The second Workshop on Attribute Based Access Control (ABAC '17), held in conjunction with the 7th ACM Conference on Data and Applications Security and Privacy (CODASPY 2017), continues to foster a community of researchers interested in all aspects of attribute based access control. Major challenges remain to be addressed for ABAC to be effective in practice including ABAC policy engineering and mining, attribute assurance, usable administration, ABAC enforcement, and balancing expressive power with usability.
ABAC '17 features papers on various aspects of ABAC including theoretical issues as attribute reduction, ABAC administration, and policy verification; practical issues such as ABAC for databases, authoring ABAC policies via natural language, and systematic ABAC implementation; and ABAC issues in applications such as healthcare.
We hope the workshop attendees will find this wide variety of topics to be insightful, and helpful in advancing the field of ABAC.
Proceeding Downloads
Attribute Transformation for Attribute-Based Access Control
In this paper, we introduce the concept of transforming attribute-value assignments from one set to another set. We specify two types of transformations---attribute reduction and attribute expansion. We distinguish policy attributes from non-policy ...
Imposing Fine-grain Next Generation Access Control over Database Queries
In this paper, we describe a system that leverages ANSI/INCITS Next Generation Access Control (NGAC) standard called Next-generation Database Access Control (NDAC) for accessing data in tables, rows, and columns in existing RDBMS products. NDAC imposes ...
ABAC with Group Attributes and Attribute Hierarchies Utilizing the Policy Machine
Attribute-Based Access Control (ABAC) has received significant attention in recent years, although the concept has been around for over two decades now. Many ABAC models, with different variations, have been proposed and formalized. Besides basic ABAC ...
Attribute Based Access Control for Healthcare Resources
Fast Health Interoperability Services (FHIR) is the most recent in the line of standards for healthcare resources. FHIR represents different types of medical artifacts as resources and also provides recommendations for their authorized disclosure using ...
Tracing the Arc of Smartphone Application Security
The introduction of smart phones in the mid-2000s forever changed the way users interact with data and computation--and through it prompted a renaissance of digital innovation. Yet, at the same time, the architectures, applications and services that ...
Verification of Resilience Policies that Assist Attribute Based Access Control
Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties ...
A Systematic Approach to Implementing ABAC
In this paper we discuss attribute-based access control (ABAC), and how to proceed with a systematic implementation of ABAC across an enterprise. The paper will cover the different steps needed to be successful.
Proposed Model for Natural Language ABAC Authoring
Authorization policy authoring has required tools from the start. With access policy governance now an executive-level responsibility, it is imperative that such a tool expose the policy to business users' with little or no IT intervention-as natural ...
Index Terms
- Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control