Security analysis of ABAC under an administrative model

In the present-day computing environment, where access control decisions are often dependent on contextual information like the location of the requesting user and the time of access request, attribute-based access control (ABAC) has emerged as a suitable choice for expressing security policies. In...

Full description

Saved in:
Bibliographic Details
Published inIET information security Vol. 13; no. 2; pp. 96 - 103
Main Authors Jha, Sadhana, Sural, Shamik, Atluri, Vijayalakshmi, Vaidya, Jaideep
Format Journal Article
LanguageEnglish
Published England The Institution of Engineering and Technology 01.03.2019
Subjects
ABAC system
access control decisions
access decisions
access request
attribute assignment
attribute values
attribute‐based access control
authorisation
comprehensive attribute‐based administrative model
computability
contextual information
present‐day computing environment
requesting user
Research Article
satisfiability modulo theories‐based model checking tool
security analysis
security implications
security policies
security properties
access decisions
security analysis
access request
access control decisions
requesting user
attribute-based access control
computability
security properties
contextual information
security implications
attribute values
satisfiability modulo theories-based model checking tool
security policies
authorisation
comprehensive attribute-based administrative model
attribute assignment
present-day computing environment
ABAC system
Online AccessGet full text
ISSN1751-8709
1751-8717
1751-8717
DOI10.1049/iet-ifs.2018.5010

Cover

More Information
Summary:In the present-day computing environment, where access control decisions are often dependent on contextual information like the location of the requesting user and the time of access request, attribute-based access control (ABAC) has emerged as a suitable choice for expressing security policies. In an ABAC system, access decisions depend on the set of attribute values associated with the subjects, resources, and the environment in which an access request is made. In such systems, the task of managing the set of attributes associated with the entities as well as that of analysing and understanding the security implications of each attribute assignment is of paramount importance. Here, the authors first introduce a comprehensive attribute-based administrative model, named as AMABAC (Administrative Model for ABAC), for ABAC systems and then suggest a methodology for analysing the security properties of ABAC in the presence of the administrative model. For performing analysis, the authors use μZ, a satisfiability modulo theories-based model checking tool. The authors study the impact of the various components of ABAC and AMABAC on the time taken for security analysis.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 23
ISSN:1751-8709
1751-8717
1751-8717
DOI:10.1049/iet-ifs.2018.5010