Skip to Main content Skip to Navigation
Conference papers

Enabling the Deployment of ABAC Policies in RBAC Systems

Abstract : The flexibility, portability and identity-less access control features of Attribute Based Access Control (ABAC) make it an attractive choice to be employed in many application domains. However, commercially viable methods for implementation of ABAC do not exist while a vast majority of organizations use Role Based Access Control (RBAC) systems. In this paper, we present a way in which organizations having a RBAC system can deploy an ABAC policy. Thus, we propose a method for the translation of an ABAC policy into a form that can be adopted by an RBAC system. We compare the cost of enforcement in ABAC and RBAC with respect to time taken to evaluate an access request, and experimentally demonstrate that RBAC is significantly better in this respect. Since the cost of security management is more expensive under RBAC when compared to ABAC, we present an analysis of the different management costs and present mitigation approaches by considering various administrative operations.
Document type :
Conference papers
Complete list of metadata

Cited literature [12 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, December 13, 2018 - 4:03:57 PM
Last modification on : Friday, August 9, 2019 - 3:24:27 PM
Long-term archiving on: : Thursday, March 14, 2019 - 3:07:02 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Gunjan Batra, Vijayalakshmi Atluri, Jaideep Vaidya, Shamik Sural. Enabling the Deployment of ABAC Policies in RBAC Systems. 32th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2018, Bergamo, Italy. pp.51-68, ⟨10.1007/978-3-319-95729-6_4⟩. ⟨hal-01954419⟩



Record views


Files downloads