An Expressive, Flexible and Uniform Logical Formalism for Attribute-based Access Control

Authors: Jiaming Jiang, Rada Chirkova, Jon Doyle and Arnon Rosenthal

Paper Information

Title:An Expressive, Flexible and Uniform Logical Formalism for Attribute-based Access Control
Authors:Jiaming Jiang, Rada Chirkova, Jon Doyle and Arnon Rosenthal
Proceedings:FCS Informal Proceedings
Editors: Charles Morisset and Limin Jia
Keywords:attribute-based access control, description logics, first-order logic, logical formalism, policy language

ABSTRACT. Attribute-based access control (ABAC) is a general access control (AC) model that subsumes numerous earlier AC models. Its increasing popularity stems from the intuitive generic structure of granting permissions based on domain-dependent attributes of users, subjects, objects, and other entities in the system. Multiple formal and informal languages have been developed to express policies in terms of such attributes.

The utility of ABAC policy languages is potentially undermined without a properly formalized underlying model. The high-level structure in a majority of ABAC models consists of sets and sets of sets, expressions that demand that the reader unpack multiple levels of sets and tokens to determine what things mean. The resulting reduced readability potentially endangers correct expression and reduces maintainability and validation. These problems could be multiplied with models that employ nonuniform representations of actions and their governing policies.

In this paper, we address these problems by recasting the high-level structure of ABAC models in a logical formalism that treats all types of actions uniformly. Our formalism uses a simple variant of description logics to model the high-level structure, and function-free first-order logic with equality to represent and reason about the policies. Use of description logics for model formalizations, including hierarchies of types of entities and attributes, is a promise of improved usability, compared with existing ABAC models, in specifying the relationships between and requirements on domain-dependent attributes. Our formal model provides improved flexibility in supporting a variety of different requirements depending on the domain. Specifically, we will discuss how to modify the model if time plays a role in authorizing a requested action, if different policies would potentially arrive at conflicting decisions, and if default and exception rules are in application.

Talk:Jul 08 11:00 (Session 38E: Formal Modelling & Analysis)