Conference Paper

PolicyMorph: Interactive Policy Transformations for a Logical Attribute-Based Access Control Framework

New York, NY, USA
DOI: 10.1145/1266840.1266874 Conference: Proceedings of the 12th ACM symposium on Access control models and technologies
Source: DBLP

ABSTRACT Constraint systems provide techniques for automatically analyzing the conformance of low-level access control policies to high-level business rules formalized as logical constraints. However, there are likely to be priorities for solutions that are not easy to encode formally, so administrator input is often important. This paper introduces PolicyMorph, a constraint system that supports interactive development and maintenance of access control policies that respect both formalized and un-formalized business rules and priorities. We provide a mathematical description of the system and an architecture for implementing it. We constructed a prototype that is validated using a case study in which constraints are imposed on a building automation system that controls door locks. PolicyMorph advances the state-of-the-art in constraint systems by suggesting predictable policy model modifications that will resolve specific constraint violations and then allowing policy administrators to select the appropriate mo

  • Source
    11/2013; DOI:10.2991/ccis-13.2013.118
  • [Show abstract] [Hide abstract]
    ABSTRACT: A central building block of data privacy is the individual right of information self-determination, once these information identify individual persons and can therefore be considered as sensitive. Following from that when dealing with shared electronic health records (SEHR), citizens, as the identified individuals of such health records, have to be enabled to decide what medical data can be used in which way by medical professionals. In this context individual preferences of privacy have to be reflected by authorization policies enforced to control access to personal health records. We see two potential challenges, when enabling patient-controlled access control policy authoring: First, an ordinary citizen is considered a non-security expert, thus not necessarily aware of implications of her/his actions of defining access control to protect personal health data. Second, permissions to access medical data are necessary to support the daily routines of medical personnel. The better the health-care information system supports these work procedures the more effective and useful it is. There should be a balance between access restrictions through privacy settings and required access permissions in order to allow the system to be effective. In this paper we present a case study in the context of SEHR in Austria. In this scenario we identify different types of authorization policies to support individuals' privacy. Patient privacy is an important factor in access decision making, but in order to ensure the privacy - effectiveness balance, citizen-authors of policies should be informed about implications of their privacy settings on the underlying information system. To ensure this balance, policies need to be analysed. In this paper we describe a policy analysis method based on generated rules to evaluate the consequences of citizens privacy settings. Analysis results can then be used to inform and support a citizen during the policy authoring process.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: In order to collaborate large numbers of heterogeneous distributed devices over multiple domains within a modern large-scale device collaboration system, a fine-grained, flexible and secure approach is required for device authentication and authorization. This paper proposed a Multiple-Policy supported Attribute-Based Access Control model and its architecture to address these demands. With eXtensible Access Control Markup Language standard, this model exceeds the traditional Attribute-Based Access Control Model by providing cross-domain authentication and authorization, hierarchical policy combination and enforcement, unified device access control and fine-grained attributes-based privilege description. Experiments show the performance of this architecture is acceptable within production environment.
    03/2012; 7(3). DOI:10.4304/jnw.7.3.524-531


1 Download
Available from