Skip to main content
SpringerLink
Log in
Book cover

International Conference on Artificial Intelligence and Security

ICAIS 2019: Artificial Intelligence and Security pp 517–529Cite as

CABAC: A Content-Driven Attribute-Based Access Control Model for Big Data

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11634))

Abstract

In recent years, attribute-based access control (ABAC) models have been widely used in big data and cloud computing. However, with the growing importance of data content, using data content to assist authorization for access controls has become more common. In this paper, we propose a dynamic content-driven attribute-based access control model (CABAC) for large-scale unstructured data. CABAC is a fine-grained access control model that use two-layer authorization to balance efficiency and accuracy. The first-layer authorization uses attributes to grant users basic authority and the second-layer authorization uses data content to grant broader authority over “related” data. Experimental results show that CABAC has acceptable efficiency and it can expand the authority of users without reducing security.

Supported by the National Natural Science Foundation of China (61572263, 61502251, 61602263, 61872197), the Postgraduate Research & Practice Innovation Program of Jiangsu Province (KYCX18_0891), the Natural Science Foundation of Jiangsu Province (BK20161516, BK20160916), the Postdoctoral Science Foundation Project of China (2016M601859), the Natural Research Foundation of Nanjing University of Posts and Telecommunications (NY217119).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    NSF research award data set: http://archive.ics.uci.edu/ml/datasets/NSF+Research+Award+Abstracts+1990-2003.

References

  1. Adam, N.R., Atluri, V., Bertino, E., Ferrari, E.: A content-based authorization model for digital libraries. IEEE Trans. Knowl. Data Eng. 14(2), 296–315 (2002)

    Article  Google Scholar 

  2. Aluvalu, R.K., Muddana, L.: A dynamic attribute-based risk aware access control model (DA-RAAC) for cloud computing. In: IEEE International Conference on Computational Intelligence and Computing Research, pp. 1–5 (2016)

    Google Scholar 

  3. Jadliwala, M., Maiti, A., Namboodiri, V.: Social puzzles: context-based access control in online social networks. In: IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 299–310 (2014)

    Google Scholar 

  4. Jha, S., Sural, S., Atluri, V., Vaidya, J.: Specification and verification of separation of duty constraints in attribute based access control. IEEE Trans. Inf. Forensics Secur. 13(4), 897–911 (2018)

    Article  Google Scholar 

  5. Li, T., Rui, Y.: Priexpress: privacy-preserving express delivery with fine-grained attribute-based access control. In: Communications and Network Security, pp. 333–341 (2017)

    Google Scholar 

  6. Liu, Z., Jiang, Z.L., Wang, X., Yiu, S.M., Zhang, C., Zhao, X.: Dynamic attribute-based access control in cloud storage systems. In: Trustcom/BigDataSE/ISPA, pp. 129–137 (2017)

    Google Scholar 

  7. Luo, X., Wang, W., Luo, W.: The retrospect and prospect of access control technology. Netinfo Secur. 12, 19–27 (2016)

    Google Scholar 

  8. Mannes, E., Maziero, C., Lassance, L., Borges, F.: Optimized access control enforcement over encrypted content in information-centric networks. In: Computers and Communication, pp. 924–929 (2015)

    Google Scholar 

  9. Nagai, S., Kaida, T., Mizuno, O.: The group data access control method in content centric network, pp. 1–3 (2015)

    Google Scholar 

  10. Paradesi, S., Liccardi, I., Kagal, L., Pato, J.: A semantic framework for content-based access controls. In: International Conference on Social Computing, pp. 624–629 (2013)

    Google Scholar 

  11. Qi, H., Luo, X., Di, X., Li, J., Yang, H., Jiang, Z.: Access control model based on role and attribute and its implementation. In: International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, pp. 66–71 (2017)

    Google Scholar 

  12. Rubart, J.: Context-based access control. In: Symposia on Metainformatics, p. 13 (2005)

    Google Scholar 

  13. Ulusoy, H., Colombo, P., Ferrari, E., Kantarcioglu, M., Pattuk, E.: GuardMR: fine-grained security policy enforcement for MapReduce systems. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 285–296. ACM (2015)

    Google Scholar 

  14. Ulusoy, H., Kantarcioglu, M., Pattuk, E., Hamlen, K.: Vigiles: fine-grained access control for MapReduce systems. In: 2014 IEEE International Congress on Big Data (BigData Congress), pp. 40–47. IEEE (2014)

    Google Scholar 

  15. Wang, M., Wang, J., Guo, L., Harn, L.: Inverted XML access control model based on ontology semantic dependency. CMC: Comput. Mater. Continua 55(3), 465–482 (2018)

    Google Scholar 

  16. Wu, M.Y., Chen, Y.W., Ke, C.K.: Design and implementation of a context and role-based access control model for digital content. In: IET International Conference on Frontier Computing, Theory, Technologies and Applications, pp. 253–257 (2010)

    Google Scholar 

  17. Wu, M.Y., Zhuo, Z.X.: Digital content access control for end-users. In: International Conference on Software Intelligence Technologies and Applications and International Conference on Frontiers of Internet of Things, pp. 39–42 (2014)

    Google Scholar 

  18. Zeng, W., Yang, Y., Luo, B.: Content-based access control: use data content to assist access control for large-scale content-centric databases. In: IEEE International Conference on Big Data, pp. 701–710 (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Nanjing University of Posts and Telecommunications, Nanjing, 210023, China

    Ke Ma & Geng Yang

  2. Jiangsu Key Laboratory of Big Data Security and Intelligent Processing, Nanjing, 210023, China

    Geng Yang

Authors
  1. Ke Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Geng Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Geng Yang .

Editor information

Editors and Affiliations

  1. Nanjing University of Information Science and Technology, Nanjing, China

    Xingming Sun

  2. Nanjing University of Information Science and Technology, Nanjing, China

    Zhaoqing Pan

  3. Purdue University, West Lafayette, IN, USA

    Elisa Bertino

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ma, K., Yang, G. (2019). CABAC: A Content-Driven Attribute-Based Access Control Model for Big Data. In: Sun, X., Pan, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2019. Lecture Notes in Computer Science(), vol 11634. Springer, Cham. https://doi.org/10.1007/978-3-030-24271-8_46

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-24271-8_46

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-24270-1

  • Online ISBN: 978-3-030-24271-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation