On Attribute Retrieval in ABAC

Autor: Morisset, Charles, Ravidas, Sowmya, Zannone, Nicola, Benzekri, Abdelmalek, Laborde, Romain, Barbeau, Michel, Gong, Guang, Garcia-Alfaro, Joaquin
Přispěvatelé: Security, Data Protection
Rok vydání: 2020
Předmět:
Zdroj: Foundations and Practice of Security ISBN: 9783030453701
FPS
Foundations and Practice of Security-12th International Symposium, FPS 2019, Revised Selected Papers, 225-241
STARTPAGE=225;ENDPAGE=241;TITLE=Foundations and Practice of Security-12th International Symposium, FPS 2019, Revised Selected Papers
DOI: 10.1007/978-3-030-45371-8_14
Popis: Despite the growing interest in Attribute-Based Access Control (ABAC) and the large amount of research devoted to the specification and evaluation of ABAC policies, to date only little work has addressed the issue of attribute management and retrieval. In many modern systems, the attributes needed for policy evaluation are often retrieved from external sources (e.g., sensors, access points). This poses concerns on the correctness of policy evaluation as the policy decision point can be provided with incorrect attribute values, which can potentially yield incorrect decisions. In this paper, we investigate the problem of selecting mechanisms for attribute retrieval and its relation with the accuracy of policy evaluation. We first introduce the notion of policy evaluation under error rate and use this notion to compute the evaluation accuracy of a policy. We formulate the Attribute Retrieval Mechanism Selection Problem (ARMSP) in terms of evaluation accuracy and show that ARMSP is exponential in the number of attribute values. To overcome this computation limitation, we investigate approaches to estimate the evaluation accuracy of a policy while maintaining the computation feasible.
Databáze: OpenAIRE
Externí odkaz: