Skip to main content
main-content

Tipp

Weitere Kapitel dieses Buchs durch Wischen aufrufen

2020 | OriginalPaper | Buchkapitel

The Structure and Agency Policy Language (SAPL) for Attribute Stream-Based Access Control (ASBAC)

share
TEILEN

Abstract

Current architectures and data flow models for access control are based on request response communication. In stateful or session-based applications monitoring access rights over time this results in polling of authorization services and for Attribute-Based Access Control (ABAC) in the polling of policy information points. This introduces latency or increased load due to polling. Attribute-Stream-based Access Control (ASBAC) is an authorization model based on a publish subscribe pattern mitigating these bottlenecks. ASBAC allows the quasi real time consideration of attribute data streams for access control decisions, such as internet-of-things (IoT) sensor data. This paper introduces the Structure and Agency Policy Language (SAPL) for implementing ASBAC. In addition, the paper describes how ASBAC with SAPL can be implemented by applying a reactive programming model and describes key algorithms for evaluating SAPL policies.
Anhänge
Nur mit Berechtigung zugänglich
Literatur
1.
Zurück zum Zitat American National Standards Institute: INCITS 499–2018: Information technology - next generation access control - functional architecture. Technical report, American National Standards Institute (2018) American National Standards Institute: INCITS 499–2018: Information technology - next generation access control - functional architecture. Technical report, American National Standards Institute (2018)
2.
Zurück zum Zitat Barker, C.: Cultural Studies: Theory and Practice. Sage, Thousand Oaks (2003) Barker, C.: Cultural Studies: Theory and Practice. Sage, Thousand Oaks (2003)
6.
Zurück zum Zitat Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Reusable Object-oriented Software. Addison-Wesley Longman Publishing Co., Inc., Boston (1995) MATH Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Reusable Object-oriented Software. Addison-Wesley Longman Publishing Co., Inc., Boston (1995) MATH
8.
Zurück zum Zitat Heutelbeck, D.: Attribute stream-based access control (ASBAC) - functional architecture and patterns. In: Proceedings of the 2019 International Conference of Security and Management (SAM 2019) (2019) Heutelbeck, D.: Attribute stream-based access control (ASBAC) - functional architecture and patterns. In: Proceedings of the 2019 International Conference of Security and Management (SAM 2019) (2019)
15.
Zurück zum Zitat Latham, D.C.: Department of defense trusted computer system evaluation criteria. Department of Defense (1986) Latham, D.C.: Department of defense trusted computer system evaluation criteria. Department of Defense (1986)
16.
Zurück zum Zitat Linklater, G., Smith, C., Connan, J., Herbert, A., Irwin, B.V.: JSON schema for attribute-based access control for network resource security. In: Proceedings of Southern Africa Telecommunication Networks and Applications Conference (SATNAC 2017). (2017) Linklater, G., Smith, C., Connan, J., Herbert, A., Irwin, B.V.: JSON schema for attribute-based access control for network resource security. In: Proceedings of Southern Africa Telecommunication Networks and Applications Conference (SATNAC 2017). (2017)
18.
Zurück zum Zitat Sandhu, R.S.: Role-based access control. In: Advances in Computers, vol. 46, pp. 237–286. Elsevier (1998) Sandhu, R.S.: Role-based access control. In: Advances in Computers, vol. 46, pp. 237–286. Elsevier (1998)
Metadaten
Titel
The Structure and Agency Policy Language (SAPL) for Attribute Stream-Based Access Control (ASBAC)
verfasst von
Dominic Heutelbeck
Copyright-Jahr
2020
DOI
https://doi.org/10.1007/978-3-030-39749-4_4

Premium Partner