%0 Conference Proceedings
%T A Comparison of Logical-Formula and Enumerated Authorization Policy ABAC Models
%+ The University of Texas at San Antonio (UTSA)
%A Biswas, Prosunjit
%A Sandhu, Ravi
%A Krishnan, Ram
%Z Part 3: Access Control
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 30th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Trento, Italy
%Y Silvio Ranise
%Y Vipin Swarup
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXX
%V LNCS-9766
%P 122-129
%8 2016-07-18
%D 2016
%R 10.1007/978-3-319-41483-6_9
%Z Computer Science [cs]Conference papers
%X Logical formulas and enumeration are the two major ways for specifying authorization policies in Attribute Based Access Control (ABAC). While considerable research has been done for specifying logical-formula authorization policy ABAC, there has been less attention to enumerated authorization policy ABAC. This paper presents a finite attribute, finite domain ABAC model for enumerated authorization policies and investigates its relationship with logical-formula authorization policy ABAC models in the finite domain. We show that these models are equivalent in their theoretical expressive power. We also show that single and multi-attribute ABAC models are equally expressive.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01633664/document
%2 https://inria.hal.science/hal-01633664/file/428203_1_En_9_Chapter.pdf
%L hal-01633664
%U https://inria.hal.science/hal-01633664
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-9766