The authorization leap from rights to attributes: maturation or chaos?

Abstract

The ongoing authorization leap from rights to attributes offers numerous compelling benefits. Decisions about user, subject, object and context attributes can be made relatively independently and with suitable decentralization appropriate for each attribute. Policies can be formulated by security architects to translate from attributes to rights. Dynamic elements can be built into these policies so the outcomes of access control decisions automatically adapt to changing local and global circumstances. On the benefits side this leap is a maturation of authorization matching the needs of emerging cyber technologies and systems. On the risks side devolving attribute management may lead to attributes of questionable provenance and value, with attendant possibility of new channels for social engineering and malware attacks. We argue that the potential benefits will lead to pervasive deployment of attribute-based access control (ABAC), and more generally attribute-based security. The cyber security research community has a responsibility to develop models, theories and systems which enable safe and chaos-free deployment of ABAC. This is the current grand challenge for access control researchers.