143 Hits in 3.6 sec

Contemporaneous Update and Enforcement of ABAC Policies

Samir Talegaon, Gunjan Batra, Vijayalakshmi Atluri, Shamik Sural, Jaideep Vaidya
2022 Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies  
In this paper, considering the context of Attribute Based Access Control (ABAC), we propose an approach that is capable of immediately materializing any update to the policy and ensuring that it is taken  ...  One possibility is to update the policy based on the incoming changes through ABAC policy mining techniques.  ...  The content is solely the responsibility of the authors and does not necessarily represent the official views of the agencies funding the research.  ... 
doi:10.1145/3532105.3535021 fatcat:qzsz4dfqy5ajdc3tokjpcqz27m

A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC [chapter]

Xin Jin, Ram Krishnan, Ravi Sandhu
2012 Lecture Notes in Computer Science  
Although some proposals for ABAC have been published, and even implemented and standardized, there is no consensus on precisely what is meant by ABAC or the required features of ABAC.  ...  Recently, there has been considerable interest in attribute based access control (ABAC) to overcome the limitations of the dominant access control models (i.e, discretionary-DAC, mandatory-MAC and role  ...  Acknowledgment The authors are partially supported by grants from AFOSR MURI and the State of Texas Emerging Technology Fund.  ... 
doi:10.1007/978-3-642-31540-4_4 fatcat:xv2n4jqb3zahzfdnmaogkfzzdq

Recommender System for Geo-Social Access Control Framework

There are different types of access control models, having their own access control policies and criteria to grant the authority, to have an access to specific resources of an organization.  ...  According to United States cyber security 2018 statistics, insider threat holds the risk of 74% out of surveyed organizations.  ...  Attributes are building blocks of ABAC, to formulate policies and rules. Formulation of policies is done through Extensible Access Control Markup Language (XAML).  ... 
doi:10.35940/ijitee.b1013.1292s19 fatcat:r2yxhucke5eclckbt3sr5jhuay

Machine Learning in Access Control: A Taxonomy and Survey [article]

Mohammad Nur Nobi, Maanak Gupta, Lopamudra Praharaj, Mahmoud Abdelsalam, Ram Krishnan, Ravi Sandhu
2022 arXiv   pre-print
An increasing body of work has recognized the importance of exploiting machine learning (ML) advancements to address the need for efficient automation in extracting access control attributes, policy mining  ...  , policy verification, access decisions, etc.  ...  ), and Department of Electrical and Computer Engineering, and University of Texas at San Antonio, Texas, USA.,; Ravi Sandhu, ICS, C-SPECC, and Dept. of Computer Science, and University  ... 
arXiv:2207.01739v1 fatcat:u34qfyvhhnhfrmrur5knhch44y

D3.1 - ASCLEPIOS Security and Policies Model

Institute Of Communication And Computer Systems
2019 Zenodo  
It also reports on the semantics of context-based access control and ABE related policies.  ...  This deliverable provides a model for formally capturing the background knowledge and enabling the ABAC and ABE paradigms, in terms of the ASCLEPIOS project.  ...  CDA introduces the concept of incremental semantic interoperability.  ... 
doi:10.5281/zenodo.4022334 fatcat:vuujxbm7ozgxdprshc6ir2uqda

From Conventional to State-of-the-Art IoT Access Control Models

Ahmad Kamran Malik, Naina Emmanuel, Sidra Zafar, Hasan Ali Khattak, Basit Raza, Sarmadullah Khan, Ali H. Al-Bayatti, Madini O. Alassafi, Ahmed S. Alfakeeh, Mohammad A. Alqarni
2020 Electronics  
The domain of internet of things uses billions of devices (ranging from tiny sensors to macro scale devices) that continuously produce and exchange huge amounts of data with people and applications.  ...  The advent in Online Social Networks (OSN) and Internet of Things (IoT) has created a new world of collaboration and communication between people and devices.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/electronics9101693 fatcat:mtvlbubbyvbx5ph2bnfwnmlbqa

VisABAC: A Tool for Visualising ABAC Policies

Charles Morisset, David Sanchez
2018 Proceedings of the 4th International Conference on Information Systems Security and Privacy  
Authoring and editing access control policy can be a complex and cognitive demanding task, especially when dealing with a large number of rules and attributes.  ...  In this paper, we propose a new tool, VisABAC, which enables the visualisation of attribute based access control policies using the Circle Packing method.  ...  Ideally, we would like to ask questions related to any aspect of the editing or maintenance of a policy.  ... 
doi:10.5220/0006647401170126 dblp:conf/icissp/MorissetS18 fatcat:qjkqnqiz6nhpxbiihnhtgdk3di


Sonia Jahid, Carl A. Gunter, Imranul Hoque, Hamed Okhravi
2011 Proceedings of the first ACM conference on Data and application security and privacy - CODASPY '11  
Attribute-based Access Control (ABAC) based on XACML can substantially improve the security and management of access rights on databases.  ...  The main contributions are an architecture and algorithms for efficiently addressing incremental changes in attributes that could trigger changes to the ACLs.  ...  The views expressed are those of the authors only.  ... 
doi:10.1145/1943513.1943528 dblp:conf/codaspy/JahidGHO11 fatcat:fi74l2zhsvcn7exka4jqymvhcq

