Current Research and Open Problems in Attribute-Based Access Control

Abstract

Attribute-based access control (ABAC) is a promising alternative to traditional models of access control (i.e., discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC)) that is drawing attention in both recent academic literature and industry application. However, formalization of a foundational model of ABAC and large scale adoption is still in its infancy. The relatively recent emergence of ABAC still leaves a number of problems unexplored. Issues like delegation, administration, auditability, scalability, hierarchical representations, and the like, have been largely ignored or left to future work. This article provides a basic introduction to ABAC and a comprehensive review of recent research efforts toward developing formal models of ABAC. A taxonomy of ABAC research is presented and used to categorize and evaluate surveyed articles. Open problems are identified based on the shortcomings of the reviewed works and potential solutions discussed.

DOI: 10.1145/3007204

12 Figures and Tables

Cite this paper

@article{Servos2017CurrentRA, title={Current Research and Open Problems in Attribute-Based Access Control}, author={Daniel Servos and Sylvia L. Osborn}, journal={ACM Comput. Surv.}, year={2017}, volume={49}, pages={65:1-65:45} }