AARBAC: Attribute-Based Administration of Role-Based Access Control

Ninglekhu, Jiwan; Krishnan, Ram

doi:10.1109/cic.2017.00027

Cited by 7 publications

(1 citation statement)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A role based administrative model is presented in Rajkumar and Sandhu (2016) to administer RBAC components and monitor administrative permissions. An attribute based administration model is presented in Ninglekhu and Krishnan (2017a) and Ninglekhu and Krishnan (2017b) to manage URA and PRA components of RBAC. Finally, an attribute based administration model for managing RRA component of RBAC is presented in Ninglekhu and Krishnan (2017c).…”

Section: Research Backgroundmentioning

confidence: 99%

A Role-Based Administrative Model for Administration of Heterogeneous Access Control Policies and its Security Analysis

et al. 2021

View full text Add to dashboard Cite

Over the past few years, several efforts have been made to enable specification and enforcement of flexible and dynamic access control policies using traditional access control (such as role based access control (RBAC), etc.) and attribute based access control (ABAC). Recently, a unified framework, named MPBAC (meta-policy based access control), has been developed to enable specification and enforcement of heterogeneous access control policies such as ABAC, RBAC and a combination of policies (such as ABAC and RBAC). However, one significant limitation is that no complete administrative model has been developed for heterogeneous access control policies. In this article, we present a complete role-based administrative model (named as RAMHAC) for managing heterogeneous access control policies. We also introduce a novel methodology for analyzing heterogeneous access control policies in the presence of RAMHAC by modeling the policies through Datalog facts and using the μz tool. The administrative model includes a wide range of administrative relations, commands, pre-constraints and post-constraints. A comprehensive experimental evaluation demonstrates the scalability of the proposed approach.

show abstract

Section: Research Backgroundmentioning

confidence: 99%

A Role-Based Administrative Model for Administration of Heterogeneous Access Control Policies and its Security Analysis

et al. 2021

View full text Add to dashboard Cite

show abstract

Inter‐cloud secure data sharing and its formal verification

Zhang

Yang

et al. 2021

Trans Emerging Tel Tech

View full text Add to dashboard Cite

With the development of cloud computing, data sharing and collaboration have become increasing among cloud‐oriented organizations. In addition to trivial management work, data providers face many difficulties in managing access control policies in cloud data sharing, to prevent permission abuse and information leakage. This article mainly answers the following question: is it possible to achieve verifiably secure inter‐cloud data sharing? This article proposes an inter‐cloud data sharing (ICDS) approach based on ciphertext‐policy attribute‐based encryption (CP‐ABE) to ensure the security of ICDS. The security properties that ICDS holds are formally verified, where the information flow rules are defined and used in the verification. The information flow of the proposed ICDS is firstly modeled by use of high‐level Petri nets (HLPN) formally, then being represented in Z language, and at last the security properties of ICDS are verified by the Z3 solver. The formal analysis proves that the ICDS holds the security properties of confidentiality, authenticity, and collusion‐resistance.

show abstract