| Title | HGAA: An Architecture to Support Hierarchical Group and Attribute-Based Access Control |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Servos, Daniel, Osborn, Sylvia L. |
| Conference Name | Proceedings of the Third ACM Workshop on Attribute-Based Access Control |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5633-6 |
| Keywords | ABAC, Access Control, Architecture, Attribute authority, attribute based encryption, attribute certificate, attribute-based access control, Collaboration, HGAA, HGABAC, hierarchical group and attribute-based access control, hierarchical group attribute architecture, Human Behavior, policy-based governance, pubcrawl, Scalability |
| Abstract | Attribute-Based Access Control (ABAC), a promising alternative to traditional models of access control, has gained significant attention in recent academic literature. This attention has lead to the creation of a number of ABAC models including our previous contribution, Hierarchical Group and Attribute-Based Access Control (HGABAC). However, to date few complete solutions exist that provide both an ABAC model and architecture that could be implemented in real life scenarios. This work aims to advance progress towards a complete ABAC solution by introducing Hierarchical Group Attribute Architecture (HGAA), an architecture to support HGABAC and close the gap between a model and real world implementation. In addition to HGAA we also present an attribute certificate specification that enables users to provide proof of attribute ownership in a pseudonymous and off-line manner, as well as an update to the Hierarchical Group Policy Language (HGPL) to support our namespace for uniquely identifying attributes across disparate security domains. Details of our HGAA implementation are given and a preliminary analysis of its performance is discussed as well as directions for future work. |
| URL | http://doi.acm.org/10.1145/3180457.3180459 |
| DOI | 10.1145/3180457.3180459 |
| Citation Key | servos_hgaa:_2018 |
HGAA: An Architecture to Support Hierarchical Group and Attribute-Based Access Control