Attribute-based access control (ABAC) is a promising alternative to traditional models of access control (i.e. discretionary access control (DAC), mandatory access control (MAC) and role-based access control (RBAC)) that is drawing attention in both recent academic literature and industry application. However, formalization of a foundational model of ABAC and large scale adoption are still lacking. This paper seeks to aid in the transition by providing a formal model of hierarchical ABAC, called Hierarchical Group and Attribute-Based Access Control (or HGABAC), which includes attribute inheritance through user and object groups as well as environment, connection and administrative attributes. A formal specification and an attribute-based policy language are provided. Finally, several example configurations (which demonstrate the versatility of the model) are presented and evaluated.
CITATION STYLE
Servos, D., & Osborn, S. L. (2015). HGABAC: Towards a formal model of hierarchical attribute-based access control. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 8930, 187–204. https://doi.org/10.1007/978-3-319-17040-4_12
Mendeley helps you to discover research relevant for your work.