Geodesic
Towards ABAC Engine framework
Prikladnaya Diskretnaya Matematika. Supplement, no. 10 (2017), pp. 115-120.

Voir la notice de l'article provenant de la source Math-Net.Ru

We propose a new method for development of attribute based access control. The method extends the XACML control in the following way. We use ALFAScript domain specific language, based on XACML's ALFA, to describe access control policy. ALFAScript policy is compiled into Lua, instead of XML or runtime programming language, and is used to evaluate described access control policy. The method is implemented in ABAC Engine.
Keywords: access control, ABAC
Mots-clés : XACML, ALFA, Lua. 
@article{PDMA_2017_10_a44,
     author = {D. N. Kolegov and O. V. Broslavsky and N. E. Oleksov},
     title = {Towards {ABAC} {Engine} framework},
     journal = {Prikladnaya Diskretnaya Matematika. Supplement},
     pages = {115--120},
     publisher = {mathdoc},
     number = {10},
     year = {2017},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/PDMA_2017_10_a44/}
}
TY  - JOUR
AU  - D. N. Kolegov
AU  - O. V. Broslavsky
AU  - N. E. Oleksov
TI  - Towards ABAC Engine framework
JO  - Prikladnaya Diskretnaya Matematika. Supplement
PY  - 2017
SP  - 115
EP  - 120
IS  - 10
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/PDMA_2017_10_a44/
LA  - ru
ID  - PDMA_2017_10_a44
ER  - 
%0 Journal Article
%A D. N. Kolegov
%A O. V. Broslavsky
%A N. E. Oleksov
%T Towards ABAC Engine framework
%J Prikladnaya Diskretnaya Matematika. Supplement
%D 2017
%P 115-120
%N 10
%I mathdoc
%U http://geodesic.mathdoc.fr/item/PDMA_2017_10_a44/
%G ru
%F PDMA_2017_10_a44
D. N. Kolegov; O. V. Broslavsky; N. E. Oleksov. Towards ABAC Engine framework. Prikladnaya Diskretnaya Matematika. Supplement, no. 10 (2017), pp. 115-120. http://geodesic.mathdoc.fr/item/PDMA_2017_10_a44/

[1] Kolegov D. N.,Tkachenko N. O., “Neinvazivnaya realizatsiya mandatnogo upravleniya dostupom v veb-prilozheniyakh na urovne SUBD”, Prikladnaya diskretnaya matematika. Prilozhenie, 2015, no. 8, 89–92

[2] Kolegov D. N.,Tkachenko N. O., Neinvazivnoe ustranenie uyazvimostei logicheskogo upravleniya dostupom v veb-prilozheniyakh, [Elektronnyi resurs]. Rezhim dostupa: https://www.youtube.com/watch?v=SPiY6D3M0yE

[3] Hu V. C., Ferraiolo D., Kuhn R., et al., Guide to Attribute Based Access Control (ABAC) Definition and Considerations, [Elektronnyi resurs]. Rezhim dostupa: http://nvlpubs.nist.gov/nistpubs/specialpublications/NIST.sp.800-162.pdf

[4] Jin X., Krishnan R., Sandhu R., A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC, [Elektronnyi resurs]. Rezhim dostupa: http://www.profsandhu.com/confrnc/ifip/ABAC-dbsec12-preprint.pdf

[5] eXtensible Access Control Markup Language (XACML), Version 3.0. [Elektronnyi resurs]. Rezhim dostupa: , OASIS Standard http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html

[6] How Can I Use Policy References in ALFA?, [Elektronnyi resurs]. Rezhim dostupa: , Axiomatics https://www.axiomatics.com/blog/how-can-i-use-policy-references-in-alfa/

[7] Decat M., STAPL. The Simple Tree-structured Attribute-based Policy Language, [Elektronnyi resurs]. Rezhim dostupa: https://github.com/stapl-dsl