Policy Review in Attribute Based Access
Control University of Texas at San Antonio, Texas, United State {sherifdeen.lawal,
Ram.Krishnan}@utsa.edu
Abstract The Next Generation Access Control (NGAC), founded on the Policy Machine (PM), is a robust Attribute Based Access Control (ABAC) framework that enables a structured and flexible approach for the establishment of Discretionary Access Control (DAC) policies, accommodates limited expression of non-confinement Mandatory Access Control (MAC) policies, has shown support for all aspects of the Role Based Access Control (RBAC) standard, and possesses algorithms for both peruser and per-object review. However, NGAC lacks the mechanism for other critical administrative review problems like comprehensive approaches to grant authorization (revoke authorization) for a denied access request (an authorized access request). We proposed approaches to grant authorization of (one of the administrative operations) any denied user assignment access request as our initial work in response to the policy review features not in the PM. Keywords: Attribute Based Access Control, Policy
Review, Policy Machine +: Corresponding author: Ram Krishnan
Journal
of Internet Services and Information Security
(JISIS), 10(2): 67-81, May 2020 DOI: 10.22667/JISIS.2020.05.31.067 [pdf] |