article

Towards Attribute-Centric Access Control: an ABAC versus RBAC argument

Authors:

Arjumand Fatima,

Muhammad Awais Shibli,

Abdul Ghafoor AbassiAuthors Info & Claims

Security and Communication Networks, Volume 9, Issue 16

Pages 3152 - 3166

https://doi.org/10.1002/sec.1520

Published: 10 November 2016 Publication History

Abstract

Recent developments in attribute-based access control have fueled the conventional debate regarding the pros and cons of Attributes-based access control ABAC versus Role-based access control RBAC. However, existing arguments have been primarily focused on the complexity analysis of the two models instead of their comprehensive need analysis. On the contrary, the success and evolution of RBAC as a de-facto access control model is based on the thorough need analysis of using roles as a primary decision factor for controlling access. Analogously, we need to consider the application areas for comparing the use of role-based and attribute-based approach. In this regard, our work aims to bridge the gap between the RBAC and the ABAC proponents by convincing the RBAC supporters of the effectiveness of ABAC. We identify various inherent traits of RBAC which have eventually become its limitations in addressing future access control needs for providing flexible, fine-grained, multifactor, and anonymous authorization in dynamically changing and context sensitive environments. These limitations are usually addressed either through extended RBAC models or ABAC model. We analyze the two approaches with respect to their effectiveness in overcoming the identified limitations and draw the conclusion that the attribute-centric approach is the ultimate future of access control. Copyright © 2016 John Wiley & Sons, Ltd.

References

[1]

Ferraiolo D. Towards an ABAC family of models, 2013. Available from: "http://csrc.nist.gov/projects/abac/july2013_workshop/july2013_abac_workshop_abac-model-framework_dferraiolo.pdf" {Last Accessed: June, 2016}.

[2]

Sandhu R. The authorization leap from rights to attributes: maturation or chaos? In Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, Newark, USA, 2012; pp.69-70.

Digital Library

[3]

Lang B, Foster I, Siebenlist F, Ananthakrishnan R, Freeman T. A flexible attribute based access control method for grid computing. Journal of Grid Computing 2009; Volume 7 Issue 2: pp.169-180.

[4]

Ardagna CA, Cremonini M, di¿Vimercati SDC, Samarati P. Access control in location-based services. In Privacy in Location-Based Applications. Springer: Springer-Verlag Berlin, Heidelberg, 2009; pp.106-126.

Digital Library

[5]

Ardagna CA, De¿Capitani¿di Vimercati S, Neven G, Paraboschi S, Preiss FS, Samarati P, Verdicchio M. Enabling privacy-preserving credential-based access control with xacml and saml. 2010 IEEE 10th International Conference on Computer and Information Technology CIT, Bradford, United Kingdom, 2010; pp.1090-1095.

Digital Library

[6]

Ardagna CA, De¿Capitani¿di Vimercati S, Paraboschi S, Pedrini E, Samarati P, Verdicchio M. Expressive and deployable access control in open web service applications. IEEE Transactions on Services Computing 2011; Volume 4 Issue 2: pp.96-109.

Digital Library

[7]

Rubio-Medrano CE, D'Souza C, Ahn GJ. Supporting secure collaborations with attribute-based access control. 2013 9th International Conference Conference on Collaborative Computing: Networking, Applications and Worksharing Collaboratecom, Austin, Texas, United States, 2013; pp.525-530.

[8]

Kuhn DR, Coyne EJ, Weil TR. Adding attributes to role-based access control. Computer 2010; Volume 6: pp.79-81.

Digital Library

[9]

Jin X, Sandhu R, Krishnan R .Rabac: role-centric attribute-based access control. In Computer Network Security Springer: Petersburg, Russia 2012; pp.84-96.

Digital Library

[10]

Coyne E, Weil TR. ABAC and RBAC: scalable, flexible, and auditable access management. IT Professional 2013; Volume 15 Issue 3: pp.0014-16.

Digital Library

[11]

Sandhu RS, Samarati P. Access control: principle and practice. IEEE Communications Magazine 1994; Volume 32 Issue 9: pp.40-48.

Digital Library

[12]

Fuchs L, Pernul G. 2008. Hydro-hybrid development of roles. In Information Systems Security Springer: Hyderabad, India; pp.287-302.

