Published: August 13, 2015
Author(s)
Vincent Hu, David Ferraiolo, Richard Kuhn, Raghu Kacker, Yu Lei
Conference
Name: 16th IEEE International Conference on Information Reuse and Integration (IRI 2015)
Dates: 08/13/2015 - 08/15/2015
Location: San Francisco, California, United States
Citation: Proceedings of the 2015 IEEE 16th International Conference on Information Reuse and Integration (IRI 2015), pp. 518-525
Attribute Based Access Control (ABAC) is a popular approach to enterprise-wide access control that provides flexibility suitable for today’s dynamic distributed systems. ABAC controls access to objects by evaluating policy rules against the attributes of entities (subject and object), operations, and the environment relevant to a request, but great care must be taken in setting up and maintaining the access control rules that allow such flexible operations. This article summarizes important considerations in ABAC deployment first introduced in the "Guide to Attribute Based Access Control."
Attribute Based Access Control (ABAC) is a popular approach to enterprise-wide access control that provides flexibility suitable for today’s dynamic distributed systems. ABAC controls access to objects by evaluating policy rules against the attributes of entities (subject and object), operations,...
See full abstract
Attribute Based Access Control (ABAC) is a popular approach to enterprise-wide access control that provides flexibility suitable for today’s dynamic distributed systems. ABAC controls access to objects by evaluating policy rules against the attributes of entities (subject and object), operations, and the environment relevant to a request, but great care must be taken in setting up and maintaining the access control rules that allow such flexible operations. This article summarizes important considerations in ABAC deployment first introduced in the "Guide to Attribute Based Access Control."
Hide full abstract
Keywords
ABAC; attribute based access control; NGAC; XACML
Control Families
None selected