An administrative model for collaborative management of ABAC systems and its security analysis

Sadhana Jha, Shamik Sural, Vijayalakshmi Atluri, Jaideep Vaidya

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Attribute-based Access Control (ABAC) has been emerging as a suitable choice for large and federated enterprises due to its flexibility in expressing various types of security policies. Improved flexibility, however, results in higher design complexity and consequently, possibility of undesired flow of information. Reliance of access decision on the attribute values of subjects, objects and environment underscores the need for a formal way of managing attribute assignment in ABAC systems. Since large enterprises potentially have hundreds of subjects and thousands of resources, centralized management of attribute assignment is inexpedient. This paper introduces an attribute-based administrative model that supports decentralized administration of ABAC systems. The proposed model consists of a number of operations to administer the set of subjects and the set of subject attribute assignments in an ABAC system. We then suggest a methodology for analyzing the security properties of ABAC using Alloy analyzer in the presence of the proposed administrative model.

Original languageEnglish (US)
Title of host publicationProceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages64-73
Number of pages10
ISBN (Electronic)9781509046072
DOIs
StatePublished - Jan 6 2017
Event2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016 - Pittsburgh, United States
Duration: Nov 1 2016Nov 3 2016

Publication series

NameProceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016

Other

Other2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016
Country/TerritoryUnited States
CityPittsburgh
Period11/1/1611/3/16

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Sociology and Political Science

Keywords

  • Administrative model
  • Alloy analyzer
  • Attribute based access control
  • Security analysis

Fingerprint

Dive into the research topics of 'An administrative model for collaborative management of ABAC systems and its security analysis'. Together they form a unique fingerprint.

Cite this