Jason Crampton, Charles Morisset, Nicol Zannone


Attribute Based Access Control (ABAC) is becoming the reference model for the specification and evaluation of access control policies. In ABAC policies and access requests are defined in terms of pairs attribute names/values. The applicability of an ABAC policy to a request is determined by matching the attributes in the request with the attributes in the policy. Some languages supporting ABAC, such as PTaCL or XACML 3.0, take into account the possibility that some attributes values might not be correctly retrieved when the request is evaluated, and use complex decisions, usually describing all possible evaluation outcomes, to account for missing attributes. In this paper, we argue that the problem of missing attributes in ABAC can be seen as a non-deterministic attribute retrieval process, and we show that the current evaluation mechanism in PTaCL or XACML can return a complex decision that does not necessarily match with the actual possible outcomes. This, however, is problematic for the enforcing mechanism, which needs to resolve the complex decision into a conclusive one. We propose a new evaluation mechanism, explicitly based on non-deterministic attribute retrieval for a given request. We extend this mechanism to probabilistic attribute retrieval and implement a probabilistic policy evaluation mechanism for PTaCL in PRISM, a probabilistic model-checker. Date: June 1, 2015 Presented: 20th Symposium on Access Control Models and Technologies (SACMAT), 1-3 June 2015. Published: SACMAT ’15: Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, pp 99-109. Publisher: ACM ISBN: 978-1-4503-3556-0 Publisher URL: https://dl.acm.org/citation.cfm?id=2752970 Full Text: http://dx.doi.org/10.1145/2752952.2752970