Title | ||
---|---|---|
Cryptographic Attribute-Based Access Control (ABAC) for Secure Decision Making of Dynamic Policy With Multiauthority Attribute Tokens |
Abstract | ||
---|---|---|
This article aims to establish a cryptographic solution to improve security and reliability of the National Institute of Standards and Technology's attribute-based access control (ABAC) model. By breaking down the existing structure of attribute-based encryption, we propose a new cryptographic ABAC (C-ABAC) framework with dynamic policy authorization and real-time attribute credentials. Moreover, a practical C-ABAC construction is proposed to support provable policy decision making and verifiable attribute Tokens among multiple distributed authorities. In this construction, we develop a concrete approach of generating a cryptographic policy from access control markup language. We also prove that attribute Token has existential unforgeability under chosen-attribute and chosen-nonce attacks, and the cryptographic policy is existentially unforgeable under chosen-object attack. In addition, our C-ABAC construction provides semantic security against chosen-plaintext attack with Token and policy queries under the extended general Diffie–Hellman exponent assumption. Finally, we evaluate the performance of the C-ABAC system according to complexity analysis and experimental results. The results show that the C-ABAC system is reliable and easy to implement. |
Year | DOI | Venue |
---|---|---|
2019 | 10.1109/TR.2019.2948713 | IEEE Transactions on Reliability |
Keywords | Field | DocType |
Real-time systems,Decision making,Encryption,Authorization | Attribute-based access control,Cryptography,Computer security,Mathematics,Reliability engineering | Journal |
Volume | Issue | ISSN |
68 | 4 | 0018-9529 |
Citations | PageRank | References |
1 | 0.35 | 0 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Yan Zhu | 1 | 290 | 26.53 |
Ruyun Yu | 2 | 1 | 1.03 |
Di Ma | 3 | 326 | 25.95 |
William Cheng-Chung Chu | 4 | 92 | 17.67 |