%0 Conference Proceedings
%T Refresh Instead of Revoke Enhances Safety and Availability: A Formal Analysis
%+ The University of Texas at San Antonio (UTSA)
%A Shakarami, Mehrnoosh
%A Sandhu, Ravi
%Z Part 5: Distributed Systems
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 33th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Charleston, SC, United States
%Y Simon N. Foley
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXXIII
%V LNCS-11559
%P 301-313
%8 2019-07-15
%D 2019
%R 10.1007/978-3-030-22479-0_16
%K ABAC
%K Refresh
%K Consistency
%K Safety
%K Availability
%Z Computer Science [cs]Conference papers
%X Due to inherent delays and performance costs, the decision point in a distributed multi-authority Attribute-Based Access Control (ABAC) system is exposed to the risk of relying on outdated attribute values and policy; which is the safety and consistency problem. This paper formally characterizes three increasingly strong levels of consistency to restrict this exposure. Notably, we recognize the concept of refreshing attribute values rather than simply checking the revocation status, as in traditional approaches. Refresh replaces an older value with a newer one, while revoke simply invalidates the old value. Our lowest consistency level starts from the highest level in prior revocation-based work by Lee and Winslett (LW). Our two higher levels utilize the concept of request time which is absent in LW. For each of our levels we formally show that using refresh instead of revocation provides added safety and availability.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-02384596/document
%2 https://inria.hal.science/hal-02384596/file/480962_1_En_16_Chapter.pdf
%L hal-02384596
%U https://inria.hal.science/hal-02384596
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-11559