2009
DOI: 10.1007/978-3-642-03354-4_24
|View full text |Cite
|
Sign up to set email alerts
|

A Constraint and Attribute Based Security Framework for Dynamic Role Assignment in Collaborative Environments

Abstract: Abstract. We investigate a security framework for collaborative applications that relies on the role-based access control (RBAC) model. In our framework, roles are pre-defined and organized in a hierarchy (partial order). However, we assume that users are not previously identified, therefore the actions that they can perform are dynamically determined based on their own attribute values and on the attribute values associated with the resources. Those values can vary over time (e.g., the user's location or whet… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
5
0
2

Year Published

2011
2011
2021
2021

Publication Types

Select...
4
2
2

Relationship

0
8

Authors

Journals

citations
Cited by 14 publications
(7 citation statements)
references
References 16 publications
0
5
0
2
Order By: Relevance
“…For example, one early paper on web services states that ABAC "grants accesses to services based on the attributes possessed by the requester" [WWJ04], while a discussion of security in geographic information systems describes ABAC as an approach in which "attribute values associated with users determine the association of users with privileges" [CGLO09].…”
Section: A Working Definition Of Abacmentioning
confidence: 99%
“…For example, one early paper on web services states that ABAC "grants accesses to services based on the attributes possessed by the requester" [WWJ04], while a discussion of security in geographic information systems describes ABAC as an approach in which "attribute values associated with users determine the association of users with privileges" [CGLO09].…”
Section: A Working Definition Of Abacmentioning
confidence: 99%
“…Similarly, the approach referred to as XACML+OWL [14] combines OWL with XACML [27], with a view to decouple the management of constraints and RBAC hierarchies from the specification and the enforcement of the actual XACML policies. On the other hand, approaches such as [8][18] combine RBAC with the Attribute Based Access control (ABAC) paradigm [42], in order to take into account attributes during the definition of policies and the access control decision.…”
Section: Related Workmentioning
confidence: 99%
“…Cruz et al [6] propose an ontology to model the dynamic aspects of role-based access control. The information infrastructure of the Olympic Games is used as the scenario to assess the proposed approach.…”
Section: Related Workmentioning
confidence: 99%