Practical performance of Bloom filters and parallel free-text searching
Communications of the ACM
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control Models
Computer
Summary cache: a scalable wide-area web cache sharing protocol
IEEE/ACM Transactions on Networking (TON)
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
IEEE/ACM Transactions on Networking (TON)
Access control with IBM Tivoli access manager
ACM Transactions on Information and System Security (TISSEC)
dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
A programming and problem-solving seminar
A programming and problem-solving seminar
The Bloomier filter: an efficient data structure for static support lookup tables
SODA '04 Proceedings of the fifteenth annual ACM-SIAM symposium on Discrete algorithms
Payload attribution via hierarchical bloom filters
Proceedings of the 11th ACM conference on Computer and communications security
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
An optimal Bloom filter replacement
SODA '05 Proceedings of the sixteenth annual ACM-SIAM symposium on Discrete algorithms
CPOL: high-performance policy evaluation
Proceedings of the 12th ACM conference on Computer and communications security
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Authorization recycling in RBAC systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Uniform Hashing in Constant Time and Optimal Space
SIAM Journal on Computing
Conflict classification and analysis of distributed firewall policies
IEEE Journal on Selected Areas in Communications
An empirical assessment of approaches to distributed enforcement in role-based access control (RBAC)
Proceedings of the first ACM conference on Data and application security and privacy
Authorization recycling in hierarchical RBAC systems
ACM Transactions on Information and System Security (TISSEC)
Risk-based security decisions under uncertainty
Proceedings of the second ACM conference on Data and Application Security and Privacy
| Hi-index | 0.00 |
We address the distributed setting for enforcement of a centralized Role-Based Access Control (RBAC) protection state. We present a new approach for time- and space-efficient access enforcement. Underlying our approach is a data structure that we call a cascade Bloom filter. We describe our approach, provide details about the cascade Bloom filter, its associated algorithms, soundness and completeness properties for those algorithms, and provide an empirical validation for distributed access enforcement of RBAC. We demonstrate that even in low-capability devices such as WiFi network access points, we can perform thousands of access checks in a second.