TY - GEN
T1 - Supporting secure collaborations with attribute-based access control
AU - Rubio-Medrano, Carlos E.
AU - D'Souza, Clinton
AU - Ahn, Gail-Joon
PY - 2013
Y1 - 2013
N2 - Attribute-based access control (ABAC) has been regarded in recent years as an effective way for providing security guarantees in collaboration environments, due to its alleged flexibility and efficiency for meeting the access control requirements of heterogeneous organizations. Despite the growing interest in ABAC, there still need consensus on a reference model that comprehensively describes all necessary components and functions, in such a way non-trivial security properties can be effectively taken into account. In order to overcome this limitation, we propose an abstract model that includes a precise definition of attributes and relevant core components. In addition, we introduce the notion of security tokens that serve as a layer of association between attributes and access rights. We also validate our results by presenting both a case study and a comparison with existing approaches that have been previously proposed in the literature.
AB - Attribute-based access control (ABAC) has been regarded in recent years as an effective way for providing security guarantees in collaboration environments, due to its alleged flexibility and efficiency for meeting the access control requirements of heterogeneous organizations. Despite the growing interest in ABAC, there still need consensus on a reference model that comprehensively describes all necessary components and functions, in such a way non-trivial security properties can be effectively taken into account. In order to overcome this limitation, we propose an abstract model that includes a precise definition of attributes and relevant core components. In addition, we introduce the notion of security tokens that serve as a layer of association between attributes and access rights. We also validate our results by presenting both a case study and a comparison with existing approaches that have been previously proposed in the literature.
KW - access control
KW - attribute-based
KW - collaboration
UR - http://www.scopus.com/inward/record.url?scp=84893564264&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84893564264&partnerID=8YFLogxK
U2 - 10.4108/icst.collaboratecom.2013.254168
DO - 10.4108/icst.collaboratecom.2013.254168
M3 - Conference contribution
AN - SCOPUS:84893564264
SN - 9781936968923
T3 - Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013
SP - 525
EP - 530
BT - Proceedings of the 9th IEEE International Conference on Collaborative Computing
T2 - 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013
Y2 - 20 October 2013 through 23 October 2013
ER -