Negative Authorization by Implementing Negative Attributes in Attribute-Based Access Control Model for Internet of Medical Things

摘要

Access control plays an important role in protecting sensitive data of an organization, by employing a mechanism that grants or revokes access to the organizational resources. It is implemented with the help of different access control models either traditional or hybrid models. In this paper, we discuss DAC, MAC, RBAC and ABAC models briefly. In addition, we propose a hybrid model that is based on reverse authorization in ABAC model. The concept of negative attributes is implemented in ABAC model that directly restricts unauthorized users. Previously, several approaches to authorized users and their authority domain in ABAC model have been implemented in literature. Though, the proposed model is unique due to a different implementation of access control in the domain of Internet of Medical Things (IoMT). This work is also discussed with respect to an example scenario. In this way, the concept of negative attributes is elaborated for implementing the negative authorization in ABAC. The comparative analysis shows that this work can perform better in some scenarios by taking advantage of negative authorization.