Digital Library

[13]

Fuchs L, Pernul G, Sandhu R. Roles in information security-a survey and classification of the research area. Computers & Security 2011; Volume 30 Issue 8: pp.748-769.

Digital Library

[14]

Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R. Proposed nist standard for role-based access control. ACM Transactions on Information and System Security TISSEC 2001; Volume 4 Issue 3: pp.224-274.

Digital Library

[15]

Sandhu R, Ferraiolo D, Kuhn R. The nist model for role-based access control: towards a unified standard. ACM Workshop on Role-Based Access Control 2000; Volume 2000: pp.1-11.

Digital Library

[16]

Damiani E, di¿Vimercati SDC, Samarati P. New paradigms for access control in open environments. 2005. Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, IEEE: Athens, Greece, 2005; pp.540-545.

[17]

Coetzee M, Eloff JH. Towards web service access control. Computers & Security 2004; Volume 23 Issue 7: pp.559-570.

Digital Library

[18]

Ardagna CA, Damiani E, di¿Vimercati SDC, Samarati P. Xml-based access control languages. Information Security Technical Report 2004; Volume 9 Issue 3: pp.35-46.

Digital Library

[19]

Dictionaries O. Static, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/static?searchDictCode=all" {Last Accessed: February, 2015}.

[20]

Hulsebosch R, Salden AH, Bargh MS, Ebben PW, Reitsma J. Context sensitive access control. Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, ACM: Stockholm, Sweden, 2005; pp.111-119.

Digital Library

[21]

Covington MJ, Long W, Srinivasan S, Dev AK, Ahamad M, Abowd GD. Securing context-aware applications using environment roles. Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, ACM: Virginia, USA, 2001; pp.10-20.

Digital Library

[22]

Yuan E, Tong J. Attributed based access control ABAC for web services. Web Services, 2005. ICWS 2005. Proceedings. 2005 IEEE International Conference on, IEEE: Orlando, FL, 2005; pp.4-8.

Digital Library

[23]

Dictionaries O. Coarse-grained, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/coarse-grained?searchDictCode=all" {Last Accessed: February, 2015}.

[24]

Dictionaries O. Fine-grained, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/fine-grained?searchDictCode=all" {Last Accessed: February, 2015}.

[25]

Wang Q, Yu T, Li N, Lobo J, Bertino E, Irwin K, Byun JW. On the correctness criteria of fine-grained access control in relational databases. Proceedings of the 33rd International Conference on Very Large Data Bases, VLDB Endowment: Vienna, Austria, 2007; pp.555-566.

Digital Library

[26]

Fischer J, Marino D, Majumdar R, Millstein T. 2009. Fine-grained access control with object-sensitive roles. In ECOOP 2009-Object-Oriented Programming Springer: Genoa, Italy; pp.173-194.

Digital Library

[27]

Tolone W, Ahn GJ, Pai T, Hong SP. Access control in collaborative systems. ACM Computing Surveys CSUR 2005; Volume 37 Issue 1: pp.29-41.

Digital Library

[28]

Goyal V, Pandey O, Sahai A, Waters B. Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of the 13th ACM Conference on Computer and Communications Security, ACM: Alexandria, VA, USA, 2006; pp.89-98.

Digital Library

[29]

Dictionaries O. Context, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/context?searchDictCode=all" {Last Accessed: February, 2015}.

[30]

Al-Muhtadi J, Ranganathan A, Campbell R, Mickunas MD. Cerberus: a context-aware security scheme for smart spaces. Pervasive Computing and Communications, 2003.PERCOM 2003. Proceedings of the First IEEE International Conference on, IEEE: Fort Worth, Texas, USA, 2003; pp.489-496.

Digital Library

[31]

Dictionaries O. Content, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/content?searchDictCode=all\#content-2" {Last Accessed: February, 2015}.

[32]

di¿Vimercati SDC, Foresti S, Samarati P. 2008. Recent advances in access control. In Handbook of Database Security Springer: US; pp.1-26.

[33]

di¿Vimercati SDC, Samarati P, Jajodia S. 2005. Policies, models, and languages for access control. In Databases in Networked Information Systems Springer: Aizu-Wakamatsu, Japan; pp.225-237.

Digital Library

[34]

Dictionaries O. One-time, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/one-time?searchDictCode=all" {Last Accessed: February, 2015}.

