Filters








26 Hits in 3.4 sec

Higher-Order Relationship-Based Access Control: A Temporal Instantiation with IoT Applications

Chahal Arora, Syed Zain R. Rizvi, Philip W.L. Fong
2022 Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies  
We extend a recently proposed graph matching algorithm to handle temporality in our model, thereby yielding an efficient authorization mechanism, the performance of which has been evaluated empirically  ...  We propose an access control model, HO(T)-ReBAC, for facilitating access control in such dynamic environments.  ...  ACKNOWLEDGMENTS This work is supported in part by an NSERC Discovery Grant (RGPIN-2020-05238).  ... 
doi:10.1145/3532105.3535026 fatcat:tnq3zgqclnga5nepjanpnyulza

Extended Authorization Policy for Graph-Structured Data

Aya Mohamed, Dagmar Auer, Daniel Hofer, Josef Küng
2021 SN Computer Science  
Attribute-based access control (ABAC) supports a fine-grained definition of authorization rules and policies.  ...  AbstractThe high increase in the use of graph databases also for business- and privacy-critical applications demands for a sophisticated, flexible, fine-grained authorization and access control (AC) approach  ...  Acknowledgements The research reported in this paper has been partly supported by the LIT Secure and Correct Systems Lab funded by the State of Upper Austria.  ... 
doi:10.1007/s42979-021-00684-8 fatcat:sh34hrzl65cztl2jldlqvm23c4

Relationship-Based Access Control for OpenMRS [article]

Syed Zain Rizvi, Philip W.L. Fong, Jason Crampton, James Sellwood
2015 arXiv   pre-print
In particular, we compare the performance of the various authorization schemes we implemented, thereby demonstrating the feasibility of ReBAC.  ...  In addition, we designed and implemented the first administrative model for ReBAC.  ...  AUTHORIZATION GRAPH In the early conception of ReBAC [10] , the protection state is a social network of users: an edge-labelled, directed graph in which vertices represent users and edges model their  ... 
arXiv:1503.06154v1 fatcat:ivypxvrmf5affd3ybciugts3xe

Relationship-Based Access Control for an Open-Source Medical Records System

Syed Zain R. Rizvi, Philip W.L. Fong, Jason Crampton, James Sellwood
2015 Proceedings of the 20th ACM Symposium on Access Control Models and Technologies - SACMAT '15  
In particular, we compare the performance of the various authorization schemes we implemented, thereby demonstrating the feasibility of ReBAC.  ...  In addition, we designed and implemented the first administrative model for ReBAC.  ...  Acknowledgments This work is supported in part by an NSERC Discovery Grant (RGPIN-2014-06611) and a Canada Research Chair (950-229712).  ... 
doi:10.1145/2752952.2752962 dblp:conf/sacmat/RizviFCS15 fatcat:tlxigazkkrcl5deo2ryhgobq54

Access Control Models

Maria Penelova
2021 Cybernetics and Information Technologies  
First, an overview of access control models is presented.  ...  The results of the comparative analysis are presented in tables. Prospects of development of new models are specified.  ...  Relationships in ReBAC use context, which supports delegation of trust. There is no data for other models to support delegation of trust.  ... 
doi:10.2478/cait-2021-0044 fatcat:jaq65u6lcbdwlae4xlsazje6um

A Datalog Framework for Modeling Relationship-based Access Control Policies

Edelmira Pasarella, Jorge Lobo
2017 Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies - SACMAT '17 Abstracts  
To support our claim, we first formalize the merging of two recent proposals for modeling ReBAC, one based on hybrid logic and the other one based on path regular expressions.  ...  In this paper, we introduce a class of Datalog programs suitable for modeling ReBAC and argue that this class of programs, that we called ReBAC Datalog policies, provides a very general framework to specify  ...  mechanisms to answer Datalog queries exist and a lot of effort has gone to optimize these methods since Datalog is the core mathematical foundation of the relational database model and the database query  ... 
doi:10.1145/3078861.3078871 dblp:conf/sacmat/PasarellaL17 fatcat:oq3cltjt6vbmfca6m5e3iscg3i

Relationship-based access control policies and their policy languages

Philip W.L. Fong, Ida Siahaan
2011 Proceedings of the 16th ACM symposium on Access control models and technologies - SACMAT '11  
In this work, we argue that the extensive use of what we call Relational Policies is what distinguishes ReBAC from traditional access control models.  ...  It supports the natural expression of parameterized roles, the composition of policies, and the delegation of trust.  ...  Acknowledgements This work is supported in part by an NSERC Discovery Accelerator Supplements.  ... 
doi:10.1145/1998441.1998450 dblp:conf/sacmat/FongS11 fatcat:2ihuny6ogvhsrfhglgvinxdc2e

An Administrative Model for Relationship-Based Access Control [chapter]

Scott D. Stoller
2015 Lecture Notes in Computer Science  
The administrative model is comprehensive in the sense that it allows and controls changes to all aspects of the ReBAC policy.  ...  The model is illustrated with parts of a sample access control policy for electronic health records in a healthcare network.  ...  Another approach to developing an efficient authorization checking algorithm is to try to adapt Liu and Stoller's approach to efficient implementation of complex graph queries [13] .  ... 
doi:10.1007/978-3-319-20810-7_4 fatcat:fkzd32xqjbh5hhvcdy3twxo3me

