Attribute-based Access Control (ABAC) was recently proposed as a general model which is able to capture the main existing access control models. This paper discusses the problems of configuring ABAC and engineering access policies. We question how to design attributes, how to assign attributes to subjects, objects, actions, and how to formulate access policies which bind subjects to objects and actions via attributes. Inspired by the role mining problem in Role-based Access Control, in this paper we propose the first attempt to formalise ABAC in a matrix form and define formally a problem of access policy engineering. Our approach is based on the XACML standard to be more practical. © 2013 Springer International Publishing.
CITATION STYLE
Krautsevich, L., Lazouski, A., Martinelli, F., & Yautsiukhin, A. (2013). Towards policy engineering for attribute-based access control. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8292 LNCS, pp. 85–102). https://doi.org/10.1007/978-3-319-03491-1_6
Mendeley helps you to discover research relevant for your work.