Policy administration in tag-based authorization

Sandro Etalle, Timothy L. Hinrichs, Adam J. Lee, Daniel Trivellato, Nicola Zannone

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    1 Citation (Scopus)
    49 Downloads (Pure)

    Abstract

    Tag-Based Authorization (TBA) is a hybrid access control model that combines the ease of use of extensional access control models with the expressivity of logic-based formalisms. The main limitation of TBA is that it lacks support for policy administration. More precisely, it does not allow policy-writers to specify administrative policies that constrain the tags that users can assign, and to verify the compliance of assigned tags with these policies. In this paper we introduce TBA2 (Tag-Based Authorization & Administration), an extension of TBA that enables policy administration in distributed systems. We show that TBA2 is more expressive than TBA and than two reference administrative models proposed in the literature, namely HRU and ARBAC97.
    Original languageUndefined
    Title of host publication5th International Symposium on Foundations and Practice of Security, FPS 2012
    Place of PublicationBerlin
    PublisherSpringer
    Pages162-179
    Number of pages18
    ISBN (Print)978-3-642-37119-6
    DOIs
    Publication statusPublished - 2013
    Event5th International Symposium on Foundations and Practice of Security 2012 - Montreal, Canada
    Duration: 25 Oct 201226 Oct 2012
    Conference number: 5
    http://conferences.telecom-bretagne.eu/fps2012/

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    Volume7743
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    Conference5th International Symposium on Foundations and Practice of Security 2012
    Abbreviated titleFPS 2012
    CountryCanada
    CityMontreal
    Period25/10/1226/10/12
    Internet address

    Keywords

    • EWI-23344
    • SCS-Cybersecurity
    • policy administration
    • IR-86128
    • Access Control
    • METIS-297634
    • auditing

    Cite this

    Etalle, S., Hinrichs, T. L., Lee, A. J., Trivellato, D., & Zannone, N. (2013). Policy administration in tag-based authorization. In 5th International Symposium on Foundations and Practice of Security, FPS 2012 (pp. 162-179). (Lecture Notes in Computer Science; Vol. 7743). Berlin: Springer. https://doi.org/10.1007/978-3-642-37119-6_11