Conference Papers Year : 2016

A Comparison of Logical-Formula and Enumerated Authorization Policy ABAC Models

Prosunjit Biswas
  • Function : Author
  • PersonId : 1022653
UTSA - The University of Texas at San Antonio
Ravi Sandhu
  • Function : Author
  • PersonId : 978076
UTSA - The University of Texas at San Antonio
Ram Krishnan
  • Function : Author
  • PersonId : 1010017
UTSA - The University of Texas at San Antonio

Abstract

Logical formulas and enumeration are the two major ways for specifying authorization policies in Attribute Based Access Control (ABAC). While considerable research has been done for specifying logical-formula authorization policy ABAC, there has been less attention to enumerated authorization policy ABAC. This paper presents a finite attribute, finite domain ABAC model for enumerated authorization policies and investigates its relationship with logical-formula authorization policy ABAC models in the finite domain. We show that these models are equivalent in their theoretical expressive power. We also show that single and multi-attribute ABAC models are equally expressive.

Domains

Fichier principal
Vignette du fichier
428203_1_En_9_Chapter.pdf (358.15 Ko) Télécharger le fichier
Origin Files produced by the author(s)
licence
CC BY 4.0 - Attribution

Connect in order to contact the contributor

https://inria.hal.science/hal-01633664

Submitted on : Monday, November 13, 2017-11:45:46 AM

Last modification on : Monday, November 13, 2017-11:48:33 AM

Long-term archiving on : Wednesday, February 14, 2018-1:38:06 PM

Download

Dates and versions

hal-01633664 , version 1 (13-11-2017)

Licence

CC BY 4.0 - Attribution

Identifiers

Cite

Prosunjit Biswas, Ravi Sandhu, Ram Krishnan. A Comparison of Logical-Formula and Enumerated Authorization Policy ABAC Models. 30th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2016, Trento, Italy. pp.122-129, ⟨10.1007/978-3-319-41483-6_9⟩. ⟨hal-01633664⟩

Export

Collections

291 View
208 Download

Altmetric

Share

  • More