Position paper: Towards a moving target defense approach for attribute-based access control

Carlos E. Rubio-Medrano, Josephine Lamp, Marthony Taguinod, Adam Doupe, Ziming Zhao, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In recent years, attribute-based access control has been recognized as a convenient way to specify access mediation policies that leverage attributes originating from different security domains, e.g., independently-run organizations or supporting platforms. However, this new paradigm, while allowing for enhanced flexibility and convenience, may also open the door to new kinds of attacks based on forging or impersonating attributes, thus potentially allowing for attackers to gain unintended access to protected resources. In order to alleviate this problem, we present an ongoing effort based on moving target defense, an emerging technique for proactively providing security measurements: we aim to analyze attribute-based data obtained at runtime in order to dynamically change policy configurations over time. We present our approach by leveraging a case study based in electronic health records, another trending methodology widely used in practice for mediating access to sensitive healthcare information in mission-critical applications.

Original languageEnglish (US)
Title of host publicationABAC 2016 - Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control, co-located with CODASPY 2016
PublisherAssociation for Computing Machinery, Inc
Pages68-71
Number of pages4
ISBN (Electronic)9781450340793
DOIs
StatePublished - Mar 11 2016
Event2016 ACM International Workshop on Attribute Based Access Control, ABAC 2016 - New Orleans, United States
Duration: Mar 11 2016 → …

Publication series

NameABAC 2016 - Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control, co-located with CODASPY 2016

Conference

Conference2016 ACM International Workshop on Attribute Based Access Control, ABAC 2016
CountryUnited States
CityNew Orleans
Period3/11/16 → …

Keywords

  • Attribute-based Access Control
  • Electronic Health Records
  • Moving Target Defense
  • Policy Mutation

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems
  • Software

Fingerprint Dive into the research topics of 'Position paper: Towards a moving target defense approach for attribute-based access control'. Together they form a unique fingerprint.

Cite this