Using Attribute-Based Access Control to Enable Attribute-Based Messaging

Authors:
Rakesh Bobba;Omid Fatemieh;Fariba Khan;Carl A. Gunter;Himanshu Khurana
Affiliations:
University of Illinios Urbana-Champaign, USA;University of Illinois Urbana-Champaign, USA;University of Illinois Urbana-Champaign, USA;University of Illinois Urbana-Champaign, USA;University of Illinois Urbana-Champaign, USA
Venue:
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Year:
2006

Citing 0
Cited 12

A formal framework for reflective database access control policies

Proceedings of the 15th ACM conference on Computer and communications security
Safeguarding digital identity: the SPICI (Sharing Policy, Identity, and Control Information) approach to negotiating identity federation and sharing agreements

Proceedings of the 8th Symposium on Identity and Trust on the Internet
ABUSE: PKI for real-world email trust

EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
MyABDAC: compiling XACML policies for attribute-based database access control

Proceedings of the first ACM conference on Data and application security and privacy
Attribute-based signatures

CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
MundoMessage: enabling trustworthy ubiquitous emergency communication

Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
AMPol-Q: adaptive middleware policy to support qos

ICSOC'06 Proceedings of the 4th international conference on Service-Oriented Computing
Declarative secure distributed information systems

Computer Languages, Systems and Structures
InkTag: secure applications on an untrusted operating system

Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
How to use attribute-based encryption to implement role-based access control in the cloud

Proceedings of the 2013 international workshop on Security in cloud computing
A model for trust-based access control and delegation in mobile clouds

DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Attribute Based Messaging (ABM) enables message senders to dynamically create a list of recipients based on their attributes as inferred from an enterprise database. Such targeted messaging can reduce unnecessary communications and enhance privacy, but faces challenges in access control. In this paper we explore an approach to ABM based on deriving access control information from the same attribute database exploited by the addressing scheme. We show how to address three key challenges. First, we demonstrate a manageable access control system based on attributes. Second we show how this can be used with existing messaging systems to provide a practical deployment strategy. Third, we show that such a system can be efficient enough to support ABM for mid-size enterprises. Our implementation can dispatch ABM messages approved by XACML review for an enterprise of at least 60,000 users with only seconds of latency.