Conflict resolution of rules assigning values to virtual attributes
SIGMOD '89 Proceedings of the 1989 ACM SIGMOD international conference on Management of data
Role-Based Access Control Models
Computer
Managing conflicts between rules (extended abstract)
PODS '96 Proceedings of the fifteenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
A framework for implementing role-based access control using CORBA security service
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Conflict Detection and Resolution in Access Control Policy Specifications
FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
Induced role hierarchies with attribute-based RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
Formal access control analysis in the software development process
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
On handling conflicts between rules with numerical features
Proceedings of the 2006 ACM symposium on Applied computing
Attribute-based encryption for fine-grained access control of encrypted data
Proceedings of the 13th ACM conference on Computer and communications security
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
Detecting and resolving policy misconfigurations in access-control systems
Proceedings of the 13th ACM symposium on Access control models and technologies
A location aware role and attribute based access control system
Proceedings of the 16th ACM SIGSPATIAL international conference on Advances in geographic information systems
Hi-index | 0.00 |
Attribute based access control (ABAC) provides an intuitive way for security administrators to express conditions (associated with status of objects) in access control policies; however, during the design and development of an ABAC system, new problems concerning the consistency and security of the ABAC system may emerge. In this paper, we report on two specific ABAC problems denoted as the “future rule conflicts” problem and the “object overlapping” problem, which we have recently identified in developing the ABAC system for a large research laboratory. We use real world examples to illustrate the negative impact of these two problems and present two novel algorithms for the identification and prevention of these problems. We give the correctness proof for both algorithm and apply these algorithms to the attribute based laboratory control (ABLC) system and the results are also reported.