A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC - Data and Applications Security and Privacy XXVI Access content directly
Conference Papers Year : 2012

A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC

Abstract

Recently, there has been considerable interest in attribute based access control (ABAC) to overcome the limitations of the dominant access control models (i.e, discretionary-DAC, mandatory-MAC and role based-RBAC) while unifying their advantages. Although some proposals for ABAC have been published, and even implemented and standardized, there is no consensus on precisely what is meant by ABAC or the required features of ABAC. There is no widely accepted ABAC model as there are for DAC, MAC and RBAC. This paper takes a step towards this end by constructing an ABAC model that has “just sufficient” features to be “easily and naturally” configured to do DAC, MAC and RBAC. For this purpose we understand DAC to mean owner-controlled access control lists, MAC to mean lattice-based access control with tranquility and RBAC to mean flat and hierarchical RBAC. Our central contribution is to take a first cut at establishing formal connections between the three successful classical models and desired ABAC models.

Keywords

Fichier principal
Vignette du fichier
978-3-642-31540-4_4_Chapter.pdf (344.46 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01534757 , version 1 (08-06-2017)

Licence

Attribution

Identifiers

Cite

Xin Jin, Ram Krishnan, Ravi Sandhu. A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.41-55, ⟨10.1007/978-3-642-31540-4_4⟩. ⟨hal-01534757⟩
169 View
611 Download

Altmetric

Share

Gmail Facebook X LinkedIn More