Prikladnaya Diskretnaya Matematika
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive
Impact factor

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS



Prikl. Diskr. Mat.:
Year:
Volume:
Issue:
Page:
Find






Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register


Prikl. Diskr. Mat., 2019, Number 44, Pages 43–57 (Mi pdm660)  

Mathematical Backgrounds of Computer Security

Analysis of the methods for attribute-based access control

M. N. Kalimoldayev, R. G. Biyashev, O. A. Rog

Institute of Information and Computational Technologies, Almaty, Republic of Kazakhstan

Abstract: The paper contains an analytical overview of the basic models and methods for access control from the traditional ones (DAC, MAC, RBAC) to the latest developments — numerous models implementing attribute based access control (ABAC). The model of typed attribute based access control (TAAC) being developed currently is described. The following disadvantages of traditional models are pointed out: identification of entities with unique names; access rights redundancy (“coarse-grained access control”); difficult managing large number of users; operating in closed environments; the inability to use integrated security policies; lack of built-in administration tools. It is found out that to ensure the safe sharing of information resources in both local and global computing environments, access control models must meet the requirements of universality, flexibility and ease of administration while performing the following tasks: identification of entities by several features for fine-grained access control; design and use of multiple access control policies to implement the “multiple policy” paradigm and adapt the system to work in various environments; administration as a means for dynamic policy modeling and convenient privilege managing a large number of users. The advantages and disadvantages of different types of ABAC models are considered. The advantages are: identification of entities by sets of attributes; “fine-grained access control”; flexibility and expressiveness of model specification languages; the possibility of creating new and modeling traditional methods of access control; relative ease of administration; managing privileges of groups of users. The main disadvantage of ABAC is the complexity of calculating attribute values. It is shown that the TAAC models meet the above requirements and provide the following: “fine-grained access control” by identifying entities with the sets of typed attributes; decrease in complexity and increase in speed of calculations; management privileges of hierarchical groups of subjects and objects; dynamic policy construction; multi-criteria access control.

Keywords: attribute-based access control (ABAC), typed attribute-based access control (TAAC), DAC, MAC, RBAC, access control policy, specification language, syntax, semantics, modeling.

DOI: https://doi.org/10.17223/20710410/44/4

Full text: PDF file (585 kB)
References: PDF file   HTML file

Bibliographic databases:

UDC: 004.94.056.53

Citation: M. N. Kalimoldayev, R. G. Biyashev, O. A. Rog, “Analysis of the methods for attribute-based access control”, Prikl. Diskr. Mat., 2019, no. 44, 43–57

Citation in format AMSBIB
\Bibitem{KalBiyRog19}
\by M.~N.~Kalimoldayev, R.~G.~Biyashev, O.~A.~Rog
\paper Analysis of the methods for~attribute-based~access~control
\jour Prikl. Diskr. Mat.
\yr 2019
\issue 44
\pages 43--57
\mathnet{http://mi.mathnet.ru/pdm660}
\crossref{https://doi.org/10.17223/20710410/44/4}
\elib{https://elibrary.ru/item.asp?id=38555961}


Linking options:
  • http://mi.mathnet.ru/eng/pdm660
  • http://mi.mathnet.ru/eng/pdm/y2019/i2/p43

    SHARE: VKontakte.ru FaceBook Twitter Mail.ru Livejournal Memori.ru


    Citing articles on Google Scholar: Russian citations, English citations
    Related articles on Google Scholar: Russian articles, English articles
  • Прикладная дискретная математика
    Number of views:
    This page:206
    Full text:97
    References:6

     
    Contact us:
     Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2021