RBAC with ABS - Implementation Practicalities for RBAC Integrity Policies
Mikko Kiviharju
2014
Abstract
Role-based access control (RBAC) is the de facto access control model used in current information systems. Cryptographic access control (CAC), on the other hand, is an implementation paradigm intended to enforce AC-policies cryptographically. CAC-methods are also attractive in cloud environments due to their distributed and offline nature of operation. Combining the capabilities of both RBAC and CAC fully seems elusive, though. This paper studies the feasibility of implementing RBAC with respect to write-permissions using a recent type of cryptographic schemes called attribute-based signatures (ABS), which fall under a concept called functional cryptography. We map the functionalities and elements of RBAC to ABS elements and show a sample XACML-based architecture, how signature generation and verification conforming to RBAC-type processes could be implemented.
DownloadPaper Citation
in Harvard Style
Kiviharju M. (2014). RBAC with ABS - Implementation Practicalities for RBAC Integrity Policies . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 500-509. DOI: 10.5220/0005122105000509
in Bibtex Style
@conference{secrypt14,
author={Mikko Kiviharju},
title={RBAC with ABS - Implementation Practicalities for RBAC Integrity Policies},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={500-509},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005122105000509},
isbn={978-989-758-045-1},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - RBAC with ABS - Implementation Practicalities for RBAC Integrity Policies
SN - 978-989-758-045-1
AU - Kiviharju M.
PY - 2014
SP - 500
EP - 509
DO - 10.5220/0005122105000509