XACML

Abstract: Recently, there has been considerable interest in attribute based access control (ABAC) to overcome the limitations of the dominant access control models (i.e, discretionary-DAC, mandatory-MAC and role based-RBAC) while unifying their advantages. Although some proposals for ABAC have been published, and even implemented and standardized, there is no consensus on precisely what is meant by ABAC or the required features of ABAC. There is no widely accepted ABAC model as there are for DAC, MAC and RBAC. This paper takes a step towards this end by constructing an ABAC model that has "just sufficient" features to be "easily and naturally" configured to do DAC, MAC and RBAC. For this purpose we understand DAC to mean owner-controlled access control lists, MAC to mean lattice-based access control with tranquility and RBAC to mean flat and hierarchical RBAC. Our central contribution is to take a first cut at establishing formal connections between the three successful classical models and desired ABAC models.

Abstract: Sensitive data are increasingly available on-line through the Web and other distributed protocols. This heightens the need to carefully control access to data. Control means not only preventing the leakage of data but also permitting access to necessary information. Indeed, the same datum is often treated differently depending on context. System designers create policies to express conditions on the access to data. To reduce source clutter and improve maintenance, developers increasingly use domain-specific, declarative languages to express these policies. In turn, administrators need to analyze policies relative to properties, and to understand the effect of policy changes even in the absence of properties. This paper presents Margrave, a software suite for analyzing role-based access-control policies. Margrave includes a verifier that analyzes policies written in the XACML language, translating them into a form of decision-diagram to answer queries. It also provides semantic differencing information between versions of policies. We have implemented these techniques and applied them to policies from a working software application.

Abstract: Access Control systems are used in computer security to regulate the access to critical or valuable resources The rights of subjects to access such resources are typically expressed through access control policies, which are evaluated at access request time against the current access context This paper proposes a new approach based on blockchain technology to publish the policies expressing the right to access a resource and to allow the distributed transfer of such right among users In our proposed protocol the policies and the rights exchanges are publicly visible on the blockchain, consequently any user can know at any time the policy paired with a resource and the subjects who currently have the rights to access the resource This solution allows distributed auditability, preventing a party from fraudulently denying the rights granted by an enforceable policy We also show a possible working implementation based on XACML policies, deployed on the Bitcoin blockchain

Abstract: Adequate security of information and information systems is a fundamental management responsibility. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access control. Access control is concerned with determining the allowed activities of legitimate users, mediating every attempt by a user to access a resource in the system. In some systems, complete access is granted after successful authentication of the user, but most systems require more sophisticated and complex control. In addition to the authentication mechanism (such as a password), access control is concerned with how authorizations are structured. In some cases, authorization may mirror the structure of the organization, while in others it may be based on the sensitivity level of various documents and the clearance level of the user accessing those documents. This publication explains some of the commonly used access control services available in information technology systems. Organizations planning to implement an access control system should consider three abstractions: access control policies, models, and mechanisms. Access control policies are highlevel requirements that specify how access is managed and who may access information under what circumstances. For instance, policies may pertain to resource usage within or across organizational units or may be based on need-to-know, competence, authority, obligation, or conflict-of-interest factors. At a high level, access control policies are enforced through a mechanism that translates a user’s access request, often in terms of a structure that a system provides. An access control list is a familiar example of an access control mechanism. Access control models bridge the gap in abstraction between policy and mechanism. Rather than attempting to evaluate and analyze access control systems exclusively at the mechanism level, security models are usually written to describe the security properties of an access control system. Security models are formal presentations of the security policy enforced by the system and are useful for proving theoretical limitations of a system. Discretionary access control, which allows the creator of a file to delegate access to others, is one of the simplest examples of a model. As systems grow in size and complexity, access control is a special concern for systems that are distributed across multiple computers. These distributed systems can be a formidable challenge for developers, because they may use a variety of access control mechanisms that must be integrated to support the organization’s policy; for example, role-based access control that can enforce administrator-specified rules is often used. Popular database management system designs, such as Structured Query Language (SQL), incorporate many aspects of roleand rulebased access. Services that are particularly useful in implementing distributed access control include the Lightweight Directory Access Protocol (LDAP), capability-based Kerberos, and the Extensible Markup Language (XML)-based Extensible Access Control Markup Language (XACML). A state of access control is said to be safe if no permission can be leaked to an unauthorized or uninvited principal. To assure the safety of an access control system, it is essential to make certain that the access control configuration (e.g., access control model) will not result in the leakage of permissions to an unauthorized principal. Even though the general safety computation