[35]

Park J, Sandhu R. The ucon abc usage control model. ACM Transactions on Information and System Security TISSEC 2004; Volume 7 Issue 1: pp.128-174.

Digital Library

[36]

Dictionaries O. Centric, 2015. Availeble from: "http://www.oxforddictionaries.com/definition/english/centric?searchDictCode=all" {Last Accessed: February, 2015}.

[37]

Dictionaries O. Central, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/central?searchDictCode=all" {Last Accessed: February, 2015}.

[38]

Dictionaries O. Identify, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/identify" {Last Accessed: February, 2015}.

[39]

Dictionaries O. Factor, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/factor" {Last Accessed: February, 2015}.

[40]

Dictionaries O. Flexible, 2015. Available form: "http://www.oxforddictionaries.com/definition/english/flexible" {Last Accessed: February, 2015}.

[41]

Covington MJ, Sastry MR. A contextual attribute-based access control model. On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, Springer: Montpellier, France, 2006; pp.1996-2006.

Digital Library

[42]

Shafiq B, Samuel A, Ghafoor H. A gtrbac based system for dynamic workflow composition and management. Object-Oriented Real-Time Distributed Computing, 2005. ISORC 2005. Eighth IEEE International Symposium on, IEEE: Seattle, WA, USA, 2005; pp.284-290.

Digital Library

[43]

Hansen F, Oleshchuk V. Srbac: a spatial role-based access control model for mobile systems. Proceedings of the 7th Nordic Workshop on Secure it Systems NORDSEC03, Citeseer: Gjovik, Norway, 2003; pp.129-141.

[44]

Byun JW, Li N. Purpose based access control for privacy protection in relational database systems. The VLDB Journal 2008; Volume 17 Issue 4: pp.603-619.

Digital Library

[45]

Byun JW, Bertino E, Li N. Purpose based access control of complex data for privacy protection. Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, ACM: Stockholm, Sweden, 2005; pp.102-110.

Digital Library

[46]

Gupta SK, Mukherjee T, Venkatasubramanian K. Criticality aware access control model for pervasive applications. Pervasive Computing and Communications, 2006. PerCom 2006. Fourth Annual IEEE International Conference on, IEEE: Pisa - Italy, 2006; pp.5-pp.

Digital Library

[47]

Zhang G, Parashar M. Context-aware dynamic access control for pervasive applications. Proceedings of the Communication Networks and Distributed Systems Modeling and Simulation Conference: San Diego, California, USA, 2004; pp.21-30.

[48]

Kulkarni D, Tripathi A. Context-aware role-based access control in pervasive computing systems. Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, ACM: Colorado, USA, 2008; pp.113-122.

Digital Library

[49]

Ray I, Toahchoodee M. 2007. A spatio-temporal role-based access control model. In Data and Applications Security xxi Springer: Redondo Beach, CA, USA; pp.211-226.

Digital Library

[50]

Damiani ML, Bertino E, Catania B, Perlasca P. Geo-rbac: a spatially aware rbac. ACM Transactions on Information and System Security TISSEC 2007; Volume 10 Issue 1: pp.2.

Digital Library

[51]

Emami SS, Amini M, Zokaei S. A context-aware access control model for pervasive computing environments. Intelligent Pervasive Computing, 2007. IPC. the 2007 International Conference on, IEEE: Jeju Island, Korea, 2007; pp.51-56.

Digital Library

[52]

Haibo S, Fan H. A context-aware role-based access control model for web services. E-Business Engineering, 2005. ICEBE 2005. IEEE International Conference on, IEEE: Beijing, China, 2005; pp.220-223.

Digital Library

[53]

Zhang G, Parashar M. Dynamic context-aware access control for grid applications. Proceedings of the Fourth International Workshop on Grid Computing, 2003, IEEE: Phoenix, AZ, USA, 2003; pp.101-108.

Digital Library

[54]

Covington MJ, Fogla P, Zhan Z, Ahamad M. A context-aware security architecture for emerging applications. Computer Security Applications Conference, 2002. Proceedings. 18th Annual, IEEE: Las Vegas, NV, USA, 2002; pp.249-258.