Greedy and Evolutionary Algorithms for Mining Relationship-Based Access Control Policies [article]

Thang Bui, Scott D. Stoller, Jiajie Li
2018 arXiv   pre-print
ReBAC policy mining algorithms have potential to significantly reduce the cost of migration from legacy access control systems to ReBAC, by partially automating the development of a ReBAC policy from an  ...  We formulate ReBAC as an object-oriented extension of attribute-based access control (ABAC) in which relationships are expressed using fields that refer to other objects, and path expressions are used  ...  Entity-based access control: supporting more expressive access control policies. In Proc. 31st Annual Computer Security Applications Conference (ACSAC 2015), pages 291-300. ACM, 2015.  ... 
arXiv:1708.04749v4 fatcat:z4ujlenvpvgwlil4fv2ggddx4i

A Decision Tree Learning Approach for Mining Relationship-Based Access Control Policies [article]

Thang Bui, Scott D. Stoller
2020 arXiv   pre-print
ReBAC policy mining algorithms have the potential to significantly reduce the cost of migration from legacy access control systems to ReBAC, by partially automating the development of a ReBAC policy.  ...  Compared to state-of-the-art ReBAC mining algorithms, our algorithms are significantly faster, achieve comparable policy quality, and can mine policies in a richer language.  ...  Sekar for suggesting decision tree learning as an approach to policy mining.  ... 
arXiv:1909.12095v5 fatcat:6tusi3bfgzcq3jmeei3vaspsve

Policy-Based Access Controls

Mary K McKee
2021 IDPro Body of Knowledge  
 One such paradigm is known as Policy-Based Access Control (PBAC), which is most differentiated by two key characteristics:1.  ...  PBAC facilitates the evaluation of context (time of day, location, etc.) in granting access to a protected resource.  ...  The discrete nature of PBAC permissions allows these systems to accommodate precise, intuitive, and incremental change to controls as business and regulatory needs emerge without compounding maintenance  ... 
doi:10.55621/idpro.61 fatcat:5o37rjrrpjd47hzhmud6ozapia

XPA: An Open Soruce IDE for XACML Policies (S)

Roshan Shrestha, Shuai Peng, Turner Lehmbecker, Dianxiang Xu
2018 Proceedings of the 30th International Conference on Software Engineering and Knowledge Engineering  
XPA provides a variety of new techniques for generating test cases from policies, localizing bugs in faulty policies, and repairing faulty policy elements.  ...  These policies have been used to quantitatively evaluate the effectiveness of various testing and debugging methods.  ...  INTRODUCTION Attribute-Based Access Control (ABAC) is a new generation of access control techniques.  ... 
doi:10.18293/seke2018-027 dblp:conf/seke/ShresthaPLX18 fatcat:4zh6dl7knvgtjkvfufbl3hob74

T-RBAC based Multi-domain Access Control Method in Cloud

Dapeng Xiong, Liang Chen
2017 Network Protocols and Algorithms  
Comparative trial show that new policy had an advantage in flexibility and availability of multi-domain access control model.  ...  In order to improve the deficiency of the current multi domain access control in timeliness and flexibility. This paper put forward a dynamic access control policy on the basis of task driving idea.  ...  Acknowledgement This research has been supported by National High Technology Research and Development Application of China (2012AA012902) and "HGJ" National Major Technological Projects (2013ZX01045-004  ... 
doi:10.5296/npa.v8i4.10411 fatcat:gbmzmnehafd4nhcfgj6s4imike


Michael LeMay, Omid Fatemieh, Carl A. Gunter
2007 Proceedings of the 12th ACM symposium on Access control models and technologies - SACMAT '07  
This paper introduces PolicyMorph, a constraint system that supports interactive development and maintenance of access control policies that respect both formalized and un-formalized business rules and  ...  PolicyMorph advances the state-of-the-art in constraint systems by suggesting predictable policy model modifications that will resolve specific constraint violations and then allowing policy administrators  ...  INTRODUCTION Many of the challenges that arise during the development and maintenance of an access control policy are caused by the inability of the policy administrator to correctly translate high-level  ... 
doi:10.1145/1266840.1266874 dblp:conf/sacmat/LeMayFG07 fatcat:ea7hqxsvfbfftdvf6v6cddey5y

BlendCAC: A Smart Contract Enabled Decentralized Capability-Based Access Control Mechanism for the IoT

Ronghua Xu, Yu Chen, Erik Blasch, Genshe Chen
2018 Computers  
Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient  ...  While Internet of Things (IoT) technology has been widely recognized as an essential part of Smart Cities, it also brings new challenges in terms of privacy and security.  ...  In the ABAC, AC policies are defined through directly associating attributes with subjects.  ... 
doi:10.3390/computers7030039 fatcat:gs5bc3ojmbexpb2lkhigisphza
« Previous Showing results 1 — 15 out of 143 results