| Description |
1 online resource (285 pages). |
|
text file |
| Series |
Artech House information security and privacy series
|
|
Artech House information security and privacy series.
|
| Summary |
This comprehensive new resource provides an introduction to fundamental Attribute Based Access Control (ABAC) models. This book provides valuable information for developing ABAC to improve information sharing within organizations while taking into consideration the planning, design, implementation, and operation. It explains the history and model of ABAC, related standards, verification and assurance, applications, as well as deployment challenges.n nReaders find authoritative insight into specialized topics including formal ABAC history, ABAC's relationship with other access control models, ABAC model validation and analysis, verification and testing, and deployment frameworks such as XACML. Next Generation Access Model (NGAC) is explained, along with attribute considerations in implementation. The book explores ABAC applications in SOA/workflow domains, ABAC architectures, and includes details on feature sets in commercial and open source products. This insightful resource presents a combination of technical and administrative information for models, standards, and products that will benefit researchers as well as implementers of ABAC systems in the field. Publisher abstract. |
| Contents |
Attribute-Based Access Control; Contents; Preface; Acknowledgements; Intended Audience; 1 Introduction; 1.1 Overview; 1.2 Evolution and Brief History of Access Control; 1.2.1 Academic Contributions; 1.2.2 Military Concerns; 1.2.3 Bell and LaPadula Security Model; 1.2.5 Discontent; 1.2.6 Role-based Access Control; 1.2.7 Emergence of ABAC; References; 2 Access Control Models and Approaches; 2.1 Introduction; 2.2 Terminology; 2.3 Access Control Models and Policies; 2.4 Policy Enforcement; 2.5 Discretionary Access Control; 2.6 Mandatory Access Control Models; 2.6.1 Multilevel Security |
|
2.6.2 Chinese Wall Policy and Model2.6.3 Role-Based Access Control; References; 3 Attribute Based Access Control; 3.1 Introduction; 3.2 ABAC Architectures and Functional Components; 3.3 Logical-Formula and Enumerated ABAC Policy Models; 3.4 ABAC Model-Applications Primatives; 3.5 Hierarchical Group and Attribute-Based Access Control; 3.6 Label-Based ABAC Model with Enumerated Authorization Policy; 3.7 Hybrid Designs Combining Attributes with Roles; 3.8 ABAC and RBAC Hybrid Models; 3.9 Complexities of RBAC Role Structures; 3.10 Complexities of ABAC Rule Sets; 3.11 Dynamic Roles |
|
3.12 Role Centric Structure3.13 Attribute Centric Structure; 3.14 Conclusion; References; 4 ABAC Deployment Using XACML; 4.1 Introduction; 4.2 Business and Technical Drivers for XACML; 4.3 XACML Standard-Components and Their Interactions; 4.3.1 XACML Policy Language Model; 4.3.2 XACML Context (Request and Response); 4.3.3 XACML Framework (Data Flow Model); 4.4 ABAC Deployment Using XACML; 4.4.1 Access Policy Formulation and Encoding; 4.4.2 Request/Response Formulation; 4.4.3 Policy Evaluation and Access Decision; 4.5 Implementation of XACML Framework; 4.5.1 Attribute Support and Management |
|
4.5.2 Delegation4.6 Review and Analysis; References; Appendix A; 5 Next Generation Access Control; 5.1 Introduction; 5.2 Policy and Attribute Elements; 5.3 Relations; 5.3.1 Assignments and Associations; 5.3.2 Prohibitions Denials; 5.3.3 Obligations; 5.4 NGAC Decision Function; 5.5 Delegation of Access Rights; 5.6 NGAC Administrative Commands and Routines; 5.7 Arbitrary Data Service Operations; 5.8 NGAC Functional Architecture; 5.8.1 Resource Access; 5.8.2 Administrative Access; 5.9 Conclusion; References; 6 ABAC Policy Verifications and Testing; 6.1 Introduction; 6.2 ABAC Policy Classes |
|
6.2.1 Static Policy Class6.2.2 Dynamic Policy Class; 6.2.3 Historical Policy Class; 6.3 Access Control Safety and Faults; 6.4 Verification Approaches; 6.4.1 Model Verification; 6.4.2 Coverage and Confinements Semantic Faults; 6.4.3 Property Confinement Checking; 6.4.4 Implementation Test; 6.5 Implementation Considerations*; 6.6 Verification Tools; 6.6.1 Multiterminal Binary Decision Diagrams; 6.6.2 ACPT; 6.6.3 Formal Methods; 6.7 Conclusion; References; 7 Attribute Consideration; 7.1 Introduction; 7.2 ABAC Attributes; 7.3 Consideration Elements; 7.4 Preparation Consideration |
| Bibliography |
Includes bibliographical references and index. |
| Local Note |
eBooks on EBSCOhost EBSCO eBook Subscription Academic Collection - North America |
| Subject |
Computer security.
|
|
Computer security. |
|
Computers -- Access control.
|
|
Computers -- Access control. |
| Genre/Form |
Electronic books.
|
| Other Form: |
Print version: Hu, Vincent C. Attribute-based access control. Norwood, MA : Artech House, [2018] 9781630811341 (OCoLC)1019564310 |
| ISBN |
9781630814960 (electronic book) |
|
1630814962 (electronic book) |
|
9781630811341 |
|
1630811343 |
|
