Abstract
Access control is one of the most basic information security requirements, which prevents unauthorized people from accessing the system or facilities. The access control process relies on specified policies and rules for any access. Access control is a crucial security feature that assures the safety of data and resources. There is a need for a framework to govern the proper use of information related to persons in an age of distributed computing, where enormous volumes of data are being transmitted and shared. This is where access control comes into play, ensuring that only authorized users can access the data. Many such modules have been proposed for a variety of sectors, including the extremely well-known Discretionary Access Control Model (DAC), Role-Based Access Control (RBAC) Model, Mandatory Access Control Model (MAC), and Attribute-Based Access Control (ABAC). We have shown recent trends in access control models in this research work. Furthermore, we present a few case examples that describe ABAC frameworks and how they are used in the university context. Finally, we use a comparison table to demonstrate ABAC’s utility in dynamic and open contexts such as the cloud, IoT, etc.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Michael K (2012) Handbook on securing cyber-physical critical infrastructure. Elsevier Inc., ch. Policies, access control, and formal methods. Lo NW, Yang TC, Guo MH. An attribute-role based access control mechanism for multi-tenancy cloud environment. Wirel Pers Commun 84(3):2119–2134
Clerk Maxwell J (1892) A treatise on electricity and magnetism, 3rd edn, vol 2. Clarendon, Oxford, pp 68–73
Khan AR (2012) Access control in the cloud computing environment. ARPN J Eng Appl Sci 7(5):613–615. Elissa K. Title of paper if known. unpublished
Bang AO, Rao UP, Visconti A, Brighente A, Conti M (2022) An IoT inventory before deployment: a survey on IoT protocols, communication technologies, vulnerabilities, attacks, and future research directions. Comput Secur 10:102914
Samarati P, Di Vimercati SDC (2001) Access control: policies, models, and mechanisms. Lecture Notes in Computer Science (LNCS). Springer, pp 137–196
Anderson JP (1972) Computer security technology planning study, vol 2. DTIC Document, Technical Report
Damiani E, Ardagna CA, El Ioini N (2008) Open source systems security certification. Springer Science & Business Media
Latham DC (1986) Department of defense trusted computer system evaluation criteria. Department of Defense
Bell DE, LaPadula LJ (1973) Secure computer systems: mathematical foundations. DTIC Document, Technical Report
Biba KJ (1977) Integrity considerations for secure computer systems. DTIC Document, Technical Report
Ahn G-J, Sandhu R (2000) Role-based authorization constraints specification. ACM Trans Inf Syst Secur (TISSEC) 3(4):207–226
Bertino E, Bonatti PA, Ferrari E (2001) Trbac: a temporal role-based access control model. ACM Trans Inf Syst Secur (TISSEC) 4(3):191–233
Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 2:38–47
Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur (TISSEC) 4(3):224–274
Ravidas S, Lekidis A, Paci F, Zannone N (2019) Access control in Internet-of-Things: a survey. J Netw Comput Appl 15(144):79–101
Hu CT, Ferraiolo DF, Kuhn DR, Schnitzer A, Sandlin K, Miller R, Scarfone K (2019) Guide to attribute based access control (ABAC) definition and considerations [includes updates as of 02-25-2019]. No. Special Publication (NIST SP)-800-162
Asaf Z, Asad M, Ahmed S, Rasheed W, Bashir T (2014) Role-based access control architectural design issues in large organizations. In: Open source systems and technologies (ICOSST), 2014 international conference on. IEEE, pp 197–205
Ni Q, Bertino E, Lobo J, Calo SB (2009) Privacy-aware role-based access control. IEEE Secur Priv 4:35–43
Sandhu R, Ferraiolo D, Kuhn R (2000) The NIST model for role-based access control: towards a unified standard. In: ACM workshop on role-based access control, vol 2000
Jin X, Krishnan R, Sandhu RS (2012) A unified attribute-based access control model covering DAC, MAC and RBAC. DBSec 12:41–55
Hu VC, Ferraiolo D, Kuhn R, Friedman AR, Lang AJ, Cogdell MM, Schnitzer A, Sandlin K, Miller R, Scarfone K et al (2013) Guide to attribute-based access control (ABAC) definition and considerations (draft). NIST Special Publication, vol 800, p 162
Qiu J, Tian Z, Du C, Zuo Q, Su S, Fang B (2020) A survey on access control in the age of internet of things. IEEE Internet Things J 7(6):4682–4696
Ferraiolo D, Chandramouli R, Kuhn R, Hu V (2016) Extensible access control markup language (XACML) and next generation access control (NGAC). In: Proceedings of the 2016 ACM international workshop on attribute based access control. ACM, pp 13–24
Alfa eclipse plugin for XACML policies. https://www.axiomatics.com/alfa-plugin-for-eclipse.html
Ferraiolo D, Atluri V, Gavrila S (2011) The policy machine: a novel architecture and framework for access control policy specification and enforcement. J Syst Architect 57(4):412–424
Patra L, Rao UP (2016) Internet of Things—Architecture, applications, security and other major challenges. In: 2016 3rd international conference on computing for sustainable global development (INDIACom) 2016 Mar 16. IEEE, pp 1201–1206
Hsu AC, Ray I (2016) Specification and enforcement of location-aware attribute-based access control for online social networks. In: Proceedings of the 2016 ACM international workshop on attribute based access control. ACM, pp 25–34
Bennett P, Ray I, France R (2015) Modeling of online social network policies using an attribute-based access control framework. In: International conference on information systems security. Springer, pp 79–97
Servos D, Osborn SL (2017) Current research and open problems in attribute-based access control. ACM Comput Surv (CSUR). 49(4):1–45
Ouaddah A, Mousannif H, Abou Elkalam A, Ouahman AA (2017) Access control in the Internet of Things: big challenges and new opportunities. Comput Netw 15(112):237–262
Acknowledgements
This work is supported by a research project funded by IHUB NTIHAC Foundation (Sanction number: IHUB-NTIHAC/2021/01/8), IITK under the aegis of the National Mission on Interdisciplinary Cyber-Physical System (NM- ICPS), DST, GoI.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Rao, U.P., Choksy, P., Chaurasia, A. (2023). A Motive Towards Enforcement of Attribute-Based Access Control Models in Dynamic Environments. In: Rao, U.P., Alazab, M., Gohil, B.N., Chelliah, P.R. (eds) Security, Privacy and Data Analytics. ISPDA 2022. Lecture Notes in Electrical Engineering, vol 1049. Springer, Singapore. https://doi.org/10.1007/978-981-99-3569-7_27
Download citation
DOI: https://doi.org/10.1007/978-981-99-3569-7_27
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-3568-0
Online ISBN: 978-981-99-3569-7
eBook Packages: Computer ScienceComputer Science (R0)