Skip to main content
SpringerLink
Log in

A Study on Current Research and Challenges in Attribute-based Access Control Model

  • Conference paper
  • First Online:
Intelligent Data Communication Technologies and Internet of Things

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 101))

Abstract

Access control models are used to identify and detect anonymous users or attacks when sharing big data or other resources in the distributed environment such as cloud, edge, and fog computing. The attribute-based access control model (ABAC) is a promising model used in intrusion detection systems. Comparing with the primary access control models: discretionary access control model (DAC), mandatory access control model (MAC), and role-based access control model, ABAC gets attention in the current research due to its flexibility, efficiency, and granularity. Despite ABAC is performing well in addressing the security requirements of today’s computing technologies, there are open challenges such as policy errors, scalability, delegations, and policy representation with heterogeneous datasets. This paper presents the fundamental concepts of ABAC and a review of current research works toward framing efficient ABAC models. This paper identifies and discusses the current challenges in ABAC based on the study and analysis of the surveyed works.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 219.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 279.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 279.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kumar A, Maurya HC, Misra R (2013) A research paper on hybrid intrusion detection system.Int J Eng Adv Technol 2(4):294–297

    Google Scholar 

  2. Khraisat A, Gondal I, Vamplew P, Kamruzzaman J (2019) Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1). https://doi.org/10.1186/s42400-019-0038-7

  3. Hydro C et al (2013) We are IntechOpen, the world ’ s leading publisher of Open Access books Built by scientists, for scientists TOP 1 %. INTECH 32(July):137–144

    Google Scholar 

  4. Liang C et al (2020) Intrusion detection system for the internet of things based on blockchain and multi-agent systems. Electrononics 9(7):1–27. https://doi.org/10.3390/electronics9071120

    Article  Google Scholar 

  5. Varal AS, Wagh SK (2018) Misuse and anomaly intrusion detection system using ensemble learning model. In: International conference on recent innovations in electrical, electronics & communication engineering ICRIEECE 2018, pp. 1722–1727. https://doi.org/10.1109/ICRIEECE44171.2018.9009147

  6. Qi H, Di X, Li J (2018) Formal definition and analysis of access control model based on role and attribute. J Inf Secur Appl 43:53–60. https://doi.org/10.1016/j.jisa.2018.09.001

  7. Suhendra V (2011) A survey on access control deployment. In: Communication in computer and information science, vol 259 CCIS, pp 11–20. https://doi.org/10.1007/978-3-642-27189-2_2

  8. Sahafizadeh E (2010) Survey on access control models, pp 1–3

    Google Scholar 

  9. Conrad E, Misenar S, Feldman J (2016) Domain 5: identity and access management (Controlling Access And Managing Identity). In: CISSP Study Guid, pp 293–327. https://doi.org/10.1016/b978-0-12-802437-9.00006-0

  10. Xu L, Zhang H, Du X, Wang C (2009) Research on mandatory access control model for application system. In: Proceedings of international conference on networks security, wireless communications and trusted computing NSWCTC 2009, vol 2, no 1, pp 159–163. https://doi.org/10.1109/NSWCTC.2009.322

  11. Sandhu RS et al (1996) Role based access control models. IEEE 6(2):21–29. https://doi.org/10.1016/S1363-4127(01)00204-7

    Article  Google Scholar 

  12. Sandhu R, Bhamidipati V, Munawer Q (1999) The ARBAC97 model for role-based administration of roles. ACM Trans Inf Syst Secur 2(1):105–135. https://doi.org/10.1145/300830.300839

    Article  Google Scholar 

  13. Sandhu R, Munawer Q (1999) The ARBAC99 model for administration of roles. In: Proceedings 15th annual computer security applications conference, vol Part F1334, pp 229–238. https://doi.org/10.1109/CSAC.1999.816032

  14. Hutchison D (2011) Data and applications security and privacy XXV. In: Lecture notes computer science, vol 1, pp 3–18. https://doi.org/10.1007/978-3-319-20810-7

  15. Crampton J, Morisset C (2014) Monotonicity and completeness in attribute-based access control. In: LNCS 8743,Springer International Publication, pp 33–34

    Google Scholar 

  16. Prakash C, Dasgupta S (2016) Cloud computing security analysis: challenges and possible solutions. In: International conference on electrical, electronics, and optimization techniques ICEEOT 2016, pp 54–57. https://doi.org/10.1109/ICEEOT.2016.7755626

  17. Markandey A, Dhamdhere P, Gajmal Y (2019) Data access security in cloud computing: a review. In: 2018 International conference on computing, power and communication technologies GUCON 2018, pp 633–636. https://doi.org/10.1109/GUCON.2018.8675033

