skip to main content
10.1145/3041048acmconferencesBook PagePublication PagescodaspyConference Proceedingsconference-collections
ABAC '17: Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control
ACM2017 Proceeding
Publisher:
  • Association for Computing Machinery
  • New York
  • NY
  • United States
Conference:
CODASPY '17: Seventh ACM Conference on Data and Application Security and Privacy Scottsdale Arizona USA 24 March 2017
ISBN:
978-1-4503-4910-9
Published:
24 March 2017
Sponsors:
Recommend ACM DL
ALREADY A SUBSCRIBER?SIGN IN

Reflects downloads up to 18 Jan 2025Bibliometrics
Skip Abstract Section
Abstract

The second Workshop on Attribute Based Access Control (ABAC '17), held in conjunction with the 7th ACM Conference on Data and Applications Security and Privacy (CODASPY 2017), continues to foster a community of researchers interested in all aspects of attribute based access control. Major challenges remain to be addressed for ABAC to be effective in practice including ABAC policy engineering and mining, attribute assurance, usable administration, ABAC enforcement, and balancing expressive power with usability.

ABAC '17 features papers on various aspects of ABAC including theoretical issues as attribute reduction, ABAC administration, and policy verification; practical issues such as ABAC for databases, authoring ABAC policies via natural language, and systematic ABAC implementation; and ABAC issues in applications such as healthcare.

We hope the workshop attendees will find this wide variety of topics to be insightful, and helpful in advancing the field of ABAC.

Skip Table Of Content Section
SESSION: Session 1
research-article
Attribute Transformation for Attribute-Based Access Control

In this paper, we introduce the concept of transforming attribute-value assignments from one set to another set. We specify two types of transformations---attribute reduction and attribute expansion. We distinguish policy attributes from non-policy ...

research-article
Imposing Fine-grain Next Generation Access Control over Database Queries

In this paper, we describe a system that leverages ANSI/INCITS Next Generation Access Control (NGAC) standard called Next-generation Database Access Control (NDAC) for accessing data in tables, rows, and columns in existing RDBMS products. NDAC imposes ...

research-article
Public Access
ABAC with Group Attributes and Attribute Hierarchies Utilizing the Policy Machine

Attribute-Based Access Control (ABAC) has received significant attention in recent years, although the concept has been around for over two decades now. Many ABAC models, with different variations, have been proposed and formalized. Besides basic ABAC ...

SESSION: Session 2
research-article
Public Access
Attribute Based Access Control for Healthcare Resources

Fast Health Interoperability Services (FHIR) is the most recent in the line of standards for healthcare resources. FHIR represents different types of medical artifacts as resources and also provides recommendations for their authorized disclosure using ...

SESSION: Keynote Address
keynote
Public Access
Tracing the Arc of Smartphone Application Security

The introduction of smart phones in the mid-2000s forever changed the way users interact with data and computation--and through it prompted a renaissance of digital innovation. Yet, at the same time, the architectures, applications and services that ...

SESSION: Session 4
research-article
Verification of Resilience Policies that Assist Attribute Based Access Control

Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties ...

research-article
A Systematic Approach to Implementing ABAC

In this paper we discuss attribute-based access control (ABAC), and how to proceed with a systematic implementation of ABAC across an enterprise. The paper will cover the different steps needed to be successful.

research-article
Proposed Model for Natural Language ABAC Authoring

Authorization policy authoring has required tools from the start. With access policy governance now an executive-level responsibility, it is imperative that such a tool expose the policy to business users' with little or no IT intervention-as natural ...

Contributors
  • Purdue University
  • The University of Texas at San Antonio
  • The University of Texas at San Antonio
Index terms have been assigned to the content through auto-classification.

Recommendations