResource Brick Wallis constructed by the engine according to the resource attribute of a policy’s target attributes. By theResource Brick Walland the policy/rule combining algorithms, three theorems for detectingredundancies related to combining algorithmsare proposed. A comparison of the evaluation performance of theredundancy related to combining algorithmsdetecting and eliminating engine with that of Sun PDP is made. Experimental results show that the evaluation performance of the PDP can be prominently improved by eliminating theredundancy related to combining algorithms.

A Graph and Clustering-Based Framework for Efficient XACML Policy Evaluation

2020 ◽  
Vol 29 (01n02) ◽  
pp. 2040001
Author(s):  
Yanfei Li ◽  
Fan Deng
Keyword(s):  
Access Control ◽  
Policy Decision ◽  
Experimental Results ◽  
The Sun ◽  
Evaluation Performance ◽  
Évaluation Performance ◽  
Aggregate Function ◽  
Access Control Policies ◽  
Policy Decision Point ◽  
Rule Set

EXtensible Access Control Markup Language (XACML) is one of the standardized languages for specifying access control policies. Policies described by the XACML are used to express the security requirement in the network and information system when we study authorization access control. With the aim to improve the Policy Decision Point (PDP) evaluation performance, we put forward a Graph and Clustering-Based Framework, employing the aggregate function. First, we partition the rule set into subsets. For the single value, we select the best partition quantity based on the aggregate function. As for the interval value, we handle with the start point and the finish point, respectively, in the same way as single value. Second, the policy set is split according to the partition of rule set. In this way, not only single values, but also interval values are taken into consideration. After that, we explore the searching tree to obtain the possibly matched rules. Finally, we construct the combining tree and output the policy decision on the basis of it. The experimental results show that our approach is orders of magnitude better than the Sun PDP. A comparison in evaluation performance between the redundancy detecting and eliminating engine and the Sun PDP, as well as XEngine and SBA-XACML, is made. Experimental results show that the evaluation performance of the PDP can be prominently improved by eliminating redundancies.

Enforcing ASTD Access-Control Policies with WS-BPEL Processes in SOA Environments

2011 ◽  
Vol 2 (2) ◽  
pp. 37-59 ◽  
Author(s):  
Michel Embe Jiague ◽  
Marc Frappier ◽  
Frédéric Gervais ◽  
Régine Laleau ◽  
Richard St-Denis
Keyword(s):  
Policy Decision ◽  
Policy Enforcement ◽  
Decision Point ◽  
Public Agencies ◽  
Web Based ◽  
Access Control Policies ◽  
Policy Decision Point ◽  
Security Rule ◽  
Private Corporations ◽  
Bpel Processes

Controlling access to the Web services of public agencies and private corporations depends primarily on specifying and deploying functional security rules to satisfy strict regulations imposed by governments, particularly in the financial and health sectors. This paper focuses on one aspect of the SELKIS and EB3SEC projects related to the security of Web-based information systems, namely, the automatic transformation of security rules into WS-BPEL (or BPEL, for short) processes. The former are instantiated from security-rule patterns written in a graphical notation, called ASTD that is close to statecharts. The latter are executed by a BPEL engine integrated into a policy decision point, which is a component of a policy enforcement manager similar to that proposed in the XACML standard.

Implementasi Algoritma Dijkstra Pada Game Pacman

CCIT Journal ◽  
2019 ◽  
Vol 12 (2) ◽  
pp. 170-176
Author(s):  
Anggit Dwi Hartanto ◽  
Aji Surya Mandala ◽  
Dimas Rio P.L. ◽  
Sidiq Aminudin ◽  
Andika Yudirianto
Keyword(s):  
Artificial Intelligence ◽  
Greedy Algorithm ◽  
Dijkstra Algorithm ◽  
Testing Phase ◽  
A Value ◽  
Route Problem ◽  
Starting Point ◽  
The Greedy Algorithm