  18. Que Nguyet Tran Thi TKD, Si TT (2017) Fine grained attribute based access control model for privacy protection. Springer International Publication A, vol 10018, pp 141–150. https://doi.org/10.1007/978-3-319-48057-2

  19. Vijayalakshmi K, Jayalakshmi V (2021) Analysis on data deduplication techniques of storage of big data in cloud. In: Proceedings of 5th international conference on computing methodologies and communication ICCMC 2021. IEEE, pp 976–983

    Google Scholar 

  20. Vijayalakshmi K, Jayalakshmi V (2021) Identifying considerable anomalies and conflicts in ABAC security policies. In: Proceedings of 5th international conference on intelligent computing and control systems ICICCS 2021. IEEE, pp 1286–1293

    Google Scholar 

  21. Vijayalakshmi K, Jayalakshmi V (2021) A similarity value measure of ABAC security rules. In: Proceedings of 5th international conference on trends electronics and informatics ICOEI 2021, IEEE

    Google Scholar 

  22. Costa HH, de Araújo AP, Gondim JJ, de Holanda MT, Walter ME (2017) Attribute based access control in federated clouds: A case study in bionformatics. In: Iberian conference on information systems and technologies CIST. https://doi.org/10.23919/CISTI.2017.7975855

  23. Aftab MU, Habib MA, Mehmood N, Aslam M, Irfan M (2016) Attributed role based access control model. In: Proceedings of 2015 conference on information assurance and cyber security CIACS 2015, pp 83–89. https://doi.org/10.1109/CIACS.2015.7395571

  24. Shu J, Shi L, Xia B, Liu L (2009) Study on action and attribute-based access control model for web services. In: 2nd International symposium on information science and engineering ISISE 2009, pp 213–216. https://doi.org/10.1109/ISISE.2009.80

  25. Bai QH, Zheng Y (2011) Study on the access control model in information security. In: Proceedings of 2011 cross strait quad-regional radio science wireless technology conference CSQRWC 2011, vol 1, pp 830–834. https://doi.org/10.1109/CSQRWC.2011.6037079

  26. Jin X, Krishnan R, Sandhu R (2012) A unified attribute-based access control model covering DAC, MAC and RBAC BT. In: Lecture notes in computer science, vol 7371, pp 41–55

    Google Scholar 

  27. Ngo C, Demchenko Y, De Laat C (2015) Multi-tenant attribute-based access control for cloud infrastructure services. https://doi.org/10.1016/j.jisa.2015.11.005

  28. Shaikh RA, Adi K, Logrippo L (2017) A data classification method for inconsistency and incompleteness detection in access control policy sets. Int J Inf Secur 16(1):91–113. https://doi.org/10.1007/s10207-016-0317-1

    Article  Google Scholar 

  29. Servos D, Osborn SL (2017) Current research and open problems in attribute-based access control. ACM Comput Surv (CSUR) 49(4):1–45. https://doi.org/10.1145/3007204

  30. El Hadj MA, Ayache M, Benkaouz Y, Khoumsi A, Erradi M (2017) Clustering-based approach for anomaly detection in xacml policies. In: ICETE 2017—proceedings of 14th international joint conference on E-business telecommunication, vol 4, no Icete, pp 548–553. https://doi.org/10.5220/0006471205480553

  31. Pussewalage HSG, Oleshchuk VA (2017) Attribute based access control scheme with controlled access delegation for collaborative E-health environments. J Inf Secur Appl 37:50–64. https://doi.org/10.1016/j.jisa.2017.10.004

    Article  Google Scholar 

  32. Afshar M, Samet S, Hu T (2018) An attribute based access control framework for healthcare system. J Phys Conf Ser 933(1). https://doi.org/10.1088/1742-6596/933/1/012020

  33. Fu X, Nie X, Wu T, Li F (2018) Large universe attribute based access control with efficient decryption in cloud storage system. J Syst Softw 135:157–164. https://doi.org/10.1016/j.jss.2017.10.020

  34. Franco E, Muchaluat-saade DC (2018) ACROSS: a generic framework for attribute-based access control with distributed policies for virtual organizations. Futur Gener Comput Syst 78:1–17. https://doi.org/10.1016/j.future.2017.07.049

    Article  Google Scholar 

  35. Ait El Hadj M, Khoumsi A, Benkaouz Y, Erradi M (2018) Formal approach to detect and resolve anomalies while clustering ABAC policies. ICST Trans Secur Saf 5(16):156003. https://doi.org/10.4108/eai.13-7-2018.156003

    Article  Google Scholar 

  36. Imine Y, Lounis A, Bouabdallah A (2018) AC SC. https://doi.org/10.1016/j.jnca.2018.08.008

  37. Pratap M, Sural S, Vaidya J (2019) Managing attribute-based access control policies in a unified framework using data warehousing and in-memory database. Comput Secur 86:183–205. https://doi.org/10.1016/j.cose.2019.06.001

