Aligning ABAC policies with information security policies using controlled vocabulary
Abstract
Attribute-based Access Control (ABAC) policies are based on mutually processable policy attributes. Assigned permissions in such policies need to be reflected or combined with organisational constraints. Best practice in information security dictates having the operational need to access a particular information artifact independent from the function of the specific application systems. Consequently, any policy regulating the behaviour towards information access must adhere to a minimum degree of mutual semantic expressiveness to be combined and processed with the matching ABAC policy. We show how to detect policy attribute conflicts between ABAC policies and information access policies by means of controlled vocabulary and Semantic Web technologies.
- Citation
- BibTeX
Kuhlisch, R. & Bittins, S.,
(2016).
Aligning ABAC policies with information security policies using controlled vocabulary.
In:
Hühnlein, D., Roßnagel, H., Schunck, C. H. & Talamo, M.
(Hrsg.),
Bonn:
Gesellschaft für Informatik e.V..
(S. 181-191).
@inproceedings{mci/Kuhlisch2016,
author = {Kuhlisch, Raik AND Bittins, Sören},
title = {Aligning ABAC policies with information security policies using controlled vocabulary},
booktitle = {},
year = {2016},
editor = {Hühnlein, Detlef AND Roßnagel, Heiko AND Schunck, Christian H. AND Talamo, Maurizio} ,
pages = { 181-191 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
author = {Kuhlisch, Raik AND Bittins, Sören},
title = {Aligning ABAC policies with information security policies using controlled vocabulary},
booktitle = {},
year = {2016},
editor = {Hühnlein, Detlef AND Roßnagel, Heiko AND Schunck, Christian H. AND Talamo, Maurizio} ,
pages = { 181-191 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback
More Info
ISBN: 978-3-88579-658-9
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2016
Language:
(en)

Content Type: Text/Conference Paper