Digital Library

[55]

Toahchoodee M, Ray I, Anastasakis K, Georg G, Bordbar B. Ensuring spatio-temporal access control for real-world applications. Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, ACM: Stresa, Italy, 2009; pp.13-22.

Digital Library

[56]

Ray I, Toahchoodee M. 2008. A spatio-temporal access control model supporting delegation for pervasive computing applications. In Trust, Privacy and Security in Digital Business Springer: Turin, Italy; pp.48-58.

Digital Library

[57]

Kim YG, Mon CJ, Jeong D, Lee JO, Song CY, Baik DK. 2005. Context-aware access control mechanism for ubiquitous applications. In Advances in Web Intelligence Springer: Lodz, Poland; pp.236-242.

Digital Library

[58]

Bertino E, Bonatti PA, Ferrari E. TRBAC: A temporal role-based access control model. ACM Transactions on Information and System Security TISSEC 2001; Volume 4 Issue 3: pp.191-233.

Digital Library

[59]

Thomas RK. Team-based access control TMAC: a primitive for applying role-based access controls in collaborative environments. Proceedings of the Second ACM Workshop on Role-Based Access Control, ACM: Virginia, USA, 1997; pp.13-19.

Digital Library

[60]

Wang W. Team-and-role-based organizational context and access control for cooperative hypermedia environments. Proceedings of the Tenth ACM Conference on Hypertext and Hypermedia: Returning to our Diverse Roots: Returning to our Diverse Roots, ACM: Darmstadt, Germany, 1999; pp.37-46.

Digital Library

[61]

Hu VC, Ferraiolo D, Kuhn R, Schnitzer A, Sandlin K, Miller R, Scarfone K. Guide to attribute based access control ABAC definition and considerations. NIST Special Publication 2014; Volume 800: pp.162.

[62]

Sandhu RS, Coyne EJ, Feinstein HL, Youman CE. Role-based access control models. Computer 1996; Volume 29 Issue 2: pp.38-47.

Digital Library

[63]

Covington MJ, Moyer MJ, Ahamad M. Generalized role-based access control for securing future applications, 2000.

[64]

Moyer MJ, Abamad M. Generalized role-based access control. 21st International Conference on Distributed Computing Systems, 2001, IEEE: Arizona, USA, 2001; pp.391-398.

Digital Library

[65]

Sandhu RS. Role-based access control. Advances in Computers 1998; Volume 46: pp.237-286.

[66]

Joshi JB, Bertino E, Latif U, Ghafoor A. A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering 2005; Volume 17 Issue 1: pp.4-23.

Digital Library

[67]

Sampemane G, Naldurg P, Campbell RH. Access control for active spaces. Proceedings of the 18th Annual Computer Security Applications Conference, 2002, IEEE: Las Vegas, NV, USA, 2002; pp.343-352.

Digital Library

[68]

Sandhu R. Rationale for the RBAC96 family of access control models. Proceedings of the First ACM Workshop on Role-Based Access Control, Gaithersburg, MD, ACM: Maryland, USA, 1995; pp.9.

Digital Library

[69]

Sandhu R. Rationale for the rbac96 family of access control models. Proceedings of the ACM RBAC97, ACM: Virginia, USA, 1997; pp.9.

Digital Library

[70]

INCITS ANSI. Incits 359-2004. role-based access control. American National Standard for Information Technology 2004: pp.2-10.

[71]

Chen F, Sandhu RS. Constraints for role-based access control. Proceedings of the First ACM Workshop on Role-Based Access Control, ACM: Maryland, USA, 1996; pp.14.

Digital Library

[72]

Dictionaries O. Attribute, 2015. Available from: "http://www.oxforddictionaries.com/definition/english/attribute?searchDictCode=all" {Last Accessed: February, 2015}.

[73]

Standard OASIS. extensible access control markup language xacml version 2.0, 2005.

[74]

Hu VC, Ferraiolo D, Kuhn R. et al. Guide to attribute based access control ABAC definition and considerations draft. NIST Special Publication 2013; Volume 800: pp.162.

[75]

Chandramouli R. A framework for multiple authorization types in a healthcare application system. Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual, IEEE: New Orleans, LA, USA, 2001; pp.137-148.

Digital Library

[76]

Park J, Sandhu R. Towards usage control models: beyond traditional access control. Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies, ACM: California, USA, 2002; pp.57-64.

