Supporting parameterised roles with object-based access control

Evered, Mark

doi:10.1109/hicss.2003.1174463

Cited by 1 publication

(1 citation statement)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[15] defines parameterized privileges to restrict access to a subset of objects. Similar literature such as parameterized role [3,10,14], object sensitive role [12] and attributed role [27] are also proposed. RB-RBAC model [4] use attributes to assist automatic user-role assignment.…”

Section: Related Workmentioning

confidence: 99%

A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC

Jin¹,

Krishnan²,

Sandhu³

2012

Lecture Notes in Computer Science

324

205

View full text Add to dashboard Cite

Recently, there has been considerable interest in attribute based access control (ABAC) to overcome the limitations of the dominant access control models (i.e, discretionary-DAC, mandatory-MAC and role based-RBAC) while unifying their advantages. Although some proposals for ABAC have been published, and even implemented and standardized, there is no consensus on precisely what is meant by ABAC or the required features of ABAC. There is no widely accepted ABAC model as there are for DAC, MAC and RBAC. This paper takes a step towards this end by constructing an ABAC model that has "just sufficient" features to be "easily and naturally" configured to do DAC, MAC and RBAC. For this purpose we understand DAC to mean owner-controlled access control lists, MAC to mean lattice-based access control with tranquility and RBAC to mean flat and hierarchical RBAC. Our central contribution is to take a first cut at establishing formal connections between the three successful classical models and desired ABAC models.

show abstract