Skip to Main content Skip to Navigation
Conference papers

A Comparison of Logical-Formula and Enumerated Authorization Policy ABAC Models

Abstract : Logical formulas and enumeration are the two major ways for specifying authorization policies in Attribute Based Access Control (ABAC). While considerable research has been done for specifying logical-formula authorization policy ABAC, there has been less attention to enumerated authorization policy ABAC. This paper presents a finite attribute, finite domain ABAC model for enumerated authorization policies and investigates its relationship with logical-formula authorization policy ABAC models in the finite domain. We show that these models are equivalent in their theoretical expressive power. We also show that single and multi-attribute ABAC models are equally expressive.
Document type :
Conference papers
Complete list of metadata

Cited literature [19 references]  Display  Hide  Download

https://hal.inria.fr/hal-01633664
Contributor : Hal Ifip <>
Submitted on : Monday, November 13, 2017 - 11:45:46 AM
Last modification on : Monday, November 13, 2017 - 11:48:33 AM
Long-term archiving on: : Wednesday, February 14, 2018 - 1:38:06 PM

File

428203_1_En_9_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Prosunjit Biswas, Ravi Sandhu, Ram Krishnan. A Comparison of Logical-Formula and Enumerated Authorization Policy ABAC Models. 30th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2016, Trento, Italy. pp.122-129, ⟨10.1007/978-3-319-41483-6_9⟩. ⟨hal-01633664⟩

Share

Metrics

Record views

89

Files downloads

163