Digital Library

[77]

Ray I, Kumar M, Yu L. 2006. LRBAC: a location-aware role-based access control model. In Information systems security Springer: Kolkata, India; pp.147-161.

Digital Library

[78]

Jin X, Krishnan R, Sandhu R. 2012. A unified attribute-based access control model covering DAC, MAC and RBAC. In Data and Applications Security and Privacy XXVI Springer: Paris, France; pp.41-55.

Digital Library

[79]

Anwar H, Shibli MA. Attribute based access control in dspace. Computing and Convergence Technology ICCCT, 2012 7th International Conference on, IEEE: Seoul, Korea South, 2012; pp.571-576.

[80]

Shehab M, Squicciarini A, Ahn GJ, Kokkinou I. Access control for online social networks third party applications. Computers & Security 2012; Volume 31 Issue 8: pp.897-911.

Digital Library

[81]

Ye C, Wu Z. Using SML and XACML to support attribute based delegation. Null, IEEE: Shanghai, China, 2005; pp.751-756.

Digital Library

[82]

Ahn GJ, Hu H, Lee J, Meng Y. Representing and reasoning about web access control policies. Computer Software and Applications Conference COMPSAC, 2010 IEEE 34th Annual, IEEE: Seoul, Korea South, 2010; pp.137-146.

Digital Library

[83]

Zhang X, Nakae M, Covington MJ, Sandhu R. Toward a usage-based security framework for collaborative computing systems. ACM Transactions on Information and System Security TISSEC 2008; Volume 11 Issue 1: pp.3.

Digital Library

[84]

Lin D, Rao P, Bertino E, Li N, Lobo J. Policy decomposition for collaborative access control. Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, ACM: Colorado, USA, 2008; pp.103-112.

Digital Library

[85]

Standard NIST. Attribute-based access control workshop, 2015. Avialable from: "http://www.nist.gov/itl/csd/attribute-based-access-control-worksho p-july-17-2013.cfm""http://www.nist.gov/itl/csd/attribute-based-access-control-worksho p-july-17-2013.cfm""http://www.nist.gov/itl/csd/attribute-based-access-control-worksho p-july-17-2013.cfm" {Last Accessed: June, 2016}.

[86]

Standard OASIS. Oasis eXtensible Access Control Markup Language, 2015. Available from: https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml {Last Accessed: June, 2016}.

[87]

Gartner. Gartner predicts 2014: identity and access management, 2016. Available from: "https://www.gartner.com/doc/2630035/predicts-identity-access-mana gement""https://www.gartner.com/doc/2630035/predicts-identity-access-mana gement""https://www.gartner.com/doc/2630035/predicts-identity-access-mana gement" Last Accessed: June, 2016.

[88]

Axiomatics. Axiomatics, 2015. Available from: "http://www.axiomatics.com/the-company.html" {Last Accessed: June, 2016}.

[89]

PingAccess. Pingaccess, 2016. Available from: "https://www.pingidentity.com/en/products/pingaccess.html" {Last Accessed: March, 2016}.

[90]

Management OA. Oracle access management, 2016. Available from: "http://www.oracle.com/us/products/middleware/identity-management/access-management/overview/index.html""http://www.oracle.com/us/products/middleware/identity-management/access-management/overview/index.html""http://www.oracle.com/us/products/middleware/identity-management/access-management/overview/index.html" {Last Accessed: March, 2016}.

[91]

iWelcome. iwelcome identity management, 2016. Available from: "https://www.iwelcome.com/identity-management/""https://www.iwelcome.com/identity-management/" {Last Accessed: March, 2016}.

[92]

ForgeRock. Forgerock identity platform, 2016. Available from: "https://www.forgerock.com/app/uploads/2015/ 10/FIP-AccessManagement-DataSheet-Letter.pdf" {Last Accessed: March, 2016}.

[93]

Covisint. Covisint, 2016. Available from: "http://www.covisint.com/solutions/identity-and-access-management""http://www.covisint.com/solutions/identity-and-access-management""http://www.covisint.com/solutions/identity-and-access-management" {Last Accessed: March, 2016}.

