基于机器遗忘的模型能力细粒度访问控制机制OA
Fine-grained model capability access control mechanism based on machine unlearning
针对现有人工智能模型在部署中缺乏能力访问控制,导致模型能力可能被未授权用户滥用的问题,提出一种基于机器遗忘的模型能力细粒度访问控制机制Model-Guard,实现不需要重新训练便可对模型任务能力进行细粒度访问控制.首先,基于选择性突触衰减(SSD)算法识别敏感任务能力对应参数,并通过衰减实现模型敏感任务能力默认关闭.其次,设计授权因子计算方法,授权用户通过授权因子恢复模型能力.为保证授权因子的安全分发,Model-Guard 采用对称加密与属性基加密(CP-ABE)混合加密方式,并引入布隆过滤器降低验证开销.实验表明,Model-Guard可在图像识别任务中实现精准能力隔离与恢复,并显著降低部署与维护成本.
A fine-grained model capability access control mechanism,named Model-Guard,was proposed to address the lack of capability access control in deployed artificial intelligence models,which may lead to unauthorized misuse of model capabilities.Without retraining,sensitive task-related parameters were identified by the selective synaptic dampen-ing(SSD)algorithm and attenuated to disable sensitive capabilities by default.An authorization factor calculation method was designed to restore model capabilities for authorized users.To ensure secure distribution of authorization fac-tors,a hybrid scheme combining symmetric encryption and ciphertext-policy attribute-based encryption(CP-ABE)was adopted,and a Bloom filter was introduced to reduce verification overhead.Experimental results demonstrated that Model-Guard achieved precise capability isolation and restoration in image recognition tasks.The proposed mechanism significantly reduces deployment and maintenance costs while enabling fine-grained and secure capability control.
岳梓岩;许盛伟;王志强;杜皓华
北京邮电大学网络空间安全学院,北京 100876||北京电子科技学院密码科学与技术系,北京 100070北京邮电大学网络空间安全学院,北京 100876||北京电子科技学院密码科学与技术系,北京 100070||中国科学技术大学网络空间安全学院,安徽 合肥 230026中国科学技术大学网络空间安全学院,安徽 合肥 230026北京航空航天大学网络空间安全学院,北京 100091
信息技术与安全科学
模型能力访问控制选择性突触衰减算法授权因子属性基加密布隆过滤器
model capability access controlSSDauthorization factorattribute-based encryptionBloom filter
《通信学报》 2026 (4)
80-96,17
国家重点研发计划基金资助项目(No.2022YFB3104402)中央高校基本科研业务费专项资金资助项目(No.3282025046) The National Key Research and Development Program of China(No.2022YFB3104402),The Fundamental Re-search Funds for the Central Universities(No.3282025046)
评论