PUMA
Istituto di Informatica e Telematica     
Krautsevich L., Lazouski A., Martinelli F., Yautsiukhin A. Towards Policy Engineering for Attribute-based Access Control. In: Proceedings of 5th International Conference on Trusted Systems (Graz, 2013). Proceedings, pp. 85 - 102. TBA, 2013.
 
 
Abstract
(English)
Attribute-based Access Control (ABAC) was recently proposedas a general model which is able to capture the main existingaccess control models. This paper discusses the problems of configuringABAC and engineering access policies. We question how to design attributes,how to assign attributes to subjects, objects, actions, and howto formulate access policies which bind subjects to objects and actionsvia attributes.Inspired by the role mining problem in Role-based Access Control, inthis paper we propose the first attempt to formalise ABAC in a matrixform and define formally a problem of access policy engineering. Ourapproach is based on the XACML standard to be more practical.
Subject role mining
attribute mining problem (AMP)
attributes
Access Control
policy engineering
ABAC
K.6.5 Security and protection


Icona documento 1) Download Document PDF


Icona documento Open access Icona documento Restricted Icona documento Private

 


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional