Skip to main content
SpringerLink
Log in

Attributes Enhanced Role-Based Access Control Model

  • Conference paper
  • First Online:
Trust, Privacy and Security in Digital Business (TrustBus 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9264))

Included in the following conference series:

Abstract

Attribute-based access control (ABAC) and role-based access control (RBAC) are currently the two most popular access control models. Yet, they both have known limitations and offer features complimentary to each other. Due to this fact, integration of RBAC and ABAC has recently emerged as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Adam, N.R., Atluri, V., Bertino, E., Ferrari, E.: A content-based authorization model for digital libraries. IEEE Trans. Knowl. Data Eng. 14(2), 296–315 (2002)

    Article  Google Scholar 

  2. Bertino, E., Moustafa A.H., Walid A.G., Elmagarmid, A.K.: An access control model for video database systems. In: International Conference on Information and Knowledge Management, pp. 336–343. ACM (2000)

    Google Scholar 

  3. Best Practices in Enterprise Authorization: The RBAC/ABAC Hybrid Approach (EmpowerID). http://blog.empowerid.com/Portals/174819/docs/EmpowerID-WhitePaper-RBAC-ABAC-Hybrid-Model.pdf

  4. Covington, M.J., Long, W., Srinivasan, S., Dev, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: Symposium on Access Control Models and Technologies, pp. 10–20. ACM (2001)

    Google Scholar 

  5. Chae, J.H., Shiri, N.: Formalization of RBAC policy with object class hierarchy. In: Dawson, E., Wong, D.S. (eds.) ISPEC 2007. LNCS, vol. 4464, pp. 162–176. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  6. Covington, M.J., Sastry, M.R.: A contextual attribute-based access control model. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4278, pp. 1996–2006. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  7. Coyne, E., Weil, T.R.: ABAC and RBAC: scalable, flexible, and auditable access management. IT Prof. 15(3), 14–16 (2013)

    Article  Google Scholar 

  8. Fischer, J., Marino, D., Majumdar, R., Millstein, T.: Fine-grained access control with object-sensitive roles. In: Drossopoulou, S. (ed.) ECOOP 2009. LNCS, vol. 5653, pp. 173–194. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  9. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. (TISSEC) 4(3), 224–274 (2001)

    Article  Google Scholar 

  10. Giuri, L., Iglio, P.: Role templates for content-based access control. In: Workshop on Role-Based Access Control, pp. 153–159. ACM (1997)

    Google Scholar 

  11. Ge, M., Osborn, S.L.: A design for parameterized roles. In: Farkas, C., Samarati, P. (eds.) Data, Application Security and Privacy Conference. IFIP, vol. 144, pp. 251–264. Springer, Heidelberg (2004)

    Google Scholar 

  12. Huang, J., Nicol, D.M., Bobba, R., Huh, J.H.: A framework integrating attribute-based policies into RBAC. In: Symposium on Access Control Models and Technologies, pp. 187–196. ACM (2012)

    Google Scholar 

  13. Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 41–55. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  14. Jin, X., Sandhu, R., Krishnan, R.: RABAC: role-centric attribute-based access control. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 84–96. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  15. Kalam, A.A.E., Baida, R.E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C., Trouessin, G.: Organization based access control. In: 4th International Workshop on Policies for Distributed Systems and Networks. IEEE (2003)

    Google Scholar 

  16. Kuhn, D.R., Coyne, E.J., Weil, T.R.: Adding attributes to role-based access control. IEEE Comput. 43, 79–81 (2010)

    Article  Google Scholar 

  17. Kulkarni, D., Tripathi, A.: Context-aware role-based access control in pervasive computing systems. In: Symposium on Access Control Models and Technologies, pp. 113–122. ACM (2008)

    Google Scholar 

  18. Moyer, M.J., Abamad, M.: Generalized role-based access control. In: International Conference on Distributed Computing Systems, pp. 391–398. IEEE (2001)

    Google Scholar 

  19. O’Connor, A.C., Loomis, R.J.: Economic Analysis of Role-Based Access Control. NIST Report (2010)

    Google Scholar 

  20. Rajpoot, Q.M., Jensen, C.D., Krishnan, R.: Integrating attributes into role-based access control. In: Samarati, P. (ed.) DBSec 2015. LNCS, vol. 9149, pp. 242–249. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  21. Ray, I., Toahchoodee, M.: A spatio-temporal role-based access control model. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 211–226. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  22. Xu, Z., Stoller, S.D.: Mining attribute-based access control policies from RBAC policies. In: 10th International Conference and Expo on Emerging Technologies for a Smarter World (CEWIT), pp. 1–6. IEEE (2013)

    Google Scholar 

  23. Yuan, E., Tong, J.: Attributed Based Access Control (ABAC) for Web Services. In: International Conference on Web Services. IEEE (2005)

    Google Scholar 

Download references

Acknowledgments

The work of first two authors is supported by a grant from the Danish National Advanced Technology Foundation. The work of the third author is supported by a US National Science Foundation grant CNS-1423481.

Author information

Authors and Affiliations

  1. Department of Applied Mathematics and Computer Science, Technical University of Denmark, 2800, Kongens Lyngby, Denmark

    Qasim Mahmood Rajpoot & Christian Damsgaard Jensen

  2. Department of Electrical and Computer Engineering, University of Texas at San Antonio, San Antonio, USA

    Ram Krishnan

Authors
  1. Qasim Mahmood Rajpoot
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christian Damsgaard Jensen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ram Krishnan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qasim Mahmood Rajpoot .

Editor information

Editors and Affiliations

  1. Karlstad University, Karlstad, Sweden

    Simone Fischer-Hübner

  2. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  3. University of Malaga, Málaga, Spain

    Javier López

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Rajpoot, Q.M., Jensen, C.D., Krishnan, R. (2015). Attributes Enhanced Role-Based Access Control Model. In: Fischer-Hübner, S., Lambrinoudakis, C., López, J. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2015. Lecture Notes in Computer Science(), vol 9264. Springer, Cham. https://doi.org/10.1007/978-3-319-22906-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-22906-5_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-22905-8

  • Online ISBN: 978-3-319-22906-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation