On Attribute Retrieval in ABAC

Charles Morisset, Sowmya Ravidas, Nicola Zannone

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

4 Citations (Scopus)

Abstract

Despite the growing interest in Attribute-Based Access Control (ABAC) and the large amount of research devoted to the specification and evaluation of ABAC policies, to date only little work has addressed the issue of attribute management and retrieval. In many modern systems, the attributes needed for policy evaluation are often retrieved from external sources (e.g., sensors, access points). This poses concerns on the correctness of policy evaluation as the policy decision point can be provided with incorrect attribute values, which can potentially yield incorrect decisions. In this paper, we investigate the problem of selecting mechanisms for attribute retrieval and its relation with the accuracy of policy evaluation. We first introduce the notion of policy evaluation under error rate and use this notion to compute the evaluation accuracy of a policy. We formulate the Attribute Retrieval Mechanism Selection Problem (ARMSP) in terms of evaluation accuracy and show that ARMSP is exponential in the number of attribute values. To overcome this computation limitation, we investigate approaches to estimate the evaluation accuracy of a policy while maintaining the computation feasible.

Original languageEnglish
Title of host publicationFoundations and Practice of Security - 12th International Symposium, FPS 2019, Revised Selected Papers
EditorsAbdelmalek Benzekri, Romain Laborde, Michel Barbeau, Guang Gong, Joaquin Garcia-Alfaro
PublisherSpringer
Pages225-241
Number of pages17
ISBN (Print)9783030453701
DOIs
Publication statusPublished - 1 Jan 2020
Event12th International Symposium on Foundations and Practice of Security, FPS 2019 - Toulouse, France
Duration: 5 Nov 20197 Nov 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12056 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference12th International Symposium on Foundations and Practice of Security, FPS 2019
Country/TerritoryFrance
CityToulouse
Period5/11/197/11/19

Fingerprint

Dive into the research topics of 'On Attribute Retrieval in ABAC'. Together they form a unique fingerprint.

Cite this