Graph Model Implementation of Attribute-Based Access Control Policies [article]

Hadi Ahmadi, Derek Small
2019 arXiv   pre-print
Graph databases excel at querying connected data and hence can evaluate complex policies efficiently via graph traversal algorithms.  ...  Attribute-based access control (ABAC) promises a powerful way of formalizing access policies in support of a wide range of access management scenarios.  ...  Access queries and policy matching The main strength of our ABAC graph model is in allowing the Graph to be self contained for authorization queries.  ... 
arXiv:1909.09904v1 fatcat:kk6w7nldivatpjlvkpdx3w2fja

Access control models for geo-social computing systems

Ebrahim Tarameshloo, Philip W.L. Fong
2014 Proceedings of the 19th ACM symposium on Access control models and technologies - SACMAT '14  
Recent years have seen the emergence of a new generation of social computing systems that are GSCSs. This paper proposes a protection model for GSCSs.  ...  A Geo-Social Computing System (GSCS) allows users to declare their current locations, and uses these declared locations to make authorization decisions.  ...  Acknowledgments This work is supported in part by an NSERC Discovery Grant and a Canada Research Chair.  ... 
doi:10.1145/2613087.2613098 dblp:conf/sacmat/TarameshlooF14 fatcat:7sm7duv5abccbbkiux4sre42d4

An Access Control Model for Online Social Networks Using User-to-User Relationships

Yuan Cheng, Jaehong Park, Ravi Sandhu
2016 IEEE Transactions on Dependable and Secure Computing  
Ravi Sandhu is founding Executive Director of the Institute for Cyber Security at the University of Texas San Antonio, and holds an Endowed Chair.  ...  He is an ACM, IEEE and AAAS Fellow and inventor on 29 patents.  ...  ACKNOWLEDGMENT This work is partially supported by grants CNS-0831452 and CNS-1111925 from the National Science Foundation.  ... 
doi:10.1109/tdsc.2015.2406705 fatcat:6757dhvj7natvbj5q63yx45ifi

Access control technologies for Big Data management systems: literature review and future trends

Pietro Colombo, Elena Ferrari
2019 Cybersecurity  
Data security and privacy issues are magnified by the volume, the variety, and the velocity of Big Data and by the lack, up to now, of a reference data model and related data manipulation languages.  ...  In this paper, we focus on one of the key data security services, that is, access control, by highlighting the differences with traditional data management systems and describing a set of requirements  ...  The authors declare that they have no competing interests. Publisher's Note Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.  ... 
doi:10.1186/s42400-018-0020-9 fatcat:2wyaml2ffnfpjhof6faknr3wle

A symbolic attribute-based access control model for data security in the cloud

Iyabo Felicia Oyeyinka, Sunday Idowu, Afolashade Kuyoro
2021 ITEGAM- Journal of Engineering and Technology for Industrial Applications (ITEGAM-JETIA)  
This implies that SABAC is highly efficient for cloud data security. It shows that hackers would find it impossible to match any fake identity with valid HSA in the database.  ...  Hence, this study developed a Symbolic Attribute-Based Access Control (SABAC) system for data security in the cloud service environment.  ...  Source: Authors, (2021). Figure 5 : 5 Graph of Availability. Source: Authors, (2021). Figure 6 : 6 Graph of Integrity. Source: Authors, (2021). Figure 7 : 7 Confidentiality Graph.  ... 
doi:10.5935/jetia.v7i29.750 fatcat:cgmsijr5zzhmhhtinqqbcc5plq

Circuitree: A Datalog Reasoner in Zero-Knowledge

Tom Godden, Ruben De Smet, Christophe Debruyne, Thibaut Vandervelden, Kris Steenhaut, An Braeken
2022 IEEE Access  
The research was partly supported by the project fund for technology and transfer (Tetra) of Flanders Innovation & Entrepreneurship (Vlaio) under award number HBC.2020.2073-Velcro.  ...  The bulk of this article (Sections V and VI) is concerned with generating these constraints in an efficient manner.  ...  In such a system, a database query suffices to establish whether a user is allowed to write data.  ... 
doi:10.1109/access.2022.3153366 fatcat:h572alphlzerjnm3wiuld62teu

Relationship-based information sharing in cloud-based decentralized social networks

Davide Alberto Albertini, Barbara Carminati
2014 Proceedings of the 4th ACM conference on Data and application security and privacy - CODASPY '14  
Then, we have defined a query rewriting technique capable of extending defined access control policy authorizations by exploiting data dependencies, in order to authorize unauthorized but inferable data  ...  support in all of my life, and to Ljuba, my sister, whosomehow-inspired me in pursuing my dreams with hers stubbornness and hers obstinacy.  ...  of time had together made their presence implied.  ... 
doi:10.1145/2557547.2557574 dblp:conf/codaspy/AlbertiniC14 fatcat:isavxnqj65fd5cfbqh3si33qmi
« Previous Showing results 1 — 15 out of 26 results