Attribute-Based Access Control (Artech House Information Security and Privacy) by Vincent C. Hu & David F. Ferraiolo & Ramaswamy Chandramouli & D. Richard Kuhn

Author:Vincent C. Hu & David F. Ferraiolo & Ramaswamy Chandramouli & D. Richard Kuhn [Hu, Vincent C.]
Language: eng
Format: epub
Publisher: Artech House
Published: 2017-10-30T22:00:00+00:00

* * *

1.Some of the content in this chapter is derived from NIST SP 800-192—Verification and Test Methods for Access Control Policies/Models, by V. C. Hu, R. D. Kuhn, and D. Yaga, June 2017, and NISTIR 7874—Guidelines for Access Control System Evaluation Metrics, by V. C. Hu and K. Scarfone, September 2012.

7

Attribute Consideration

7.1 Introduction

Within ABAC, attributes are used to make critical access control (AC) decisions, so properties of attributes must be considered for users to have confidence in their use of ABAC. This chapter outlines factors influencing attributes that an ABAC system must address when engineering and evaluating attributes, and proposes some notional implementation suggestions for consideration. This chapter discusses considerations for attributes from the perspectives of fundamental security requirements: preparation, veracity, security, and readiness, as applied to ABAC.

In addition to these considerations, a general attribute framework with examples is demonstrated to show the importance and efficiency of the semantic and syntactic accuracies of attributes in federated ABAC environments, especially when natural language policies (NLP) are the initial policies. Finally, the discussed considerations are summarized to illustrate attribute evaluation scheme (AES) examples, which are applied to different ABAC requirements.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.