A System for Centralized ABAC Policy Administration and Local ABAC Policy Decision and Enforcement in Host Systems using Access Control Lists

2020 ◽

Vol 29 (01n02) ◽

pp. 2040001

Author(s):

Yanfei Li ◽

Fan Deng

Keyword(s):

Access Control ◽

Policy Decision ◽

Experimental Results ◽

The Sun ◽

Evaluation Performance ◽

Évaluation Performance ◽

Aggregate Function ◽

Access Control Policies ◽

Policy Decision Point ◽

Rule Set

EXtensible Access Control Markup Language (XACML) is one of the standardized languages for specifying access control policies. Policies described by the XACML are used to express the security requirement in the network and information system when we study authorization access control. With the aim to improve the Policy Decision Point (PDP) evaluation performance, we put forward a Graph and Clustering-Based Framework, employing the aggregate function. First, we partition the rule set into subsets. For the single value, we select the best partition quantity based on the aggregate function. As for the interval value, we handle with the start point and the finish point, respectively, in the same way as single value. Second, the policy set is split according to the partition of rule set. In this way, not only single values, but also interval values are taken into consideration. After that, we explore the searching tree to obtain the possibly matched rules. Finally, we construct the combining tree and output the policy decision on the basis of it. The experimental results show that our approach is orders of magnitude better than the Sun PDP. A comparison in evaluation performance between the redundancy detecting and eliminating engine and the Sun PDP, as well as XEngine and SBA-XACML, is made. Experimental results show that the evaluation performance of the PDP can be prominently improved by eliminating redundancies.

Download Full-text

An Efficient Attribute-Based Access Control (ABAC) Policy Retrieval Method Based on Attribute and Value Levels in Multimedia Networks

Sensors ◽

10.3390/s20061741 ◽

2020 ◽

Vol 20 (6) ◽

pp. 1741 ◽

Cited By ~ 2

Author(s):

Meiping Liu ◽

Cheng Yang ◽

Hao Li ◽

Yana Zhang

Keyword(s):

Access Control ◽

Policy Evaluation ◽

Control Policy ◽

Policy Decision ◽

Multimedia Data ◽

Security And Privacy ◽

Multimedia Networks ◽

Access Control Policy ◽

Retrieval Method ◽

Attribute Based Access Control

Internet of Multimedia Things (IoMT) brings convenient and intelligent services while also bringing huge challenges to multimedia data security and privacy. Access control is used to protect the confidentiality and integrity of restricted resources. Attribute-Based Access Control (ABAC) implements fine-grained control of resources in an open heterogeneous IoMT environment. However, due to numerous users and policies in ABAC, access control policy evaluation is inefficient, which affects the quality of multimedia application services in the Internet of Things (IoT). This paper proposed an efficient policy retrieval method to improve the performance of access control policy evaluation in multimedia networks. First, retrieve policies that satisfy the request at the attribute level by computing based on the binary identifier. Then, at the attribute value level, the depth index was introduced to reconstruct the policy decision tree, thereby improving policy retrieval efficiency. This study carried out simulation experiments in terms of the different number of policies and different policy complexity situation. The results showed that the proposed method was three to five times more efficient in access control policy evaluation and had stronger scalability.

Download Full-text

A distributed access control method for wireless LANs in shadowing environments

Electronics and Communications in Japan (Part I Communications) ◽

10.1002/ecja.1037.abs ◽

2001 ◽

Vol 84 (9) ◽

pp. 16-26

Author(s):

Tadao Saito ◽

Hitoshi Aida ◽

Terumasa Aoki ◽

Soichiro Hidaka ◽

Tredej Toranawigtrai ◽

...

Keyword(s):

Access Control ◽

Control Method ◽

Wireless Lans ◽

Distributed Access Control

Download Full-text

EURRECAs Approach for Estimating Micronutrient Requirements

International Journal for Vitamin and Nutrition Research ◽

10.1024/0300-9831/a000071 ◽

2011 ◽

Vol 81 (4) ◽

pp. 256-263 ◽

Cited By ~ 22

Author(s):

Christophe Matthys ◽

Pieter van ‘t Veer ◽

Lisette de Groot ◽

Lee Hooper ◽

Adriënne E.J.M. Cavelaars ◽

...

Keyword(s):

Reference Values ◽

Policy Decision ◽

Individual Variability ◽

The Body ◽

Decision Makers ◽

Nutrient Requirements ◽

Factorial Approach ◽

Dietary Reference Values ◽

Health Policy Decision ◽

Quantitative Integration

In Europe, micronutrient dietary reference values have been established by (inter)national committees of experts and are used by public health policy decision-makers to monitor and assess the adequacy of diets within population groups. The approaches used to derive dietary reference values (including average requirements) vary considerably across countries, and so far no evidence-based reason has been identified for this variation. Nutrient requirements are traditionally based on the minimum amount of a nutrient needed by an individual to avoid deficiency, and is defined by the bodys physiological needs. Alternatively the requirement can be defined as the intake at which health is optimal, including the prevention of chronic diet-related diseases. Both approaches are confronted with many challenges (e. g., bioavailability, inter and intra-individual variability). EURRECA has derived a transparent approach for the quantitative integration of evidence on Intake-Status-Health associations and/or Factorial approach (including bioavailability) estimates. To facilitate the derivation of dietary reference values, EURopean micronutrient RECommendations Aligned (EURRECA) is developing a process flow chart to guide nutrient requirement-setting bodies through the process of setting dietary reference values, which aims to facilitate the scientific alignment of deriving these values.

Download Full-text