Towards Attribute-Based Access Control Policy Engineering Using Risk

2014 ◽  
pp. 80-90 ◽  
Author(s):  
Leanid Krautsevich ◽  
Aliaksandr Lazouski ◽  
Fabio Martinelli ◽  
Artsiom Yautsiukhin
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Access Control Policy ◽  
Attribute Based Access Control

scholarly journals Eksplorasi ABAC dan XACML untuk Design Access Control pada Resource Digital

2019 ◽  
Vol 6 (5) ◽  
pp. 535
Author(s):  
Fauzan Natsir ◽  
Imam Riadi ◽  
Yudi Prayudi
Keyword(s):  
Access Control ◽  
System Analysis ◽  
Policy Design ◽  
Control Policy ◽  
Control Model ◽  
Policy Statement ◽  
Access Control Policy ◽  
Access Control Model ◽  
Digital Resources ◽  
Attribute Based Access Control

<p class="Abstrak"><em>Resource digital </em>memerlukan sebuah mekanisme untuk mengatur<em> policy </em>terhadap kontrol untuk mendapatkan hak<em> </em>akes ke dalam suatu sistem. Akses kontrol lebih fleksibel dibanding dengan pendekatan otorisasi, autentikasi ataupun verifikasi yang sangat sederhana. Mekanisme <em>access control policy</em> dengan pendekatan atribut diyakini sebagai solusi adaptif yaitu ABAC (<em>Attribute Based Access Control</em>) dengan implementasi model XACML (<em>Extensible Access Control Modelling Language</em>). Desain <em>policy</em> ABAC ini disajikan dengan atribut-atribut dari salah satu studi kasus <em>resource digital</em> dengan sistem <em>e-Library</em>. <em>e-Library</em> merupakan salah satu resource digital dimana proses autentikasinya belum dimodelkan dengan atrubut subjek yang ada. Penelitian ini diawali dari identifikasi atribut dari <em>rule</em>, pemodelan ABAC<em> resource digital</em>, implementasi XACML, simulasi sistem dan analisis sistem. Hasil dari<em> </em>pengujian akses kontrol menggunakan <em>ALFA (Axiomatics Language for Authorization)</em> untuk pemberian kinerja akses kontrol terhadap <em>resource digital</em>. Hasil analisis dengan pendekatan ABAC dengan model XACML ini menyajikan suatu keamanan sistem dengan model akses kontrol berbasis atribut dari <em>policy statement</em> untuk menjadi solusi model akses kontrol yang dibuat sebelumnya dan mendukung model akses kontrol yang relevan untuk <em>resource digital</em></p><p class="Abstrak"><em><br /></em></p><p class="Abstrak"><strong><em>Abstract</em></strong></p><p class="Judul2"><em>Digital resources require a mechanism to regulate policy against controls to get access rights to a system. Access control is more flexible than the very simple approach of authorization, authentication or verification. The access control policy with the attribute approach is believed to be an adaptive solution, namely ABAC (Attribute Based Access Control) with the implementation of the XACML (Extensible Access Control Modeling Language) model. This ABAC policy design is presented with attributes from one of the digital resource case studies with the e-Library system. e-Library is one of the digital resources where the authentication process has not been modeled with the existing subject matter. This study begins with the identification of the attributes of the rule, digital ABAC resource modeling, XACML implementation, system simulation and system analysis. The results of testing access control using ALFA (Axiomatics Language for Authorization) to provide performance control access to digital resources. The results of the analysis using the ABAC approach with the XACML model present a system security with attribute-based access control models from policy statements to be a solution to the previously created access control model and support the access control model relevant for digital resources</em><em></em></p><p class="Abstrak"><strong><em><br /></em></strong></p>

Attribute-Tree Based Hierarchical Hidden Credential Model

2012 ◽  
Vol 546-547 ◽  
pp. 604-611
Author(s):  
Wei Jin Ge ◽  
Xiao Hui Hu
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Tree Structure ◽  
Sensitive Information ◽  
Access Control Policy ◽  
Attribute Model ◽  
Identity Based ◽  
Attribute Based Access Control ◽  
Load Network ◽  
Access Policies

