Istituto di Informatica e Telematica     
Krautsevich L., Lazouski A., Martinelli F., Yautsiukhin A. Towards Policy Engineering for Attribute-based Access Control. In: Proceedings of 5th International Conference on Trusted Systems (Graz, 2013). Proceedings, pp. 85 - 102. TBA, 2013.
Attribute-based Access Control (ABAC) was recently proposedas a general model which is able to capture the main existingaccess control models. This paper discusses the problems of configuringABAC and engineering access policies. We question how to design attributes,how to assign attributes to subjects, objects, actions, and howto formulate access policies which bind subjects to objects and actionsvia attributes.Inspired by the role mining problem in Role-based Access Control, inthis paper we propose the first attempt to formalise ABAC in a matrixform and define formally a problem of access policy engineering. Ourapproach is based on the XACML standard to be more practical.
Subject role mining
attribute mining problem (AMP)
Access Control
policy engineering
K.6.5 Security and protection

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional