Using attribute-based access control to enable attribute-based messaging

Rakesh Bobba; Omid Fatemieh; Fariba Khan; Carl A. Gunter; Himanshu Khurana

doi:10.1109/ACSAC.2006.53

Using attribute-based access control to enable attribute-based messaging

Rakesh Bobba
, Omid Fatemieh
, Fariba Khan
, Carl A. Gunter
, Himanshu Khurana

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Attribute Based Messaging (ABM) enables message senders to dynamically create a list of recipients based on their attributes as inferred from an enterprise database. Such targeted messaging can reduce unnecessary communications and enhance privacy, but faces challenges in access control. In this paper we explore an approach to ABM based on deriving access control information from the same attribute database exploited by the addressing scheme. We show how to address three key challenges. First, we demonstrate a manageable access control system based on attributes. Second we show how this can be used with existing messaging systems to provide a practical deployment strategy. Third, we show that such a system can be efficient enough to support ABM for mid-size enterprises. Our implementation can dispatch ABM messages approved by XACML review for an enterprise of at least 60,000 users with only seconds of latency.

Original language	English (US)
Title of host publication	Proceedings - Annual Computer Security Applications Conference, ACSAC
Pages	403-413
Number of pages	11
DOIs	https://doi.org/10.1109/ACSAC.2006.53
State	Published - 2006
Event	22nd Annual Computer Security Applications Conference, ACSAC 2006 - Miami Beach, FL, United States Duration: Dec 11 2006 → Dec 15 2006

Publication series

Name	Proceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)	1063-9527

Other

Other	22nd Annual Computer Security Applications Conference, ACSAC 2006
Country/Territory	United States
City	Miami Beach, FL
Period	12/11/06 → 12/15/06

ASJC Scopus subject areas

Software
General Engineering

Online availability

10.1109/ACSAC.2006.53

Library availability

Discover UIUC Full Text

Cite this

Using attribute-based access control to enable attribute-based messaging. / Bobba, Rakesh; Fatemieh, Omid; Khan, Fariba et al.
Proceedings - Annual Computer Security Applications Conference, ACSAC. 2006. p. 403-413 4041185 (Proceedings - Annual Computer Security Applications Conference, ACSAC).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Bobba, R, Fatemieh, O, Khan, F, Gunter, CA & Khurana, H 2006, Using attribute-based access control to enable attribute-based messaging. in Proceedings - Annual Computer Security Applications Conference, ACSAC., 4041185, Proceedings - Annual Computer Security Applications Conference, ACSAC, pp. 403-413, 22nd Annual Computer Security Applications Conference, ACSAC 2006, Miami Beach, FL, United States, 12/11/06. https://doi.org/10.1109/ACSAC.2006.53

@inproceedings{6bba591f241a469da720c145ab5d0aac,

title = "Using attribute-based access control to enable attribute-based messaging",

abstract = "Attribute Based Messaging (ABM) enables message senders to dynamically create a list of recipients based on their attributes as inferred from an enterprise database. Such targeted messaging can reduce unnecessary communications and enhance privacy, but faces challenges in access control. In this paper we explore an approach to ABM based on deriving access control information from the same attribute database exploited by the addressing scheme. We show how to address three key challenges. First, we demonstrate a manageable access control system based on attributes. Second we show how this can be used with existing messaging systems to provide a practical deployment strategy. Third, we show that such a system can be efficient enough to support ABM for mid-size enterprises. Our implementation can dispatch ABM messages approved by XACML review for an enterprise of at least 60,000 users with only seconds of latency.",

author = "Rakesh Bobba and Omid Fatemieh and Fariba Khan and Gunter, \{Carl A.\} and Himanshu Khurana",

year = "2006",

doi = "10.1109/ACSAC.2006.53",

language = "English (US)",

isbn = "0769527167",

series = "Proceedings - Annual Computer Security Applications Conference, ACSAC",

pages = "403--413",

booktitle = "Proceedings - Annual Computer Security Applications Conference, ACSAC",

}

TY - GEN

T1 - Using attribute-based access control to enable attribute-based messaging

AU - Bobba, Rakesh

AU - Fatemieh, Omid

AU - Khan, Fariba

AU - Gunter, Carl A.

AU - Khurana, Himanshu

PY - 2006

Y1 - 2006

N2 - Attribute Based Messaging (ABM) enables message senders to dynamically create a list of recipients based on their attributes as inferred from an enterprise database. Such targeted messaging can reduce unnecessary communications and enhance privacy, but faces challenges in access control. In this paper we explore an approach to ABM based on deriving access control information from the same attribute database exploited by the addressing scheme. We show how to address three key challenges. First, we demonstrate a manageable access control system based on attributes. Second we show how this can be used with existing messaging systems to provide a practical deployment strategy. Third, we show that such a system can be efficient enough to support ABM for mid-size enterprises. Our implementation can dispatch ABM messages approved by XACML review for an enterprise of at least 60,000 users with only seconds of latency.

AB - Attribute Based Messaging (ABM) enables message senders to dynamically create a list of recipients based on their attributes as inferred from an enterprise database. Such targeted messaging can reduce unnecessary communications and enhance privacy, but faces challenges in access control. In this paper we explore an approach to ABM based on deriving access control information from the same attribute database exploited by the addressing scheme. We show how to address three key challenges. First, we demonstrate a manageable access control system based on attributes. Second we show how this can be used with existing messaging systems to provide a practical deployment strategy. Third, we show that such a system can be efficient enough to support ABM for mid-size enterprises. Our implementation can dispatch ABM messages approved by XACML review for an enterprise of at least 60,000 users with only seconds of latency.

UR - https://www.scopus.com/pages/publications/39049153474

UR - https://www.scopus.com/pages/publications/39049153474#tab=citedBy

U2 - 10.1109/ACSAC.2006.53

DO - 10.1109/ACSAC.2006.53

M3 - Conference contribution

AN - SCOPUS:39049153474

SN - 0769527167

SN - 9780769527161

T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC

SP - 403

EP - 413

BT - Proceedings - Annual Computer Security Applications Conference, ACSAC

T2 - 22nd Annual Computer Security Applications Conference, ACSAC 2006

Y2 - 11 December 2006 through 15 December 2006

ER -

Using attribute-based access control to enable attribute-based messaging

Abstract

Publication series

Other

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this