[94]

Systems J. Jericho systems, 2016. Availabble from: "https://www.jerichosystems.com/solutions/ABAC-use-cases.html""https://www.jerichosystems.com/solutions/ABAC-use-cases.html" {Last Accessed: March, 2016}.

[95]

ca technologies. ca technologies ., 2016. Available from: "http://www.ca.com/us/products/api-management/solutions/api-management-for-public-sector/xacml-access-control.aspx""http://www.ca.com/us/products/api-management/solutions/api-management-for-public-sector/xacml-access-control.aspx""http://www.ca.com/us/products/api-management/solutions/api-management-for-public-sector/xacml-access-control.aspx" {Last Accessed: March, 2016}.

[96]

DISA DefenseInformationSecurityAgency. Disa osabac, 2016. Available from: "http://www.disa.mil/ enterprise-services/identity-and-access-management/os-abac" {Last Accessed: March, 2016}.

[97]

Logic R. Radiant logic, 2016. Available from: "http://www.radiantlogic.com/learning-center/events/other-events/ best-breed-achieve-abac/" {Last Accessed: March, 2016}.

[98]

SailPoint. Sailpoint, 2016. Available from: https://www.sailpoint.com/news/sailpoint-and-axiomatics-partner-to-bring-identity-governance-to-attributeattribute {Last Accessed: March, 2016}.

[99]

Balana WSo2. Wso2 balana, 2016. Available from: "http://xacmlinfo.org/category/balana/" {Last Accessed: March, 2016}.

[100]

Avatier. Avatier, 2016. Available from: "http://www.avatier.com/products/identity-management/resources/ gartner-iam-2020-predictions/" {Last Accessed: March, 2016}.

[101]

EmpowerID. Empowerid, 2016. Available from: https://www.empowerid.com/products/authorizationservices {Last Accessed: March, 2016}.

[102]

Laboratory DeterLab:Cyber-DefenseTechnologyExperimentalResearch. Deterlab abac, 2016. Available from: "http://abac.deterlab.net/" {Last Accessed: March, 2016}.

Cited By

Alomari MKhan HKhan SAl-Maadid AAbu-Shawish ZHammami H(2021)Systematic Analysis of Artificial Intelligence-Based Platforms for Identifying Governance and Access ControlSecurity and Communication Networks10.1155/2021/86864692021Online publication date: 18-Dec-2021
https://dl.acm.org/doi/10.1155/2021/8686469
(2017)System security model based on trusted access control under cloud computing environmentInternational Journal of Internet Protocol Technology10.5555/3193295.319329910:4(236-242)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.5555/3193295.3193299

Towards Attribute-Centric Access Control: an ABAC versus RBAC argument
1. Security and privacy
  1. Security services
  2. Systems security

Recommendations

Classifying and Comparing Attribute-Based and Relationship-Based Access Control
CODASPY '17: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy

Attribute-based access control (ABAC) expresses authorization policy via attributes while relationship-based access control (ReBAC) does so via relationships. While ABAC concepts have been around for a long time, ReBAC is relatively recent emerging with ...
ABAC and RBAC: Scalable, Flexible, and Auditable Access Management

Is it possible to obtain the flexibility and advantages of attribute-based access control while maintaining role-based access control's advantages for analysis and risk control?
Samyukta: A Unified Access Control Model using Roles, Labels, and Attributes
Information Systems Security
Abstract
Access control is one of the key mechanisms used for protecting system resources. While each of the existing access control models has its own benefits, it is difficult to satisfy all the requirements of a contemporary system with a single model. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Security and Communication Networks

Security and Communication Networks Volume 9, Issue 16

November 2016

877 pages

ISSN:1939-0114

EISSN:1939-0122

Issue’s Table of Contents

Publisher

John Wiley & Sons, Inc.

United States

Publication History

Published: 10 November 2016

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 21 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Alomari MKhan HKhan SAl-Maadid AAbu-Shawish ZHammami H(2021)Systematic Analysis of Artificial Intelligence-Based Platforms for Identifying Governance and Access ControlSecurity and Communication Networks10.1155/2021/86864692021Online publication date: 18-Dec-2021
https://dl.acm.org/doi/10.1155/2021/8686469
(2017)System security model based on trusted access control under cloud computing environmentInternational Journal of Internet Protocol Technology10.5555/3193295.319329910:4(236-242)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.5555/3193295.3193299

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents