IIT Home Page CNR Home Page

Towards Policy Engineering for Attribute-based Access Control

Attribute-based Access Control (ABAC) was recently proposed as a general model which is able to capture the main existing access control models. This paper discusses the problems of configuring ABAC and engineering access policies. We question how to design attributes, how to assign attributes to subjects, objects, actions, and how to formulate access policies which bind subjects to objects and actions via attributes.

Inspired by the role mining problem in Role-based Access Control, in this paper we propose the first attempt to formalise ABAC in a matrix form and define formally a problem of access policy engineering. Our approach is based on the XACML standard to be more practical.


5th International Conference on Trusted Systems, Graz, 2013

Autori IIT:

Leanid Krautsevich

Foto di Leanid Krautsevich

Aliaksandr Lazouski

Foto di Aliaksandr Lazouski

Tipo: Articolo in Atti di convegno internazionale con referee
Area di disciplina: Information Technology and Communication Systems