{"title":"基于属性的访问控制策略规范与分析综述","authors":"Dianxiang Xu, Yunpeng Zhang","doi":"10.1109/SERE-C.2014.21","DOIUrl":null,"url":null,"abstract":"Attribute-based access control (ABAC) is a new generation of access control techniques. It enables fine-grained access control by using various attributes of authorization elements, facilitates collaborative policy administration within a large enterprise or across multiple organizations, and allows for decoupling of access control policies from application logic. Nevertheless, ABAC-based systems can be very complex to manage. High expressiveness of ABAC specifications also increases the possibility of having defects. Therefore testing and verification are important for assuring that ABAC policies are specified and enforced correctly. This paper presents an overview of the existing work on specification, dynamic testing, and static verification of ABAC policies. It not only summarizes the up-to-date research progresses, but also provides an understanding about the limitations and open issues of the existing work. It is expected to serve as useful guidelines for future research.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Specification and Analysis of Attribute-Based Access Control Policies: An Overview\",\"authors\":\"Dianxiang Xu, Yunpeng Zhang\",\"doi\":\"10.1109/SERE-C.2014.21\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Attribute-based access control (ABAC) is a new generation of access control techniques. It enables fine-grained access control by using various attributes of authorization elements, facilitates collaborative policy administration within a large enterprise or across multiple organizations, and allows for decoupling of access control policies from application logic. Nevertheless, ABAC-based systems can be very complex to manage. High expressiveness of ABAC specifications also increases the possibility of having defects. Therefore testing and verification are important for assuring that ABAC policies are specified and enforced correctly. This paper presents an overview of the existing work on specification, dynamic testing, and static verification of ABAC policies. It not only summarizes the up-to-date research progresses, but also provides an understanding about the limitations and open issues of the existing work. It is expected to serve as useful guidelines for future research.\",\"PeriodicalId\":373062,\"journal\":{\"name\":\"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion\",\"volume\":\"37 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-06-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERE-C.2014.21\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2014.21","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Specification and Analysis of Attribute-Based Access Control Policies: An Overview
Attribute-based access control (ABAC) is a new generation of access control techniques. It enables fine-grained access control by using various attributes of authorization elements, facilitates collaborative policy administration within a large enterprise or across multiple organizations, and allows for decoupling of access control policies from application logic. Nevertheless, ABAC-based systems can be very complex to manage. High expressiveness of ABAC specifications also increases the possibility of having defects. Therefore testing and verification are important for assuring that ABAC policies are specified and enforced correctly. This paper presents an overview of the existing work on specification, dynamic testing, and static verification of ABAC policies. It not only summarizes the up-to-date research progresses, but also provides an understanding about the limitations and open issues of the existing work. It is expected to serve as useful guidelines for future research.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