Pacman is one of the labyrinth-shaped games where this game has used artificial intelligence, artificial intelligence is composed of several algorithms that are inserted in the program and Implementation of the dijkstra algorithm as a method of solving problems that is a minimum route problem on ghost pacman, where ghost plays a role chase player. The dijkstra algorithm uses a principle similar to the greedy algorithm where it starts from the first point and the next point is connected to get to the destination, how to compare numbers starting from the starting point and then see the next node if connected then matches one path with the path). From the results of the testing phase, it was found that the dijkstra algorithm is quite good at solving the minimum route solution to pursue the player, namely by getting a value of 13 according to manual calculations

scholarly journals Performance Evaluation of Dorsal Vein Network of Hand Imaging Using Relative Total Variation-Based Regularization for Smoothing Technique in a Miniaturized Vein Imaging System: A Pilot Study

2021 ◽  
Vol 18 (4) ◽  
pp. 1548 ◽  
Author(s):  
Kyuseok Kim ◽  
Hyun-Woo Jeong ◽  
Youngjin Lee
Keyword(s):  
Image Quality ◽  
Total Variation ◽  
Near Infrared ◽  
Imaging System ◽  
Histogram Equalization ◽  
Evaluation Performance ◽  
Visual Evaluation ◽  
Évaluation Performance ◽  
Nir Imaging ◽  
Relative Total Variation

Vein puncture is commonly used for blood sampling, and accurately locating the blood vessel is an important challenge in the field of diagnostic tests. Imaging systems based on near-infrared (NIR) light are widely used for accurate human vein puncture. In particular, segmentation of a region of interest using the obtained NIR image is an important field, and research for improving the image quality by removing noise and enhancing the image contrast is being widely conducted. In this paper, we propose an effective model in which the relative total variation (RTV) regularization algorithm and contrast-limited adaptive histogram equalization (CLAHE) are combined, whereby some major edge information can be better preserved. In our previous study, we developed a miniaturized NIR imaging system using light with a wavelength of 720–1100 nm. We evaluated the usefulness of the proposed algorithm by applying it to images acquired by the developed NIR imaging system. Compared with the conventional algorithm, when the proposed method was applied to the NIR image, the visual evaluation performance and quantitative evaluation performance were enhanced. In particular, when the proposed algorithm was applied, the coefficient of variation was improved by a factor of 15.77 compared with the basic image. The main advantages of our algorithm are the high noise reduction efficiency, which is beneficial for reducing the amount of undesirable information, and better contrast. In conclusion, the applicability and usefulness of the algorithm combining the RTV approach and CLAHE for NIR images were demonstrated, and the proposed model can achieve a high image quality.

scholarly journals An Optimized Algorithm and Test Bed for Improvement of Efficiency of ESS and Energy Use

Electronics ◽  
2018 ◽  
Vol 7 (12) ◽  
pp. 388 ◽  
Author(s):  
Seung-Mo Je ◽  
Jun-Ho Huh
Keyword(s):  
Greedy Algorithm ◽  
Energy Use ◽  
Storage System ◽  
Lithium Ion ◽  
Energy Storage System ◽  
Test Bed ◽  
C Language ◽  
Improvement Plan ◽  
The Republic ◽  
The Greedy Algorithm

The Republic of Korea (ROK) has four distinct seasons. Such an environment provides many benefits, but also brings some major problems when using new and renewable energies. The rainy season or typhoons in summer become the main causes of inconsistent production rates of these energies, and this would become a fatal weakness in supplying stable power to the industries running continuously, such as the aquaculture industry. This study proposed an improvement plan for the efficiency of Energy Storage System (ESS) and energy use. Use of sodium-ion batteries is suggested to overcome the disadvantages of lithium-ion batteries, which are dominant in the current market; a greedy algorithm and the Floyd–Warshall algorithm were also proposed as a method of scheduling energy use considering the elements that could affect communication output and energy use. Some significant correlations between communication output and energy efficiency have been identified through the OPNET-based simulations. The simulation results showed that the greedy algorithm was more efficient. This algorithm was then implemented with C-language to apply it to the Test Bed developed in the previous study. The results of the Test Bed experiment supported the proposals.

Sign in / Sign up

Export Citation Format

Share Document