Abstract
Attribute-based access control (ABAC) and role-based access control (RBAC) are currently the two most popular access control models. Yet, they both have known limitations and offer features com-
plimentary to each other. Due to this fact, integration of RBAC and ABAC has recently emerged as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy.
plimentary to each other. Due to this fact, integration of RBAC and ABAC has recently emerged as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy.
Original language | English |
---|---|
Title of host publication | Proceedings of the 12th International Conference on Trust, Privacy and Security in Digital Business (TrustBus’15) |
Editors | Simone Fischer-Huebner, Costas Lambrinoudakis |
Publisher | Springer |
Publication date | 2015 |
Pages | 3-17 |
ISBN (Print) | 978-3-319-22905-8 |
ISBN (Electronic) | 978-3-319-22906-5 |
DOIs | |
Publication status | Published - 2015 |
Event | 12th International Conference on Trust, Privacy and Security in Digital Business (TrustBus’15) - Valencia, Spain Duration: 1 Sept 2015 → 2 Sept 2015 Conference number: 12 http://www.ds.unipi.gr/trustbus15/ |
Conference
Conference | 12th International Conference on Trust, Privacy and Security in Digital Business (TrustBus’15) |
---|---|
Number | 12 |
Country/Territory | Spain |
City | Valencia |
Period | 01/09/2015 → 02/09/2015 |
Internet address |
Series | Lecture Notes in Computer Science |
---|---|
Volume | 9264 |
ISSN | 0302-9743 |
Keywords
- Context-aware access control
- RBAC
- Attributes
- Content-based access control
- Role-permission explosion
- Role-explosion