An Attribute Certificate Management System for Attribute-Based Access Control

This paper focuses on attribute-based access control (ABAC) in distributed automation and control systems. ABAC policies execute authorization decisions based on user information, object information and environment conditions. The proposed security system uses attribute certificates to represent bot...

Full description

Saved in:
Bibliographic Details
Published in2018 International Conference on Computational Science and Computational Intelligence (CSCI) pp. 36 - 41
Main Authors Ruland, Christoph, Sassmannshausen, Jochen, Satpathy, Jyoti Pragyan
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.12.2018
Subjects
ABAC
Access control
Attribute Certificates
Data models
IEC Standards
LDAP
Public key
Servers
Smart Grids
Online AccessGet full text

Cover

More Information
Summary:This paper focuses on attribute-based access control (ABAC) in distributed automation and control systems. ABAC policies execute authorization decisions based on user information, object information and environment conditions. The proposed security system uses attribute certificates to represent both subject and object attributes and an LDAP server to store and distribute attribute certificates. This approach adapts concepts of credential management for subjects and uses the same mechanism for both subject and object management. An attribute management system provides an interface to edit and view both subject and object information. Certificate Revocation Lists (CRLs) exist for both types of attribute certificates. The entities of the distributed access control system implement synchronization mechanisms to keep local information up-to-date.
DOI:10.1109/CSCI46756.2018.00015