A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC

Jin, Xin; Krishnan, Ram; Sandhu, Ravi

doi:10.1007/978-3-642-31540-4_4

Cited by 324 publications

(213 citation statements)

References 28 publications

Supporting

Mentioning

213

Contrasting

Order By: Relevance

“…It follows the Attribute-based access-control model (ABAC) [7] what, along with its extensibility, provides to the language enough flexibility to represent policies following different access-control models. Other approaches [15,19] describe languages and tools able to produce flexible access-control models.…”

Section: Xacml Policy Languagementioning

confidence: 99%

“…However, several reason inclined us to choose XACML. First of all, thanks to its ABAC philosophy, XACML is able to represent a wider range of security policies (see [7] for the capabilities of ABAC to cover other AC models), while other extensible languages like SecureUML [10] will impose the use of RBAC. Secondly, being an standard language, we expect a wider adoption and a more consistent maintenance and evolution of the language.…”

Section: Xacml Policy Languagementioning

confidence: 99%

See 1 more Smart Citation

Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems

Martínez

García-Alfaro²,

Cuppens

et al. 2015

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Abstract. Security is a critical concern for any information system. Security properties such as confidentiality, integrity and availability need to be enforced in order to make systems safe. In complex environments, where information systems are composed of a number of heterogeneous subsystems, each must participate in their achievement. Therefore, security integration mechanisms are needed in order to 1) achieve the global security goal and 2) facilitate the analysis of the security status of the whole system. For the specific case of access-control, access-control policies may be found in several components (databases, networks and applications) all, supposedly, working together in order to meet the high level security property. In this work we propose an integration mechanism for accesscontrol policies to enable the analysis of the system security. We rely on modeldriven technologies and the XACML standard to achieve this goal.

show abstract

Section: Xacml Policy Languagementioning

confidence: 99%

Section: Xacml Policy Languagementioning

confidence: 99%

Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems

Martínez

García-Alfaro²,

Cuppens

et al. 2015

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…Firstly, by employing attribute-based access control (ABAC, [11]), XACML supports most of the rules required by the case study. Secondly, by employing policy trees (see Figure 1), XACML supports structuring multiple rules and reasoning about how these relate in case of conflict.…”

Section: Deny I F T H E Owning P a T I E N T Has Withdrawn C O N S mentioning

confidence: 99%

“…2. Our vision on policy specification: an application security expert should be able to specify policies for his or her specific organization and application by instantiating policy patterns represented as templates pre-defined by other experts access control (ABAC, [11]) and policy trees. Firstly, ABAC is a recent access control model that expresses rules in terms of key-value properties of the subject, the resource and the environment called attributes.…”

Section: Context and Problem Illustrationmentioning

confidence: 99%

Improving Reuse of Attribute-Based Access Control Policies Using Policy Templates

Decat

Moeys

Lagaisse

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Access control is key to limiting the actions of users in an application and attribute-based policy languages such as XACML allow to express a wide range of access rules. As these policy languages become more widely used, policies grow both in size and complexity. Modularity and reuse are key to specifying and managing such policies effectively. Ideally, complex or domain-specific policy patterns are defined once and afterwards instantiated by security experts in their application-specific policies. However, current policy languages such as XACML provide only limited features for modularity and reuse. To address this issue, we introduce policy templates as part of a novel attribute-based policy language called STAPL. Policy templates are policies containing unbound variables that can be specified when instantiating the template in another policy later on. STAPL supports four types of policy templates with increasing complexity and expressiveness. This paper illustrates how these policy templates can be used to define reusable policy patterns and validates that policy templates are an effective means to simplify the specification of large and complex attribute-based policies.

show abstract

“…The messages that can be sent using this tool are classified according their persistence. Also, users are managed via an Access Control List (ACL) [10], what ensures the security of access.…”

Section: Cooperative E-learning Using Schom Toolmentioning

confidence: 99%

EXPEL Protocol Based Architecture for Cooperative E-Learning

Aissaoui¹,

Ettifouri²,

Azizi³

2016

Int. J. Emerg. Technol. Learn.

View full text Add to dashboard Cite

Abstract-Using E-learning platforms in learning process become a common phenomenon because of the large use of Information and Communication Technologies (ICT) in all fields. A huge number of e-learning platforms were developed what makes their list richer and bigger. Most of teachers have the possibility to choose the suitable platform for their needs. Consequently, we may find more than one platform used in the same institution, and thus students have to connect independently on each system. This diversity in use of platforms makes the learning process for students more difficult which discourage them to follow online courses. In this paper, we propose a new architecture to solve this problem by unifying access and managing cooperation between platforms used in the same institution.

show abstract

A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC

Cited by 324 publications

References 28 publications

Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems

Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems

Improving Reuse of Attribute-Based Access Control Policies Using Policy Templates

EXPEL Protocol Based Architecture for Cooperative E-Learning

Contact Info

Product

Resources

About