{"title":"一种基于属性的约束规范语言","authors":"K. Bijon, R. Krishnan, R. Sandhu","doi":"10.1109/SocialCom.2013.23","DOIUrl":null,"url":null,"abstract":"Recently, attribute based access control (ABAC) has received considerable attention from the security community for its policy flexibility and dynamic decision making capabilities. In ABAC, authorization decisions are based on various attributes of entities involved in the access (e.g., users, subjects, objects, context, etc.). In an ABAC system, correct attribute assignment to different entities is necessary for ensuring appropriate access. Although considerable research has been conducted on ABAC, so far constraints specification on attribute assignment to entities has not been systematically studied in the literature. In this paper, we propose an attribute-based constraints specification language(ABCL) for expressing a variety of constraints on values that different attributes of various entities in the system can take. ABCL can be used to specify constraints on a single attribute or across multiple attributes of a particular entity. Furthermore, constraints on attributes assignment across multiple entities (e.g., attributes of different users) can also be specified. Finally, we demonstrate the usefulness of ABCL in practical usage scenarios including banking domains.","PeriodicalId":129308,"journal":{"name":"2013 International Conference on Social Computing","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":"{\"title\":\"Towards an Attribute Based Constraints Specification Language\",\"authors\":\"K. Bijon, R. Krishnan, R. Sandhu\",\"doi\":\"10.1109/SocialCom.2013.23\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, attribute based access control (ABAC) has received considerable attention from the security community for its policy flexibility and dynamic decision making capabilities. In ABAC, authorization decisions are based on various attributes of entities involved in the access (e.g., users, subjects, objects, context, etc.). In an ABAC system, correct attribute assignment to different entities is necessary for ensuring appropriate access. Although considerable research has been conducted on ABAC, so far constraints specification on attribute assignment to entities has not been systematically studied in the literature. In this paper, we propose an attribute-based constraints specification language(ABCL) for expressing a variety of constraints on values that different attributes of various entities in the system can take. ABCL can be used to specify constraints on a single attribute or across multiple attributes of a particular entity. Furthermore, constraints on attributes assignment across multiple entities (e.g., attributes of different users) can also be specified. Finally, we demonstrate the usefulness of ABCL in practical usage scenarios including banking domains.\",\"PeriodicalId\":129308,\"journal\":{\"name\":\"2013 International Conference on Social Computing\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"32\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Social Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SocialCom.2013.23\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Social Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SocialCom.2013.23","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards an Attribute Based Constraints Specification Language
Recently, attribute based access control (ABAC) has received considerable attention from the security community for its policy flexibility and dynamic decision making capabilities. In ABAC, authorization decisions are based on various attributes of entities involved in the access (e.g., users, subjects, objects, context, etc.). In an ABAC system, correct attribute assignment to different entities is necessary for ensuring appropriate access. Although considerable research has been conducted on ABAC, so far constraints specification on attribute assignment to entities has not been systematically studied in the literature. In this paper, we propose an attribute-based constraints specification language(ABCL) for expressing a variety of constraints on values that different attributes of various entities in the system can take. ABCL can be used to specify constraints on a single attribute or across multiple attributes of a particular entity. Furthermore, constraints on attributes assignment across multiple entities (e.g., attributes of different users) can also be specified. Finally, we demonstrate the usefulness of ABCL in practical usage scenarios including banking domains.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
