首页> 外文会议>International Symposium on Foundations and Practice of Security >HGABAC: Towards a Formal Model of Hierarchical Attribute-Based Access Control
【24h】

HGABAC: Towards a Formal Model of Hierarchical Attribute-Based Access Control

机译:HGABAC:迈向基于分层属性的访问控制的正式模型

获取原文

摘要

Attribute-based access control (ABAC) is a promising alternative to traditional models of access control (i.e. discretionary access control (DAC), mandatory access control (MAC) and role-based access control (RBAC)) that is drawing attention in both recent academic literature and industry application. However, formalization of a foundational model of ABAC and large scale adoption are still lacking. This paper seeks to aid in the transition by providing a formal model of hierarchical ABAC, called Hierarchical Group and Attribute-Based Access Control (or HGABAC), which includes attribute inheritance through user and object groups as well as environment, connection and administrative attributes. A formal specification and an attribute-based policy language are provided. Finally, several example configurations (which demonstrate the versatility of the model) are presented and evaluated.
机译:基于属性的访问控制(ABAC)是对传统的访问控制模型(即自由访问控制(DAC),强制性访问控制(MAC)和基于角色的访问控制(RBAC))的有前途的替代方案,这些访问控制近期学术文学和行业应用。然而,仍然缺乏ABAC和大规模采用的基本型号的形式化。本文旨在通过提供正式的分层ABAC模型,称为分层组和基于属性的访问控制(或HGABAC)来帮助转换,该类别包括通过用户和对象组以及环境,连接和管理属性的属性继承。提供了一个正式的规范和基于属性的策略语言。最后,提出和评估了几个示例配置(演示了模型的多功能性)。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号