Abstract
Access control models are used to identify and detect anonymous users or attacks when sharing big data or other resources in the distributed environment such as cloud, edge, and fog computing. The attribute-based access control model (ABAC) is a promising model used in intrusion detection systems. Comparing with the primary access control models: discretionary access control model (DAC), mandatory access control model (MAC), and role-based access control model, ABAC gets attention in the current research due to its flexibility, efficiency, and granularity. Despite ABAC is performing well in addressing the security requirements of today’s computing technologies, there are open challenges such as policy errors, scalability, delegations, and policy representation with heterogeneous datasets. This paper presents the fundamental concepts of ABAC and a review of current research works toward framing efficient ABAC models. This paper identifies and discusses the current challenges in ABAC based on the study and analysis of the surveyed works.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kumar A, Maurya HC, Misra R (2013) A research paper on hybrid intrusion detection system.Int J Eng Adv Technol 2(4):294–297
Khraisat A, Gondal I, Vamplew P, Kamruzzaman J (2019) Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1). https://doi.org/10.1186/s42400-019-0038-7
Hydro C et al (2013) We are IntechOpen, the world ’ s leading publisher of Open Access books Built by scientists, for scientists TOP 1 %. INTECH 32(July):137–144
Liang C et al (2020) Intrusion detection system for the internet of things based on blockchain and multi-agent systems. Electrononics 9(7):1–27. https://doi.org/10.3390/electronics9071120
Varal AS, Wagh SK (2018) Misuse and anomaly intrusion detection system using ensemble learning model. In: International conference on recent innovations in electrical, electronics & communication engineering ICRIEECE 2018, pp. 1722–1727. https://doi.org/10.1109/ICRIEECE44171.2018.9009147
Qi H, Di X, Li J (2018) Formal definition and analysis of access control model based on role and attribute. J Inf Secur Appl 43:53–60. https://doi.org/10.1016/j.jisa.2018.09.001
Suhendra V (2011) A survey on access control deployment. In: Communication in computer and information science, vol 259 CCIS, pp 11–20. https://doi.org/10.1007/978-3-642-27189-2_2
Sahafizadeh E (2010) Survey on access control models, pp 1–3
Conrad E, Misenar S, Feldman J (2016) Domain 5: identity and access management (Controlling Access And Managing Identity). In: CISSP Study Guid, pp 293–327. https://doi.org/10.1016/b978-0-12-802437-9.00006-0
Xu L, Zhang H, Du X, Wang C (2009) Research on mandatory access control model for application system. In: Proceedings of international conference on networks security, wireless communications and trusted computing NSWCTC 2009, vol 2, no 1, pp 159–163. https://doi.org/10.1109/NSWCTC.2009.322
Sandhu RS et al (1996) Role based access control models. IEEE 6(2):21–29. https://doi.org/10.1016/S1363-4127(01)00204-7
Sandhu R, Bhamidipati V, Munawer Q (1999) The ARBAC97 model for role-based administration of roles. ACM Trans Inf Syst Secur 2(1):105–135. https://doi.org/10.1145/300830.300839
Sandhu R, Munawer Q (1999) The ARBAC99 model for administration of roles. In: Proceedings 15th annual computer security applications conference, vol Part F1334, pp 229–238. https://doi.org/10.1109/CSAC.1999.816032
Hutchison D (2011) Data and applications security and privacy XXV. In: Lecture notes computer science, vol 1, pp 3–18. https://doi.org/10.1007/978-3-319-20810-7
Crampton J, Morisset C (2014) Monotonicity and completeness in attribute-based access control. In: LNCS 8743,Springer International Publication, pp 33–34
Prakash C, Dasgupta S (2016) Cloud computing security analysis: challenges and possible solutions. In: International conference on electrical, electronics, and optimization techniques ICEEOT 2016, pp 54–57. https://doi.org/10.1109/ICEEOT.2016.7755626