Hidden credentials are useful in situations where requests for service, credentials, access policies and resources are extremely sensitive. Current research related to hidden credentials has the shortage that the attribute model cannot provide the complex description. This paper presents a hierarchical hidden credential model which combines the attribute tree structure and the hierarchical identity-based encryption. Attribute tree structure is given that is used to organize sensitive information and the hierarchical hidden credential model is applied to carry and transport credentials, sensitive access control policy, and private resource and so on. This model expands the attribute from a simple atom one to an attribute tree. After the evaluation, it is proven that this model overcomes the shortcomings such as high-load network communication, too many credential exchanges which was caused by attribute-based access control policy. The usability and expansibility of hidden credentials were improved also.

scholarly journals Multi-attribute-Based Access Control Policy for Supply Chain Data Service

2018 ◽  
Vol 27 (6) ◽  
pp. 1283-1290
Author(s):  
Junwei Zou ◽  
Jiewei Lan ◽  
Xiaoke Wang ◽  
Hong Luo
Keyword(s):  
Supply Chain ◽  
Access Control ◽  
Control Policy ◽  
Data Service ◽  
Access Control Policy ◽  
Attribute Based Access Control

scholarly journals An Efficient Attribute-Based Access Control (ABAC) Policy Retrieval Method Based on Attribute and Value Levels in Multimedia Networks

Sensors ◽  
2020 ◽  
Vol 20 (6) ◽  
pp. 1741 ◽  
Author(s):  
Meiping Liu ◽  
Cheng Yang ◽  
Hao Li ◽  
Yana Zhang
Keyword(s):  
Access Control ◽  
Policy Evaluation ◽  
Control Policy ◽  
Policy Decision ◽  
Multimedia Data ◽  
Security And Privacy ◽  
Multimedia Networks ◽  
Access Control Policy ◽  
Retrieval Method ◽  
Attribute Based Access Control

Internet of Multimedia Things (IoMT) brings convenient and intelligent services while also bringing huge challenges to multimedia data security and privacy. Access control is used to protect the confidentiality and integrity of restricted resources. Attribute-Based Access Control (ABAC) implements fine-grained control of resources in an open heterogeneous IoMT environment. However, due to numerous users and policies in ABAC, access control policy evaluation is inefficient, which affects the quality of multimedia application services in the Internet of Things (IoT). This paper proposed an efficient policy retrieval method to improve the performance of access control policy evaluation in multimedia networks. First, retrieve policies that satisfy the request at the attribute level by computing based on the binary identifier. Then, at the attribute value level, the depth index was introduced to reconstruct the policy decision tree, thereby improving policy retrieval efficiency. This study carried out simulation experiments in terms of the different number of policies and different policy complexity situation. The results showed that the proposed method was three to five times more efficient in access control policy evaluation and had stronger scalability.

scholarly journals TRUST- BASED MODELING MAC-TYPE ACCESS CONTROL THROUGH ACCESS AND ACTIONS CONTROL POLICIES

2021 ◽  
Vol XXVIII (2) ◽  
pp. 67-78
Author(s):  
Marcel Danilescu ◽  
◽  
Victor Besliu ◽  
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Business Environment ◽  
Role Based Access Control ◽  
Access Control Policy ◽  
Discretionary Access Control ◽  
Mandatory Access Control ◽  
Attribute Based Access Control ◽  
Role Based ◽  
Control Modeling

In recent decades, the number of researches on access control and user actions in computer systems has increased. Over time, there have been two models of implementing Mandatory Access Control (MAC) policies for government institutions and Discretionary Access Control (DAC) for the business environment, policies that various access control modeling solutions seek to implement. Among the access control modeling solutions developed are Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC), presented in the U.S.A. by the National Institute of Standard and Technology (NIST). In Romania, in 2010, the access control solution based on trust was presented. This paper presents Mandatory Access Control policy modeling using the trust-based access and actions control modeling solution.

