The missing piece of the ABAC puzzle: a modeling scheme for dynamic analysis
Attribute-based access control (ABAC) has made its way into the mainstream of engineering secure IT systems. At the same time, ABAC models are still lagging behind well-understood, yet more basic access control models in terms of dynamic analyzability. This has led to a plethora of methods, language...
Gespeichert in:
| Veröffentlicht in: | SECRYPT (18. : 2021 : Online) SECRYPT 2021 |
|---|---|
| 1. Verfasser: | |
| Weitere Verfasser: | |
| Pages: | 2021 |
| Format: | UnknownFormat |
| Sprache: | eng |
| Veröffentlicht: |
2021
|
| Schlagworte: | |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Tag hinzufügen | Zusammenfassung: | Attribute-based access control (ABAC) has made its way into the mainstream of engineering secure IT systems. At the same time, ABAC models are still lagging behind well-understood, yet more basic access control models in terms of dynamic analyzability. This has led to a plethora of methods, languages, and tools for designing and integrating ABAC policies, but only few to formally reason about them in the process. We present DABAC, a modeling scheme to pick up that missing piece and put it right into its place in the security engineering workflow. Based on an automaton calculus, we demonstrate how DABAC can be leveraged as a holistic formal basis for engineering ABAC models, analyzing their dynamic properties, and providing a functional specification for their implementation. This sets the stage for comprehensive tool support in building future ABAC systems. |
|---|---|
| ISBN: | 9789897585241 |