Service interruption on Monday 11 July from 12:30 to 13:00: all the sites of the CCSD (HAL, Epiciences, SciencesConf, AureHAL) will be inaccessible (network hardware connection).
Abstract : Recently, there has been considerable interest in attribute based access control (ABAC) to overcome the limitations of the dominant access control models (i.e, discretionary-DAC, mandatory-MAC and role based-RBAC) while unifying their advantages. Although some proposals for ABAC have been published, and even implemented and standardized, there is no consensus on precisely what is meant by ABAC or the required features of ABAC. There is no widely accepted ABAC model as there are for DAC, MAC and RBAC. This paper takes a step towards this end by constructing an ABAC model that has “just sufficient” features to be “easily and naturally” configured to do DAC, MAC and RBAC. For this purpose we understand DAC to mean owner-controlled access control lists, MAC to mean lattice-based access control with tranquility and RBAC to mean flat and hierarchical RBAC. Our central contribution is to take a first cut at establishing formal connections between the three successful classical models and desired ABAC models.
https://hal.inria.fr/hal-01534757 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Thursday, June 8, 2017 - 11:06:20 AM Last modification on : Thursday, June 8, 2017 - 11:09:28 AM Long-term archiving on: : Saturday, September 9, 2017 - 12:23:32 PM
Xin Jin, Ram Krishnan, Ravi Sandhu. A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.41-55, ⟨10.1007/978-3-642-31540-4_4⟩. ⟨hal-01534757⟩