Markandey A, Dhamdhere P, Gajmal Y (2019) Data access security in cloud computing: a review. In: 2018 International conference on computing, power and communication technologies GUCON 2018, pp 633–636. https://doi.org/10.1109/GUCON.2018.8675033
Que Nguyet Tran Thi TKD, Si TT (2017) Fine grained attribute based access control model for privacy protection. Springer International Publication A, vol 10018, pp 141–150. https://doi.org/10.1007/978-3-319-48057-2
Vijayalakshmi K, Jayalakshmi V (2021) Analysis on data deduplication techniques of storage of big data in cloud. In: Proceedings of 5th international conference on computing methodologies and communication ICCMC 2021. IEEE, pp 976–983
Vijayalakshmi K, Jayalakshmi V (2021) Identifying considerable anomalies and conflicts in ABAC security policies. In: Proceedings of 5th international conference on intelligent computing and control systems ICICCS 2021. IEEE, pp 1286–1293
Vijayalakshmi K, Jayalakshmi V (2021) A similarity value measure of ABAC security rules. In: Proceedings of 5th international conference on trends electronics and informatics ICOEI 2021, IEEE
Costa HH, de Araújo AP, Gondim JJ, de Holanda MT, Walter ME (2017) Attribute based access control in federated clouds: A case study in bionformatics. In: Iberian conference on information systems and technologies CIST. https://doi.org/10.23919/CISTI.2017.7975855
Aftab MU, Habib MA, Mehmood N, Aslam M, Irfan M (2016) Attributed role based access control model. In: Proceedings of 2015 conference on information assurance and cyber security CIACS 2015, pp 83–89. https://doi.org/10.1109/CIACS.2015.7395571
Shu J, Shi L, Xia B, Liu L (2009) Study on action and attribute-based access control model for web services. In: 2nd International symposium on information science and engineering ISISE 2009, pp 213–216. https://doi.org/10.1109/ISISE.2009.80
Bai QH, Zheng Y (2011) Study on the access control model in information security. In: Proceedings of 2011 cross strait quad-regional radio science wireless technology conference CSQRWC 2011, vol 1, pp 830–834. https://doi.org/10.1109/CSQRWC.2011.6037079
Jin X, Krishnan R, Sandhu R (2012) A unified attribute-based access control model covering DAC, MAC and RBAC BT. In: Lecture notes in computer science, vol 7371, pp 41–55
Ngo C, Demchenko Y, De Laat C (2015) Multi-tenant attribute-based access control for cloud infrastructure services. https://doi.org/10.1016/j.jisa.2015.11.005
Shaikh RA, Adi K, Logrippo L (2017) A data classification method for inconsistency and incompleteness detection in access control policy sets. Int J Inf Secur 16(1):91–113. https://doi.org/10.1007/s10207-016-0317-1
Servos D, Osborn SL (2017) Current research and open problems in attribute-based access control. ACM Comput Surv (CSUR) 49(4):1–45. https://doi.org/10.1145/3007204
El Hadj MA, Ayache M, Benkaouz Y, Khoumsi A, Erradi M (2017) Clustering-based approach for anomaly detection in xacml policies. In: ICETE 2017—proceedings of 14th international joint conference on E-business telecommunication, vol 4, no Icete, pp 548–553. https://doi.org/10.5220/0006471205480553
Pussewalage HSG, Oleshchuk VA (2017) Attribute based access control scheme with controlled access delegation for collaborative E-health environments. J Inf Secur Appl 37:50–64. https://doi.org/10.1016/j.jisa.2017.10.004
Afshar M, Samet S, Hu T (2018) An attribute based access control framework for healthcare system. J Phys Conf Ser 933(1). https://doi.org/10.1088/1742-6596/933/1/012020
Fu X, Nie X, Wu T, Li F (2018) Large universe attribute based access control with efficient decryption in cloud storage system. J Syst Softw 135:157–164. https://doi.org/10.1016/j.jss.2017.10.020
Franco E, Muchaluat-saade DC (2018) ACROSS: a generic framework for attribute-based access control with distributed policies for virtual organizations. Futur Gener Comput Syst 78:1–17. https://doi.org/10.1016/j.future.2017.07.049
