Access Control Policies (ACP) specify which principals such as users have access to resources. Ensuring the correctness and consistency of ACPs is crucial prevent security vulnerabilities. However, in practice, are commonly written Natural Language (NL) buried large documents requirements documents, not amenable for automated techniques check consistency. It tedious manually extract from these NL validate functional use cases against detecting inconsistencies. To address issues, we propose an approach, called Text2Policy, automatically software resource-access information scenario-based requirements. We conducted three evaluations on collected ACP sentences publicly available sources along with both open source proprietary projects. The results show that Text2Policy effectively identifies precision 88.7% recall 89.4%, extracts rules accuracy 86.3%, action steps 81.9%.

Load

Load