skip to main content
10.1145/2875491acmconferencesBook PagePublication PagescodaspyConference Proceedingsconference-collections
ABAC '16: Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control
ACM2016 Proceeding
Publisher:
  • Association for Computing Machinery
  • New York
  • NY
  • United States
Conference:
CODASPY'16: Sixth ACM Conference on Data and Application Security and Privacy New Orleans Louisiana USA 11 March 2016
ISBN:
978-1-4503-4079-3
Published:
11 March 2016
Sponsors:
Recommend ACM DL
ALREADY A SUBSCRIBER?SIGN IN

Reflects downloads up to 18 Jan 2025Bibliometrics
Skip Abstract Section
Abstract

Controlling and managing access to sensitive data has been an ongoing challenge for decades. Attribute Based Access Control (ABAC) represents the latest milestone in the evolution of logical access control methods. The goal of this inaugural Workshop on Attribute Based Access Control (ABAC '16), held in conjunction with the 6th ACM Conference on Data and Applications Security and Privacy (CODASPY 2016), is to foster a community of researchers interested in all aspects of attribute based access control. ABAC is a fine-grained and a flexible form of access control. To realize its full potential, a number of major challenges need to be addressed including formal modeling and analysis of ABAC such as its safety and expressive power, administrative models for ABAC, attribute assurance, ABAC policy engineering and mining, privacy concerns in ABAC, etc.

This inaugural ABAC '16 workshop features papers on various aspects of ABAC including formal models for ABAC and its relationship with XACML, data fusion concerns in attribute engineering, relevance of ABAC to application domains such as information sharing and online social networks, ABAC policy language for REST API, ABAC policy clustering, and trustworthiness of attributes. We hope the workshop attendees will find this wide variety of topics mto be insightful, and helpful in advancing the field of ABAC.

Skip Table Of Content Section
SESSION: Session 1
research-article
Public Access
Label-Based Access Control: An ABAC Model with Enumerated Authorization Policy

There are two major techniques for specifying authorization policies in Attribute Based Access Control (ABAC) models. The more conventional approach is to define policies by using logical formulas involving attribute values. Examples in this category ...

research-article
Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC)

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. An objective of both is to provide a standardized way for ...

research-article
Public Access
Specification and Enforcement of Location-Aware Attribute-Based Access Control for Online Social Networks

Online social networks (OSNs) are gaining in popularity and are used by a large number of users with varied educational and socio-economic backgrounds. OSNs contain a plethora of personal information which, if misused, may cause enormous damage to ...

research-article
SMT-based Enforcement and Analysis of NATO Content-based Protection and Release Policies

NATO is developing a new IT infrastructure that will enable automated information sharing between different information security domains and provide strong separation between different communities of interest while supporting dynamic and flexible ...

SESSION: Session 2
research-article
A Policy Framework for Data Fusion and Derived Data Control

Recent years have seen an exponential growth of the collection and processing of data from heterogeneous sources for a variety of purposes. Several methods and techniques have been proposed to transform and fuse data into "useful" information. However, ...

research-article
RestACL: An Access Control Language for RESTful Services

This work describes an efficient Access Control Language for RESTful Services. The language follows the ideas of Attribute Based Access Control and utilizes the concepts of REST to enable a quick identification of policies that have to be evaluated to ...

research-article
Public Access
Position Paper: Towards a Moving Target Defense Approach for Attribute-based Access Control

In recent years, attribute-based access control has been recognized as a convenient way to specify access mediation policies that leverage attributes originating from different security domains, e.g., independently-run organizations or supporting ...

research-article
Work in Progress: K-Nearest Neighbors Techniques for ABAC Policies Clustering

In this paper, we present an approach based on the K-Nearest Neighbors algorithms for policies clustering that aims to reduce the ABAC policies dimensionality for high scale systems. Since ABAC considers a very large set of attributes for access ...

Contributors
  • Purdue University
  • The University of Texas at San Antonio
  • The University of Texas at San Antonio

Recommendations