Ait El Hadj M, Khoumsi A, Benkaouz Y, Erradi M (2018) Formal approach to detect and resolve anomalies while clustering ABAC policies. ICST Trans Secur Saf 5(16):156003. https://doi.org/10.4108/eai.13-7-2018.156003
Imine Y, Lounis A, Bouabdallah A (2018) AC SC. https://doi.org/10.1016/j.jnca.2018.08.008
Pratap M, Sural S, Vaidya J (2019) Managing attribute-based access control policies in a unified framework using data warehousing and in-memory database. Comput Secur 86:183–205. https://doi.org/10.1016/j.cose.2019.06.001
Morisset C, Willemse TAC, Zannone N (2019) A framework for the extended evaluation of ABAC policies. Cybersecurity 2(1). https://doi.org/10.1186/s42400-019-0024-0
Vijayalakshmi K, Jayalakshmi V (2020) A priority-based approach for detection of anomalies in ABAC policies using clustering technique. In: Iccmc, pp 897–903. https://doi.org/10.1109/iccmc48092.2020.iccmc-000166
Vijayalakshmi K, Jayalakshmi V (2021) Shared access control models for big data: a perspective study and analysis. Springer, pp 397–410. https://doi.org/10.1007/978-981-15-8443-5_33
Vijayalakshmi K, Jayalakshmi V (2021) Improving performance of ABAC security policies validation using a novel clustering approach. Int J Adv Comput Sci Appl 12(5):245–257
Hu VC et al (2014) Guide to attribute based access control (abac) definition and considerations. NIST Spec Publ 800:162. https://doi.org/10.6028/NIST.SP.800-162
Cavoukian A, Chibba M, Williamson G, Ferguson A (2015) The importance of ABAC: attribute-based access control to big data: privacy and context. In: Private Big Data Institute, p 21
Deng F et al (2019) Establishment of rule dictionary for efficient XACML policy management. Knowl-Based Syst 175:26–35. https://doi.org/10.1016/j.knosys.2019.03.015
OASIS (2008) SAML v2.0. Language (Baltim)
Dovier A, Piazza C, Pontelli E, Rossi G (2000) Sets and constraint logic programming. ACM Trans Program Lang Syst 22(5):861–931. https://doi.org/10.1145/365151.365169
Zhang X, Li Y, Nalla D (2005) An attribute-based access matrix model. In: Proceedings of the 2005 ACM symposium on applied computing, vol 1, pp 359–363. https://doi.org/10.1145/1066677.1066760
Ahuja R, Mohanty SK, Sakurai K (2016) A scalable attribute-set-based access control with both sharing and full-fledged delegation of access privileges in cloud computing. Comput Electr Eng, pp 1–16. https://doi.org/10.1016/j.compeleceng.2016.11.028
Vijayalakshmi K, Jayalakshmi V (2021) Resolving rule redundancy error in ABAC policies using individual domain and subset detection method. In: Proceedings of 6th international conference on communication and electronics systems. ICCES 2021, IEEE
Ait M, Hadj E, Erradi M, Khoumsi A (2018) Validation and correction of large security policies : a clustering and access log based approach. In: 2018 IEEE international conference on big Data (Big Data), no 1, pp 5330–5332. https://doi.org/10.1109/BigData.2018.8622610
Fugkeaw S, Sato H (2018) Scalable and secure access control policy update for outsourced big data. 79:364–373. https://doi.org/10.1016/j.future.2017.06.014
Servos D, Mohammed S, Fiaidhi J, Kim TH (2013) Extensions to ciphertext-policy attribute-based encryption to support distributed environments. Int J Comput Appl Technol 47(2–3):215–226. https://doi.org/10.1504/IJCAT.2013.05435
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Vijayalakshmi, K., Jayalakshmi, V. (2022). A Study on Current Research and Challenges in Attribute-based Access Control Model. In: Hemanth, D.J., Pelusi, D., Vuppalapati, C. (eds) Intelligent Data Communication Technologies and Internet of Things. Lecture Notes on Data Engineering and Communications Technologies, vol 101. Springer, Singapore. https://doi.org/10.1007/978-981-16-7610-9_2
Download citation
DOI: https://doi.org/10.1007/978-981-16-7610-9_2
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-7609-3
Online ISBN: 978-981-16-7610-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)