    Article  Google Scholar 

  38. Morisset C, Willemse TAC, Zannone N (2019) A framework for the extended evaluation of ABAC policies. Cybersecurity 2(1). https://doi.org/10.1186/s42400-019-0024-0

  39. Vijayalakshmi K, Jayalakshmi V (2020) A priority-based approach for detection of anomalies in ABAC policies using clustering technique. In: Iccmc, pp 897–903. https://doi.org/10.1109/iccmc48092.2020.iccmc-000166

  40. Vijayalakshmi K, Jayalakshmi V (2021) Shared access control models for big data: a perspective study and analysis. Springer, pp 397–410. https://doi.org/10.1007/978-981-15-8443-5_33

  41. Vijayalakshmi K, Jayalakshmi V (2021) Improving performance of ABAC security policies validation using a novel clustering approach. Int J Adv Comput Sci Appl 12(5):245–257

    Google Scholar 

  42. Hu VC et al (2014) Guide to attribute based access control (abac) definition and considerations. NIST Spec Publ 800:162. https://doi.org/10.6028/NIST.SP.800-162

    Article  Google Scholar 

  43. Cavoukian A, Chibba M, Williamson G, Ferguson A (2015) The importance of ABAC: attribute-based access control to big data: privacy and context. In: Private Big Data Institute, p 21

    Google Scholar 

  44. Deng F et al (2019) Establishment of rule dictionary for efficient XACML policy management. Knowl-Based Syst 175:26–35. https://doi.org/10.1016/j.knosys.2019.03.015

    Article  Google Scholar 

  45. OASIS (2008) SAML v2.0. Language (Baltim)

    Google Scholar 

  46. Dovier A, Piazza C, Pontelli E, Rossi G (2000) Sets and constraint logic programming. ACM Trans Program Lang Syst 22(5):861–931. https://doi.org/10.1145/365151.365169

    Article  Google Scholar 

  47. Zhang X, Li Y, Nalla D (2005) An attribute-based access matrix model. In: Proceedings of the 2005 ACM symposium on applied computing, vol 1, pp 359–363. https://doi.org/10.1145/1066677.1066760

  48. Ahuja R, Mohanty SK, Sakurai K (2016) A scalable attribute-set-based access control with both sharing and full-fledged delegation of access privileges in cloud computing. Comput Electr Eng, pp 1–16. https://doi.org/10.1016/j.compeleceng.2016.11.028

  49. Vijayalakshmi K, Jayalakshmi V (2021) Resolving rule redundancy error in ABAC policies using individual domain and subset detection method. In: Proceedings of 6th international conference on communication and electronics systems. ICCES 2021, IEEE

    Google Scholar 

  50. Ait M, Hadj E, Erradi M, Khoumsi A (2018) Validation and correction of large security policies : a clustering and access log based approach. In: 2018 IEEE international conference on big Data (Big Data), no 1, pp 5330–5332. https://doi.org/10.1109/BigData.2018.8622610

  51. Fugkeaw S, Sato H (2018) Scalable and secure access control policy update for outsourced big data. 79:364–373. https://doi.org/10.1016/j.future.2017.06.014

  52. Servos D, Mohammed S, Fiaidhi J, Kim TH (2013) Extensions to ciphertext-policy attribute-based encryption to support distributed environments. Int J Comput Appl Technol 47(2–3):215–226. https://doi.org/10.1504/IJCAT.2013.05435

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Vels Institute of Science, Technology and Advanced Studies, Chennai, India

    K. Vijayalakshmi

  2. Arignar Anna Govt. Arts College, Cheyyar, India

    K. Vijayalakshmi

  3. School of Computing Sciences, Vels Institute of Science, Technology and Advanced Studies, VISTAS, Chennai, India

    V. Jayalakshmi

Authors
  1. K. Vijayalakshmi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. V. Jayalakshmi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electronics and Communication Engineering, Karunya Institute of Technology and Sciences, Coimbatore, India

    D. Jude Hemanth

  2. Faculty of Communication Sciences, University of Teramo, Teramo, Italy

    Danilo Pelusi

  3. Department of Computer Engineering, San Jose State University, San Jose, CA, USA

    Chandrasekar Vuppalapati

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Vijayalakshmi, K., Jayalakshmi, V. (2022). A Study on Current Research and Challenges in Attribute-based Access Control Model. In: Hemanth, D.J., Pelusi, D., Vuppalapati, C. (eds) Intelligent Data Communication Technologies and Internet of Things. Lecture Notes on Data Engineering and Communications Technologies, vol 101. Springer, Singapore. https://doi.org/10.1007/978-981-16-7610-9_2

Download citation

Publish with us

Policies and ethics

Search

Navigation