scholarly journals KONSEP ATTRIBUTE BASED ACCESS CONTROL (ABAC) PADA LEMARI PENYIMPANAN BUKTI DIGITAL (LPBD)

2018 ◽  
Vol 11 (1) ◽  
pp. 85-94
Author(s):  
Moh Fadly Panende ◽  
Imam Riadi ◽  
Yudi Prayudi
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Control Model ◽  
Digital Evidence ◽  
Access Control Policy ◽  
Access Control Model ◽  
Control Approach ◽  
Policy Model ◽  
Attribute Based Access Control ◽  
Good Access

Abstract An important factor of the investigation into cybercrime cases is the case relating to the evidence found. Electronic evidence and digital evidence found in criminal cases should be maintained from the outset, to be held accountable for justice. Sistem digital evidence storage cabinets (LPBD) is one solution to overcome the management of digital evidence is based on digital evidence cabinet (DEC), only the system is not equipped with a good access control model. The LPBD system needs to be built not only on the issue of digital evidence management, but other important components in the digital proof storage cabinet itself, access arrangements, so that the scheme or the design of access control policies on LPBD is very important. The access controls used on previous LPBDs are only done by authentication mechanisms and User authorization mechanisms, no other more complex parameters to support requests made on LPBD systems. In the absence of a good access control model design scheme for LPBD, it is necessary to design an access control policy model using the attribute-based access control approach (ABAC) because ABAC is a more flexible access control model in the application of attributes to users , and the. XACML hierarchy can support control requirements access used in digital evidence storage cabinets (LPBD).  ABSTRAK Faktor penting dalam proses investigasi sebuah kasus cybercrime yaitu hal yang terkait dengan barang bukti yang ditemukan. Bukti elektronik maupun bukti digital yang ditemukan dalam sebuah kasus kejahatan harus tetap terjaga keasliannya, untuk dapat dipertanggung jawabkan dipengadilan. Sistem lemari penyimpanan bukti digital (LPBD) menjadi salah satu solusi untuk permasalahan manajemen bukti digital ini yang berdasar pada digital evidence cabinet (DEC), hanya saja sistem tersebut belum dilengkapi dengan model access control yang baik. Sistem LPBD seharusnya dibuat tidak hanya berdasar pada permasalahan-permasalahan tentang manajemen bukti digital saja, akan tetapi komponen-komponen penting lainnya dalam lemari penyimpanan bukti digital itu sendiri yaitu pengaturan aksesnya, sehingga skema atau desain access control policy terhadap LPBD menjadi sangat penting. Access control yang gunakan terhadap LPBD sebelumnya dibuat hanya dengan mekanisme authefikasi dan authorisasi user saja, tidak adanya parameter lain yang lebih kompleks untuk mendukung  sebuah request yang dilakukan pada sistem LPBD. Mengingat belum adanya skema rancangan model access control yang baik pada LPBD ini, maka perlu dilakukan perancangan model access control policy menggunakan pendekatan attribute based access control (ABAC) karena ABAC merupakan model access control yang lebih fleksibel dalam penerapan attribute terhadap user, dan hierarchy XACML yang dapat mendukung kebutuhan-kebutuhan access control yang digunakan pada lemari penyimpanan bukti digital (LPBD).How To Cite : Panende, M.F, Prayudi, Y. Riadi, I. (2018). KONSEP ATTRIBUTE BASED ACCESS CONTROL (ABAC) PADA LEMARI PENYIMPANAN BUKTI DIGITAL (LPBD). Jurnal Teknik Informatika, 11(1), 85-94.  doi 10.15408/jti.v11i1.7220 Permalink/DOI: http://dx.doi.org/10.15408/jti.v11i1.7220 

Sign in / Sign up

Export Citation Format

Share Document