ARBAC: Attribute-enabled role based access control model

Abstract

Role Based Access Control (RBAC) is well-known for ease of policy administration, whereas Attribute Based Access Control (ABAC) is renowned for flexible policy specification and dynamic decision making capability. However, they both have some well-known limitations. In this paper, we present an approach that uniquely combines the benefits of RBAC and ABAC. Specifically, our approach associates attribute based rules with roles and permissions that enables the specification of multi-dimensional fine-grained attribute enabled role-based policies. These policies along with rules are also stored as in-memory data, which helps in minimizing the execution time of access requests. Experiments on a wide range of policy data sets demonstrate feasibility and scalability of the proposed approach. � Springer Nature Singapore Pte Ltd. 2019.